Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/YPlVufV8gV7TvblJ5rGQuCu77X0.roa
File: YPlVufV8gV7TvblJ5rGQuCu77X0.roa (raw, json)
Hash identifier: x57ssf++qwcm22xGbhwwavgI4xJ6OOBBTfDOYCR1QuU=
Subject key identifier: 60:F9:55:B9:F5:7C:81:5E:D3:BD:B9:49:E6:B1:90:B8:2B:BB:ED:7D
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 08CA
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/YPlVufV8gV7TvblJ5rGQuCu77X0.roa
Signing time: Tue 12 Mar 2024 03:58:38 +0000
ROA not before: Tue 12 Mar 2024 03:58:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 62387
IP address blocks: 123.98.4.0/22 maxlen: 24
123.98.16.0/22 maxlen: 24
123.98.24.0/22 maxlen: 24
123.98.36.0/22 maxlen: 24
123.98.52.0/22 maxlen: 24
123.98.92.0/22 maxlen: 24
211.149.80.0/22 maxlen: 24
211.149.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 06:56:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2250 (0x8ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Mar 12 03:58:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=60F955B9F57C815ED3BDB949E6B190B82BBBED7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7d:b4:d2:82:f5:bc:cb:93:35:51:e7:b9:ac:
a9:3e:49:69:67:cf:bc:8e:8d:0c:cf:6d:90:31:99:
25:74:b8:d5:42:62:c4:db:9d:27:d0:4e:bd:55:38:
e1:1c:c5:a0:21:82:d1:ae:a0:cd:f2:ed:30:9f:a5:
68:85:30:d1:5f:f7:64:6c:3f:c7:06:39:12:9f:76:
eb:13:bc:a0:73:24:b3:11:f1:d5:74:b1:d4:1a:6e:
18:c7:ed:14:75:90:8c:b5:af:77:80:87:fb:77:52:
a8:d4:f6:b0:16:87:ff:f2:e5:88:3b:59:9e:2b:c8:
96:db:20:35:1b:c5:42:5d:91:a9:e2:ad:ae:57:36:
50:21:63:a8:e2:43:1b:20:e2:ad:18:f1:39:db:7a:
82:5a:5f:92:f6:94:e9:fd:8e:e5:99:b6:31:31:6e:
a1:97:30:23:48:2d:6b:bb:6c:5a:89:be:f0:0d:3e:
17:50:d1:bf:86:db:3b:dc:0a:37:76:c9:1e:7c:cb:
c0:c0:36:f3:cb:39:aa:4a:77:df:8d:77:a8:f8:37:
b4:b9:0f:92:2e:53:19:29:08:e3:ca:69:08:25:44:
ae:a3:74:2a:45:0b:36:d8:03:3d:29:79:72:af:63:
7a:73:3d:d7:31:43:02:47:b1:2b:6b:a2:20:ec:b1:
8c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F9:55:B9:F5:7C:81:5E:D3:BD:B9:49:E6:B1:90:B8:2B:BB:ED:7D
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/YPlVufV8gV7TvblJ5rGQuCu77X0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.4.0/22
123.98.16.0/22
123.98.24.0/22
123.98.36.0/22
123.98.52.0/22
123.98.92.0/22
211.149.80.0/22
211.149.88.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:f4:39:49:a3:a1:c3:6b:ea:d1:3c:0b:20:79:c1:09:bb:96:
ab:4f:a5:e9:95:81:6c:87:99:cf:ba:a4:f1:ff:7a:6d:e2:f8:
fe:d3:06:bc:89:75:b0:85:40:b5:2d:fe:f1:a0:31:eb:0a:ef:
e6:c7:93:89:44:78:3d:97:08:06:79:31:e4:7d:4c:00:3e:6f:
32:a4:41:b6:f9:fb:e1:35:23:c1:07:6f:45:75:3c:81:c1:68:
6d:b8:28:19:43:36:e9:07:74:e4:a5:b2:8e:42:c2:66:d1:b3:
78:a3:1d:56:80:4e:ff:3a:db:6f:24:8d:7e:e8:ac:7d:88:d2:
80:6a:0b:25:26:6c:ca:9a:5f:4a:d9:f5:b0:39:7f:ba:b5:cf:
06:6d:44:d8:5c:5d:00:91:70:69:59:3b:9d:f5:99:86:26:01:
86:8a:77:15:94:60:30:0f:1a:ee:d6:b4:65:37:bf:c1:67:b7:
0d:c4:84:d4:78:32:33:a4:48:8a:6e:c4:68:f1:b6:da:e4:fe:
89:ad:45:b3:35:b7:36:8b:9b:12:a7:ff:38:ab:e5:c1:8d:5c:
10:b9:c5:02:d9:f5:aa:a5:24:65:00:05:4b:3e:36:06:69:88:
88:56:71:3c:73:af:fc:44:f0:1b:17:96:7b:ad:f2:5f:7b:e3:
79:52:47:8f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgICCMowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDAzMTIw
MzU4MzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYwRjk1NUI5RjU3Qzgx
NUVEM0JEQjk0OUU2QjE5MEI4MkJCQkVEN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIfbTSgvW8y5M1Uee5rKk+SWlnz7yOjQzPbZAxmSV0uNVCYsTb
nSfQTr1VOOEcxaAhgtGuoM3y7TCfpWiFMNFf92RsP8cGORKfdusTvKBzJLMR8dV0
sdQabhjH7RR1kIy1r3eAh/t3UqjU9rAWh//y5Yg7WZ4ryJbbIDUbxUJdkanira5X
NlAhY6jiQxsg4q0Y8TnbeoJaX5L2lOn9juWZtjExbqGXMCNILWu7bFqJvvANPhdQ
0b+G2zvcCjd2yR58y8DANvPLOapKd9+Nd6j4N7S5D5IuUxkpCOPKaQglRK6jdCpF
CzbYAz0peXKvY3pzPdcxQwJHsStroiDssYwvAgMBAAGjggIbMIICFzAdBgNVHQ4E
FgQUYPlVufV8gV7TvblJ5rGQuCu77X0wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1lQbFZ1ZlY4Z1Y3VHZi
bEo1ckdRdUN1NzdYMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDAD
BAJ7YgQDBAJ7YhADBAJ7YhgDBAJ7YiQDBAJ7YjQDBAJ7YlwDBALTlVADBALTlVgw
DQYJKoZIhvcNAQELBQADggEBAKD0OUmjocNr6tE8CyB5wQm7lqtPpemVgWyHmc+6
pPH/em3i+P7TBryJdbCFQLUt/vGgMesK7+bHk4lEeD2XCAZ5MeR9TAA+bzKkQbb5
++E1I8EHb0V1PIHBaG24KBlDNukHdOSlso5CwmbRs3ijHVaATv86228kjX7orH2I
0oBqCyUmbMqaX0rZ9bA5f7q1zwZtRNhcXQCRcGlZO531mYYmAYaKdxWUYDAPGu7W
tGU3v8Fntw3EhNR4MjOkSIpuxGjxttrk/omtRbM1tzaLmxKn/zir5cGNXBC5xQLZ
9aqlJGUABUs+NgZpiIhWcTxzr/xE8BsXlnut8l9743lSR48=
-----END CERTIFICATE-----
Generated at Wed Mar 13 08:31:55 2024 by rpki-client on console-fra.rpki-client.org