Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/WYpeCbhw3n1BCroM0Uig1TTPkEY.roa
File: WYpeCbhw3n1BCroM0Uig1TTPkEY.roa (raw, json)
Hash identifier: IHt1ATSpTlGEasV/NkhuZ6yKhI/4Vk+f44eFR+FLRhk=
Subject key identifier: 59:8A:5E:09:B8:70:DE:7D:41:0A:BA:0C:D1:48:A0:D5:34:CF:90:46
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0C83
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/WYpeCbhw3n1BCroM0Uig1TTPkEY.roa
Signing time: Sun 01 Sep 2024 11:37:40 +0000
ROA not before: Sun 01 Sep 2024 11:37:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 215784
IP address blocks: 211.149.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 13:22:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3203 (0xc83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Sep 1 11:37:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=598A5E09B870DE7D410ABA0CD148A0D534CF9046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:6a:c8:cc:f9:b8:62:5e:de:dd:aa:c5:00:51:
6b:e4:a3:1d:9a:8f:00:54:85:40:8a:75:96:84:23:
cb:13:97:5f:72:5c:66:9f:36:4d:90:88:ee:6f:03:
24:d0:d0:9d:b4:ab:1d:62:dd:a7:00:1e:ef:1c:c2:
0d:ab:dc:8f:be:48:52:07:17:3c:33:2c:e5:2c:a5:
77:02:e2:4a:03:81:b5:09:53:80:42:cd:74:55:7c:
69:8c:59:eb:2a:c7:ba:13:50:87:8b:e9:d3:6a:4f:
98:03:40:a5:97:50:d4:7d:9f:a5:2e:7f:ed:e4:12:
33:28:a2:e9:ac:56:58:06:2d:5c:92:65:62:19:a8:
f1:de:46:e1:28:de:bf:3d:9c:dc:fa:79:29:b7:a0:
ec:44:7f:ad:37:03:d0:b5:30:72:8b:ec:c7:e7:ba:
6f:b0:f5:cc:ba:b2:62:65:9a:ba:7c:aa:9a:69:af:
59:ec:fa:45:40:5d:98:6b:56:82:19:0a:57:0a:88:
05:22:a3:3d:9e:6c:7a:09:0a:09:9f:0b:4a:a3:00:
2e:af:0e:b0:2f:4f:87:a0:79:e7:4e:22:69:15:7b:
2f:fa:3f:75:35:7b:fe:e9:b5:3a:52:9b:0b:f0:3e:
7e:61:7e:9e:b4:1a:e0:8b:5f:bf:92:84:9a:8f:ed:
f6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:8A:5E:09:B8:70:DE:7D:41:0A:BA:0C:D1:48:A0:D5:34:CF:90:46
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/WYpeCbhw3n1BCroM0Uig1TTPkEY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.149.68.0/22
Signature Algorithm: sha256WithRSAEncryption
07:8e:a3:d6:14:fd:03:3b:60:e4:53:bd:bd:9a:22:25:ac:25:
c2:bd:bd:02:3f:fa:0b:83:52:38:9e:72:31:25:b2:2e:76:20:
be:b8:0c:ba:c0:f7:21:19:a6:a2:83:de:f5:bc:4d:2a:fc:73:
b0:28:62:be:a2:6c:cc:25:05:8e:6f:56:fe:a9:d3:40:ce:a3:
4d:1d:46:1b:01:38:d8:a4:ca:11:ad:59:3f:b8:ff:e9:2b:14:
1d:93:91:86:38:5d:4b:de:53:df:d4:27:f5:1b:ea:da:c8:b9:
30:3a:69:60:7c:c6:ec:37:43:8c:7b:14:7f:67:ee:14:d8:b8:
bb:36:9f:50:92:25:5b:ec:a7:f2:ce:1f:18:be:36:90:3c:4a:
a8:20:a9:74:4c:75:b8:9f:ee:62:e5:1e:2c:6f:a0:96:b7:aa:
72:54:f0:db:da:43:78:de:8e:3b:b2:d1:24:cb:56:de:3b:25:
cc:90:31:a3:85:1b:23:16:b2:4d:aa:22:04:a3:12:cd:2d:3d:
6f:a9:59:90:43:2c:28:39:16:33:f5:b5:59:b4:20:82:0b:0b:
59:1f:1f:21:b3:a0:54:ef:f2:fc:0d:1b:77:13:22:cb:cb:b8:
f2:7a:35:fb:2a:17:b8:0d:ad:64:39:ea:b5:ce:6c:4c:44:aa:
a7:cf:62:2e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDIMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA5MDEx
MTM3NDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU5OEE1RTA5Qjg3MERF
N0Q0MTBBQkEwQ0QxNDhBMEQ1MzRDRjkwNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuasjM+bhiXt7dqsUAUWvkox2ajwBUhUCKdZaEI8sTl19yXGaf
Nk2QiO5vAyTQ0J20qx1i3acAHu8cwg2r3I++SFIHFzwzLOUspXcC4koDgbUJU4BC
zXRVfGmMWesqx7oTUIeL6dNqT5gDQKWXUNR9n6Uuf+3kEjMooumsVlgGLVySZWIZ
qPHeRuEo3r89nNz6eSm3oOxEf603A9C1MHKL7Mfnum+w9cy6smJlmrp8qpppr1ns
+kVAXZhrVoIZClcKiAUioz2ebHoJCgmfC0qjAC6vDrAvT4egeedOImkVey/6P3U1
e/7ptTpSmwvwPn5hfp60GuCLX7+ShJqP7fYpAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUWYpeCbhw3n1BCroM0Uig1TTPkEYwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1dZcGVDYmh3M24xQkNy
b00wVWlnMVRUUGtFWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALTlUQwDQYJKoZIhvcNAQELBQADggEBAAeOo9YU/QM7YORTvb2aIiWsJcK9vQI/
+guDUjiecjElsi52IL64DLrA9yEZpqKD3vW8TSr8c7AoYr6ibMwlBY5vVv6p00DO
o00dRhsBONikyhGtWT+4/+krFB2TkYY4XUveU9/UJ/Ub6trIuTA6aWB8xuw3Q4x7
FH9n7hTYuLs2n1CSJVvsp/LOHxi+NpA8SqggqXRMdbif7mLlHixvoJa3qnJU8Nva
Q3jejjuy0STLVt47JcyQMaOFGyMWsk2qIgSjEs0tPW+pWZBDLCg5FjP1tVm0IIIL
C1kfHyGzoFTv8vwNG3cTIsvLuPJ6NfsqF7gNrWQ56rXObExEqqfPYi4=
-----END CERTIFICATE-----
Generated at Thu Sep 5 16:58:40 2024 by rpki-client on console-ams.rpki-client.org