Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/oP6lF8SQ20Cbtast-BlVUiZT4Do.roa
File: oP6lF8SQ20Cbtast-BlVUiZT4Do.roa (raw, json)
Hash identifier: ADRSSlgKc7SktHTThg2hdAHzPUtIBCUrON0iET4cj3E=
Subject key identifier: A0:FE:A5:17:C4:90:DB:40:9B:B5:AB:2D:F8:19:55:52:26:53:E0:3A
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0442
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/oP6lF8SQ20Cbtast-BlVUiZT4Do.roa
Signing time: Tue 22 Aug 2023 01:56:02 +0000
ROA not before: Tue 22 Aug 2023 01:56:02 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 34549
IP address blocks: 123.98.64.0/22 maxlen: 24
123.98.72.0/22 maxlen: 24
123.98.80.0/22 maxlen: 24
123.98.100.0/22 maxlen: 24
210.79.68.0/23 maxlen: 24
210.79.70.0/24 maxlen: 24
210.79.71.0/24 maxlen: 24
210.79.77.0/24 maxlen: 24
210.79.90.0/24 maxlen: 24
210.79.112.0/24 maxlen: 24
210.79.114.0/24 maxlen: 24
211.149.32.0/22 maxlen: 24
211.149.48.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1090 (0x442)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Aug 22 01:56:02 2023 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=A0FEA517C490DB409BB5AB2DF81955522653E03A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8f:89:d9:43:5a:fb:c2:30:63:7e:d1:99:83:
ef:78:c7:40:4b:3b:9b:95:1f:c5:34:2c:5a:ea:7e:
14:f2:28:52:b5:d2:0a:49:05:1c:f8:d0:73:42:99:
84:98:a1:d6:7d:e7:7f:3d:b9:6b:7e:f4:92:56:79:
2c:12:44:3a:87:a0:9e:ef:28:86:27:21:50:21:17:
95:a4:30:2a:8e:ea:82:d7:ed:bc:49:f2:c8:d9:c1:
ab:36:e7:2f:b2:fd:6e:fd:e2:f9:d2:06:9d:7f:ea:
60:20:71:60:d1:72:57:62:c4:40:69:31:73:0c:bc:
38:fc:a1:bf:6b:d4:57:12:49:59:14:7e:e0:83:86:
44:f0:40:0b:bb:83:69:02:9d:e0:64:f7:df:21:dd:
77:30:33:19:9f:53:c2:6f:9e:c5:db:a2:11:1f:a7:
dc:a7:48:30:08:4a:7d:96:f6:a6:ee:ea:4a:4d:35:
1c:5a:2f:fe:49:d7:65:16:fd:b5:cd:04:bb:27:18:
b6:ec:a9:5f:82:e8:d5:bc:dd:c8:01:18:b0:87:94:
03:e8:5e:bd:fc:5f:b3:45:c9:4e:7d:54:db:81:03:
cc:74:83:14:3f:cb:3b:ed:b2:86:d0:2d:b7:22:dc:
db:14:d7:d9:0b:7b:e1:b2:d9:02:46:22:ff:9b:66:
0f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FE:A5:17:C4:90:DB:40:9B:B5:AB:2D:F8:19:55:52:26:53:E0:3A
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/oP6lF8SQ20Cbtast-BlVUiZT4Do.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.64.0/22
123.98.72.0/22
123.98.80.0/22
123.98.100.0/22
210.79.68.0/22
210.79.77.0/24
210.79.90.0/24
