Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/UCY0e2sBdeWsOtIZsrhBTIdIV4o.roa
File: UCY0e2sBdeWsOtIZsrhBTIdIV4o.roa (raw, json)
Hash identifier: FWB8H0R37C3a87Vx38AUBqO0AngKnml4Mlts9ZSWSg0=
Subject key identifier: 50:26:34:7B:6B:01:75:E5:AC:3A:D2:19:B2:B8:41:4C:87:48:57:8A
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 090E
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/UCY0e2sBdeWsOtIZsrhBTIdIV4o.roa
Signing time: Mon 25 Mar 2024 01:48:12 +0000
ROA not before: Mon 25 Mar 2024 01:48:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 62387
IP address blocks: 123.98.24.0/22 maxlen: 24
123.98.36.0/22 maxlen: 24
123.98.52.0/22 maxlen: 24
123.98.92.0/22 maxlen: 24
211.149.76.0/22 maxlen: 24
211.149.80.0/22 maxlen: 24
211.149.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 03:58:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2318 (0x90e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Mar 25 01:48:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5026347B6B0175E5AC3AD219B2B8414C8748578A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6c:a2:82:8a:a0:79:2d:1d:d9:73:4b:b2:a1:
c7:ef:ef:8c:8c:1d:7c:16:91:09:aa:e0:87:bf:3f:
28:f6:5d:44:4b:9d:c2:a7:5a:28:db:f5:fa:ce:92:
6d:a4:5c:b3:8a:52:95:3c:b9:39:70:99:26:29:0f:
b5:b4:52:08:9a:d2:20:be:6e:9a:86:36:22:7f:80:
8c:b4:c5:1f:84:e7:4c:1e:22:76:a7:a8:5b:68:0b:
df:1d:62:d1:38:f4:92:17:9a:92:39:2b:f4:21:76:
9f:dc:12:83:47:2c:d9:9a:67:f2:4b:f1:44:6f:26:
55:d1:06:c0:73:f0:85:ab:b3:19:13:8e:f6:6b:98:
d9:a5:67:5e:62:ac:4b:c7:09:63:4b:bc:96:44:33:
43:31:69:92:c6:29:f7:94:28:89:bd:85:cc:05:1d:
2e:1b:b2:d6:95:70:3d:9a:5c:85:3c:f8:ce:c7:53:
0f:2e:04:db:c1:ba:98:1d:ee:80:6d:ef:a1:3c:37:
87:e4:a9:99:43:cf:5a:e7:10:12:1e:1f:91:07:7f:
75:fb:e1:61:f4:c6:8c:ea:0c:2f:ad:b7:6a:2f:47:
65:37:3b:f8:6d:c8:b3:d9:23:b2:26:22:42:a8:21:
d7:40:24:be:9f:7a:40:42:79:39:05:0e:14:b6:0e:
c4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:26:34:7B:6B:01:75:E5:AC:3A:D2:19:B2:B8:41:4C:87:48:57:8A
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/UCY0e2sBdeWsOtIZsrhBTIdIV4o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.24.0/22
123.98.36.0/22
123.98.52.0/22
123.98.92.0/22
211.149.76.0-211.149.83.255
211.149.88.0/22
Signature Algorithm: sha256WithRSAEncryption
26:11:77:c7:c6:b8:c7:b0:76:93:65:aa:85:70:61:9f:36:53:
44:85:76:0a:6a:e1:b8:12:52:1a:dc:eb:1e:69:ab:13:90:af:
a1:81:67:10:8f:3a:a2:9a:fc:55:bc:d3:c2:c6:58:39:28:69:
b7:f8:4e:f5:97:fa:66:cb:9a:03:ef:f7:8b:46:c3:3e:2e:c9:
6d:fe:ae:66:13:f0:c6:fb:91:53:96:79:46:05:25:61:dd:0c:
63:33:82:e6:07:f4:33:8a:ce:9d:c6:18:59:c1:14:dd:3e:fc:
bc:08:2c:77:da:5f:94:e3:98:fb:f3:96:3b:7c:d4:9d:5d:4f:
1b:3a:98:23:a3:31:d3:63:6a:a5:88:06:6c:7f:c0:9b:dd:95:
92:26:dd:0b:40:00:e8:3b:d5:38:03:c3:33:d4:ca:fa:3e:88:
62:d9:0b:2a:72:30:33:37:52:c3:b0:6e:f4:c4:4c:71:64:22:
90:c5:e3:75:74:a9:94:17:48:2c:de:59:79:6f:43:61:8a:60:
07:4e:2d:15:c5:72:dd:b3:e1:2f:4b:44:41:6c:70:43:77:de:
69:df:cd:47:5f:50:73:e0:69:7c:42:0c:e7:6b:fc:16:51:4b:
9e:17:18:c6:03:34:fb:f4:c7:f1:85:60:bf:c9:9f:66:90:bb:
c0:79:d2:02
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgICCQ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDAzMjUw
MTQ4MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUwMjYzNDdCNkIwMTc1
RTVBQzNBRDIxOUIyQjg0MTRDODc0ODU3OEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDobKKCiqB5LR3Zc0uyocfv74yMHXwWkQmq4Ie/Pyj2XURLncKn
Wijb9frOkm2kXLOKUpU8uTlwmSYpD7W0Ugia0iC+bpqGNiJ/gIy0xR+E50weInan
qFtoC98dYtE49JIXmpI5K/Qhdp/cEoNHLNmaZ/JL8URvJlXRBsBz8IWrsxkTjvZr
mNmlZ15irEvHCWNLvJZEM0MxaZLGKfeUKIm9hcwFHS4bstaVcD2aXIU8+M7HUw8u
BNvBupgd7oBt76E8N4fkqZlDz1rnEBIeH5EHf3X74WH0xozqDC+tt2ovR2U3O/ht
yLPZI7ImIkKoIddAJL6fekBCeTkFDhS2DsSBAgMBAAGjggIXMIICEzAdBgNVHQ4E
FgQUUCY0e2sBdeWsOtIZsrhBTIdIV4owHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1VDWTBlMnNCZGVXc090
SVpzcmhCVElkSVY0by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwRQYIKwYBBQUHAQcBAf8ENjA0MDIEAgABMCwD
BAJ7YhgDBAJ7YiQDBAJ7YjQDBAJ7YlwwDAMEAtOVTAMEAtOVUAMEAtOVWDANBgkq
hkiG9w0BAQsFAAOCAQEAJhF3x8a4x7B2k2WqhXBhnzZTRIV2CmrhuBJSGtzrHmmr
E5CvoYFnEI86opr8VbzTwsZYOShpt/hO9Zf6ZsuaA+/3i0bDPi7Jbf6uZhPwxvuR
U5Z5RgUlYd0MYzOC5gf0M4rOncYYWcEU3T78vAgsd9pflOOY+/OWO3zUnV1PGzqY
I6Mx02NqpYgGbH/Am92VkibdC0AA6DvVOAPDM9TK+j6IYtkLKnIwMzdSw7Bu9MRM
cWQikMXjdXSplBdILN5ZeW9DYYpgB04tFcVy3bPhL0tEQWxwQ3fead/NR19Qc+Bp
fEIM52v8FlFLnhcYxgM0+/TH8YVgv8mfZpC7wHnSAg==
-----END CERTIFICATE-----
Generated at Tue Mar 26 04:23:28 2024 by rpki-client on console-fra.rpki-client.org