Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/YKBGKiMaYL5qtgdymeG5km41Z7w.roa
File: YKBGKiMaYL5qtgdymeG5km41Z7w.roa (raw, json)
Hash identifier: CargVHn8uYfk1rUpk1VDSkBdjFzcTjiA/OaiWUWK6Kw=
Subject key identifier: 60:A0:46:2A:23:1A:60:BE:6A:B6:07:72:99:E1:B9:92:6E:35:67:BC
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0C75
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/YKBGKiMaYL5qtgdymeG5km41Z7w.roa
Signing time: Sun 01 Sep 2024 11:36:11 +0000
ROA not before: Sun 01 Sep 2024 11:36:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 215784
IP address blocks: 211.149.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 13:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3189 (0xc75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Sep 1 11:36:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=60A0462A231A60BE6AB6077299E1B9926E3567BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c5:28:10:da:47:f8:fc:29:9a:6c:2b:01:7f:
cd:06:8b:98:ba:46:15:56:69:71:44:47:2c:fd:0e:
71:fc:38:0e:bd:6d:86:50:9b:e8:5d:24:51:0d:57:
e1:0b:ad:68:04:92:bb:46:e6:2d:1a:79:d7:48:5d:
77:6e:35:1a:12:cd:5e:6e:a9:2e:5d:3d:06:a1:cb:
eb:c0:33:9d:77:7d:81:2e:f5:bd:e6:7a:43:82:9e:
f6:c9:b3:94:e0:3d:1e:d8:c6:35:35:d4:1e:dd:6e:
a3:c3:a3:ad:b4:66:8f:73:13:8e:34:a1:15:18:a8:
a7:51:07:e4:8f:95:b6:f4:19:c1:d1:74:54:60:6a:
b8:cf:c4:c1:5f:5f:6c:bb:6c:02:df:37:cc:66:19:
ce:a0:98:c7:e3:08:02:c9:c6:40:7f:4e:2c:b0:f7:
c9:70:eb:9f:ae:0f:23:63:f5:5e:2d:7f:45:34:ce:
62:65:84:e1:39:1e:2f:e0:03:ce:96:0b:e1:a8:3b:
36:2c:b1:f5:a9:31:d0:24:64:30:a1:ac:1b:ba:e7:
0e:f0:71:ae:5d:06:d7:41:45:f5:49:e5:f4:c5:92:
c9:ef:e7:51:05:9d:5a:30:c0:a7:46:e8:a2:17:df:
58:39:8f:5f:a4:9c:37:62:c8:29:4e:e0:e1:1a:05:
c0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A0:46:2A:23:1A:60:BE:6A:B6:07:72:99:E1:B9:92:6E:35:67:BC
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/YKBGKiMaYL5qtgdymeG5km41Z7w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.149.40.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:5a:a9:99:c0:0b:e3:13:e1:f3:59:16:fa:7b:38:37:c6:93:
43:0e:d4:70:33:fa:bc:29:9e:96:19:c5:07:47:a2:c2:3d:39:
72:9c:90:82:e2:dc:66:31:46:18:a1:22:d2:aa:a9:ff:23:cb:
73:b6:bb:8f:24:39:0f:84:a7:c1:bb:73:94:29:55:05:ec:83:
88:a4:2e:4c:85:29:fe:4c:19:ae:fd:ed:e1:26:8b:1f:87:b0:
0f:10:a4:c8:ce:6a:50:e0:c4:91:7d:2c:0f:bc:2d:30:a5:0e:
4d:48:24:d6:46:aa:37:89:b0:df:47:14:cb:ac:f7:18:7f:cb:
a5:ff:24:9a:69:8a:f4:14:85:9b:f5:3e:4e:13:7b:ec:f5:60:
04:9e:fe:c8:04:b9:a7:36:d2:91:f6:62:39:07:ec:6d:70:f7:
8a:aa:a7:ec:43:3e:3c:6f:3c:3f:2c:01:e2:f3:c7:70:51:ea:
96:15:e3:97:e8:fc:89:93:88:10:0a:be:66:90:b8:a6:b6:43:
4a:c1:7b:f3:2d:e2:ba:99:6d:0a:bd:86:87:2b:43:e2:0c:93:
c1:85:f4:f7:5a:0a:e5:80:c1:6f:53:c6:96:d9:1c:e3:6c:3c:
dc:ac:09:44:e4:b7:4c:4f:f0:5b:20:ed:5d:63:37:9e:c1:15:
8d:d9:45:03
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDHUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA5MDEx
MTM2MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYwQTA0NjJBMjMxQTYw
QkU2QUI2MDc3Mjk5RTFCOTkyNkUzNTY3QkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoxSgQ2kf4/CmabCsBf80Gi5i6RhVWaXFERyz9DnH8OA69bYZQ
m+hdJFENV+ELrWgEkrtG5i0aeddIXXduNRoSzV5uqS5dPQahy+vAM513fYEu9b3m
ekOCnvbJs5TgPR7YxjU11B7dbqPDo620Zo9zE440oRUYqKdRB+SPlbb0GcHRdFRg
arjPxMFfX2y7bALfN8xmGc6gmMfjCALJxkB/Tiyw98lw65+uDyNj9V4tf0U0zmJl
hOE5Hi/gA86WC+GoOzYssfWpMdAkZDChrBu65w7wca5dBtdBRfVJ5fTFksnv51EF
nVowwKdG6KIX31g5j1+knDdiyClO4OEaBcAhAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUYKBGKiMaYL5qtgdymeG5km41Z7wwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1lLQkdLaU1hWUw1cXRn
ZHltZUc1a200MVo3dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALTlSgwDQYJKoZIhvcNAQELBQADggEBAExaqZnAC+MT4fNZFvp7ODfGk0MO1HAz
+rwpnpYZxQdHosI9OXKckILi3GYxRhihItKqqf8jy3O2u48kOQ+Ep8G7c5QpVQXs
g4ikLkyFKf5MGa797eEmix+HsA8QpMjOalDgxJF9LA+8LTClDk1IJNZGqjeJsN9H
FMus9xh/y6X/JJppivQUhZv1Pk4Te+z1YASe/sgEuac20pH2YjkH7G1w94qqp+xD
PjxvPD8sAeLzx3BR6pYV45fo/ImTiBAKvmaQuKa2Q0rBe/Mt4rqZbQq9hocrQ+IM
k8GF9PdaCuWAwW9TxpbZHONsPNysCUTkt0xP8Fsg7V1jN57BFY3ZRQM=
-----END CERTIFICATE-----
Generated at Thu Sep 5 14:38:43 2024 by rpki-client on console-fra.rpki-client.org