Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/7Za1T9qkHlzYlGCOJdQMs9_xyRI.roa
File: 7Za1T9qkHlzYlGCOJdQMs9_xyRI.roa (raw, json)
Hash identifier: 0nqJor8EZPnEgfknAuJa+beEk3Bl0n2CJdP8iXY7vRs=
Subject key identifier: ED:96:B5:4F:DA:A4:1E:5C:D8:94:60:8E:25:D4:0C:B3:DF:F1:C9:12
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0D6B
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/7Za1T9qkHlzYlGCOJdQMs9_xyRI.roa
Signing time: Thu 03 Oct 2024 15:06:05 +0000
ROA not before: Thu 03 Oct 2024 15:06:05 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 215784
IP address blocks: 123.98.60.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 15:14:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3435 (0xd6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Oct 3 15:06:05 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=ED96B54FDAA41E5CD894608E25D40CB3DFF1C912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:91:5f:e6:c3:06:07:2d:e5:2a:3c:b6:fa:69:
99:b4:5c:f6:cf:61:70:83:5d:96:d4:2e:16:da:ea:
1e:5a:d5:88:b9:3f:7c:f4:d0:14:a4:70:a5:fe:b5:
f8:8a:d0:37:47:59:c7:46:40:52:fd:f0:da:9a:36:
ad:78:2c:df:49:ce:68:39:41:d4:54:dd:d8:63:81:
38:a3:ac:71:07:e5:44:6e:0e:50:c0:e0:f6:e8:39:
33:64:5c:f9:35:f7:2e:5d:80:bc:f3:e1:07:d5:59:
bd:bd:1f:63:52:a9:64:bc:b2:74:7a:55:d0:d7:6f:
ca:f0:43:6e:e6:e2:33:22:cd:29:8b:1b:06:8a:a2:
da:94:5c:4d:77:0b:75:99:a2:9f:58:28:e9:1a:02:
0c:24:b7:a0:ae:86:ac:c0:f6:51:29:e9:d5:7f:b6:
7a:8b:52:ea:ee:8d:71:bb:7b:f4:c3:98:84:01:48:
c8:e1:84:d3:6f:be:fe:60:b2:df:c7:a2:3f:68:e2:
30:ce:46:b5:44:c6:ec:20:07:62:5a:66:2b:37:46:
44:60:57:85:fe:a5:f6:06:b9:69:c1:7a:9b:5f:d3:
2e:60:9c:c8:49:61:f8:44:ba:aa:d1:e6:a9:9e:08:
80:08:a3:fa:78:6f:79:7e:cf:f4:29:a7:70:ae:c7:
1e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:96:B5:4F:DA:A4:1E:5C:D8:94:60:8E:25:D4:0C:B3:DF:F1:C9:12
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/7Za1T9qkHlzYlGCOJdQMs9_xyRI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.60.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:8a:d2:ac:93:6c:2c:74:61:c2:18:62:2f:bc:3a:0e:77:bb:
1a:f2:c5:21:13:20:57:57:dd:54:f3:a8:70:db:cb:a6:98:6b:
d1:46:1c:3a:c9:0a:15:7a:8a:ff:7f:ba:d5:43:ca:e2:e4:4c:
e5:eb:78:24:0e:e5:fc:cf:b0:5f:5b:eb:77:49:61:21:37:42:
fd:e4:2d:df:9d:17:67:e5:f3:94:24:79:99:ad:eb:2a:8f:af:
2d:4b:99:7b:50:03:5f:c7:b1:17:6d:8d:bb:f9:77:70:26:75:
cc:64:72:28:8d:ed:82:6a:c3:da:96:ca:f9:cb:64:d2:ba:c4:
7d:07:2b:ee:f3:43:4c:ce:88:2a:16:24:8c:0e:b7:8c:0e:69:
0c:76:52:99:5a:b2:a7:b5:fc:e2:cd:f6:f6:a3:cd:ae:df:ff:
cb:78:83:90:18:5c:5c:00:79:98:46:ec:8b:ad:36:a8:22:d1:
08:fe:7d:2d:34:b2:57:7a:23:c8:a5:6c:8d:5a:49:7c:bf:21:
9a:1c:91:ca:26:d0:1a:e9:3d:ea:2b:5f:99:aa:02:45:92:4e:
c3:13:60:19:b5:c8:ad:ba:46:ab:fb:63:00:50:e5:e2:82:ee:
9e:9f:ed:6d:46:49:e2:42:47:80:33:aa:de:17:70:1c:6b:2b:
66:a5:16:91
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDWswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDEwMDMx
NTA2MDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEVEOTZCNTRGREFBNDFF
NUNEODk0NjA4RTI1RDQwQ0IzREZGMUM5MTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDakV/mwwYHLeUqPLb6aZm0XPbPYXCDXZbULhba6h5a1Yi5P3z0
0BSkcKX+tfiK0DdHWcdGQFL98NqaNq14LN9Jzmg5QdRU3dhjgTijrHEH5URuDlDA
4PboOTNkXPk19y5dgLzz4QfVWb29H2NSqWS8snR6VdDXb8rwQ27m4jMizSmLGwaK
otqUXE13C3WZop9YKOkaAgwkt6CuhqzA9lEp6dV/tnqLUurujXG7e/TDmIQBSMjh
hNNvvv5gst/Hoj9o4jDORrVExuwgB2JaZis3RkRgV4X+pfYGuWnBeptf0y5gnMhJ
YfhEuqrR5qmeCIAIo/p4b3l+z/Qpp3Cuxx4TAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU7Za1T9qkHlzYlGCOJdQMs9/xyRIwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzdaYTFUOXFrSGx6WWxH
Q09KZFFNczlfeHlSSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ7YjwwDQYJKoZIhvcNAQELBQADggEBAKqK0qyTbCx0YcIYYi+8Og53uxryxSET
IFdX3VTzqHDby6aYa9FGHDrJChV6iv9/utVDyuLkTOXreCQO5fzPsF9b63dJYSE3
Qv3kLd+dF2fl85QkeZmt6yqPry1LmXtQA1/HsRdtjbv5d3AmdcxkciiN7YJqw9qW
yvnLZNK6xH0HK+7zQ0zOiCoWJIwOt4wOaQx2Uplasqe1/OLN9vajza7f/8t4g5AY
XFwAeZhG7IutNqgi0Qj+fS00sld6I8ilbI1aSXy/IZockcom0BrpPeorX5mqAkWS
TsMTYBm1yK26Rqv7YwBQ5eKC7p6f7W1GSeJCR4Azqt4XcBxrK2alFpE=
-----END CERTIFICATE-----
Generated at Tue Nov 5 19:27:09 2024 by rpki-client on console-ams.rpki-client.org