Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/F7uRYDGcteLsYTMTxpdN2p4akIk.roa
File: F7uRYDGcteLsYTMTxpdN2p4akIk.roa (raw, json)
Hash identifier: lIZq4Xr64ALUltMHqV0JVkifTMqZsnoFpVIleXLjF2w=
Subject key identifier: 17:BB:91:60:31:9C:B5:E2:EC:61:33:13:C6:97:4D:DA:9E:1A:90:89
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0C7B
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/F7uRYDGcteLsYTMTxpdN2p4akIk.roa
Signing time: Sun 01 Sep 2024 11:36:49 +0000
ROA not before: Sun 01 Sep 2024 11:36:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 215784
IP address blocks: 211.149.52.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 13:22:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3195 (0xc7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Sep 1 11:36:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=17BB9160319CB5E2EC613313C6974DDA9E1A9089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0b:f6:a8:f9:a1:da:86:09:30:1b:78:23:9d:
df:1f:76:11:32:cc:d6:19:d2:14:a5:55:4a:ed:02:
96:58:6d:7c:9c:db:ec:55:25:d9:66:3f:24:45:dd:
e2:b6:a4:9a:af:91:28:a2:82:3a:6d:7b:c6:95:95:
fa:9f:68:e0:94:d0:57:73:ee:ea:f1:43:95:1b:49:
a9:be:9d:e5:40:ab:fb:ab:68:a0:2f:50:9d:1b:9e:
4a:b3:71:e8:a2:8f:fb:7d:d5:81:9b:18:ba:cc:9a:
08:40:8a:d1:07:e3:ad:98:f1:ca:12:da:fd:a9:81:
3b:89:53:88:09:e2:ad:a7:c3:20:d2:4b:97:60:69:
35:ec:97:f4:74:54:39:72:02:e7:4d:d7:82:e9:9d:
14:43:24:7f:4c:d7:99:80:65:a8:c8:5d:6d:58:59:
56:49:99:2f:83:6d:42:fb:7d:70:03:05:47:c7:63:
5a:1b:3d:0e:5c:14:25:aa:53:7a:b0:5e:65:58:f2:
1c:8f:77:12:88:4a:e9:f5:c8:d7:22:87:12:72:8b:
a7:52:e6:b6:d4:54:8e:a1:14:3c:1b:d4:b1:bc:d4:
15:f0:0f:21:29:bb:53:41:31:8e:15:17:de:f4:f7:
98:16:3e:ea:a9:6a:0f:40:08:75:a4:ca:33:a6:89:
1b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:BB:91:60:31:9C:B5:E2:EC:61:33:13:C6:97:4D:DA:9E:1A:90:89
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/F7uRYDGcteLsYTMTxpdN2p4akIk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.149.52.0/22
Signature Algorithm: sha256WithRSAEncryption
dc:3f:35:41:4b:17:b0:ba:66:7a:b7:99:77:d2:a6:00:0d:89:
ff:88:1a:22:ce:5f:ef:c1:fa:7b:f7:1a:41:81:c6:38:8c:80:
cc:ba:e5:59:e4:d0:6d:38:c2:a4:69:31:5b:54:40:1e:ca:c7:
0e:85:69:11:66:d9:5b:d3:cd:3e:24:63:93:76:d2:06:47:fe:
db:1b:56:7f:f8:fa:3b:eb:8f:cf:b0:87:8b:45:45:d2:4c:91:
4d:41:22:49:48:22:70:09:ea:70:bc:a0:59:80:a9:90:3b:95:
ae:2c:c0:3d:63:8b:c5:ed:dc:ec:34:bb:1c:d9:59:0e:08:b6:
ae:35:c7:fb:bd:1f:e2:4f:d6:74:1d:7f:34:a2:ed:9e:a8:d1:
65:5e:50:0d:3f:32:47:ac:e5:4c:50:a9:73:29:a3:26:66:8e:
73:3f:f1:24:ea:e0:7b:83:5c:f8:b6:ee:4b:e4:94:a0:d7:2a:
aa:6d:e8:f1:e9:4c:0a:1b:44:e6:84:87:03:2d:7d:7f:7c:82:
03:95:4f:6a:88:2e:56:57:3c:a3:e0:de:7a:c9:53:ac:fe:d2:
de:2d:5f:c0:ab:81:9a:7f:1c:74:f4:11:5f:2d:45:7d:86:8d:
91:50:8d:10:e5:ba:db:ea:91:b5:9f:1e:0c:fd:26:af:a6:d4:
53:b0:d3:0b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDHswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA5MDEx
MTM2NDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE3QkI5MTYwMzE5Q0I1
RTJFQzYxMzMxM0M2OTc0RERBOUUxQTkwODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcC/ao+aHahgkwG3gjnd8fdhEyzNYZ0hSlVUrtApZYbXyc2+xV
JdlmPyRF3eK2pJqvkSiigjpte8aVlfqfaOCU0Fdz7urxQ5UbSam+neVAq/uraKAv
UJ0bnkqzceiij/t91YGbGLrMmghAitEH462Y8coS2v2pgTuJU4gJ4q2nwyDSS5dg
aTXsl/R0VDlyAudN14LpnRRDJH9M15mAZajIXW1YWVZJmS+DbUL7fXADBUfHY1ob
PQ5cFCWqU3qwXmVY8hyPdxKISun1yNcihxJyi6dS5rbUVI6hFDwb1LG81BXwDyEp
u1NBMY4VF97095gWPuqpag9ACHWkyjOmiRvNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUF7uRYDGcteLsYTMTxpdN2p4akIkwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0Y3dVJZREdjdGVMc1lU
TVR4cGROMnA0YWtJay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALTlTQwDQYJKoZIhvcNAQELBQADggEBANw/NUFLF7C6Znq3mXfSpgANif+IGiLO
X+/B+nv3GkGBxjiMgMy65Vnk0G04wqRpMVtUQB7Kxw6FaRFm2VvTzT4kY5N20gZH
/tsbVn/4+jvrj8+wh4tFRdJMkU1BIklIInAJ6nC8oFmAqZA7la4swD1ji8Xt3Ow0
uxzZWQ4Itq41x/u9H+JP1nQdfzSi7Z6o0WVeUA0/Mkes5UxQqXMpoyZmjnM/8STq
4HuDXPi27kvklKDXKqpt6PHpTAobROaEhwMtfX98ggOVT2qILlZXPKPg3nrJU6z+
0t4tX8CrgZp/HHT0EV8tRX2GjZFQjRDlutvqkbWfHgz9Jq+m1FOw0ws=
-----END CERTIFICATE-----
Generated at Thu Sep 5 16:58:40 2024 by rpki-client on console-ams.rpki-client.org