Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/l8zhZoLncHfLHeOC5OFsHGq6GE0.roa
File: l8zhZoLncHfLHeOC5OFsHGq6GE0.roa (raw, json)
Hash identifier: ck5OhrK2/0DQfWEN3LBQKE2V06UBd+bF5xkS4HU6vqI=
Subject key identifier: 97:CC:E1:66:82:E7:70:77:CB:1D:E3:82:E4:E1:6C:1C:6A:BA:18:4D
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 08FA
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/l8zhZoLncHfLHeOC5OFsHGq6GE0.roa
Signing time: Thu 21 Mar 2024 07:49:19 +0000
ROA not before: Thu 21 Mar 2024 07:49:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 62387
IP address blocks: 123.98.4.0/22 maxlen: 24
123.98.24.0/22 maxlen: 24
123.98.36.0/22 maxlen: 24
123.98.52.0/22 maxlen: 24
123.98.92.0/22 maxlen: 24
211.149.76.0/22 maxlen: 24
211.149.80.0/22 maxlen: 24
211.149.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 01:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2298 (0x8fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Mar 21 07:49:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=97CCE16682E77077CB1DE382E4E16C1C6ABA184D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:03:56:35:2e:b7:6e:17:f1:6b:bc:25:23:96:
ab:f6:17:66:2c:48:dc:f2:40:84:9e:1e:ce:1b:85:
5a:c0:68:2a:70:b9:6f:20:08:c8:ba:cd:46:e7:fb:
a0:23:6e:b6:f4:a5:28:a9:90:76:57:62:d3:6f:1e:
d6:ff:f6:85:fa:c8:24:b0:1f:34:d2:d0:e2:44:19:
20:82:85:fd:36:41:f0:c0:2f:46:8d:c9:cf:fd:5f:
1f:13:43:63:4b:af:4f:9c:38:dd:8c:fc:db:3b:81:
b4:5e:cf:a7:12:9d:5d:62:af:45:01:c2:cf:d0:bf:
50:b7:01:35:ac:22:1f:ae:ea:b0:4a:97:d9:2c:2f:
72:d1:04:6a:47:28:0d:f1:e2:10:20:57:2d:9c:0c:
84:39:ac:f8:f7:5a:59:85:ff:2d:d6:f2:f2:51:9e:
0a:97:94:ab:a0:f8:09:99:68:e3:cb:5c:fa:0e:27:
3b:ef:2e:b2:88:08:5a:f1:af:20:f3:22:ea:ac:d2:
d7:17:a1:97:42:4a:f6:77:89:9a:03:22:78:ca:ed:
ae:00:1e:57:ad:b8:4d:32:56:7f:d1:63:47:04:a8:
72:15:58:2c:b7:13:41:d4:ab:ce:79:70:d5:8f:cb:
6b:11:e5:61:ea:c0:2d:88:12:da:38:2f:8b:7c:78:
10:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:CC:E1:66:82:E7:70:77:CB:1D:E3:82:E4:E1:6C:1C:6A:BA:18:4D
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/l8zhZoLncHfLHeOC5OFsHGq6GE0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.4.0/22
123.98.24.0/22
123.98.36.0/22
123.98.52.0/22
123.98.92.0/22
211.149.76.0-211.149.83.255
211.149.88.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:89:9e:68:78:ad:91:73:1a:03:5b:51:2e:23:16:10:15:e4:
e1:55:8b:62:dc:4e:f0:01:8e:65:79:20:02:81:04:6f:38:79:
4d:1b:9b:2c:07:6e:02:4c:66:36:32:9d:79:ce:02:b4:a1:f9:
a4:fd:24:9e:c8:cc:72:62:7c:5a:ab:02:24:31:58:2d:e3:7b:
2a:14:5a:0f:dc:ca:28:68:e6:cf:43:96:7e:cd:ff:97:4d:43:
a3:08:c1:85:e3:30:65:7b:88:12:be:c9:9a:05:99:11:82:3d:
e1:b5:69:ae:a0:90:7e:7a:65:5c:37:b0:bd:c1:8a:32:8e:85:
b5:cb:09:41:97:75:7b:73:99:4a:46:9a:d2:21:08:fa:e3:c2:
32:8d:33:ec:9e:3d:3f:03:13:d7:be:0a:5b:c9:80:12:87:93:
42:9c:f2:df:d3:19:6b:f2:2e:d9:67:1c:98:e2:3f:96:71:72:
90:5d:38:3e:15:91:13:34:da:fb:32:a1:89:c6:b1:8a:2d:cc:
ce:3d:3a:4e:cc:86:bf:7a:da:be:63:ec:c0:4c:13:e2:1a:da:
76:c8:5d:f6:e7:c2:b0:eb:15:36:b4:55:fe:07:b6:cf:7d:28:
c0:fd:f7:01:29:e5:dc:77:4a:fb:f6:01:5a:e0:6d:44:11:c1:
d2:e6:aa:cb
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgICCPowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDAzMjEw
NzQ5MTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3Q0NFMTY2ODJFNzcw
NzdDQjFERTM4MkU0RTE2QzFDNkFCQTE4NEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjA1Y1LrduF/FrvCUjlqv2F2YsSNzyQISeHs4bhVrAaCpwuW8g
CMi6zUbn+6Ajbrb0pSipkHZXYtNvHtb/9oX6yCSwHzTS0OJEGSCChf02QfDAL0aN
yc/9Xx8TQ2NLr0+cON2M/Ns7gbRez6cSnV1ir0UBws/Qv1C3ATWsIh+u6rBKl9ks
L3LRBGpHKA3x4hAgVy2cDIQ5rPj3WlmF/y3W8vJRngqXlKug+AmZaOPLXPoOJzvv
LrKICFrxryDzIuqs0tcXoZdCSvZ3iZoDInjK7a4AHletuE0yVn/RY0cEqHIVWCy3
E0HUq855cNWPy2sR5WHqwC2IEto4L4t8eBCrAgMBAAGjggIdMIICGTAdBgNVHQ4E
FgQUl8zhZoLncHfLHeOC5OFsHGq6GE0wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2w4emhab0xuY0hmTEhl
T0M1T0ZzSEdxNkdFMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwSwYIKwYBBQUHAQcBAf8EPDA6MDgEAgABMDID
BAJ7YgQDBAJ7YhgDBAJ7YiQDBAJ7YjQDBAJ7YlwwDAMEAtOVTAMEAtOVUAMEAtOV
WDANBgkqhkiG9w0BAQsFAAOCAQEAuImeaHitkXMaA1tRLiMWEBXk4VWLYtxO8AGO
ZXkgAoEEbzh5TRubLAduAkxmNjKdec4CtKH5pP0knsjMcmJ8WqsCJDFYLeN7KhRa
D9zKKGjmz0OWfs3/l01DowjBheMwZXuIEr7JmgWZEYI94bVprqCQfnplXDewvcGK
Mo6FtcsJQZd1e3OZSkaa0iEI+uPCMo0z7J49PwMT174KW8mAEoeTQpzy39MZa/Iu
2WccmOI/lnFykF04PhWREzTa+zKhicaxii3Mzj06TsyGv3ravmPswEwT4hradshd
9ufCsOsVNrRV/ge2z30owP33ASnl3HdK+/YBWuBtRBHB0uaqyw==
-----END CERTIFICATE-----
Generated at Mon Mar 25 04:10:51 2024 by rpki-client on console-fra.rpki-client.org