Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/O7XIazBabwTyKPu_ZoEgNpLlp8o.roa
File: O7XIazBabwTyKPu_ZoEgNpLlp8o.roa (raw, json)
Hash identifier: g7H+LLhyVsUE9tKMYHgrntKG2zyXMFFVgToRcP5jGbA=
Subject key identifier: 3B:B5:C8:6B:30:5A:6F:04:F2:28:FB:BF:66:81:20:36:92:E5:A7:CA
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 048F
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/O7XIazBabwTyKPu_ZoEgNpLlp8o.roa
Signing time: Mon 04 Sep 2023 02:40:42 +0000
ROA not before: Mon 04 Sep 2023 02:40:42 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 35913
IP address blocks: 123.98.68.0/22 maxlen: 24
123.98.76.0/22 maxlen: 24
123.98.84.0/22 maxlen: 24
210.79.104.0/22 maxlen: 24
210.79.124.0/22 maxlen: 24
211.149.36.0/22 maxlen: 24
211.149.44.0/22 maxlen: 24
211.149.84.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1167 (0x48f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Sep 4 02:40:42 2023 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=3BB5C86B305A6F04F228FBBF6681203692E5A7CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bd:9f:50:cd:b3:c3:fe:16:1c:b7:35:f1:25:
77:c8:55:12:17:9e:34:3c:93:a7:b4:3f:8f:6c:ca:
06:eb:44:45:38:79:23:9f:43:c3:24:40:0c:8f:17:
14:00:0c:37:a8:c1:44:96:be:d9:84:d9:8c:06:f9:
f3:d7:d1:19:2b:d8:bd:d1:e9:d4:99:45:85:18:d0:
09:27:cd:91:5c:94:d3:f7:4a:4e:87:7f:4e:ed:70:
6f:b8:4b:0f:ac:04:64:79:f7:27:31:41:c7:0f:8b:
00:08:4a:14:3c:9c:eb:10:46:59:94:15:47:e6:1f:
6c:5f:37:4d:da:7d:aa:07:59:5e:ec:a3:16:ee:c2:
fe:87:ee:cb:45:60:0f:19:b2:ab:53:aa:41:1c:18:
34:61:60:14:46:17:f5:8c:30:34:89:a5:f9:8a:91:
6d:ac:e9:b7:c4:19:d4:b5:3d:48:30:04:1b:f6:e0:
0a:32:eb:fb:52:59:42:ac:99:49:5b:ea:92:3a:93:
bc:d4:9f:48:c3:94:7d:fe:a9:7e:2d:94:c1:4a:0e:
b7:57:a4:45:35:ae:82:03:44:e6:91:f2:eb:71:0d:
1e:b6:1c:1d:d1:98:08:bb:ef:d5:6d:bc:e7:1c:b0:
2b:3b:08:61:c8:44:f9:1e:9f:43:f4:17:a1:6a:76:
b6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B5:C8:6B:30:5A:6F:04:F2:28:FB:BF:66:81:20:36:92:E5:A7:CA
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/O7XIazBabwTyKPu_ZoEgNpLlp8o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.68.0/22
123.98.76.0/22
123.98.84.0/22
210.79.104.0/22
210.79.124.0/22
211.149.36.0/22
211.149.44.0/22
211.149.84.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:77:4e:fd:8f:6d:64:c4:d7:44:15:91:20:a5:f2:53:3a:a1:
e7:2e:7f:48:18:7c:bd:b7:7a:77:ed:fc:ce:b4:14:93:ec:80:
7f:d8:da:7a:44:3b:3a:81:a9:da:b8:e1:62:50:21:82:a9:7b:
37:b3:aa:ca:63:af:8a:20:90:a2:ea:c3:83:b9:81:16:03:ba:
db:69:3e:b2:d6:18:0b:3b:67:2d:50:18:b9:2e:bd:0f:d5:ad:
75:46:3f:0b:bd:60:0c:4d:54:93:9f:02:e0:87:43:26:43:01:
17:e4:82:dd:0b:65:31:d7:bc:01:e3:f6:7b:0a:88:8a:e1:c8:
d1:bf:3c:4c:c9:b2:be:9a:f0:23:00:38:39:a9:bc:c1:ae:06:
3b:9e:0b:2a:39:36:8b:fa:d6:dd:9e:dc:e2:14:78:f0:0f:a5:
73:20:7f:57:9c:7e:8d:64:80:10:4a:3e:e0:06:2d:f6:14:38:
1c:43:36:76:d0:b7:42:fa:c0:95:b9:5a:36:58:0e:33:8c:3d:
ba:6a:e9:b4:4b:1f:fd:a2:f3:e1:58:29:10:45:fb:7a:6d:81:
ce:0a:f2:cc:3f:69:ef:c2:4c:72:64:11:a6:28:b7:84:47:cb:
53:4c:9f:e6:92:9c:3a:0c:ac:8f:81:f7:f1:0f:ad:f7:6c:cb:
96:ea:a6:49
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgICBI8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA5MDQw
MjQwNDJaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKDNCQjVDODZCMzA1QTZG
MDRGMjI4RkJCRjY2ODEyMDM2OTJFNUE3Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAvZ9QzbPD/hYctzXxJXfIVRIXnjQ8k6e0P49sygbrREU4eSOf
Q8MkQAyPFxQADDeowUSWvtmE2YwG+fPX0Rkr2L3R6dSZRYUY0AknzZFclNP3Sk6H
f07tcG+4Sw+sBGR59ycxQccPiwAIShQ8nOsQRlmUFUfmH2xfN03afaoHWV7soxbu
wv6H7stFYA8ZsqtTqkEcGDRhYBRGF/WMMDSJpfmKkW2s6bfEGdS1PUgwBBv24Aoy
6/tSWUKsmUlb6pI6k7zUn0jDlH3+qX4tlMFKDrdXpEU1roIDROaR8utxDR62HB3R
mAi779VtvOccsCs7CGHIRPken0P0F6Fqdra5AgMBAAGjggIbMIICFzAdBgNVHQ4E
FgQUO7XIazBabwTyKPu/ZoEgNpLlp8owHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL083WElhekJhYndUeUtQ
dV9ab0VnTnBMbHA4by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDAD
BAJ7YkQDBAJ7YkwDBAJ7YlQDBALST2gDBALST3wDBALTlSQDBALTlSwDBALTlVQw
DQYJKoZIhvcNAQELBQADggEBAJ13Tv2PbWTE10QVkSCl8lM6oecuf0gYfL23enft
/M60FJPsgH/Y2npEOzqBqdq44WJQIYKpezezqspjr4ogkKLqw4O5gRYDuttpPrLW
GAs7Zy1QGLkuvQ/VrXVGPwu9YAxNVJOfAuCHQyZDARfkgt0LZTHXvAHj9nsKiIrh
yNG/PEzJsr6a8CMAODmpvMGuBjueCyo5Nov61t2e3OIUePAPpXMgf1ecfo1kgBBK
PuAGLfYUOBxDNnbQt0L6wJW5WjZYDjOMPbpq6bRLH/2i8+FYKRBF+3ptgc4K8sw/
ae/CTHJkEaYot4RHy1NMn+aSnDoMrI+B9/EPrfdsy5bqpkk=
-----END CERTIFICATE-----
Generated at Thu Sep 7 03:54:59 2023 by rpki-client on console-fra.rpki-client.org