Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/NqiCDn4cszZCkNAZDnYntjFyRa4.roa
File: NqiCDn4cszZCkNAZDnYntjFyRa4.roa (raw, json)
Hash identifier: yBTOuYQexXXJz4LyH6q7ikFb9Fiy0HLHUzl+JRiLHhg=
Subject key identifier: 36:A8:82:0E:7E:1C:B3:36:42:90:D0:19:0E:76:27:B6:31:72:45:AE
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0385
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/NqiCDn4cszZCkNAZDnYntjFyRa4.roa
Signing time: Mon 17 Jul 2023 05:41:11 +0000
ROA not before: Mon 17 Jul 2023 05:41:11 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 35913
IP address blocks: 123.98.68.0/22 maxlen: 24
123.98.76.0/22 maxlen: 24
123.98.84.0/22 maxlen: 24
123.98.96.0/22 maxlen: 24
123.98.108.0/22 maxlen: 24
123.98.120.0/22 maxlen: 24
210.79.104.0/22 maxlen: 24
210.79.124.0/22 maxlen: 24
211.149.36.0/22 maxlen: 24
211.149.44.0/22 maxlen: 24
211.149.56.0/22 maxlen: 24
211.149.84.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 901 (0x385)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Jul 17 05:41:11 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=36A8820E7E1CB3364290D0190E7627B6317245AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:4d:e6:1e:d5:93:db:25:44:f7:58:3b:19:f8:
ad:bf:85:d3:5b:a5:85:1f:f5:5c:14:2c:86:f5:82:
6f:2a:da:7a:1b:a8:57:b5:8c:0f:a0:e1:37:82:0a:
a2:f8:2d:ce:69:57:33:40:25:ca:d3:61:7e:25:b6:
ed:54:d6:69:6e:9b:15:67:de:e7:6c:4d:15:e7:8d:
f9:ef:3e:22:de:15:84:24:93:81:13:fc:99:93:b3:
7b:3c:5e:e2:f8:08:c7:93:1e:61:6b:18:16:a5:29:
19:c3:58:90:86:47:4a:c3:6d:4e:11:0d:00:b6:87:
52:7c:fe:2f:dd:ce:b0:11:78:47:e9:26:3f:02:de:
1e:cc:2c:9f:06:e6:d9:a4:ef:eb:ab:b1:ae:c2:02:
92:52:26:96:e4:e4:4c:d3:ab:e4:a2:49:29:0c:c2:
6f:0d:a5:d9:df:8c:a7:86:c4:c5:f7:30:ba:d6:04:
64:93:24:8f:aa:15:53:fc:9b:2b:34:cb:c5:c6:b8:
38:4e:7c:bd:e1:b5:29:4a:9d:3d:21:cf:fa:24:64:
17:23:8e:0d:80:cc:e1:91:2e:ed:c8:2d:6c:ba:7b:
d5:26:36:82:3d:31:85:fe:4c:9f:f5:d9:00:bd:22:
d1:a6:92:5d:f6:bb:25:0d:3c:dc:3b:9e:ee:86:62:
10:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A8:82:0E:7E:1C:B3:36:42:90:D0:19:0E:76:27:B6:31:72:45:AE
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/NqiCDn4cszZCkNAZDnYntjFyRa4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.68.0/22
123.98.76.0/22
123.98.84.0/22
123.98.96.0/22
123.98.108.0/22
123.98.120.0/22
210.79.104.0/22
210.79.124.0/22
211.149.36.0/22
