Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/sGTuJSheIJ6Y8t3M18obkegLCdk.roa
File: sGTuJSheIJ6Y8t3M18obkegLCdk.roa (raw, json)
Hash identifier: fOBM8/FFRACzXEFsNTF+1vUyuxxLeMLZ9BRvH8Vcx6M=
Subject key identifier: B0:64:EE:25:28:5E:20:9E:98:F2:DD:CC:D7:CA:1B:91:E8:0B:09:D9
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 12E9
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sGTuJSheIJ6Y8t3M18obkegLCdk.roa
Signing time: Sat 29 Jun 2024 19:44:15 +0000
ROA not before: Sat 29 Jun 2024 19:44:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 59803
IP address blocks: 2403:1b80::/32 maxlen: 64
2403:1b80::/48 maxlen: 64
2406:1e80::/32 maxlen: 64
Validation: Failed, certificate revoked on Wed 11 Sep 2024 02:23:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4841 (0x12e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jun 29 19:44:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B064EE25285E209E98F2DDCCD7CA1B91E80B09D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3c:44:6a:12:8a:66:10:e1:91:cd:d2:3a:6f:
de:95:dc:1a:a7:e9:36:d0:7b:64:8a:78:f5:58:21:
69:17:9f:3c:8d:cf:c1:1b:c7:a9:84:96:de:b2:38:
f0:63:ee:f8:2e:48:06:ac:ae:96:ec:cb:fe:38:e3:
04:b9:4e:d9:69:ef:3c:ae:bc:d4:88:38:05:40:9d:
db:17:38:29:9c:6a:d8:1f:c3:9a:b2:3f:ef:95:51:
4a:ba:c6:68:97:d7:16:c6:11:43:0f:88:63:67:17:
1b:07:d1:69:c6:40:a8:a7:85:f8:02:88:e4:91:91:
b4:ee:12:99:dc:6f:e7:77:21:ca:48:69:8a:ba:d1:
78:31:b4:ec:cb:b6:b6:c7:ec:09:df:94:12:22:a8:
e1:04:a1:c4:9e:53:1e:87:c3:c8:3d:44:0e:8f:e8:
25:ef:5d:73:37:d6:12:e5:9e:50:39:a6:42:e7:4a:
da:41:2e:ea:fd:a5:6c:1c:d8:e4:e2:b7:71:98:80:
f7:a5:12:23:19:65:3a:0c:de:dc:67:7c:63:28:d6:
15:12:91:07:fa:70:31:56:db:6f:c0:82:90:07:d7:
b1:2c:2a:e1:ef:71:8b:13:e9:1c:bc:d6:14:2c:61:
f6:91:aa:39:12:f3:14:1c:5f:5b:0a:e2:e9:9f:b6:
b4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:64:EE:25:28:5E:20:9E:98:F2:DD:CC:D7:CA:1B:91:E8:0B:09:D9
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sGTuJSheIJ6Y8t3M18obkegLCdk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:1b80::/32
2406:1e80::/32
Signature Algorithm: sha256WithRSAEncryption
12:f7:8a:90:28:dc:45:4e:94:70:27:6a:ac:50:43:15:8b:4a:
07:f2:5a:b8:f9:82:c1:6c:62:f7:d6:97:b5:3a:20:27:f6:27:
d8:44:f3:91:a3:5a:58:fa:e0:c7:3c:2e:dd:0c:ed:90:47:44:
aa:7e:b7:85:12:79:f5:40:04:16:92:a6:9b:3e:0a:e9:c5:23:
4d:ff:9e:af:a1:d5:09:41:0a:c7:15:ae:26:9d:68:11:bc:95:
66:e4:1b:38:41:c2:e2:6f:6c:38:42:bc:45:27:b8:1f:fd:6a:
06:cb:5e:3a:a0:51:f1:c8:1a:a0:18:37:80:c2:1e:7d:a9:0b:
31:63:1b:83:c2:67:cf:25:af:12:5f:82:91:61:e4:db:16:9f:
a3:eb:e7:dc:4f:ae:43:c4:97:94:99:c2:72:3a:c8:ec:87:0f:
00:ed:d5:c3:cc:97:f1:6e:9d:b6:8c:46:df:5e:e2:74:78:e7:
41:6f:ce:c1:5f:6d:9d:2a:fb:68:f0:d8:46:97:a0:3d:00:aa:
62:51:bb:3b:9c:a4:10:58:a0:ab:b2:b4:65:18:9e:41:53:17:
da:ef:53:7d:e3:73:fa:45:c5:67:74:22:9e:77:ef:38:7c:06:
7c:68:27:48:a6:ff:11:51:91:f2:c4:84:42:9e:3b:40:0a:ce:
e9:80:88:a8
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICEukwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA2Mjkx
OTQ0MTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIwNjRFRTI1Mjg1RTIw
OUU5OEYyRERDQ0Q3Q0ExQjkxRTgwQjA5RDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2PERqEopmEOGRzdI6b96V3Bqn6TbQe2SKePVYIWkXnzyNz8Eb
x6mElt6yOPBj7vguSAasrpbsy/444wS5Ttlp7zyuvNSIOAVAndsXOCmcatgfw5qy
P++VUUq6xmiX1xbGEUMPiGNnFxsH0WnGQKinhfgCiOSRkbTuEpncb+d3IcpIaYq6
0XgxtOzLtrbH7AnflBIiqOEEocSeUx6Hw8g9RA6P6CXvXXM31hLlnlA5pkLnStpB
Lur9pWwc2OTit3GYgPelEiMZZToM3txnfGMo1hUSkQf6cDFW22/AgpAH17EsKuHv
cYsT6Ry81hQsYfaRqjkS8xQcX1sK4umftrSpAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUsGTuJSheIJ6Y8t3M18obkegLCdkwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3NHVHVKU2hlSUo2WTh0
M00xOG9ia2VnTENkay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgACMA4D
BQAkAxuAAwUAJAYegDANBgkqhkiG9w0BAQsFAAOCAQEAEveKkCjcRU6UcCdqrFBD
FYtKB/JauPmCwWxi99aXtTogJ/Yn2ETzkaNaWPrgxzwu3QztkEdEqn63hRJ59UAE
FpKmmz4K6cUjTf+er6HVCUEKxxWuJp1oEbyVZuQbOEHC4m9sOEK8RSe4H/1qBste
OqBR8cgaoBg3gMIefakLMWMbg8JnzyWvEl+CkWHk2xafo+vn3E+uQ8SXlJnCcjrI
7IcPAO3Vw8yX8W6dtoxG317idHjnQW/OwV9tnSr7aPDYRpegPQCqYlG7O5ykEFig
q7K0ZRieQVMX2u9TfeNz+kXFZ3QinnfvOHwGfGgnSKb/EVGR8sSEQp47QArO6YCI
qA==
-----END CERTIFICATE-----
Generated at Wed Sep 11 05:04:09 2024 by rpki-client on console-ams.rpki-client.org