Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/aPJFHMT7Jt3KkIwg5r9-5n6Es0M.roa
File: aPJFHMT7Jt3KkIwg5r9-5n6Es0M.roa (raw, json)
Hash identifier: yF6YOw/WFU1KaP2ilNNDPBm8WK2sIXRPGGZmVO4bpXc=
Subject key identifier: 68:F2:45:1C:C4:FB:26:DD:CA:90:8C:20:E6:BF:7E:E6:7E:84:B3:43
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 051D
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/aPJFHMT7Jt3KkIwg5r9-5n6Es0M.roa
Signing time: Mon 25 Sep 2023 10:18:04 +0000
ROA not before: Mon 25 Sep 2023 10:18:04 +0000
ROA not after: Tue 24 Sep 2024 02:11:20 +0000
asID: 34549
IP address blocks: 123.98.64.0/22 maxlen: 24
123.98.72.0/22 maxlen: 24
123.98.80.0/22 maxlen: 24
123.98.100.0/22 maxlen: 24
210.79.68.0/23 maxlen: 24
210.79.77.0/24 maxlen: 24
210.79.89.0/24 maxlen: 24
210.79.90.0/24 maxlen: 24
210.79.91.0/24 maxlen: 24
210.79.101.0/24 maxlen: 24
210.79.112.0/24 maxlen: 24
210.79.114.0/24 maxlen: 24
210.79.115.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1309 (0x51d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Sep 25 10:18:04 2023 GMT
Not After : Sep 24 02:11:20 2024 GMT
Subject: CN=68F2451CC4FB26DDCA908C20E6BF7EE67E84B343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5b:9d:ec:1a:a5:fb:1c:cf:af:7a:68:b3:0e:
fb:01:d0:b1:0d:24:b4:81:e4:73:5b:0e:7b:5f:97:
18:99:4b:dc:ab:e4:d3:25:96:8e:f7:ad:0e:a4:05:
34:5f:57:5c:33:fd:a3:03:6c:0b:72:53:d5:a5:86:
ec:0f:fd:d1:ca:36:34:d5:ca:bb:5a:43:1b:a7:5b:
79:65:44:fc:84:53:d3:84:a4:c9:fd:7f:ae:49:85:
a9:c0:08:dd:51:71:6d:b9:e2:d3:48:87:64:70:33:
30:79:bf:50:44:64:c2:be:89:e0:84:03:30:39:df:
53:b5:d7:d5:69:69:8f:22:aa:fb:20:5b:e0:ec:b4:
66:a8:f9:b5:86:b5:b5:95:2b:79:03:97:fd:8a:73:
14:e1:61:31:ea:c9:38:e2:fe:4d:27:19:53:bb:87:
33:85:cb:98:3a:74:8a:f5:88:c3:6f:2b:78:40:da:
f8:dc:3a:ec:d9:20:22:91:e0:67:8c:08:71:f3:be:
71:3f:02:2a:9e:3a:69:14:87:f9:0b:88:49:69:b0:
6f:61:f9:87:1f:53:c6:98:71:8d:ba:d9:d3:59:c9:
e1:31:0b:42:40:a5:2f:67:81:4d:70:30:09:79:02:
76:b9:c5:aa:d2:7c:eb:19:5e:c4:19:ef:81:72:5e:
ff:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F2:45:1C:C4:FB:26:DD:CA:90:8C:20:E6:BF:7E:E6:7E:84:B3:43
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/aPJFHMT7Jt3KkIwg5r9-5n6Es0M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.64.0/22
123.98.72.0/22
123.98.80.0/22
123.98.100.0/22
210.79.68.0/23
210.79.77.0/24