211.149.44.0/22
211.149.56.0/22
211.149.84.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:c0:7c:41:ac:30:04:82:d8:a2:4b:28:e1:ec:3e:2d:96:0f:
08:0b:1e:6b:90:a0:eb:90:8a:23:7d:d0:4a:fc:f6:3a:5e:01:
67:2e:30:8a:c1:a9:f4:01:0b:d7:db:18:fb:ef:dc:3a:d7:08:
a7:e4:95:8e:c5:96:76:0a:b7:51:78:52:12:41:20:63:a6:4c:
cb:15:6d:38:6f:48:d7:33:2d:c8:67:35:b1:3f:0f:ff:54:9e:
49:08:62:37:73:02:d8:ea:d8:cc:10:45:d7:f3:b3:d7:d0:6b:
0a:41:4e:e5:30:89:87:b8:05:41:ee:b3:1f:e3:5f:1c:be:2f:
33:47:9a:d6:82:ed:e0:b2:08:3d:0e:9f:c3:0d:b2:f3:50:fb:
da:95:19:46:e9:56:dd:a5:68:f1:d2:fe:ed:e5:a3:a9:79:8b:
c4:24:5c:ac:cf:6e:a1:3d:65:49:4f:5e:33:36:bb:ce:d5:d6:
49:52:35:6f:6b:04:da:c9:0d:16:b9:7b:7a:5d:3e:bc:47:de:
e4:f1:11:75:95:23:91:e5:2b:52:4e:44:f0:29:76:5f:fe:31:
b0:02:76:f3:5b:e3:7a:13:42:a6:76:ac:a2:5f:22:13:9f:f5:
39:de:79:58:88:ca:bc:ef:40:94:2b:d9:2c:4a:41:61:eb:74:
8b:ef:8a:f9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgICA4UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA3MTcw
NTQxMTFaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDM2QTg4MjBFN0UxQ0Iz
MzY0MjkwRDAxOTBFNzYyN0I2MzE3MjQ1QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhTeYe1ZPbJUT3WDsZ+K2/hdNbpYUf9VwULIb1gm8q2nobqFe1
jA+g4TeCCqL4Lc5pVzNAJcrTYX4ltu1U1mlumxVn3udsTRXnjfnvPiLeFYQkk4ET
/JmTs3s8XuL4CMeTHmFrGBalKRnDWJCGR0rDbU4RDQC2h1J8/i/dzrAReEfpJj8C
3h7MLJ8G5tmk7+ursa7CApJSJpbk5EzTq+SiSSkMwm8NpdnfjKeGxMX3MLrWBGST
JI+qFVP8mys0y8XGuDhOfL3htSlKnT0hz/okZBcjjg2AzOGRLu3ILWy6e9UmNoI9
MYX+TJ/12QC9ItGmkl32uyUNPNw7nu6GYhCvAgMBAAGjggIzMIICLzAdBgNVHQ4E
FgQUNqiCDn4cszZCkNAZDnYntjFyRa4wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL05xaUNEbjRjc3paQ2tO
QVpEblludGpGeVJhNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYQYIKwYBBQUHAQcBAf8EUjBQME4EAgABMEgD
BAJ7YkQDBAJ7YkwDBAJ7YlQDBAJ7YmADBAJ7YmwDBAJ7YngDBALST2gDBALST3wD
BALTlSQDBALTlSwDBALTlTgDBALTlVQwDQYJKoZIhvcNAQELBQADggEBAKPAfEGs
MASC2KJLKOHsPi2WDwgLHmuQoOuQiiN90Er89jpeAWcuMIrBqfQBC9fbGPvv3DrX
CKfklY7FlnYKt1F4UhJBIGOmTMsVbThvSNczLchnNbE/D/9UnkkIYjdzAtjq2MwQ
Rdfzs9fQawpBTuUwiYe4BUHusx/jXxy+LzNHmtaC7eCyCD0On8MNsvNQ+9qVGUbp
Vt2laPHS/u3lo6l5i8QkXKzPbqE9ZUlPXjM2u87V1klSNW9rBNrJDRa5e3pdPrxH
3uTxEXWVI5HlK1JORPApdl/+MbACdvNb43oTQqZ2rKJfIhOf9TneeViIyrzvQJQr
2SxKQWHrdIvvivk=
-----END CERTIFICATE-----
Generated at Fri Aug 4 05:07:54 2023 by rpki-client on console-ams.rpki-client.org