Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/dZKZnYT2iM8xYN5OoiF11McfIgA.roa
File: dZKZnYT2iM8xYN5OoiF11McfIgA.roa (raw, json)
Hash identifier: gfrrn+yt5P4+YNjgGpbhln2O4MPOVbt3TLRipeFFaMQ=
Subject key identifier: 75:92:99:9D:84:F6:88:CF:31:60:DE:4E:A2:21:75:D4:C7:1F:22:00
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0365
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/dZKZnYT2iM8xYN5OoiF11McfIgA.roa
Signing time: Tue 11 Jul 2023 11:14:43 +0000
ROA not before: Tue 11 Jul 2023 11:14:43 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 34549
IP address blocks: 123.98.64.0/22 maxlen: 24
123.98.72.0/22 maxlen: 24
123.98.80.0/22 maxlen: 24
123.98.100.0/22 maxlen: 24
210.79.68.0/23 maxlen: 24
210.79.77.0/24 maxlen: 24
210.79.90.0/24 maxlen: 24
211.149.32.0/22 maxlen: 24
211.149.40.0/22 maxlen: 24
211.149.48.0/22 maxlen: 24
211.149.52.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 869 (0x365)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Jul 11 11:14:43 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=7592999D84F688CF3160DE4EA22175D4C71F2200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3f:22:8e:9a:7e:1e:31:7c:5a:f6:4e:e6:10:
20:d6:56:09:6a:02:46:62:9d:6e:76:83:c8:6a:47:
d1:5c:3a:4e:c1:e8:42:4c:a1:32:e5:1e:6a:7b:62:
6e:3d:bf:d8:c9:02:84:72:c8:1c:f9:03:20:3b:03:
fd:3c:51:39:c0:08:6f:80:c5:9c:8b:fd:8f:a8:c8:
9c:d4:10:e2:39:00:e1:84:ae:89:0d:f0:ba:0e:ed:
fe:2e:0d:4c:e4:de:d0:e0:03:d5:9f:12:3a:33:00:
97:83:8d:37:5d:91:16:1c:de:50:99:a2:f4:48:8a:
a1:e7:4c:98:b5:69:5e:00:09:73:f3:36:56:f3:9a:
9b:d2:d7:83:43:07:aa:3b:d6:e1:a7:94:71:fe:8d:
5a:c2:88:16:c1:12:30:dd:cd:04:f0:dc:66:bc:41:
47:ed:2e:b0:c5:8d:d8:d0:b5:ff:3e:7e:00:e0:da:
68:41:55:9d:f4:ac:b8:55:38:46:78:43:b5:47:6f:
a5:b8:16:40:f9:03:f6:95:f3:c2:91:ab:3e:be:ec:
df:19:d9:8a:2e:8e:25:25:ec:49:59:00:d2:37:29:
11:2a:bb:43:34:be:5c:02:f8:4d:9e:2f:71:1b:66:
a0:98:84:9e:6c:48:b6:ba:3a:37:66:68:fc:a1:d5:
91:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:92:99:9D:84:F6:88:CF:31:60:DE:4E:A2:21:75:D4:C7:1F:22:00
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/dZKZnYT2iM8xYN5OoiF11McfIgA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.64.0/22
123.98.72.0/22
123.98.80.0/22
123.98.100.0/22
210.79.68.0/23
210.79.77.0/24
210.79.90.0/24
211.149.32.0/22
211.149.40.0/22
211.149.48.0/21
Signature Algorithm: sha256WithRSAEncryption
1e:9b:19:63:36:51:59:7a:24:3c:d7:ca:db:52:e1:65:4a:68:
bd:4d:00:f0:1c:cc:64:a2:6d:30:21:cd:a7:81:65:6e:6d:6a:
5d:31:cc:b9:77:58:c0:fe:4c:58:fe:39:46:2c:7e:22:c8:86:
0e:1d:52:1d:39:ad:40:75:80:b6:e3:e2:8f:b8:ec:7a:5c:35:
92:e9:d4:1d:3e:b5:6a:b3:70:96:9c:71:60:44:aa:55:bc:aa:
28:2c:17:25:3b:cb:a1:d7:22:e3:f3:b3:89:28:04:38:30:09:
7e:3e:d4:de:06:3a:d6:2f:1f:0b:ea:b2:d6:fb:74:d9:ad:f8:
b6:0a:81:9a:71:cc:e7:3e:f1:c0:6f:97:31:71:de:43:0a:32:
4d:99:90:0b:24:63:26:51:df:c5:94:2a:60:ac:a7:98:3d:84:
aa:a1:27:89:22:cb:c9:0a:a4:63:11:fb:b3:ce:18:af:4a:db:
94:0a:c9:49:4a:49:fd:9d:d1:54:0c:ac:7d:4c:ff:e3:c5:c4:
12:bb:bb:00:e9:45:03:99:fb:24:e1:af:f7:26:fb:1a:cb:b8:
25:c3:90:a9:0d:96:cd:9a:85:0e:19:5e:74:19:7c:b7:88:de:
44:0d:f4:ca:28:19:4a:00:3a:a1:41:6a:2b:ef:d3:22:ab:9f:
e2:d1:e0:b5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgICA2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA3MTEx
MTE0NDNaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDc1OTI5OTlEODRGNjg4
Q0YzMTYwREU0RUEyMjE3NUQ0QzcxRjIyMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5PyKOmn4eMXxa9k7mECDWVglqAkZinW52g8hqR9FcOk7B6EJM
oTLlHmp7Ym49v9jJAoRyyBz5AyA7A/08UTnACG+AxZyL/Y+oyJzUEOI5AOGErokN
8LoO7f4uDUzk3tDgA9WfEjozAJeDjTddkRYc3lCZovRIiqHnTJi1aV4ACXPzNlbz
mpvS14NDB6o71uGnlHH+jVrCiBbBEjDdzQTw3Ga8QUftLrDFjdjQtf8+fgDg2mhB
VZ30rLhVOEZ4Q7VHb6W4FkD5A/aV88KRqz6+7N8Z2YoujiUl7ElZANI3KREqu0M0
vlwC+E2eL3EbZqCYhJ5sSLa6OjdmaPyh1ZHjAgMBAAGjggInMIICIzAdBgNVHQ4E
FgQUdZKZnYT2iM8xYN5OoiF11McfIgAwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2RaS1puWVQyaU04eFlO
NU9vaUYxMU1jZklnQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwD
BAJ7YkADBAJ7YkgDBAJ7YlADBAJ7YmQDBAHST0QDBADST00DBADST1oDBALTlSAD
BALTlSgDBAPTlTAwDQYJKoZIhvcNAQELBQADggEBAB6bGWM2UVl6JDzXyttS4WVK
aL1NAPAczGSibTAhzaeBZW5tal0xzLl3WMD+TFj+OUYsfiLIhg4dUh05rUB1gLbj
4o+47HpcNZLp1B0+tWqzcJaccWBEqlW8qigsFyU7y6HXIuPzs4koBDgwCX4+1N4G
OtYvHwvqstb7dNmt+LYKgZpxzOc+8cBvlzFx3kMKMk2ZkAskYyZR38WUKmCsp5g9
hKqhJ4kiy8kKpGMR+7POGK9K25QKyUlKSf2d0VQMrH1M/+PFxBK7uwDpRQOZ+yTh
r/cm+xrLuCXDkKkNls2ahQ4ZXnQZfLeI3kQN9MooGUoAOqFBaivv0yKrn+LR4LU=
-----END CERTIFICATE-----
Generated at Tue Jul 25 03:48:29 2023 by rpki-client on console-fra.rpki-client.org