Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/twayPo04SpopqNy4kOzML4I0j6U.roa
File: twayPo04SpopqNy4kOzML4I0j6U.roa (raw, json)
Hash identifier: kxQE78POoi+k8Ea/7a/aN36ORiTBsf9/hWOhny34W2I=
Subject key identifier: B7:06:B2:3E:8D:38:4A:9A:29:A8:DC:B8:90:EC:CC:2F:82:34:8F:A5
Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Certificate serial: 1005
Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/twayPo04SpopqNy4kOzML4I0j6U.roa
Signing time: Fri 19 May 2023 05:55:21 +0000
ROA not before: Fri 19 May 2023 05:55:21 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 4808
IP address blocks: 211.155.88.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:24:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4101 (0x1005)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Validity
Not Before: May 19 05:55:21 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=B706B23E8D384A9A29A8DCB890ECCC2F82348FA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:b1:bd:b3:4e:e3:70:1a:f0:bf:3b:23:a8:0f:
a3:2f:da:9d:48:76:ab:54:aa:9f:90:bb:ab:b3:c8:
c4:fe:5a:70:53:8c:5f:e0:eb:50:c6:aa:a7:14:e1:
12:04:e3:e8:ab:3f:36:a6:71:9a:a9:04:e7:a0:3c:
bf:ab:d5:f6:17:ab:8f:e9:f8:eb:03:12:09:0b:60:
64:de:34:24:4a:d0:b1:03:a4:e0:c4:2b:56:50:a3:
90:26:e2:c3:b8:e3:a6:7f:76:6b:97:9c:6a:39:3d:
ef:75:01:fb:b5:6f:ed:49:31:df:49:12:60:4c:3c:
80:f6:9a:79:f3:43:8e:6e:11:de:a8:5d:76:66:ea:
96:4c:78:7a:37:7f:74:36:d0:bb:08:fb:a5:07:b9:
37:61:12:3f:05:c3:01:2d:38:a8:76:05:ea:00:eb:
9c:ad:1b:14:52:c8:81:2e:ce:4a:3f:17:a1:fe:17:
67:3c:80:98:6a:85:27:b1:81:e0:77:31:82:53:dd:
a6:69:66:e1:28:60:e7:9e:35:56:93:95:db:d5:27:
56:08:61:8d:3a:6e:c9:46:62:03:bb:27:68:9c:e2:
67:09:fa:04:70:0a:ec:8e:90:a4:f6:a5:bb:11:11:
a7:d2:23:e8:97:35:59:05:16:1d:2d:15:be:e4:0a:
da:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:06:B2:3E:8D:38:4A:9A:29:A8:DC:B8:90:EC:CC:2F:82:34:8F:A5
X509v3 Authority Key Identifier:
keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/twayPo04SpopqNy4kOzML4I0j6U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.155.88.0/21
Signature Algorithm: sha256WithRSAEncryption
59:6d:ea:2b:21:d3:88:4b:84:a4:31:fb:7f:92:e4:d3:a0:3a:
4b:12:5e:97:00:c4:cb:b6:69:ad:e1:e6:61:f2:b9:e1:3c:3c:
02:6c:30:d0:3a:33:a6:fc:43:35:2d:19:48:78:6b:b2:5c:ba:
0d:01:0b:38:fb:f3:84:d8:ee:81:f5:ef:f7:c5:0d:b1:ac:fe:
6f:a6:e7:5f:2b:5e:54:43:8d:a9:81:ab:d4:ac:f9:23:3b:27:
5f:84:c9:5d:98:70:c2:1a:15:75:8e:1f:af:a6:8a:0c:96:8c:
2e:19:68:48:5a:96:cb:b2:50:02:46:7a:8f:e3:98:5e:b2:a3:
a6:a5:a3:5a:95:18:84:29:ab:92:a0:2d:cc:22:95:00:f8:42:
cb:d6:a2:37:79:5b:0d:75:c5:fd:9e:7c:c6:72:9f:12:2d:94:
95:0a:a6:44:11:43:c0:85:0c:7f:37:9d:d3:a0:61:94:d7:90:
d3:33:61:f7:cc:7c:73:e6:03:e8:b0:cf:1f:a5:9e:ed:46:76:
01:ab:11:a3:27:8b:32:c4:d8:74:8b:27:5f:de:1f:93:ea:a0:
d6:61:bc:19:07:71:c1:03:03:38:c0:1f:2d:8a:49:7c:f6:bf:
f5:23:e6:e2:1a:b9:3d:f9:7d:92:44:1c:25:41:d8:67:46:31:
2d:3a:24:ac
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICEAUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF
NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yMzA1MTkw
NTU1MjFaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKEI3MDZCMjNFOEQzODRB
OUEyOUE4RENCODkwRUNDQzJGODIzNDhGQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDpsb2zTuNwGvC/OyOoD6Mv2p1IdqtUqp+Qu6uzyMT+WnBTjF/g
61DGqqcU4RIE4+irPzamcZqpBOegPL+r1fYXq4/p+OsDEgkLYGTeNCRK0LEDpODE
K1ZQo5Am4sO446Z/dmuXnGo5Pe91Afu1b+1JMd9JEmBMPID2mnnzQ45uEd6oXXZm
6pZMeHo3f3Q20LsI+6UHuTdhEj8FwwEtOKh2BeoA65ytGxRSyIEuzko/F6H+F2c8
gJhqhSexgeB3MYJT3aZpZuEoYOeeNVaTldvVJ1YIYY06bslGYgO7J2ic4mcJ+gRw
CuyOkKT2pbsREafSI+iXNVkFFh0tFb7kCtq7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUtwayPo04SpopqNy4kOzML4I0j6UwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow
7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx
L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL3R3YXlQbzA0U3BvcHFO
eTRrT3pNTDRJMGo2VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAPTm1gwDQYJKoZIhvcNAQELBQADggEBAFlt6ish04hLhKQx+3+S5NOgOksSXpcA
xMu2aa3h5mHyueE8PAJsMNA6M6b8QzUtGUh4a7Jcug0BCzj784TY7oH17/fFDbGs
/m+m518rXlRDjamBq9Ss+SM7J1+EyV2YcMIaFXWOH6+migyWjC4ZaEhalsuyUAJG
eo/jmF6yo6alo1qVGIQpq5KgLcwilQD4QsvWojd5Ww11xf2efMZynxItlJUKpkQR
Q8CFDH83ndOgYZTXkNMzYffMfHPmA+iwzx+lnu1GdgGrEaMnizLE2HSLJ1/eH5Pq
oNZhvBkHccEDAzjAHy2KSXz2v/Uj5uIauT35fZJEHCVB2GdGMS06JKw=
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:11:40 2024 by rpki-client on console-ams.rpki-client.org