Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/a_k2Y2oVmmhDBaYs-PAnkAysR7E.roa
File: a_k2Y2oVmmhDBaYs-PAnkAysR7E.roa (raw, json)
Hash identifier: yM55nhZaOeqNkotxC530adzfYJ4/cXx0J2tqIXz8SAo=
Subject key identifier: 6B:F9:36:63:6A:15:9A:68:43:05:A6:2C:F8:F0:27:90:0C:AC:47:B1
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0D4D
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/a_k2Y2oVmmhDBaYs-PAnkAysR7E.roa
Signing time: Thu 03 Oct 2024 14:53:27 +0000
ROA not before: Thu 03 Oct 2024 14:53:27 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 215784
IP address blocks: 211.149.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 15:16:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3405 (0xd4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Oct 3 14:53:27 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=6BF936636A159A684305A62CF8F027900CAC47B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e8:0f:e2:05:43:a6:ea:93:ab:02:24:27:10:
c9:20:33:cf:4e:7a:72:cf:93:da:1b:52:21:79:26:
a0:9f:04:25:4f:05:5d:22:14:7f:14:04:05:c0:1d:
c8:23:00:de:a8:48:90:88:59:c1:bc:f7:35:62:0d:
a3:bb:36:c8:63:cc:a6:d4:57:96:29:13:1f:c1:04:
b5:ef:a3:d8:d6:6a:16:2d:19:18:76:00:06:6a:ba:
e9:63:63:23:63:48:f5:70:c1:00:66:23:3d:9a:c9:
70:80:cc:cc:b3:e8:37:4a:26:ba:1d:71:09:86:d1:
18:85:e7:81:cd:4f:60:08:74:ed:0e:19:eb:dd:59:
0d:9b:47:19:8f:ce:5f:7a:b2:e5:d7:4e:51:eb:06:
5a:1e:99:23:9b:e4:d3:95:b1:da:39:90:fa:48:bf:
f6:bc:6d:76:3b:e9:bd:50:69:da:96:a9:44:ff:6f:
53:f8:53:63:32:ab:5a:4b:c3:f5:c8:42:b3:62:da:
c6:50:3d:af:a9:51:1b:42:af:d0:a0:8f:33:30:e7:
bd:ab:fa:12:de:4f:29:99:31:28:b1:31:50:a4:fb:
ec:dc:54:54:b9:90:12:bd:fa:7b:03:75:3c:36:5a:
9c:c8:40:3b:e5:9b:37:4f:17:0f:b7:5a:50:cc:6a:
37:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F9:36:63:6A:15:9A:68:43:05:A6:2C:F8:F0:27:90:0C:AC:47:B1
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/a_k2Y2oVmmhDBaYs-PAnkAysR7E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.149.68.0/22
Signature Algorithm: sha256WithRSAEncryption
38:bb:45:4b:ff:b2:de:34:fa:eb:c5:47:85:f6:a7:0a:9f:15:
fa:e4:88:1a:ef:26:3a:ee:08:2d:2e:f0:ed:d3:1d:05:0b:74:
a0:c7:0c:b5:58:38:d5:4c:1c:ca:3e:a7:de:ae:ad:a7:fb:46:
a7:cb:92:74:c5:1d:2a:11:3b:d0:22:c5:6b:04:fb:0d:9a:f3:
bd:3d:36:54:fc:de:c0:91:33:79:a7:6c:d2:5c:5d:9a:65:df:
6f:65:93:8f:8a:f7:0a:30:59:51:f5:d5:89:b2:00:e0:a1:c7:
ad:92:f7:c4:d7:5d:bb:af:2d:99:df:c3:45:bd:c7:6b:ba:8f:
0d:4e:ad:70:af:63:91:84:eb:be:2c:1f:5c:fa:7e:fe:c1:b3:
28:71:d5:17:14:9b:e4:76:b0:b8:5c:9e:ba:c9:91:2c:e8:c7:
78:bc:94:0c:6a:38:40:53:76:bf:30:cf:b0:a0:16:10:ec:8f:
94:f7:0a:bf:24:e0:46:e5:89:f8:bb:09:a2:a1:a8:f7:e4:9c:
dd:2a:2f:77:01:0a:84:2d:c5:bf:59:0e:82:99:bb:f8:d2:81:
f2:a3:8a:73:37:ea:76:d4:20:ec:a8:a3:8b:79:0a:dc:dd:14:
7a:61:1b:6a:8f:ce:7b:aa:78:b4:ba:57:68:95:44:f0:b4:de:
b6:18:83:38
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDU0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDEwMDMx
NDUzMjdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDZCRjkzNjYzNkExNTlB
Njg0MzA1QTYyQ0Y4RjAyNzkwMENBQzQ3QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC96A/iBUOm6pOrAiQnEMkgM89OenLPk9obUiF5JqCfBCVPBV0i
FH8UBAXAHcgjAN6oSJCIWcG89zViDaO7NshjzKbUV5YpEx/BBLXvo9jWahYtGRh2
AAZquuljYyNjSPVwwQBmIz2ayXCAzMyz6DdKJrodcQmG0RiF54HNT2AIdO0OGevd
WQ2bRxmPzl96suXXTlHrBloemSOb5NOVsdo5kPpIv/a8bXY76b1QadqWqUT/b1P4
U2Myq1pLw/XIQrNi2sZQPa+pURtCr9CgjzMw572r+hLeTymZMSixMVCk++zcVFS5
kBK9+nsDdTw2WpzIQDvlmzdPFw+3WlDMajd3AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUa/k2Y2oVmmhDBaYs+PAnkAysR7EwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2FfazJZMm9WbW1oREJh
WXMtUEFua0F5c1I3RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALTlUQwDQYJKoZIhvcNAQELBQADggEBADi7RUv/st40+uvFR4X2pwqfFfrkiBrv
JjruCC0u8O3THQULdKDHDLVYONVMHMo+p96uraf7RqfLknTFHSoRO9AixWsE+w2a
8709NlT83sCRM3mnbNJcXZpl329lk4+K9wowWVH11YmyAOChx62S98TXXbuvLZnf
w0W9x2u6jw1OrXCvY5GE674sH1z6fv7Bsyhx1RcUm+R2sLhcnrrJkSzox3i8lAxq
OEBTdr8wz7CgFhDsj5T3Cr8k4Eblifi7CaKhqPfknN0qL3cBCoQtxb9ZDoKZu/jS
gfKjinM36nbUIOyoo4t5CtzdFHphG2qPznuqeLS6V2iVRPC03rYYgzg=
-----END CERTIFICATE-----
Generated at Tue Nov 5 19:27:09 2024 by rpki-client on console-ams.rpki-client.org