Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/vMv6iHjQTK_eSuv3HTMLXkZ9b8s.roa
File: vMv6iHjQTK_eSuv3HTMLXkZ9b8s.roa (raw, json)
Hash identifier: rPJ8dHHoLrUBVfhWd4O+zlh0aGSGxOSs58ucmrfcv+w=
Subject key identifier: BC:CB:FA:88:78:D0:4C:AF:DE:4A:EB:F7:1D:33:0B:5E:46:7D:6F:CB
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0444
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/vMv6iHjQTK_eSuv3HTMLXkZ9b8s.roa
Signing time: Tue 22 Aug 2023 03:35:42 +0000
ROA not before: Tue 22 Aug 2023 03:35:42 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 35913
IP address blocks: 123.98.68.0/22 maxlen: 24
123.98.76.0/22 maxlen: 24
123.98.84.0/22 maxlen: 24
123.98.108.0/22 maxlen: 24
123.98.120.0/22 maxlen: 24
210.79.104.0/22 maxlen: 24
210.79.124.0/22 maxlen: 24
211.149.36.0/22 maxlen: 24
211.149.44.0/22 maxlen: 24
211.149.84.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1092 (0x444)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Aug 22 03:35:42 2023 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=BCCBFA8878D04CAFDE4AEBF71D330B5E467D6FCB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4d:f9:85:f2:77:d3:51:15:f7:d0:f8:06:59:
94:89:26:87:20:33:08:69:eb:3d:1d:7d:ac:e7:68:
97:ea:4e:5b:7d:c5:f4:a1:e0:27:50:eb:33:98:96:
4d:89:ab:ce:c5:dc:9a:a5:48:a0:95:ff:a9:29:d3:
24:a3:90:f9:ee:e0:01:77:2e:2a:bf:47:36:0c:a1:
45:1c:79:cf:1e:64:6a:fc:6e:7f:91:01:7b:a6:60:
e1:f7:92:0a:f7:7d:bb:8e:53:77:10:61:a5:bd:53:
68:61:da:6a:d8:2c:de:46:ef:aa:68:a7:ca:9f:59:
1b:88:07:cc:89:68:4d:ad:e4:0f:0b:2c:99:2f:1a:
72:8e:c6:3a:4b:7a:ab:af:f8:46:31:6a:22:25:b0:
26:26:9e:96:5b:0f:7c:7d:28:ad:0f:02:aa:09:b9:
be:a4:d0:62:4a:c0:96:cd:0a:60:41:12:0a:a9:6c:
51:3c:bb:e0:29:dd:6f:87:4e:7b:16:9a:23:a6:4e:
a6:be:f8:7b:66:8a:1b:03:8e:49:01:f2:0d:f6:fe:
63:cc:62:a1:f5:92:2a:d7:c8:cd:6d:8b:d6:6b:f0:
92:44:5f:ee:88:cf:2f:c3:98:bc:77:1e:a7:55:d7:
a0:ba:64:a4:68:83:98:40:2d:7f:86:58:60:26:ea:
5c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:CB:FA:88:78:D0:4C:AF:DE:4A:EB:F7:1D:33:0B:5E:46:7D:6F:CB
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/vMv6iHjQTK_eSuv3HTMLXkZ9b8s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.68.0/22
123.98.76.0/22
123.98.84.0/22
123.98.108.0/22
123.98.120.0/22
210.79.104.0/22
210.79.124.0/22
211.149.36.0/22
211.149.44.0/22
211.149.84.0/22
Signature Algorithm: sha256WithRSAEncryption
05:03:96:e0:37:a3:19:4b:d5:e1:d3:81:3e:d6:d3:b3:d6:dc:
3d:42:3d:de:36:4e:94:c8:a7:ed:6c:ff:88:c9:83:dd:7f:3d:
66:30:7b:b3:8a:52:d3:c5:8c:fc:6a:c4:da:15:01:57:ab:f2:
3a:ee:96:86:19:f4:b5:e5:8f:5b:23:35:b8:05:94:55:bf:01:
c1:35:d9:fc:92:25:c6:d5:0b:12:15:45:c2:09:2e:39:ea:f0:
8f:04:5c:e9:fb:a4:e0:f6:d3:f1:fd:44:90:87:c8:94:6f:30:
fa:e5:9f:fd:4a:b8:86:16:51:57:c4:ce:9e:90:90:09:f9:00:
75:fe:eb:df:6c:8e:96:79:ce:57:db:df:4d:ad:e1:21:62:cb:
36:94:5e:30:01:e8:c1:b6:e7:d2:a1:55:e1:12:50:31:36:41:
1c:55:42:f8:79:04:dd:95:bf:5b:0a:f6:d0:f1:2b:a3:07:35:
1e:48:2a:0a:c2:82:c0:d3:3a:53:85:42:2a:a9:0a:3c:8b:52:
3f:e5:0f:6e:ca:1d:fe:d4:27:6c:78:ba:1e:fa:31:77:78:e8:
b9:c2:74:c3:cf:7f:2b:5b:4a:2c:be:34:e3:79:35:d4:b5:9f:
a8:9c:3c:2d:2c:9c:67:99:8a:bb:4b:21:91:81:ff:8b:b8:28:
4e:4b:0c:ef
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgICBEQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA4MjIw
MzM1NDJaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKEJDQ0JGQTg4NzhEMDRD
QUZERTRBRUJGNzFEMzMwQjVFNDY3RDZGQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCTfmF8nfTURX30PgGWZSJJocgMwhp6z0dfaznaJfqTlt9xfSh
4CdQ6zOYlk2Jq87F3JqlSKCV/6kp0ySjkPnu4AF3Liq/RzYMoUUcec8eZGr8bn+R
AXumYOH3kgr3fbuOU3cQYaW9U2hh2mrYLN5G76pop8qfWRuIB8yJaE2t5A8LLJkv
GnKOxjpLequv+EYxaiIlsCYmnpZbD3x9KK0PAqoJub6k0GJKwJbNCmBBEgqpbFE8
u+Ap3W+HTnsWmiOmTqa++HtmihsDjkkB8g32/mPMYqH1kirXyM1ti9Zr8JJEX+6I
zy/DmLx3HqdV16C6ZKRog5hALX+GWGAm6lwLAgMBAAGjggInMIICIzAdBgNVHQ4E
FgQUvMv6iHjQTK/eSuv3HTMLXkZ9b8swHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL3ZNdjZpSGpRVEtfZVN1
djNIVE1MWGtaOWI4cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwD
BAJ7YkQDBAJ7YkwDBAJ7YlQDBAJ7YmwDBAJ7YngDBALST2gDBALST3wDBALTlSQD
BALTlSwDBALTlVQwDQYJKoZIhvcNAQELBQADggEBAAUDluA3oxlL1eHTgT7W07PW
3D1CPd42TpTIp+1s/4jJg91/PWYwe7OKUtPFjPxqxNoVAVer8jruloYZ9LXlj1sj
NbgFlFW/AcE12fySJcbVCxIVRcIJLjnq8I8EXOn7pOD20/H9RJCHyJRvMPrln/1K
uIYWUVfEzp6QkAn5AHX+699sjpZ5zlfb302t4SFiyzaUXjAB6MG259KhVeESUDE2
QRxVQvh5BN2Vv1sK9tDxK6MHNR5IKgrCgsDTOlOFQiqpCjyLUj/lD27KHf7UJ2x4
uh76MXd46LnCdMPPfytbSiy+NON5NdS1n6icPC0snGeZirtLIZGB/4u4KE5LDO8=
Generated at Mon Sep 4 03:12:43 2023 by rpki-client on console-ams.rpki-client.org