Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/FzJ6mfxOYO6vGecMfZZUXiFyeyc.roa
File: FzJ6mfxOYO6vGecMfZZUXiFyeyc.roa (raw, json)
Hash identifier: rg7VuGUgZ6oNbhYyezv5NAQRDEprdHtrQST+7XwBEGU=
Subject key identifier: 17:32:7A:99:FC:4E:60:EE:AF:19:E7:0C:7D:96:54:5E:21:72:7B:27
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0C73
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/FzJ6mfxOYO6vGecMfZZUXiFyeyc.roa
Signing time: Sun 01 Sep 2024 11:35:49 +0000
ROA not before: Sun 01 Sep 2024 11:35:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 215784
IP address blocks: 211.149.36.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 13:23:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3187 (0xc73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Sep 1 11:35:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=17327A99FC4E60EEAF19E70C7D96545E21727B27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:22:1d:f7:fb:f5:ec:51:d8:77:02:93:c4:f6:
e8:a8:d4:60:22:6a:ad:87:61:fd:70:74:22:09:7c:
34:00:65:b1:af:e2:1a:0c:78:b8:3f:80:2a:37:e7:
a3:b6:ca:9a:e6:7b:3f:16:a2:ad:c8:07:dd:a3:d7:
76:06:79:72:84:38:6a:58:d5:db:a0:65:d7:ca:7f:
d2:00:45:e9:6e:ad:3a:6e:b4:9c:d3:f6:44:ed:47:
86:75:a6:a8:0b:9a:f7:85:f4:36:ec:92:f9:93:01:
8d:de:41:16:fc:b0:82:08:f5:12:81:6a:d8:b3:67:
d1:81:1a:33:c2:b1:75:ef:32:4f:a8:c2:a9:c7:43:
ac:0d:2a:4c:75:21:6a:ca:97:4c:81:aa:8e:32:46:
f8:4f:d7:6a:ba:d8:4b:9f:fe:54:af:c7:8b:39:cb:
af:a5:f9:2a:45:8f:fa:e5:c9:07:60:8f:e0:0a:9e:
e8:5c:75:7d:6e:7b:85:1b:23:89:ea:d3:a0:fc:71:
1c:5e:f8:c5:68:f0:f2:33:ea:e7:09:8e:a0:6a:e3:
15:09:6c:55:c5:0c:d5:7f:e8:77:cb:57:aa:09:d0:
73:ab:89:e9:e9:4c:75:0f:0b:60:22:d8:0d:07:c1:
6a:86:a1:04:09:8e:8b:61:e4:6f:53:71:4e:9e:92:
2b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:32:7A:99:FC:4E:60:EE:AF:19:E7:0C:7D:96:54:5E:21:72:7B:27
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/FzJ6mfxOYO6vGecMfZZUXiFyeyc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.149.36.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:55:b8:ad:32:e4:74:7b:bd:df:dc:f4:0b:c2:f4:79:df:fa:
7e:eb:35:81:e6:c4:c9:37:74:05:25:20:fd:3c:66:8e:c5:b8:
00:23:3a:c5:14:99:a3:a7:54:a3:09:73:72:ef:9b:ac:2d:fd:
03:e0:f6:c9:ec:a1:49:18:0b:eb:8a:1a:73:8c:09:26:cf:57:
c2:2b:63:0c:87:a3:64:d6:01:82:2a:a9:21:c9:74:3e:0e:e4:
b4:cd:ce:07:df:15:00:13:be:ea:0b:68:35:1a:f6:cc:0d:61:
a8:15:ac:50:24:50:7d:99:11:cb:8a:13:82:1c:ff:18:9e:cf:
d9:cf:9c:70:df:8f:74:29:0b:95:30:17:1a:c9:61:79:47:41:
9f:69:02:a2:c9:a8:b3:c5:b2:7a:ee:e7:8a:23:89:53:a6:c1:
37:ee:d9:cc:9d:00:09:d4:f2:e9:45:51:1f:06:72:2a:7b:c7:
d8:6e:2a:31:7f:ec:d3:52:21:1c:c0:a6:ef:00:d1:1f:8e:69:
b8:ca:d1:24:34:83:07:3a:78:16:4c:54:e4:33:b6:47:cd:1b:
ce:87:01:de:ea:48:2a:01:e8:7e:9f:7d:9e:27:3c:d7:6f:80:
13:bc:c6:1a:89:c4:04:a9:36:b0:95:2c:cc:77:1e:c0:da:9f:
b6:93:fe:2e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDHMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA5MDEx
MTM1NDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE3MzI3QTk5RkM0RTYw
RUVBRjE5RTcwQzdEOTY1NDVFMjE3MjdCMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCaIh33+/XsUdh3ApPE9uio1GAiaq2HYf1wdCIJfDQAZbGv4hoM
eLg/gCo356O2yprmez8Woq3IB92j13YGeXKEOGpY1dugZdfKf9IARelurTputJzT
9kTtR4Z1pqgLmveF9DbskvmTAY3eQRb8sIII9RKBatizZ9GBGjPCsXXvMk+owqnH
Q6wNKkx1IWrKl0yBqo4yRvhP12q62Euf/lSvx4s5y6+l+SpFj/rlyQdgj+AKnuhc
dX1ue4UbI4nq06D8cRxe+MVo8PIz6ucJjqBq4xUJbFXFDNV/6HfLV6oJ0HOrienp
THUPC2Ai2A0HwWqGoQQJjoth5G9TcU6ekivPAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUFzJ6mfxOYO6vGecMfZZUXiFyeycwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0Z6SjZtZnhPWU82dkdl
Y01mWlpVWGlGeWV5Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALTlSQwDQYJKoZIhvcNAQELBQADggEBALZVuK0y5HR7vd/c9AvC9Hnf+n7rNYHm
xMk3dAUlIP08Zo7FuAAjOsUUmaOnVKMJc3Lvm6wt/QPg9snsoUkYC+uKGnOMCSbP
V8IrYwyHo2TWAYIqqSHJdD4O5LTNzgffFQATvuoLaDUa9swNYagVrFAkUH2ZEcuK
E4Ic/xiez9nPnHDfj3QpC5UwFxrJYXlHQZ9pAqLJqLPFsnru54ojiVOmwTfu2cyd
AAnU8ulFUR8Gcip7x9huKjF/7NNSIRzApu8A0R+OabjK0SQ0gwc6eBZMVOQztkfN
G86HAd7qSCoB6H6ffZ4nPNdvgBO8xhqJxASpNrCVLMx3HsDan7aT/i4=
-----END CERTIFICATE-----
Generated at Thu Sep 5 16:58:40 2024 by rpki-client on console-ams.rpki-client.org