Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/xxHTr4wY3mkbHaTtnzQL7kzXCj0.roa
File: xxHTr4wY3mkbHaTtnzQL7kzXCj0.roa (raw, json)
Hash identifier: MM1YVoqXazkuPynDmDiioKt+b2ww+LoaeFCIpIVr9FA=
Subject key identifier: C7:11:D3:AF:8C:18:DE:69:1B:1D:A4:ED:9F:34:0B:EE:4C:D7:0A:3D
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 045B
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xxHTr4wY3mkbHaTtnzQL7kzXCj0.roa
Signing time: Fri 25 Aug 2023 16:21:32 +0000
ROA not before: Fri 25 Aug 2023 16:21:32 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 34549
IP address blocks: 123.98.64.0/22 maxlen: 24
123.98.72.0/22 maxlen: 24
123.98.80.0/22 maxlen: 24
123.98.100.0/22 maxlen: 24
210.79.68.0/23 maxlen: 24
210.79.70.0/24 maxlen: 24
210.79.71.0/24 maxlen: 24
210.79.77.0/24 maxlen: 24
210.79.89.0/24 maxlen: 24
210.79.90.0/24 maxlen: 24
210.79.91.0/24 maxlen: 24
210.79.101.0/24 maxlen: 24
210.79.112.0/24 maxlen: 24
210.79.114.0/24 maxlen: 24
211.149.32.0/22 maxlen: 24
211.149.48.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1115 (0x45b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Aug 25 16:21:32 2023 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=C711D3AF8C18DE691B1DA4ED9F340BEE4CD70A3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:17:46:63:92:bc:1e:13:ed:a7:79:f1:b1:43:
31:9d:6a:a2:87:cf:0b:05:5b:ed:7f:22:1a:a9:7f:
03:3c:cc:5a:81:b7:e2:6f:b8:31:0e:51:f1:95:99:
89:93:57:cf:ff:56:f2:1d:47:9e:99:10:74:3a:59:
8b:0a:fb:e2:98:9f:74:09:d6:4e:49:5e:d1:1e:9f:
76:77:e7:1b:7c:c4:d1:20:81:ee:15:b0:c8:88:96:
fc:3e:5f:b0:a2:44:8b:f4:c4:28:29:26:53:9f:46:
c7:8e:66:21:77:49:5f:c0:5d:99:8f:14:f7:1f:3c:
9d:4c:5d:76:b1:29:e4:91:ba:43:f4:d6:f8:c7:a5:
85:17:df:0c:a3:dd:86:9c:db:57:84:61:f9:60:01:
25:82:83:73:0d:f6:cf:e7:1c:03:fb:6b:44:20:9d:
c6:b0:60:34:cb:28:ad:1e:13:6e:43:64:42:1a:01:
98:92:e5:ac:bf:3d:0b:69:3f:ba:ba:b5:19:e9:84:
7e:3f:df:20:8f:85:10:93:fb:16:32:c1:55:7c:48:
33:62:f9:77:1a:cc:20:e0:e5:b4:44:ce:d8:b3:8f:
ca:80:9e:0d:f6:e9:6c:c1:0c:e1:84:02:d1:25:0d:
fc:85:4a:06:80:a9:ff:35:55:b5:57:f0:fe:c3:ac:
a5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:11:D3:AF:8C:18:DE:69:1B:1D:A4:ED:9F:34:0B:EE:4C:D7:0A:3D
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xxHTr4wY3mkbHaTtnzQL7kzXCj0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.64.0/22
123.98.72.0/22
123.98.80.0/22
123.98.100.0/22
210.79.68.0/22
210.79.77.0/24
