Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/cCH5F2MWEx5lVPmFd9oyFMXWVi0.roa
File: cCH5F2MWEx5lVPmFd9oyFMXWVi0.roa (raw, json)
Hash identifier: 3ILR1ngf0m+0rxEQkqMUu0wmCpQHDs3rAphPdFV80GQ=
Subject key identifier: 70:21:F9:17:63:16:13:1E:65:54:F9:85:77:DA:32:14:C5:D6:56:2D
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0D5D
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/cCH5F2MWEx5lVPmFd9oyFMXWVi0.roa
Signing time: Thu 03 Oct 2024 15:04:19 +0000
ROA not before: Thu 03 Oct 2024 15:04:19 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 215784
IP address blocks: 123.98.20.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 04:12:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3421 (0xd5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Oct 3 15:04:19 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=7021F9176316131E6554F98577DA3214C5D6562D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:73:ab:ac:d3:f0:11:86:88:a9:91:52:72:eb:
d3:a3:bf:44:37:78:11:92:6a:ed:ea:0a:dc:2c:f3:
5c:6a:6a:72:ed:82:9b:7d:19:7d:d7:ae:f0:d2:dc:
1a:36:69:07:9e:ce:ce:55:77:82:9e:cf:3b:42:ea:
f7:29:02:c1:f4:44:64:a2:50:87:33:32:00:18:a4:
1a:db:fc:5c:d9:66:6d:bf:89:b2:ed:fb:fc:8a:a6:
14:82:8b:7f:5c:c3:8c:f4:c1:05:0e:ff:72:cd:9a:
87:0e:80:78:d8:14:02:00:03:ed:1a:3a:fd:29:7f:
1a:35:3c:02:7e:27:4c:9a:6d:fd:df:1b:9d:76:dd:
4e:7b:72:4b:9e:c0:2d:e1:bc:4e:90:21:5d:14:2b:
31:a6:a2:98:7e:75:46:d1:e7:57:63:f2:c6:49:3d:
e8:48:1b:f7:16:30:2a:50:d7:25:32:cd:89:21:32:
8f:d1:26:38:b3:c7:de:ed:1b:d0:d6:36:0f:3c:b5:
3b:ad:8d:01:44:ad:6d:70:8f:76:a2:fb:5e:d9:f4:
2f:3d:47:7f:ee:3a:78:46:a9:b6:e4:65:71:c8:a9:
40:d7:18:95:3e:7a:22:24:6b:6a:1d:2e:e6:16:4a:
c5:25:65:33:56:26:5e:3b:02:b0:eb:fb:26:58:f0:
13:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:21:F9:17:63:16:13:1E:65:54:F9:85:77:DA:32:14:C5:D6:56:2D
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/cCH5F2MWEx5lVPmFd9oyFMXWVi0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.20.0/22
Signature Algorithm: sha256WithRSAEncryption
35:a9:b5:99:fb:4c:83:19:87:b2:2c:56:bb:91:00:a2:60:e1:
da:3e:7b:00:49:fe:97:17:85:f1:46:38:c2:15:2c:5b:0b:a9:
e8:4f:81:78:1e:80:d8:6b:8a:7c:f3:2f:f3:e5:78:87:1a:d5:
59:a9:5e:68:3b:85:64:60:40:e7:b5:49:2a:b2:6c:5d:c3:ff:
3b:7e:ed:3c:dd:d8:7a:ca:58:76:ef:80:a1:1c:49:b2:98:82:
d0:41:2e:c3:51:59:46:e6:13:e5:40:59:0e:f9:f5:23:56:01:
99:a4:ca:4b:8f:88:df:ee:86:7a:e4:bd:d8:0d:63:b7:99:b5:
f5:e3:1a:7c:a8:06:72:22:5f:24:e2:f7:d4:fb:69:a3:b9:c8:
0c:12:52:54:cf:fa:8b:1b:ec:e0:2b:4c:52:fe:13:ff:c4:90:
40:23:87:f5:ac:85:6e:34:f8:91:54:65:e5:1e:17:8a:a7:27:
03:b8:d4:37:bc:79:dc:43:66:fa:18:58:8c:6e:21:58:50:2d:
24:33:bd:1c:a8:77:49:70:b0:51:14:cd:66:0f:2e:63:b5:da:
d8:66:fc:8f:3f:ac:84:76:38:d4:31:1f:4e:b2:be:0e:48:90:
65:a8:ea:12:d5:df:6a:28:86:2c:e9:e4:cc:ea:6d:9e:9d:75:
ec:f5:ab:b3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDV0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDEwMDMx
NTA0MTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDcwMjFGOTE3NjMxNjEz
MUU2NTU0Rjk4NTc3REEzMjE0QzVENjU2MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5c6us0/ARhoipkVJy69Ojv0Q3eBGSau3qCtws81xqanLtgpt9
GX3XrvDS3Bo2aQeezs5Vd4KezztC6vcpAsH0RGSiUIczMgAYpBrb/FzZZm2/ibLt
+/yKphSCi39cw4z0wQUO/3LNmocOgHjYFAIAA+0aOv0pfxo1PAJ+J0yabf3fG512
3U57ckuewC3hvE6QIV0UKzGmoph+dUbR51dj8sZJPehIG/cWMCpQ1yUyzYkhMo/R
Jjizx97tG9DWNg88tTutjQFErW1wj3ai+17Z9C89R3/uOnhGqbbkZXHIqUDXGJU+
eiIka2odLuYWSsUlZTNWJl47ArDr+yZY8BMhAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUcCH5F2MWEx5lVPmFd9oyFMXWVi0wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2NDSDVGMk1XRXg1bFZQ
bUZkOW95Rk1YV1ZpMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ7YhQwDQYJKoZIhvcNAQELBQADggEBADWptZn7TIMZh7IsVruRAKJg4do+ewBJ
/pcXhfFGOMIVLFsLqehPgXgegNhrinzzL/PleIca1VmpXmg7hWRgQOe1SSqybF3D
/zt+7Tzd2HrKWHbvgKEcSbKYgtBBLsNRWUbmE+VAWQ759SNWAZmkykuPiN/uhnrk
vdgNY7eZtfXjGnyoBnIiXyTi99T7aaO5yAwSUlTP+osb7OArTFL+E//EkEAjh/Ws
hW40+JFUZeUeF4qnJwO41De8edxDZvoYWIxuIVhQLSQzvRyod0lwsFEUzWYPLmO1
2thm/I8/rIR2ONQxH06yvg5IkGWo6hLV32oohizp5MzqbZ6ddez1q7M=
-----END CERTIFICATE-----
Generated at Thu Oct 10 07:48:30 2024 by rpki-client on console-fra.rpki-client.org