210.79.89.0-210.79.91.255
210.79.101.0/24
210.79.112.0/24
210.79.114.0/23
Signature Algorithm: sha256WithRSAEncryption
ce:5a:3c:90:fe:5d:b1:64:09:2a:67:bc:bb:d1:48:65:f8:3f:
90:46:97:12:8a:47:39:84:ca:c9:fd:5d:fe:98:ea:09:fc:a2:
6a:89:28:78:b4:06:09:d2:8e:38:86:b2:d4:82:08:b7:0a:47:
e1:33:34:3a:0e:97:f2:0c:73:39:84:11:16:07:83:d1:8d:58:
2e:70:06:ca:54:45:3e:e5:f6:15:a8:33:37:3c:b2:e3:11:58:
7d:50:2a:a5:e2:d1:1e:01:b0:8a:48:91:63:e6:92:b4:f4:c7:
e5:f7:1a:91:d6:e3:4f:e2:69:47:7a:43:10:e9:c1:eb:6d:be:
b2:70:1a:82:88:1a:a7:69:0b:34:ae:da:25:19:65:04:f1:cb:
51:0a:10:90:3b:58:d8:dd:2c:bf:ea:0d:0a:b8:f4:f2:81:ca:
03:eb:64:05:3e:c4:b6:72:86:70:1f:2d:6a:0d:a6:ad:73:92:
da:a9:7d:cf:c5:6a:2c:6f:2c:24:f3:5e:19:77:d6:8c:54:25:
6a:b0:c7:9a:1d:8f:00:88:56:48:bc:a3:77:b7:fc:7d:17:a7:
a1:87:aa:47:c2:43:f1:4d:d2:c9:44:fa:b0:9e:34:54:53:cf:
c9:59:83:14:3b:49:0f:fa:66:bc:c3:5f:c4:f1:69:a8:6c:7c:
8f:9e:6f:3d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgICBR0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA5MjUx
MDE4MDRaFw0yNDA5MjQwMjExMjBaMDMxMTAvBgNVBAMTKDY4RjI0NTFDQzRGQjI2
RERDQTkwOEMyMEU2QkY3RUU2N0U4NEIzNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyW53sGqX7HM+vemizDvsB0LENJLSB5HNbDntflxiZS9yr5NMl
lo73rQ6kBTRfV1wz/aMDbAtyU9WlhuwP/dHKNjTVyrtaQxunW3llRPyEU9OEpMn9
f65JhanACN1RcW254tNIh2RwMzB5v1BEZMK+ieCEAzA531O119VpaY8iqvsgW+Ds
tGao+bWGtbWVK3kDl/2KcxThYTHqyTji/k0nGVO7hzOFy5g6dIr1iMNvK3hA2vjc
OuzZICKR4GeMCHHzvnE/AiqeOmkUh/kLiElpsG9h+YcfU8aYcY262dNZyeExC0JA
pS9ngU1wMAl5Ana5xarSfOsZXsQZ74FyXv9zAgMBAAGjggIvMIICKzAdBgNVHQ4E
FgQUaPJFHMT7Jt3KkIwg5r9+5n6Es0MwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2FQSkZITVQ3SnQzS2tJ
d2c1cjktNW42RXMwTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwXQYIKwYBBQUHAQcBAf8ETjBMMEoEAgABMEQD
BAJ7YkADBAJ7YkgDBAJ7YlADBAJ7YmQDBAHST0QDBADST00wDAMEANJPWQMEAtJP
WAMEANJPZQMEANJPcAMEAdJPcjANBgkqhkiG9w0BAQsFAAOCAQEAzlo8kP5dsWQJ
Kme8u9FIZfg/kEaXEopHOYTKyf1d/pjqCfyiaokoeLQGCdKOOIay1IIItwpH4TM0
Og6X8gxzOYQRFgeD0Y1YLnAGylRFPuX2FagzNzyy4xFYfVAqpeLRHgGwikiRY+aS
tPTH5fcakdbjT+JpR3pDEOnB622+snAagogap2kLNK7aJRllBPHLUQoQkDtY2N0s
v+oNCrj08oHKA+tkBT7EtnKGcB8tag2mrXOS2ql9z8VqLG8sJPNeGXfWjFQlarDH
mh2PAIhWSLyjd7f8fRenoYeqR8JD8U3SyUT6sJ40VFPPyVmDFDtJD/pmvMNfxPFp
qGx8j55vPQ==
-----END CERTIFICATE-----
Generated at Wed Sep 27 03:44:03 2023 by rpki-client on console-fra.rpki-client.org