210.79.112.0/24
210.79.114.0/24
211.149.32.0/22
211.149.48.0/22
Signature Algorithm: sha256WithRSAEncryption
e2:d8:1a:c4:6a:a4:84:68:c9:ac:8f:ef:32:5b:7e:f8:8f:b2:
41:d9:a8:ef:4e:d6:e2:90:54:bc:0e:ce:6c:f5:f4:ca:6d:a2:
9c:f8:a2:f6:ec:0f:df:fa:40:80:bc:85:07:69:ad:c4:46:e4:
93:a4:7c:9e:46:08:fc:57:83:05:24:91:0d:4e:b2:a5:f5:93:
d7:dd:4d:47:87:1f:07:fb:d5:5a:12:ef:91:ce:b1:5f:f4:6e:
46:7a:ec:35:02:0a:da:b0:db:31:12:34:95:96:29:1b:5e:e7:
56:56:a4:ac:2c:bc:6d:a5:e0:ed:36:e5:ae:be:4c:c3:7e:01:
dd:05:ae:75:6c:fa:d9:90:af:cd:90:7a:9e:2c:e9:04:ec:c0:
66:29:58:ce:1c:aa:6b:c9:a2:b9:f5:36:56:c1:71:35:87:98:
c7:1f:54:48:d6:2f:02:43:9e:73:b8:51:e8:45:41:af:4a:8c:
7c:75:0d:07:df:79:c4:2d:fc:e0:96:28:9f:42:2e:72:9d:83:
21:68:b6:41:6c:79:51:ed:7f:48:01:08:68:04:c9:ee:1c:f3:
5a:86:65:19:04:23:50:7b:34:c9:a3:64:1f:92:5d:0f:04:fc:
d4:91:4c:54:d1:64:98:5b:97:0b:a0:f0:ba:ae:cb:68:1d:0a:
1d:3d:4e:b4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgICBEIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA4MjIw
MTU2MDJaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKEEwRkVBNTE3QzQ5MERC
NDA5QkI1QUIyREY4MTk1NTUyMjY1M0UwM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUj4nZQ1r7wjBjftGZg+94x0BLO5uVH8U0LFrqfhTyKFK10gpJ
BRz40HNCmYSYodZ95389uWt+9JJWeSwSRDqHoJ7vKIYnIVAhF5WkMCqO6oLX7bxJ
8sjZwas25y+y/W794vnSBp1/6mAgcWDRcldixEBpMXMMvDj8ob9r1FcSSVkUfuCD
hkTwQAu7g2kCneBk998h3XcwMxmfU8JvnsXbohEfp9ynSDAISn2W9qbu6kpNNRxa
L/5J12UW/bXNBLsnGLbsqV+C6NW83cgBGLCHlAPoXr38X7NFyU59VNuBA8x0gxQ/
yzvtsobQLbci3NsU19kLe+Gy2QJGIv+bZg9pAgMBAAGjggItMIICKTAdBgNVHQ4E
FgQUoP6lF8SQ20Cbtast+BlVUiZT4DowHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL29QNmxGOFNRMjBDYnRh
c3QtQmxWVWlaVDREby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwWwYIKwYBBQUHAQcBAf8ETDBKMEgEAgABMEID
BAJ7YkADBAJ7YkgDBAJ7YlADBAJ7YmQDBALST0QDBADST00DBADST1oDBADST3AD
BADST3IDBALTlSADBALTlTAwDQYJKoZIhvcNAQELBQADggEBAOLYGsRqpIRoyayP
7zJbfviPskHZqO9O1uKQVLwOzmz19Mptopz4ovbsD9/6QIC8hQdprcRG5JOkfJ5G
CPxXgwUkkQ1OsqX1k9fdTUeHHwf71VoS75HOsV/0bkZ67DUCCtqw2zESNJWWKRte
51ZWpKwsvG2l4O025a6+TMN+Ad0FrnVs+tmQr82Qep4s6QTswGYpWM4cqmvJorn1
NlbBcTWHmMcfVEjWLwJDnnO4UehFQa9KjHx1DQffecQt/OCWKJ9CLnKdgyFotkFs
eVHtf0gBCGgEye4c81qGZRkEI1B7NMmjZB+SXQ8E/NSRTFTRZJhblwug8Lquy2gd
Ch09TrQ=
-----END CERTIFICATE-----
Generated at Fri Aug 25 16:43:15 2023 by rpki-client on console-fra.rpki-client.org