Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/RMBXHWOUPcSfMLTrxpEdr_KNfc4.roa
File: RMBXHWOUPcSfMLTrxpEdr_KNfc4.roa (raw, json)
Hash identifier: TL9uab9HMo+rRhRe2yfbn6fzG9hO6RJzYJehJBydE5w=
Subject key identifier: 44:C0:57:1D:63:94:3D:C4:9F:30:B4:EB:C6:91:1D:AF:F2:8D:7D:CE
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0853
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/RMBXHWOUPcSfMLTrxpEdr_KNfc4.roa
Signing time: Tue 20 Feb 2024 09:08:23 +0000
ROA not before: Tue 20 Feb 2024 09:08:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 62387
IP address blocks: 123.98.8.0/22 maxlen: 24
123.98.16.0/22 maxlen: 24
123.98.20.0/22 maxlen: 24
123.98.76.0/22 maxlen: 24
123.98.84.0/22 maxlen: 24
211.149.80.0/22 maxlen: 24
211.149.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 02:39:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2131 (0x853)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Feb 20 09:08:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=44C0571D63943DC49F30B4EBC6911DAFF28D7DCE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ba:31:81:7d:5a:18:2f:80:a4:16:3f:04:08:
bc:77:db:31:66:be:bc:58:79:c8:ee:b7:b0:59:b2:
43:15:d8:1e:44:da:19:ba:d5:97:91:48:a5:b7:bf:
9d:dc:a2:1b:7f:b4:8b:30:e8:39:a7:64:aa:a5:94:
9f:84:73:46:f4:cf:80:3b:8e:b7:23:20:a6:f2:f2:
19:5c:46:b2:53:a4:7b:27:34:b2:1b:bc:53:12:4c:
0c:e3:1a:7b:54:77:74:8e:48:85:35:79:73:f4:dd:
2d:7e:9c:bd:cb:65:88:b7:f7:54:1f:32:04:7c:6c:
3a:e1:63:da:75:3d:8e:c6:8b:4f:ca:3b:9a:cd:52:
02:e6:0f:7f:3b:2a:25:8c:43:ad:bb:f1:c1:cb:15:
e8:9b:f4:22:26:5d:9c:72:a3:5a:94:75:8c:7c:6f:
9b:7b:23:cf:9e:dc:e0:7d:b9:93:5b:c8:9e:74:36:
35:69:de:34:09:e7:60:f1:d3:98:61:9a:1c:a7:77:
c7:51:22:4b:d1:7a:d0:24:3c:5e:f8:7b:65:a4:fa:
06:99:e3:03:91:3a:b3:5d:50:fe:ce:7e:41:97:bc:
ee:28:7a:ec:45:95:95:56:dc:46:99:d7:f4:af:f9:
f8:50:57:07:71:e7:93:39:e4:96:13:78:68:81:f5:
bf:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C0:57:1D:63:94:3D:C4:9F:30:B4:EB:C6:91:1D:AF:F2:8D:7D:CE
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/RMBXHWOUPcSfMLTrxpEdr_KNfc4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.8.0/22
123.98.16.0/21
123.98.76.0/22
123.98.84.0/22
211.149.80.0/22
211.149.88.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:0a:f7:b3:61:b2:f5:a2:37:5a:17:e4:00:a9:b5:cc:74:25:
b2:a5:64:f4:68:d9:a3:7d:ee:69:8e:92:e9:6c:23:ea:e6:0d:
2e:e8:3d:1e:b1:98:1a:c6:79:f3:2e:11:ba:87:f7:90:c8:eb:
34:20:ec:ec:10:d2:e0:1d:24:01:00:cf:f1:90:63:5a:da:12:
e3:9b:31:d2:2e:ed:d6:15:5e:af:8a:0e:2e:47:16:dd:d8:7f:
66:52:54:35:31:cf:82:ad:ba:e8:fb:23:92:67:35:fb:20:45:
59:4e:f5:20:89:88:e3:19:00:5d:6d:32:e6:9c:19:4d:a2:a5:
31:c0:5b:cb:97:d1:77:84:68:70:14:67:b0:22:68:f0:11:b0:
f2:6d:7d:9a:60:2f:54:e8:62:33:91:7f:5d:43:76:6a:07:f0:
55:ab:7c:72:5b:39:55:50:c2:c6:6c:c4:5b:20:7e:66:17:9e:
d6:14:06:21:8d:24:2d:dc:63:98:e0:c8:55:e7:51:a0:92:18:
af:13:e3:5a:ca:f6:a9:39:03:03:75:2a:79:dd:30:21:ab:b8:
12:71:67:cd:15:6d:d8:07:81:2c:de:cb:a3:cb:58:47:2e:87:
94:fd:ea:a2:e3:28:bf:a8:8d:d2:a8:58:44:4b:6b:1d:c1:82:
f3:d9:35:87
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgICCFMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDAyMjAw
OTA4MjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ0QzA1NzFENjM5NDNE
QzQ5RjMwQjRFQkM2OTExREFGRjI4RDdEQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvujGBfVoYL4CkFj8ECLx32zFmvrxYecjut7BZskMV2B5E2hm6
1ZeRSKW3v53coht/tIsw6DmnZKqllJ+Ec0b0z4A7jrcjIKby8hlcRrJTpHsnNLIb
vFMSTAzjGntUd3SOSIU1eXP03S1+nL3LZYi391QfMgR8bDrhY9p1PY7Gi0/KO5rN
UgLmD387KiWMQ6278cHLFeib9CImXZxyo1qUdYx8b5t7I8+e3OB9uZNbyJ50NjVp
3jQJ52Dx05hhmhynd8dRIkvRetAkPF74e2Wk+gaZ4wOROrNdUP7OfkGXvO4oeuxF
lZVW3EaZ1/Sv+fhQVwdx55M55JYTeGiB9b9VAgMBAAGjggIPMIICCzAdBgNVHQ4E
FgQURMBXHWOUPcSfMLTrxpEdr/KNfc4wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1JNQlhIV09VUGNTZk1M
VHJ4cEVkcl9LTmZjNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQD
BAJ7YggDBAN7YhADBAJ7YkwDBAJ7YlQDBALTlVADBALTlVgwDQYJKoZIhvcNAQEL
BQADggEBAF8K97NhsvWiN1oX5ACptcx0JbKlZPRo2aN97mmOkulsI+rmDS7oPR6x
mBrGefMuEbqH95DI6zQg7OwQ0uAdJAEAz/GQY1raEuObMdIu7dYVXq+KDi5HFt3Y
f2ZSVDUxz4Ktuuj7I5JnNfsgRVlO9SCJiOMZAF1tMuacGU2ipTHAW8uX0XeEaHAU
Z7AiaPARsPJtfZpgL1ToYjORf11DdmoH8FWrfHJbOVVQwsZsxFsgfmYXntYUBiGN
JC3cY5jgyFXnUaCSGK8T41rK9qk5AwN1KnndMCGruBJxZ80VbdgHgSzey6PLWEcu
h5T96qLjKL+ojdKoWERLax3BgvPZNYc=
-----END CERTIFICATE-----
Generated at Wed Feb 21 03:47:04 2024 by rpki-client on console-ams.rpki-client.org