Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/dkvkMzuS1BYvZjDoMZTCGEDt9LE.roa
File: dkvkMzuS1BYvZjDoMZTCGEDt9LE.roa (raw, json)
Hash identifier: 83gIiRfIfEDN2XXQOHvvmZ/C8uJZtd6eBTBgAlqJEMA=
Subject key identifier: 76:4B:E4:33:3B:92:D4:16:2F:66:30:E8:31:94:C2:18:40:ED:F4:B1
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0E3D
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/dkvkMzuS1BYvZjDoMZTCGEDt9LE.roa
Signing time: Tue 05 Nov 2024 15:32:03 +0000
ROA not before: Tue 05 Nov 2024 15:32:03 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 215784
IP address blocks: 211.149.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 08:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3645 (0xe3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Nov 5 15:32:03 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=764BE4333B92D4162F6630E83194C21840EDF4B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:59:b2:ea:aa:c7:df:be:60:4d:42:d6:70:60:
39:8a:8a:01:6a:aa:43:55:a2:22:7d:03:ae:f4:f8:
ba:34:0e:42:30:9d:97:b6:97:c2:21:15:4b:7e:f1:
79:14:ec:f3:cb:c1:09:92:bb:80:e5:94:33:cf:93:
ae:4e:8a:81:65:a2:e0:d9:2c:46:6a:a4:14:5c:76:
af:bc:a9:14:33:94:ec:15:f9:e5:36:63:4b:c6:24:
8e:d2:68:58:32:7f:a0:73:db:78:24:68:54:ab:ce:
78:1b:e3:12:f3:65:dd:6f:01:8f:eb:91:11:50:d9:
fd:9b:03:35:5c:f2:6b:b4:98:f2:1b:fe:f8:d2:49:
55:a2:44:b8:de:d5:34:9b:54:6d:bf:24:b2:f4:56:
45:d3:f1:57:dd:52:c2:57:fa:17:19:0a:bc:48:64:
f1:f5:8d:dd:f6:6f:d0:16:69:2b:0b:25:15:1a:92:
57:31:1b:29:8b:e0:58:c0:35:06:d0:ee:7f:fd:ba:
17:b6:a5:b9:2d:aa:a1:3e:a7:e6:81:25:46:77:27:
81:ba:e2:46:9c:d1:76:94:6c:00:fc:06:05:7d:58:
0e:87:53:5e:bb:69:07:05:82:b5:fa:f2:ee:26:bc:
f1:2c:63:d9:50:7a:58:15:34:c8:c2:a0:b5:52:05:
4e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:4B:E4:33:3B:92:D4:16:2F:66:30:E8:31:94:C2:18:40:ED:F4:B1
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/dkvkMzuS1BYvZjDoMZTCGEDt9LE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.149.32.0/22
Signature Algorithm: sha256WithRSAEncryption
07:24:02:4b:cf:e7:88:b2:2e:c0:44:93:56:d4:8f:30:64:22:
b0:a7:ac:c3:8e:5a:7b:7c:7d:b2:8c:5b:2b:ef:c7:70:83:3b:
af:4b:4a:ea:08:49:d1:93:63:41:25:cc:a7:4f:e6:34:f8:6d:
e1:f2:d2:98:ca:f5:31:48:0b:84:6b:79:80:66:24:5e:0f:be:
03:a4:ad:be:7f:87:a1:e8:fe:5e:fc:13:ef:0e:fc:bf:01:7a:
2d:8c:0c:eb:3b:69:60:68:81:2a:0e:e9:6f:8e:85:bf:fe:43:
3d:5a:b6:84:0b:e5:20:10:e2:66:c7:68:d2:fc:ff:34:be:51:
3c:60:dd:fd:ef:7c:13:e9:6b:0c:29:b7:b9:30:ae:b8:74:d7:
8d:45:91:8a:64:35:7f:5a:71:dc:19:85:2f:1c:98:f1:bf:fc:
e6:41:92:d4:c3:a8:b6:8d:27:5f:6d:1c:f7:9f:41:a4:1a:85:
22:c0:ac:cb:e9:06:62:4f:cc:81:67:85:f5:14:87:0d:6f:64:
01:77:39:f6:d3:73:f4:6a:b4:0b:c3:b1:b7:f5:03:65:a2:a7:
96:ff:4c:32:a6:66:e5:f7:8a:82:52:af:df:ef:50:65:8d:eb:
76:8a:28:40:c1:e6:8c:e9:3b:f3:62:cf:b0:dd:fe:a3:91:0b:
f7:78:b0:d1
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDj0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDExMDUx
NTMyMDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDc2NEJFNDMzM0I5MkQ0
MTYyRjY2MzBFODMxOTRDMjE4NDBFREY0QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSWbLqqsffvmBNQtZwYDmKigFqqkNVoiJ9A670+Lo0DkIwnZe2
l8IhFUt+8XkU7PPLwQmSu4DllDPPk65OioFlouDZLEZqpBRcdq+8qRQzlOwV+eU2
Y0vGJI7SaFgyf6Bz23gkaFSrzngb4xLzZd1vAY/rkRFQ2f2bAzVc8mu0mPIb/vjS
SVWiRLje1TSbVG2/JLL0VkXT8VfdUsJX+hcZCrxIZPH1jd32b9AWaSsLJRUaklcx
GymL4FjANQbQ7n/9uhe2pbktqqE+p+aBJUZ3J4G64kac0XaUbAD8BgV9WA6HU167
aQcFgrX68u4mvPEsY9lQelgVNMjCoLVSBU7XAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUdkvkMzuS1BYvZjDoMZTCGEDt9LEwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2RrdmtNenVTMUJZdlpq
RG9NWlRDR0VEdDlMRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALTlSAwDQYJKoZIhvcNAQELBQADggEBAAckAkvP54iyLsBEk1bUjzBkIrCnrMOO
Wnt8fbKMWyvvx3CDO69LSuoISdGTY0ElzKdP5jT4beHy0pjK9TFIC4RreYBmJF4P
vgOkrb5/h6Ho/l78E+8O/L8Bei2MDOs7aWBogSoO6W+Ohb/+Qz1atoQL5SAQ4mbH
aNL8/zS+UTxg3f3vfBPpawwpt7kwrrh0141FkYpkNX9acdwZhS8cmPG//OZBktTD
qLaNJ19tHPefQaQahSLArMvpBmJPzIFnhfUUhw1vZAF3OfbTc/RqtAvDsbf1A2Wi
p5b/TDKmZuX3ioJSr9/vUGWN63aKKEDB5ozpO/Niz7Dd/qORC/d4sNE=
-----END CERTIFICATE-----
Generated at Tue Nov 19 09:21:14 2024 by rpki-client on console-fra.rpki-client.org