Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/KPbFHxJP-t1BLTiW2eYbHZ-1hI8.roa
File: KPbFHxJP-t1BLTiW2eYbHZ-1hI8.roa (raw, json)
Hash identifier: giEhluOtYvMdoX+s9FV0CK3TjowaFlt3V/giiEvxdgU=
Subject key identifier: 28:F6:C5:1F:12:4F:FA:DD:41:2D:38:96:D9:E6:1B:1D:9F:B5:84:8F
Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Certificate serial: 10C3
Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/KPbFHxJP-t1BLTiW2eYbHZ-1hI8.roa
Signing time: Sun 25 Jun 2023 09:03:28 +0000
ROA not before: Sun 25 Jun 2023 09:03:28 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 23724
IP address blocks: 2406:4d00::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 May 2024 02:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4291 (0x10c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Validity
Not Before: Jun 25 09:03:28 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=28F6C51F124FFADD412D3896D9E61B1D9FB5848F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:af:9e:1f:4c:7c:e2:d1:03:e3:16:dd:97:51:
9f:0f:0c:07:d5:59:7a:63:81:87:1a:70:6e:95:90:
79:d3:0d:84:72:da:a1:10:a6:6c:01:9d:c7:18:6f:
e6:ea:05:52:19:37:f7:81:8e:f6:0b:d9:3d:bd:80:
86:c2:60:c9:7b:2f:05:21:6a:7b:54:4c:49:8a:78:
a9:41:14:d9:bd:e0:6d:60:9a:40:11:a6:ac:9a:e7:
cd:02:eb:f0:ad:3b:eb:88:81:10:0e:a8:6d:cd:f5:
10:5e:22:33:31:96:7f:5e:09:25:f5:2f:e5:3f:13:
b9:2a:b6:9a:85:a2:7e:07:88:4f:aa:d0:ac:50:e0:
0a:5d:05:71:c3:4c:60:7c:f6:7f:24:fc:ff:30:b1:
1f:35:e0:bc:0e:c9:6c:24:24:e9:ac:f3:41:46:58:
85:d3:bf:38:bd:9f:7a:01:2f:0c:39:d6:78:b6:37:
0c:fa:0a:f7:3f:f6:dd:52:d0:b0:81:98:ce:a1:44:
eb:9d:4e:7c:96:44:25:d0:f4:39:86:f4:17:5a:06:
68:bb:ef:ae:aa:24:70:18:47:c7:cf:d3:5d:c2:ff:
53:88:d0:d6:d5:54:cf:35:1a:15:14:3d:dd:2b:c9:
f2:3c:57:b6:b3:b5:78:c0:e5:6e:08:2b:1b:62:ee:
a3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F6:C5:1F:12:4F:FA:DD:41:2D:38:96:D9:E6:1B:1D:9F:B5:84:8F
X509v3 Authority Key Identifier:
keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/KPbFHxJP-t1BLTiW2eYbHZ-1hI8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:4d00::/48
Signature Algorithm: sha256WithRSAEncryption
3e:d8:68:57:68:d7:b7:7c:60:07:d2:65:b6:a6:fe:84:f2:5b:
41:52:83:9b:9c:f9:90:db:95:0f:87:4c:ee:bc:d0:85:06:77:
1c:aa:48:a6:42:d9:36:30:0c:58:3f:4c:e0:ec:94:f3:a4:17:
31:5e:32:c5:31:80:2d:82:e1:af:86:34:ab:05:4f:55:ae:fc:
f5:5d:c7:a6:c0:67:2b:5b:1e:c0:d4:32:26:6a:2f:2e:8e:60:
dc:c5:1e:3f:b0:03:a8:c1:a3:57:ab:a8:af:db:18:e9:83:10:
16:5c:66:26:63:c2:ae:7f:fc:83:e0:e0:a7:e7:f7:52:58:98:
92:c2:96:81:40:27:f6:30:6d:75:1c:7c:1a:c1:70:13:6d:e2:
61:54:1a:0d:c6:b7:0a:a0:ac:dc:90:b5:cb:3a:5a:d2:40:6d:
ba:47:94:b2:27:64:06:69:71:f7:ad:60:30:fb:d5:2e:98:93:
55:cb:f1:69:03:4b:a8:57:34:10:98:cf:ba:63:fa:8a:97:74:
5c:bf:ad:8e:a9:54:7d:94:6c:94:6a:f7:73:75:21:77:85:b2:
fd:50:70:2a:86:74:55:06:0c:3f:08:83:d2:4f:24:aa:fe:fa:
2e:30:40:78:10:b6:ce:57:0a:ea:02:97:43:28:51:51:b7:70:
73:32:46:00
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICEMMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF
NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yMzA2MjUw
OTAzMjhaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDI4RjZDNTFGMTI0RkZB
REQ0MTJEMzg5NkQ5RTYxQjFEOUZCNTg0OEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtr54fTHzi0QPjFt2XUZ8PDAfVWXpjgYcacG6VkHnTDYRy2qEQ
pmwBnccYb+bqBVIZN/eBjvYL2T29gIbCYMl7LwUhantUTEmKeKlBFNm94G1gmkAR
pqya580C6/CtO+uIgRAOqG3N9RBeIjMxln9eCSX1L+U/E7kqtpqFon4HiE+q0KxQ
4ApdBXHDTGB89n8k/P8wsR814LwOyWwkJOms80FGWIXTvzi9n3oBLww51ni2Nwz6
Cvc/9t1S0LCBmM6hROudTnyWRCXQ9DmG9BdaBmi7766qJHAYR8fP013C/1OI0NbV
VM81GhUUPd0ryfI8V7aztXjA5W4IKxti7qOnAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUKPbFHxJP+t1BLTiW2eYbHZ+1hI8wHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow
7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx
L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL0tQYkZIeEpQLXQxQkxU
aVcyZVliSFotMWhJOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAkBk0AAAAwDQYJKoZIhvcNAQELBQADggEBAD7YaFdo17d8YAfSZbam/oTyW0FS
g5uc+ZDblQ+HTO680IUGdxyqSKZC2TYwDFg/TODslPOkFzFeMsUxgC2C4a+GNKsF
T1Wu/PVdx6bAZytbHsDUMiZqLy6OYNzFHj+wA6jBo1erqK/bGOmDEBZcZiZjwq5/
/IPg4Kfn91JYmJLCloFAJ/YwbXUcfBrBcBNt4mFUGg3GtwqgrNyQtcs6WtJAbbpH
lLInZAZpcfetYDD71S6Yk1XL8WkDS6hXNBCYz7pj+oqXdFy/rY6pVH2UbJRq93N1
IXeFsv1QcCqGdFUGDD8Ig9JPJKr++i4wQHgQts5XCuoCl0MoUVG3cHMyRgA=
-----END CERTIFICATE-----
Generated at Fri May 24 04:47:34 2024 by rpki-client on console-ams.rpki-client.org