Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/mekKlHcAVuwQClsZ50ba_uQ3DPw.roa
File: mekKlHcAVuwQClsZ50ba_uQ3DPw.roa (raw, json)
Hash identifier: ARyYc8dS2emrtNbp+NrFhu+CKwgycJJHVn2+Ni8fLlw=
Subject key identifier: 99:E9:0A:94:77:00:56:EC:10:0A:5B:19:E7:46:DA:FE:E4:37:0C:FC
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0D4B
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/mekKlHcAVuwQClsZ50ba_uQ3DPw.roa
Signing time: Thu 03 Oct 2024 14:53:13 +0000
ROA not before: Thu 03 Oct 2024 14:53:13 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 215784
IP address blocks: 211.149.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 15:16:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3403 (0xd4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Oct 3 14:53:13 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=99E90A94770056EC100A5B19E746DAFEE4370CFC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ba:0e:dc:09:7a:81:2f:1d:80:fa:bf:72:8c:
21:ee:64:46:b4:c6:59:f7:44:0e:f3:df:6b:b5:67:
bb:17:41:a4:15:67:8e:54:1b:9f:08:66:e7:de:03:
81:55:9d:1a:f3:6b:fe:00:ed:08:42:9c:94:d6:8f:
53:f1:90:fb:ec:a4:4e:1d:2b:6f:38:8a:a6:38:f4:
8e:01:ea:92:d2:eb:db:0c:3d:48:fd:73:ca:4a:5a:
f7:dd:b3:b0:16:f8:3b:0c:18:b8:8d:92:06:2f:46:
8e:07:d2:87:f4:60:82:61:d8:46:9b:b0:00:fe:39:
45:02:01:c4:eb:82:fc:ae:f1:0f:ec:4e:e7:b0:ac:
78:00:3e:9f:28:7e:c0:71:1a:35:59:af:d5:40:9c:
97:bf:23:98:bd:f5:d8:08:07:d7:bb:4e:fc:ed:30:
18:3e:c6:6b:ae:b7:85:37:ea:e9:0b:ff:e3:15:2b:
52:70:f1:a3:90:1a:d7:82:7e:80:7a:d9:3b:1a:3c:
1c:85:f0:48:b8:ea:92:20:d8:27:d0:12:00:5b:23:
4f:ca:ed:97:fa:b3:17:ba:1d:ad:55:1e:58:ef:71:
9f:45:fb:4a:1d:71:92:9a:e0:54:bc:4a:24:14:7f:
8b:25:b9:a8:05:0e:36:e0:a1:04:83:b6:49:15:8b:
f3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E9:0A:94:77:00:56:EC:10:0A:5B:19:E7:46:DA:FE:E4:37:0C:FC
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/mekKlHcAVuwQClsZ50ba_uQ3DPw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.149.64.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:48:cc:16:4d:f4:2c:d2:ab:27:1e:06:8b:e6:87:08:e6:27:
8c:a8:f5:c5:84:7c:35:6d:57:4a:eb:fc:09:15:9c:01:56:d6:
d9:37:a3:7d:11:4f:77:a5:fb:45:68:5e:f8:8f:e7:93:cb:e4:
56:ec:46:49:3c:d5:41:d0:1a:71:b9:7f:b6:b7:30:c9:3a:4e:
4b:14:a7:b0:65:9a:79:7a:ae:82:55:20:d9:ba:34:6a:0c:53:
3c:bf:4a:b6:91:ab:4b:9d:48:59:29:d6:25:50:78:f0:8b:6b:
a3:48:c6:50:b5:c2:55:24:2d:e6:00:b5:3a:79:75:c6:29:73:
64:05:d8:9f:00:bb:45:cb:0b:28:31:fb:c8:e3:a7:f6:21:28:
e8:25:c9:d0:e4:4d:0c:8b:3a:6b:8f:4c:02:06:eb:06:9f:85:
a7:ee:e4:9a:da:51:78:b6:fa:30:dd:c9:b0:b5:1e:61:3f:14:
8e:cb:28:0a:ca:16:31:28:29:39:88:a9:e5:5b:07:63:e9:8c:
6b:9c:74:7b:4f:b6:90:20:fe:d5:b6:52:5e:b4:34:19:d2:f7:
b0:26:3f:c5:7e:1a:56:4c:7d:3b:01:bf:0d:5c:8f:8c:a7:0c:
24:91:91:35:a9:40:c8:fb:0f:a3:f1:bd:18:c8:b6:48:8c:c4:
e0:0c:de:94
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDUswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDEwMDMx
NDUzMTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDk5RTkwQTk0NzcwMDU2
RUMxMDBBNUIxOUU3NDZEQUZFRTQzNzBDRkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzug7cCXqBLx2A+r9yjCHuZEa0xln3RA7z32u1Z7sXQaQVZ45U
G58IZufeA4FVnRrza/4A7QhCnJTWj1PxkPvspE4dK284iqY49I4B6pLS69sMPUj9
c8pKWvfds7AW+DsMGLiNkgYvRo4H0of0YIJh2EabsAD+OUUCAcTrgvyu8Q/sTuew
rHgAPp8ofsBxGjVZr9VAnJe/I5i99dgIB9e7TvztMBg+xmuut4U36ukL/+MVK1Jw
8aOQGteCfoB62TsaPByF8Ei46pIg2CfQEgBbI0/K7Zf6sxe6Ha1VHljvcZ9F+0od
cZKa4FS8SiQUf4sluagFDjbgoQSDtkkVi/NFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUmekKlHcAVuwQClsZ50ba/uQ3DPwwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL21la0tsSGNBVnV3UUNs
c1o1MGJhX3VRM0RQdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALTlUAwDQYJKoZIhvcNAQELBQADggEBAJ1IzBZN9CzSqyceBovmhwjmJ4yo9cWE
fDVtV0rr/AkVnAFW1tk3o30RT3el+0VoXviP55PL5FbsRkk81UHQGnG5f7a3MMk6
TksUp7Blmnl6roJVINm6NGoMUzy/SraRq0udSFkp1iVQePCLa6NIxlC1wlUkLeYA
tTp5dcYpc2QF2J8Au0XLCygx+8jjp/YhKOglydDkTQyLOmuPTAIG6wafhafu5Jra
UXi2+jDdybC1HmE/FI7LKArKFjEoKTmIqeVbB2PpjGucdHtPtpAg/tW2Ul60NBnS
97AmP8V+GlZMfTsBvw1cj4ynDCSRkTWpQMj7D6PxvRjItkiMxOAM3pQ=
-----END CERTIFICATE-----
Generated at Tue Nov 5 19:27:09 2024 by rpki-client on console-ams.rpki-client.org