Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/QtDa8gEPjik5uOQKZ8rasx6DE1Q.roa
File: QtDa8gEPjik5uOQKZ8rasx6DE1Q.roa (raw, json)
Hash identifier: wap+bn0FxRqkptf+bgTz3Hmi7PE8cTzs4l7gIdfFXPI=
Subject key identifier: 42:D0:DA:F2:01:0F:8E:29:39:B8:E4:0A:67:CA:DA:B3:1E:83:13:54
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0781
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/QtDa8gEPjik5uOQKZ8rasx6DE1Q.roa
Signing time: Fri 12 Jan 2024 13:23:13 +0000
ROA not before: Fri 12 Jan 2024 13:23:13 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 62387
IP address blocks: 123.98.4.0/22 maxlen: 24
123.98.8.0/22 maxlen: 24
123.98.16.0/22 maxlen: 24
123.98.20.0/22 maxlen: 24
123.98.76.0/22 maxlen: 24
123.98.84.0/22 maxlen: 24
211.149.76.0/22 maxlen: 24
211.149.80.0/22 maxlen: 24
211.149.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 10:21:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1921 (0x781)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Jan 12 13:23:13 2024 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=42D0DAF2010F8E2939B8E40A67CADAB31E831354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:22:d9:54:cc:a5:b7:62:99:ba:5a:0c:89:38:
e9:15:65:fc:d3:22:98:41:cd:2a:d3:40:8a:dd:fa:
70:7e:0b:74:ca:14:b6:48:f3:3a:ab:e5:80:92:80:
17:40:56:b3:39:3c:cf:5c:4d:34:0d:c0:cd:b5:59:
a2:6f:e5:ca:86:e6:05:bc:7a:27:80:d9:e3:a5:7a:
8c:7b:44:c3:78:18:33:49:7c:52:ad:e4:8e:d3:09:
91:71:24:a6:71:de:02:b8:10:e7:0c:0f:62:ba:37:
28:f3:1a:a7:e1:d4:91:62:12:a6:ef:06:20:c5:c1:
90:23:46:7f:4e:30:30:db:ce:bb:63:f2:0b:90:d4:
48:c5:7b:c1:ea:4c:e6:52:92:bb:10:a0:e5:a5:4c:
af:93:ce:8c:0f:7b:ec:df:de:d1:82:b4:39:45:8d:
6f:c5:25:0f:28:6e:3d:17:fa:76:b6:57:0f:40:dc:
26:cd:9f:b8:0c:98:18:9a:f4:d2:38:49:60:8b:38:
70:bc:08:f9:24:a7:96:34:ce:18:0d:a5:7f:5f:c0:
f5:d7:ea:01:73:ee:63:78:2e:df:5a:62:67:b5:a3:
f7:18:0a:e3:60:fb:39:14:a0:23:cf:a5:be:99:b8:
0e:d3:21:45:32:6d:fa:3c:e3:9e:de:1a:b3:5d:2d:
92:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D0:DA:F2:01:0F:8E:29:39:B8:E4:0A:67:CA:DA:B3:1E:83:13:54
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/QtDa8gEPjik5uOQKZ8rasx6DE1Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.4.0-123.98.11.255
123.98.16.0/21
123.98.76.0/22
123.98.84.0/22
211.149.76.0-211.149.83.255
211.149.88.0/22
Signature Algorithm: sha256WithRSAEncryption
d4:b2:31:fd:b5:34:34:60:36:b8:d8:e2:00:2e:41:6b:d6:da:
ec:b3:7c:04:d1:00:d7:15:62:07:d6:ea:70:2d:33:51:38:2e:
8f:23:ad:23:8a:36:3b:b1:fb:dc:d4:7a:bf:48:af:7d:77:b0:
0e:0d:ef:cb:16:63:56:99:ef:a0:a4:41:a6:16:c7:6c:ae:08:
94:23:e8:13:7a:e3:0a:0b:3f:79:27:57:7f:04:0c:c0:2f:d2:
f0:ca:6a:7d:0d:ef:ed:66:11:c1:a1:f3:79:8f:ae:c4:ff:1d:
df:3b:52:96:5f:fc:6e:91:bc:49:1d:f1:fd:9a:36:2b:d8:ed:
2a:7d:ef:d8:0d:20:99:71:07:8e:93:1f:37:ce:eb:de:a5:51:
ed:ef:7a:b2:66:b3:2f:65:21:84:3a:c7:01:03:10:17:ad:ce:
eb:d4:ac:95:c5:48:28:db:55:aa:46:4c:de:b2:13:a2:b4:7d:
7f:50:b8:02:1a:75:02:e4:51:c0:bb:3f:ca:f4:81:57:28:c1:
d5:8c:84:e2:13:91:4b:af:c1:ad:66:f4:f6:1e:8c:3d:9e:11:
1d:16:a7:68:25:c6:59:5f:40:64:3c:4d:8f:86:a4:e6:77:21:
c0:86:ea:a5:2e:90:0f:08:99:5c:71:dc:f7:37:b2:b0:38:24:
49:74:b0:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgICB4EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDAxMTIx
MzIzMTNaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDQyRDBEQUYyMDEwRjhF
MjkzOUI4RTQwQTY3Q0FEQUIzMUU4MzEzNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCItlUzKW3Ypm6WgyJOOkVZfzTIphBzSrTQIrd+nB+C3TKFLZI
8zqr5YCSgBdAVrM5PM9cTTQNwM21WaJv5cqG5gW8eieA2eOleox7RMN4GDNJfFKt
5I7TCZFxJKZx3gK4EOcMD2K6NyjzGqfh1JFiEqbvBiDFwZAjRn9OMDDbzrtj8guQ
1EjFe8HqTOZSkrsQoOWlTK+TzowPe+zf3tGCtDlFjW/FJQ8obj0X+na2Vw9A3CbN
n7gMmBia9NI4SWCLOHC8CPkkp5Y0zhgNpX9fwPXX6gFz7mN4Lt9aYme1o/cYCuNg
+zkUoCPPpb6ZuA7TIUUybfo8457eGrNdLZJ7AgMBAAGjggIfMIICGzAdBgNVHQ4E
FgQUQtDa8gEPjik5uOQKZ8rasx6DE1QwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1F0RGE4Z0VQamlrNXVP
UUtaOHJhc3g2REUxUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwTQYIKwYBBQUHAQcBAf8EPjA8MDoEAgABMDQw
DAMEAntiBAMEAntiCAMEA3tiEAMEAntiTAMEAntiVDAMAwQC05VMAwQC05VQAwQC
05VYMA0GCSqGSIb3DQEBCwUAA4IBAQDUsjH9tTQ0YDa42OIALkFr1trss3wE0QDX
FWIH1upwLTNROC6PI60jijY7sfvc1Hq/SK99d7AODe/LFmNWme+gpEGmFsdsrgiU
I+gTeuMKCz95J1d/BAzAL9Lwymp9De/tZhHBofN5j67E/x3fO1KWX/xukbxJHfH9
mjYr2O0qfe/YDSCZcQeOkx83zuvepVHt73qyZrMvZSGEOscBAxAXrc7r1KyVxUgo
21WqRkzeshOitH1/ULgCGnUC5FHAuz/K9IFXKMHVjITiE5FLr8GtZvT2How9nhEd
FqdoJcZZX0BkPE2PhqTmdyHAhuqlLpAPCJlccdz3N7KwOCRJdLDj
-----END CERTIFICATE-----
Generated at Fri Feb 16 14:45:39 2024 by rpki-client on console-fra.rpki-client.org