Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/LXofIoF_1HxSWZzeAlqLNu5Obhc.roa
File: LXofIoF_1HxSWZzeAlqLNu5Obhc.roa (raw, json)
Hash identifier: OSGja4CWv7iGQxMidOXT2JmDGb+kCo1Ha3b8uBgsaIk=
Subject key identifier: 2D:7A:1F:22:81:7F:D4:7C:52:59:9C:DE:02:5A:8B:36:EE:4E:6E:17
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0616
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/LXofIoF_1HxSWZzeAlqLNu5Obhc.roa
Signing time: Tue 07 Nov 2023 03:03:56 +0000
ROA not before: Tue 07 Nov 2023 03:03:56 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 34549
IP address blocks: 123.98.64.0/22 maxlen: 24
123.98.72.0/22 maxlen: 24
123.98.100.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 10:42:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1558 (0x616)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Nov 7 03:03:56 2023 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=2D7A1F22817FD47C52599CDE025A8B36EE4E6E17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:68:60:ac:20:f4:4f:75:cc:88:56:aa:d0:d8:
f4:e9:79:4e:00:4a:e8:7e:9c:64:95:b0:bc:8a:9b:
33:65:ad:ff:45:c8:37:86:2f:d4:af:23:d7:9a:ef:
19:27:ba:3a:be:dd:40:8f:c3:ca:bc:2c:e8:00:b6:
0a:fd:3b:6f:8b:bd:60:40:5e:fe:52:b2:a5:40:e0:
a7:a8:ec:b1:d1:6f:d7:27:27:0f:1b:19:e9:9f:7f:
bf:b8:2b:50:7b:9b:9a:52:1a:1f:6d:bb:49:8f:27:
ee:b5:ff:df:fe:8b:65:4f:59:31:73:8a:25:6b:5d:
d0:ef:16:0a:92:e7:0e:c8:e7:68:e4:df:43:d6:8c:
7e:83:94:41:3e:ee:bb:36:8d:b8:65:49:f2:4d:15:
ba:c8:aa:d5:19:64:f0:59:33:02:c0:74:05:1d:de:
25:43:b5:d3:31:95:d4:92:23:db:00:a0:0d:20:81:
48:f9:64:3f:6f:ad:53:f7:63:3f:1c:76:44:76:9f:
a8:ef:cb:4e:87:95:1e:c2:9b:60:22:e3:78:14:c9:
e1:68:60:db:46:dc:32:12:cd:fb:32:92:f0:1e:93:
93:b8:63:5c:34:4c:d9:a2:d6:1c:ff:71:33:c7:8c:
0c:6f:3c:54:9e:d5:7f:63:47:60:ee:0b:5c:aa:04:
f6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:7A:1F:22:81:7F:D4:7C:52:59:9C:DE:02:5A:8B:36:EE:4E:6E:17
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/LXofIoF_1HxSWZzeAlqLNu5Obhc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.64.0/22
123.98.72.0/22
123.98.100.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:b1:04:ca:42:46:09:e8:9f:aa:ce:80:d8:fe:26:10:2b:da:
d2:3c:84:8b:0d:64:45:d0:1b:25:13:95:5c:99:16:c3:ee:30:
43:d5:8e:d4:2a:6b:51:15:4d:d8:78:6e:b7:75:99:98:2f:2c:
f2:c7:81:41:45:b2:99:8c:97:92:db:5c:b7:07:90:99:dc:ab:
ec:bf:26:d1:ae:28:1b:e1:78:eb:1c:3c:02:5f:12:11:cb:24:
33:33:3b:44:e0:b9:f3:11:6c:bf:fa:ef:71:3b:d7:aa:7a:38:
85:f6:8c:ed:38:00:e8:68:86:44:8b:16:0b:bc:ef:2d:e8:ed:
81:e0:0b:2f:73:be:85:45:69:33:5b:a6:d8:7e:5f:9e:39:71:
ea:2d:71:a6:6b:21:09:b3:41:40:91:ba:ee:24:ab:c4:41:f8:
54:25:be:ae:17:65:a1:54:2e:90:cd:94:af:28:4d:2d:1b:67:
83:17:e5:f8:51:08:9b:24:9f:6f:9c:79:4b:da:e7:ac:0d:48:
32:b3:cb:fa:a1:8c:75:00:5f:47:5e:a0:f2:98:be:ce:c8:81:
f6:44:b3:3c:78:49:47:19:0b:8b:76:ec:32:0f:12:50:4e:81:
18:69:67:48:b2:d5:67:69:ca:d1:e6:d2:2a:c4:ab:2d:16:f7:
41:73:61:71
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICBhYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzExMDcw
MzAzNTZaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDJEN0ExRjIyODE3RkQ0
N0M1MjU5OUNERTAyNUE4QjM2RUU0RTZFMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgaGCsIPRPdcyIVqrQ2PTpeU4ASuh+nGSVsLyKmzNlrf9FyDeG
L9SvI9ea7xknujq+3UCPw8q8LOgAtgr9O2+LvWBAXv5SsqVA4Keo7LHRb9cnJw8b
Gemff7+4K1B7m5pSGh9tu0mPJ+61/9/+i2VPWTFziiVrXdDvFgqS5w7I52jk30PW
jH6DlEE+7rs2jbhlSfJNFbrIqtUZZPBZMwLAdAUd3iVDtdMxldSSI9sAoA0ggUj5
ZD9vrVP3Yz8cdkR2n6jvy06HlR7Cm2Ai43gUyeFoYNtG3DISzfsykvAek5O4Y1w0
TNmi1hz/cTPHjAxvPFSe1X9jR2DuC1yqBPYRAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQULXofIoF/1HxSWZzeAlqLNu5ObhcwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0xYb2ZJb0ZfMUh4U1da
emVBbHFMTnU1T2JoYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAJ7YkADBAJ7YkgDBAF7YmQwDQYJKoZIhvcNAQELBQADggEBAB+xBMpCRgnon6rO
gNj+JhAr2tI8hIsNZEXQGyUTlVyZFsPuMEPVjtQqa1EVTdh4brd1mZgvLPLHgUFF
spmMl5LbXLcHkJncq+y/JtGuKBvheOscPAJfEhHLJDMzO0TgufMRbL/673E716p6
OIX2jO04AOhohkSLFgu87y3o7YHgCy9zvoVFaTNbpth+X545ceotcaZrIQmzQUCR
uu4kq8RB+FQlvq4XZaFULpDNlK8oTS0bZ4MX5fhRCJskn2+ceUva56wNSDKzy/qh
jHUAX0deoPKYvs7IgfZEszx4SUcZC4t27DIPElBOgRhpZ0iy1WdpytHm0irEqy0W
90FzYXE=
-----END CERTIFICATE-----
Generated at Fri Feb 16 14:45:39 2024 by rpki-client on console-fra.rpki-client.org