Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/xBmG_cv1uEAgkMw5edSiZ7x-PdA.roa
File: xBmG_cv1uEAgkMw5edSiZ7x-PdA.roa (raw, json)
Hash identifier: l1M+d497rGb89xOZOXPDcZ7MNZUmpktsKDGfBPtoB6M=
Subject key identifier: C4:19:86:FD:CB:F5:B8:40:20:90:CC:39:79:D4:A2:67:BC:7E:3D:D0
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0C89
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xBmG_cv1uEAgkMw5edSiZ7x-PdA.roa
Signing time: Sun 01 Sep 2024 11:38:27 +0000
ROA not before: Sun 01 Sep 2024 11:38:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 215784
IP address blocks: 211.149.84.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 13:22:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3209 (0xc89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Sep 1 11:38:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C41986FDCBF5B8402090CC3979D4A267BC7E3DD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2f:a9:97:3d:cd:fe:48:d1:08:5a:63:7d:82:
70:6e:5f:af:a0:90:df:4e:0d:34:9b:0b:1d:e5:45:
f0:cc:d1:41:b0:68:97:46:86:28:58:29:ca:0d:d7:
0b:b8:95:5d:da:12:ef:03:30:22:74:0e:0e:87:13:
e7:9e:72:d1:cb:48:cc:53:82:4c:0a:4c:c9:43:31:
5c:6f:a5:25:2b:20:88:49:23:14:9f:eb:13:32:0b:
44:a7:52:af:58:62:bb:b3:37:5a:8f:f3:c5:8b:ea:
28:60:81:f1:fa:17:84:eb:d1:7e:dc:b8:ab:c6:52:
e9:b4:15:35:af:f3:7a:bd:65:6e:c6:c3:54:7c:07:
26:7f:3a:b8:33:cc:53:88:71:50:55:0f:df:bd:38:
de:25:79:e0:18:53:8d:a1:41:83:5e:33:fc:b9:34:
6d:7c:41:bd:c0:46:82:eb:b2:4c:34:6c:84:4e:d4:
ea:37:90:ae:ea:65:39:7d:7c:77:5a:61:ef:30:77:
e3:96:22:8b:97:53:20:09:e3:7d:f1:7f:2d:78:a3:
18:e3:8f:c7:e7:d5:46:58:51:fb:8c:29:99:7a:5b:
32:13:c4:be:5f:1f:5d:77:6e:60:1d:03:2e:18:1c:
9e:79:c2:80:cd:04:11:1d:4e:63:50:5b:cd:04:8a:
7b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:19:86:FD:CB:F5:B8:40:20:90:CC:39:79:D4:A2:67:BC:7E:3D:D0
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xBmG_cv1uEAgkMw5edSiZ7x-PdA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.149.84.0/22
Signature Algorithm: sha256WithRSAEncryption
13:81:e7:ce:3f:c9:c9:da:38:42:76:97:39:f7:d0:61:79:f6:
df:9a:2a:61:ad:a7:52:d9:0b:54:2a:fb:84:81:2b:9d:8b:d9:
77:b7:e8:2c:a8:cb:2d:80:6a:ec:8d:68:bf:12:37:36:ed:14:
6b:a7:14:15:1d:ed:3c:fc:d2:c2:ce:01:be:b9:d8:49:02:92:
25:e1:fd:d2:13:1c:13:21:b6:9b:12:2c:08:32:bb:6e:07:2e:
9b:32:d0:d3:94:7f:cb:4e:26:84:e9:ca:c2:f8:dc:0f:04:f7:
b1:a0:8b:cd:27:02:e0:56:aa:c6:4d:50:25:02:f1:04:f8:cd:
47:1c:1d:42:b3:8c:80:45:0a:c7:a4:c7:27:15:13:7c:a0:95:
d4:de:89:c7:9a:43:5b:35:00:7a:e5:16:bc:67:1b:74:92:29:
7b:b9:f8:68:63:9b:56:4d:bc:82:c6:f1:0b:55:90:68:dc:66:
7f:a8:ec:e4:69:11:1c:6a:2c:7f:bc:f2:e6:18:3e:ac:4d:74:
cc:8a:9b:19:fb:4b:e8:04:4d:77:01:e1:47:d4:2e:31:28:57:
fa:17:78:97:79:be:65:b1:1f:b3:9b:13:7f:5d:dc:b0:a0:98:
bd:cf:0d:7f:cc:cc:fa:f0:92:13:77:0a:70:be:ce:9e:82:ac:
90:2d:43:e4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDIkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA5MDEx
MTM4MjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM0MTk4NkZEQ0JGNUI4
NDAyMDkwQ0MzOTc5RDRBMjY3QkM3RTNERDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUL6mXPc3+SNEIWmN9gnBuX6+gkN9ODTSbCx3lRfDM0UGwaJdG
hihYKcoN1wu4lV3aEu8DMCJ0Dg6HE+eectHLSMxTgkwKTMlDMVxvpSUrIIhJIxSf
6xMyC0SnUq9YYruzN1qP88WL6ihggfH6F4Tr0X7cuKvGUum0FTWv83q9ZW7Gw1R8
ByZ/OrgzzFOIcVBVD9+9ON4leeAYU42hQYNeM/y5NG18Qb3ARoLrskw0bIRO1Oo3
kK7qZTl9fHdaYe8wd+OWIouXUyAJ433xfy14oxjjj8fn1UZYUfuMKZl6WzITxL5f
H113bmAdAy4YHJ55woDNBBEdTmNQW80EintdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUxBmG/cv1uEAgkMw5edSiZ7x+PdAwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL3hCbUdfY3YxdUVBZ2tN
dzVlZFNpWjd4LVBkQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALTlVQwDQYJKoZIhvcNAQELBQADggEBABOB584/ycnaOEJ2lzn30GF59t+aKmGt
p1LZC1Qq+4SBK52L2Xe36Cyoyy2AauyNaL8SNzbtFGunFBUd7Tz80sLOAb652EkC
kiXh/dITHBMhtpsSLAgyu24HLpsy0NOUf8tOJoTpysL43A8E97Ggi80nAuBWqsZN
UCUC8QT4zUccHUKzjIBFCsekxycVE3ygldTeiceaQ1s1AHrlFrxnG3SSKXu5+Ghj
m1ZNvILG8QtVkGjcZn+o7ORpERxqLH+88uYYPqxNdMyKmxn7S+gETXcB4UfULjEo
V/oXeJd5vmWxH7ObE39d3LCgmL3PDX/MzPrwkhN3CnC+zp6CrJAtQ+Q=
-----END CERTIFICATE-----
Generated at Thu Sep 5 14:38:43 2024 by rpki-client on console-fra.rpki-client.org