Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/i5Wr4X4HkPCAP6Hlgo5JtXOFEAs.roa
File: i5Wr4X4HkPCAP6Hlgo5JtXOFEAs.roa (raw, json)
Hash identifier: b0G86OJmeh9D29YMIlqsUPUABhTt+2ccrUPaSfozUTA=
Subject key identifier: 8B:95:AB:E1:7E:07:90:F0:80:3F:A1:E5:82:8E:49:B5:73:85:10:0B
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 04CF
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/i5Wr4X4HkPCAP6Hlgo5JtXOFEAs.roa
Signing time: Tue 12 Sep 2023 10:03:21 +0000
ROA not before: Tue 12 Sep 2023 10:03:21 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 35913
IP address blocks: 123.98.68.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1231 (0x4cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Sep 12 10:03:21 2023 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=8B95ABE17E0790F0803FA1E5828E49B57385100B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e2:ac:69:36:f8:a5:7e:e9:08:0c:4d:18:9c:
68:7a:fb:0b:73:50:8a:62:a9:f6:54:08:81:28:fe:
21:35:52:65:93:9e:94:6f:b0:f0:4c:04:a9:0a:f0:
28:10:a9:31:69:f8:9f:d1:41:49:bd:6f:3f:2d:aa:
a4:e3:2a:19:42:2a:da:d3:27:98:77:53:89:1d:13:
e8:76:18:52:9e:74:f6:db:27:2d:b6:9b:92:23:f5:
78:9e:cf:40:f9:2b:9b:ce:d5:2c:8a:0e:1b:af:14:
57:71:8b:c1:6b:10:90:a9:20:5c:43:b0:f6:78:06:
32:88:4f:f2:7c:39:e6:80:a4:4e:0f:e9:aa:51:d8:
6b:70:79:2a:d0:81:e0:4f:b3:d3:4a:9c:42:17:87:
9f:fc:d5:f5:15:f2:c8:3d:aa:23:e5:8b:d3:3a:70:
7b:de:47:38:6a:f8:67:06:71:b9:2e:d0:1b:48:aa:
26:8b:e5:eb:ba:86:c0:2e:42:7c:73:a5:cc:9d:2a:
f0:fc:c1:8f:9b:7c:62:e0:73:4f:1e:7e:15:8e:a2:
c1:60:58:0b:c8:9e:77:9d:e8:a7:ec:ee:da:a8:1b:
a8:a6:21:54:1e:18:2a:15:7f:20:51:e0:84:84:13:
18:78:76:a8:44:7f:c3:53:f7:29:76:63:59:a6:ce:
ba:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:95:AB:E1:7E:07:90:F0:80:3F:A1:E5:82:8E:49:B5:73:85:10:0B
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/i5Wr4X4HkPCAP6Hlgo5JtXOFEAs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.68.0/22
Signature Algorithm: sha256WithRSAEncryption
d8:de:46:46:9b:e5:74:56:8f:2e:b3:2b:c4:60:66:b8:2c:b0:
09:7b:e5:23:6c:16:0f:ce:5d:0d:8b:2d:ec:70:ec:aa:a7:7c:
a6:a6:68:19:70:53:8d:01:c3:74:0e:d5:4f:9d:08:12:16:d6:
cd:2b:b0:23:dc:11:3e:5f:e3:32:36:56:6e:d0:a0:ce:8f:c2:
0f:54:e6:0b:1a:72:6a:40:01:93:90:23:2c:5b:74:14:80:a2:
a6:38:88:d0:c3:1b:e0:7e:8e:f3:4f:97:c8:eb:b5:71:90:d0:
04:c0:bd:51:d6:ec:a0:55:20:51:71:cd:c4:e8:84:c0:01:e8:
27:41:c2:cb:57:e1:5a:81:4f:71:04:c6:3c:6e:d8:7b:8b:b7:
03:da:9c:eb:68:7d:9b:c7:38:13:28:c6:83:16:e5:96:d3:a0:
8b:8f:62:71:be:23:e1:96:74:02:44:0b:e4:7d:28:5b:4d:3f:
72:58:88:4d:35:2b:23:70:2a:20:11:32:a4:da:85:52:8c:c2:
09:5b:cf:f1:7f:46:0f:4c:5a:09:82:a0:af:4c:b1:5c:ff:97:
1e:50:b9:aa:91:d7:93:6b:c4:e5:4e:fd:d7:3a:5a:34:02:15:
62:2a:b2:d7:f1:a5:84:95:3c:01:ad:69:d3:78:fa:bf:2c:b9:
00:1a:96:d1
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICBM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA5MTIx
MDAzMjFaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKDhCOTVBQkUxN0UwNzkw
RjA4MDNGQTFFNTgyOEU0OUI1NzM4NTEwMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCn4qxpNvilfukIDE0YnGh6+wtzUIpiqfZUCIEo/iE1UmWTnpRv
sPBMBKkK8CgQqTFp+J/RQUm9bz8tqqTjKhlCKtrTJ5h3U4kdE+h2GFKedPbbJy22
m5Ij9Xiez0D5K5vO1SyKDhuvFFdxi8FrEJCpIFxDsPZ4BjKIT/J8OeaApE4P6apR
2GtweSrQgeBPs9NKnEIXh5/81fUV8sg9qiPli9M6cHveRzhq+GcGcbku0BtIqiaL
5eu6hsAuQnxzpcydKvD8wY+bfGLgc08efhWOosFgWAvInned6Kfs7tqoG6imIVQe
GCoVfyBR4ISEExh4dqhEf8NT9yl2Y1mmzrpvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUi5Wr4X4HkPCAP6Hlgo5JtXOFEAswHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2k1V3I0WDRIa1BDQVA2
SGxnbzVKdFhPRkVBcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ7YkQwDQYJKoZIhvcNAQELBQADggEBANjeRkab5XRWjy6zK8RgZrgssAl75SNs
Fg/OXQ2LLexw7KqnfKamaBlwU40Bw3QO1U+dCBIW1s0rsCPcET5f4zI2Vm7QoM6P
wg9U5gsacmpAAZOQIyxbdBSAoqY4iNDDG+B+jvNPl8jrtXGQ0ATAvVHW7KBVIFFx
zcTohMAB6CdBwstX4VqBT3EExjxu2HuLtwPanOtofZvHOBMoxoMW5ZbToIuPYnG+
I+GWdAJEC+R9KFtNP3JYiE01KyNwKiARMqTahVKMwglbz/F/Rg9MWgmCoK9MsVz/
lx5QuaqR15NrxOVO/dc6WjQCFWIqstfxpYSVPAGtadN4+r8suQAaltE=
-----END CERTIFICATE-----
Generated at Fri Sep 22 15:48:00 2023 by rpki-client on console-ams.rpki-client.org