210.79.89.0-210.79.91.255
210.79.101.0/24
210.79.112.0/24
210.79.114.0/24
211.149.32.0/22
211.149.48.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:2b:cc:a1:49:c5:cc:07:af:6b:a3:75:92:24:a8:9b:ed:81:
e6:d6:a4:8d:03:35:fd:29:63:79:97:1d:00:25:bf:f9:f0:96:
9f:04:69:78:2d:90:2e:e4:be:dc:61:fd:b6:a0:81:b4:b7:c7:
4c:72:c8:99:7f:b2:0b:37:83:c1:39:55:21:f8:fd:3c:1f:83:
f5:a4:fa:61:69:d2:74:4a:59:64:2f:59:46:89:52:5b:71:c6:
8e:fb:95:21:d7:ca:45:bf:be:a6:aa:09:8d:10:d9:85:a5:df:
9a:19:e6:a4:0c:d8:57:7f:00:4b:a2:bb:14:e4:f3:23:c2:af:
6d:fb:11:b4:80:ca:18:06:1a:b9:b8:78:1e:c2:d9:6c:90:87:
fe:f0:0e:fb:65:7d:f8:60:7a:e1:14:0c:a2:94:f5:61:32:ee:
5b:a5:70:6a:49:58:1a:3d:03:26:03:1b:6b:1e:dc:1b:a2:cb:
42:98:4b:71:e4:9d:0a:dd:38:ea:0a:6a:15:44:20:17:dc:ae:
66:21:9d:c5:64:e5:95:46:af:eb:9b:a4:3b:d8:7a:03:24:39:
5a:db:57:6d:51:67:ca:f1:2a:7f:57:7e:c9:a5:12:51:3a:23:
27:7d:9f:cb:1a:0e:ec:00:be:23:11:b1:83:4e:17:e4:54:f8:
04:27:01:57
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgICBFswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA4MjUx
NjIxMzJaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKEM3MTFEM0FGOEMxOERF
NjkxQjFEQTRFRDlGMzQwQkVFNENENzBBM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgF0ZjkrweE+2nefGxQzGdaqKHzwsFW+1/IhqpfwM8zFqBt+Jv
uDEOUfGVmYmTV8//VvIdR56ZEHQ6WYsK++KYn3QJ1k5JXtEen3Z35xt8xNEgge4V
sMiIlvw+X7CiRIv0xCgpJlOfRseOZiF3SV/AXZmPFPcfPJ1MXXaxKeSRukP01vjH
pYUX3wyj3Yac21eEYflgASWCg3MN9s/nHAP7a0QgncawYDTLKK0eE25DZEIaAZiS
5ay/PQtpP7q6tRnphH4/3yCPhRCT+xYywVV8SDNi+XcazCDg5bREztizj8qAng32
6WzBDOGEAtElDfyFSgaAqf81VbVX8P7DrKUJAgMBAAGjggI7MIICNzAdBgNVHQ4E
FgQUxxHTr4wY3mkbHaTtnzQL7kzXCj0wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL3h4SFRyNHdZM21rYkhh
VHRuelFMN2t6WENqMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwaQYIKwYBBQUHAQcBAf8EWjBYMFYEAgABMFAD
BAJ7YkADBAJ7YkgDBAJ7YlADBAJ7YmQDBALST0QDBADST00wDAMEANJPWQMEAtJP
WAMEANJPZQMEANJPcAMEANJPcgMEAtOVIAMEAtOVMDANBgkqhkiG9w0BAQsFAAOC
AQEATSvMoUnFzAeva6N1kiSom+2B5takjQM1/SljeZcdACW/+fCWnwRpeC2QLuS+
3GH9tqCBtLfHTHLImX+yCzeDwTlVIfj9PB+D9aT6YWnSdEpZZC9ZRolSW3HGjvuV
IdfKRb++pqoJjRDZhaXfmhnmpAzYV38AS6K7FOTzI8KvbfsRtIDKGAYaubh4HsLZ
bJCH/vAO+2V9+GB64RQMopT1YTLuW6VwaklYGj0DJgMbax7cG6LLQphLceSdCt04
6gpqFUQgF9yuZiGdxWTllUav65ukO9h6AyQ5WttXbVFnyvEqf1d+yaUSUTojJ32f
yxoO7AC+IxGxg04X5FT4BCcBVw==
-----END CERTIFICATE-----
Generated at Fri Sep 1 06:26:30 2023 by rpki-client on console-ams.rpki-client.org