Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/F58NSzPS0BCi-p9wjKFM0-Ai_wc.roa
File: F58NSzPS0BCi-p9wjKFM0-Ai_wc.roa (raw, json)
Hash identifier: zR9z+EtEolvf4wo+svQqLWIgNK8ESWhpNP0BJ3ta6yI=
Subject key identifier: 17:9F:0D:4B:33:D2:D0:10:A2:FA:9F:70:8C:A1:4C:D3:E0:22:FF:07
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 083A
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/F58NSzPS0BCi-p9wjKFM0-Ai_wc.roa
Signing time: Fri 16 Feb 2024 10:42:18 +0000
ROA not before: Fri 16 Feb 2024 10:42:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 62387
IP address blocks: 123.98.8.0/22 maxlen: 24
123.98.20.0/22 maxlen: 24
123.98.76.0/22 maxlen: 24
123.98.84.0/22 maxlen: 24
211.149.80.0/22 maxlen: 24
211.149.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 09:08:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2106 (0x83a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Feb 16 10:42:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=179F0D4B33D2D010A2FA9F708CA14CD3E022FF07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:de:7b:93:74:9b:b6:db:a3:ab:fd:dd:2c:f8:
8d:ea:bc:1e:ba:bc:c7:ba:09:59:f1:64:d4:bb:43:
3f:3b:a7:4e:fa:87:d8:f8:3d:46:b5:e4:b2:6a:56:
6d:65:4d:e6:a2:2e:5a:12:b2:00:b8:1d:f0:cf:d5:
19:de:72:b7:6c:66:aa:fd:51:99:2d:e6:af:29:06:
09:13:ab:aa:11:5b:6d:69:df:58:ad:d7:22:8b:72:
8a:be:2a:9f:b3:4f:8c:b0:66:91:cb:09:df:12:07:
9c:7d:82:9d:dc:8e:7f:ff:6f:0a:2b:20:56:59:18:
71:61:2f:68:5c:87:b5:47:30:e2:9c:bd:91:e8:3f:
02:99:e9:03:32:21:97:52:f3:ff:13:ec:21:52:37:
13:09:b3:d2:77:4c:81:c0:0c:14:53:9a:19:6b:8e:
25:ea:a0:cf:38:4d:4b:63:1e:ee:4e:5e:2f:90:c2:
4f:e8:5c:72:10:39:cd:7f:0e:37:99:e0:40:04:bd:
0f:1a:20:c2:ca:ea:c8:82:92:f9:7c:d8:ff:eb:0a:
c0:49:df:ec:32:f3:9d:4c:73:25:7d:dd:98:63:50:
ab:ca:4c:68:79:1b:1a:4e:12:bd:00:69:ae:7d:dc:
3b:ae:42:41:b0:fb:b4:e3:2c:49:57:96:c7:f2:9e:
5b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:9F:0D:4B:33:D2:D0:10:A2:FA:9F:70:8C:A1:4C:D3:E0:22:FF:07
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/F58NSzPS0BCi-p9wjKFM0-Ai_wc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.8.0/22
123.98.20.0/22
123.98.76.0/22
123.98.84.0/22
211.149.80.0/22
211.149.88.0/22
Signature Algorithm: sha256WithRSAEncryption
22:49:d3:93:77:18:45:9a:ff:3f:34:b6:05:a6:6a:07:df:29:
5b:c2:b0:1d:df:0f:06:a0:6b:a0:fc:eb:dc:03:5c:5b:0e:4a:
30:11:2b:21:59:ac:7c:57:4a:64:14:56:99:6e:f5:23:02:1f:
ed:75:2a:f5:38:24:b3:42:06:a2:2e:b6:65:64:04:3f:d0:93:
96:d4:bc:20:ca:3a:1a:5e:3d:b1:7d:19:f0:1e:1b:62:4e:b7:
b3:31:ca:b7:4d:d5:b8:85:6b:c5:10:f3:37:76:2b:d3:a7:9a:
e0:9c:3f:c6:ef:9a:30:2f:d7:61:d7:dc:3d:f9:75:3d:54:92:
9b:b1:a8:ec:42:f9:98:6c:ee:78:87:fb:f8:ff:19:82:93:7c:
42:35:bd:71:01:a8:79:e9:c2:9e:5b:12:c1:09:0a:5a:24:e8:
d8:b0:6d:8b:8a:a8:a2:5f:a8:85:4b:0d:1a:f0:0b:58:96:d4:
39:af:a2:83:cd:10:d8:d3:1d:62:e8:50:4a:63:da:06:87:90:
77:93:9c:36:c9:44:bc:f0:85:6f:34:17:75:95:50:cb:fe:09:
7a:2a:f8:01:e5:c6:0a:73:96:1b:40:f5:56:32:71:0a:fc:8b:
e5:fc:29:ed:8c:26:5f:c7:35:80:fe:51:4f:2e:5a:e9:d6:65:
cb:b3:eb:63
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgICCDowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDAyMTYx
MDQyMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE3OUYwRDRCMzNEMkQw
MTBBMkZBOUY3MDhDQTE0Q0QzRTAyMkZGMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCx3nuTdJu226Or/d0s+I3qvB66vMe6CVnxZNS7Qz87p076h9j4
PUa15LJqVm1lTeaiLloSsgC4HfDP1RnecrdsZqr9UZkt5q8pBgkTq6oRW21p31it
1yKLcoq+Kp+zT4ywZpHLCd8SB5x9gp3cjn//bworIFZZGHFhL2hch7VHMOKcvZHo
PwKZ6QMyIZdS8/8T7CFSNxMJs9J3TIHADBRTmhlrjiXqoM84TUtjHu5OXi+Qwk/o
XHIQOc1/DjeZ4EAEvQ8aIMLK6siCkvl82P/rCsBJ3+wy851McyV93ZhjUKvKTGh5
GxpOEr0Aaa593DuuQkGw+7TjLElXlsfynltTAgMBAAGjggIPMIICCzAdBgNVHQ4E
FgQUF58NSzPS0BCi+p9wjKFM0+Ai/wcwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0Y1OE5TelBTMEJDaS1w
OXdqS0ZNMC1BaV93Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQD
BAJ7YggDBAJ7YhQDBAJ7YkwDBAJ7YlQDBALTlVADBALTlVgwDQYJKoZIhvcNAQEL
BQADggEBACJJ05N3GEWa/z80tgWmagffKVvCsB3fDwaga6D869wDXFsOSjARKyFZ
rHxXSmQUVplu9SMCH+11KvU4JLNCBqIutmVkBD/Qk5bUvCDKOhpePbF9GfAeG2JO
t7MxyrdN1biFa8UQ8zd2K9OnmuCcP8bvmjAv12HX3D35dT1UkpuxqOxC+Zhs7niH
+/j/GYKTfEI1vXEBqHnpwp5bEsEJClok6NiwbYuKqKJfqIVLDRrwC1iW1DmvooPN
ENjTHWLoUEpj2gaHkHeTnDbJRLzwhW80F3WVUMv+CXoq+AHlxgpzlhtA9VYycQr8
i+X8Ke2MJl/HNYD+UU8uWunWZcuz62M=
-----END CERTIFICATE-----
Generated at Tue Feb 20 12:04:23 2024 by rpki-client on console-fra.rpki-client.org