Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/cnfoBam4XwYrCj8iaEYts0w1Q-g.roa
File: cnfoBam4XwYrCj8iaEYts0w1Q-g.roa (raw, json)
Hash identifier: 2+vo3elTj9YXwB98H7owtuCj4IHIXiFxHtqsBYvBoPA=
Subject key identifier: 72:77:E8:05:A9:B8:5F:06:2B:0A:3F:22:68:46:2D:B3:4C:35:43:E8
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0D45
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/cnfoBam4XwYrCj8iaEYts0w1Q-g.roa
Signing time: Thu 03 Oct 2024 14:52:27 +0000
ROA not before: Thu 03 Oct 2024 14:52:27 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 215784
IP address blocks: 211.149.48.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 15:17:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3397 (0xd45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Oct 3 14:52:27 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=7277E805A9B85F062B0A3F2268462DB34C3543E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:cb:53:5c:dd:dc:2a:43:46:f4:ec:22:ba:25:
dc:3b:1a:37:aa:75:11:67:1c:93:27:7d:e5:7f:4f:
71:a7:8b:50:dc:ad:48:25:de:8f:d9:21:2d:73:5c:
c7:8f:29:47:30:96:aa:b4:23:b3:ba:c6:b1:60:84:
67:dd:da:cf:d0:0f:e4:b6:86:e7:51:62:4c:88:ca:
b1:e8:5a:ce:dd:71:4d:b1:5f:d5:72:d6:b4:aa:50:
e0:c8:93:32:3e:91:10:84:cc:8f:27:7c:79:6f:be:
c1:f1:cc:b8:14:1c:18:e9:78:7b:7d:5d:23:df:41:
2a:62:0a:9a:df:e5:01:bf:c4:a7:f6:b2:09:6b:98:
7d:12:f8:4c:ce:2c:8c:a1:3e:20:ce:83:38:71:d5:
6f:69:67:8e:e3:8e:07:22:ee:91:03:53:51:74:ef:
4d:d6:ca:f1:d9:6c:eb:4d:6d:1c:16:68:90:51:90:
b9:c2:41:6b:12:10:7a:88:14:d7:c3:e4:dc:0d:ec:
f8:7c:c0:ad:ac:a5:c4:d5:cc:d0:a6:7e:17:6a:0b:
84:4e:1c:8e:97:4f:eb:58:56:c2:49:3c:af:a9:53:
1c:d5:30:9f:5f:6a:19:57:53:8a:3c:d7:1b:42:22:
ad:d3:9f:1a:1b:81:56:bf:0c:36:01:f6:7b:1c:dc:
08:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:77:E8:05:A9:B8:5F:06:2B:0A:3F:22:68:46:2D:B3:4C:35:43:E8
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/cnfoBam4XwYrCj8iaEYts0w1Q-g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.149.48.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:c5:d9:0e:64:63:cd:cb:10:fa:e9:a0:79:54:f6:42:2d:0a:
5e:fe:39:7b:4f:d6:de:d9:10:43:c9:04:c3:ca:c1:61:9b:a5:
8a:3a:10:7c:01:a0:d9:2a:b2:8b:3e:35:14:3a:0a:85:6a:48:
15:ca:6c:2e:e7:1b:ad:c4:cd:a0:5f:0d:07:89:77:a0:c8:15:
c7:83:23:d7:7c:d9:6e:e2:be:7d:3a:c2:5b:80:3a:33:48:2a:
37:84:94:16:8b:05:ca:37:28:75:fc:9a:7f:af:cf:e7:ad:b0:
97:41:af:f4:b3:2b:4e:0d:f9:35:a1:c3:28:72:bf:61:5b:60:
ff:1c:9c:e3:f8:1b:f3:2e:39:41:3a:7c:7d:ce:61:3a:d6:f6:
c0:1a:f8:00:5a:f0:11:34:7c:8a:b9:7f:fd:d7:43:1c:8c:b4:
23:25:ac:1a:9e:a1:c0:21:10:ef:b6:f7:04:69:0a:e7:13:c4:
c3:8f:89:d4:05:67:dd:8e:8f:b1:ba:8f:3e:16:e3:e8:35:b5:
bb:70:a5:6c:d2:43:0e:55:3f:6b:e0:00:3a:9b:99:39:be:d3:
a8:73:92:e5:39:ba:b7:96:35:f8:c4:04:cc:ea:60:7a:50:4b:
5a:45:94:05:0f:f4:81:51:20:a7:f1:ee:25:70:c2:4e:98:e8:
85:88:56:ac
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDUUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDEwMDMx
NDUyMjdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDcyNzdFODA1QTlCODVG
MDYyQjBBM0YyMjY4NDYyREIzNEMzNTQzRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwy1Nc3dwqQ0b07CK6Jdw7GjeqdRFnHJMnfeV/T3Gni1DcrUgl
3o/ZIS1zXMePKUcwlqq0I7O6xrFghGfd2s/QD+S2hudRYkyIyrHoWs7dcU2xX9Vy
1rSqUODIkzI+kRCEzI8nfHlvvsHxzLgUHBjpeHt9XSPfQSpiCprf5QG/xKf2sglr
mH0S+EzOLIyhPiDOgzhx1W9pZ47jjgci7pEDU1F0703WyvHZbOtNbRwWaJBRkLnC
QWsSEHqIFNfD5NwN7Ph8wK2spcTVzNCmfhdqC4ROHI6XT+tYVsJJPK+pUxzVMJ9f
ahlXU4o81xtCIq3TnxobgVa/DDYB9nsc3AjJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUcnfoBam4XwYrCj8iaEYts0w1Q+gwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2NuZm9CYW00WHdZckNq
OGlhRVl0czB3MVEtZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALTlTAwDQYJKoZIhvcNAQELBQADggEBAD/F2Q5kY83LEPrpoHlU9kItCl7+OXtP
1t7ZEEPJBMPKwWGbpYo6EHwBoNkqsos+NRQ6CoVqSBXKbC7nG63EzaBfDQeJd6DI
FceDI9d82W7ivn06wluAOjNIKjeElBaLBco3KHX8mn+vz+etsJdBr/SzK04N+TWh
wyhyv2FbYP8cnOP4G/MuOUE6fH3OYTrW9sAa+ABa8BE0fIq5f/3XQxyMtCMlrBqe
ocAhEO+29wRpCucTxMOPidQFZ92Oj7G6jz4W4+g1tbtwpWzSQw5VP2vgADqbmTm+
06hzkuU5ureWNfjEBMzqYHpQS1pFlAUP9IFRIKfx7iVwwk6Y6IWIVqw=
-----END CERTIFICATE-----
Generated at Tue Nov 5 19:27:09 2024 by rpki-client on console-ams.rpki-client.org