Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/aPOFZQcep7S09Kcv6ZLO9WNs6aI.roa
File: aPOFZQcep7S09Kcv6ZLO9WNs6aI.roa (raw, json)
Hash identifier: CbDif/EV+8RRgsqT+iqwgAiNgpZ1/s6WVEadUo1q9wc=
Subject key identifier: 68:F3:85:65:07:1E:A7:B4:B4:F4:A7:2F:E9:92:CE:F5:63:6C:E9:A2
Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Certificate serial: 06CB
Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/aPOFZQcep7S09Kcv6ZLO9WNs6aI.roa
Signing time: Wed 27 Sep 2023 01:44:25 +0000
ROA not before: Wed 27 Sep 2023 01:44:25 +0000
ROA not after: Tue 24 Sep 2024 02:11:20 +0000
asID: 23853
IP address blocks: 211.147.79.0/24 maxlen: 32
Validation: Failed, certificate revoked on Fri 31 May 2024 08:22:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1739 (0x6cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Validity
Not Before: Sep 27 01:44:25 2023 GMT
Not After : Sep 24 02:11:20 2024 GMT
Subject: CN=68F38565071EA7B4B4F4A72FE992CEF5636CE9A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:68:92:19:13:02:d1:8c:3e:15:be:80:76:b9:
22:b7:14:2a:a3:8a:48:58:3e:0c:a5:06:16:b4:57:
79:e1:8a:f3:38:69:91:8b:57:59:4f:ba:1b:a4:69:
65:d2:c6:7c:9b:7a:2f:8d:68:ef:08:0a:d9:bd:97:
f8:51:08:36:7e:1b:45:b3:29:02:97:09:32:71:93:
2e:bd:8a:90:3d:39:03:a5:a4:6f:e8:fa:a0:39:83:
5b:1b:f1:0e:b7:35:96:33:7f:85:04:b6:04:17:bd:
d6:85:c3:2d:04:4f:a9:11:fe:74:87:86:7d:e9:ca:
5d:df:9a:7c:01:df:10:05:26:41:d7:ed:8f:e2:0b:
fe:56:86:62:d9:e5:ad:3c:bc:b6:ba:58:60:08:d6:
fc:fb:6e:3e:7b:56:d4:da:a2:4f:cb:9b:8d:e3:85:
91:1e:a1:62:b6:43:e6:6a:fc:39:7f:0a:8e:3b:f1:
af:3f:65:fd:ff:d8:dd:f4:44:c7:6c:37:f0:f1:97:
cb:86:2b:24:09:3b:ce:e8:e7:7b:b1:ab:91:75:02:
16:90:da:8b:94:38:c7:85:46:a4:82:37:e8:2f:01:
12:03:e6:05:d3:d1:64:5a:57:c7:4d:84:e8:7c:0f:
cc:6f:a0:cf:e8:99:d1:2b:e4:23:ea:57:34:c6:00:
c2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F3:85:65:07:1E:A7:B4:B4:F4:A7:2F:E9:92:CE:F5:63:6C:E9:A2
X509v3 Authority Key Identifier:
keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/aPOFZQcep7S09Kcv6ZLO9WNs6aI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.147.79.0/24
Signature Algorithm: sha256WithRSAEncryption
48:5c:cb:d8:5c:4d:3f:ad:fa:6d:cb:c3:08:64:11:d6:12:41:
4a:d6:1f:25:1c:66:65:35:b0:52:af:cf:21:bb:6c:4a:44:3d:
a9:27:b1:cd:67:3f:be:65:c7:7d:a7:ca:91:8c:85:c8:f1:ca:
6a:25:8a:e3:9e:9c:67:68:20:0d:a6:b7:f4:dc:37:1a:aa:78:
93:f0:f7:bc:61:5b:a5:2c:68:a8:f0:0c:d2:9d:a9:80:5b:10:
7d:cb:cc:1c:aa:92:43:0f:9d:0f:d8:c4:e3:38:a5:70:d8:cf:
9d:0e:70:f2:7b:8b:49:e2:97:28:29:17:b5:68:44:ad:d7:a1:
1d:8c:bb:bc:5b:62:9f:b1:87:7f:2b:0a:70:65:c8:e2:4f:5f:
bd:60:c5:43:5d:a0:a4:1e:a6:40:20:77:bb:88:08:1e:c7:f3:
2b:3e:e5:c8:f0:69:4b:89:35:90:5e:3d:fb:9f:15:ae:f4:01:
6c:e9:96:13:58:a1:0c:23:65:ff:1e:0e:45:3c:a2:ee:c1:57:
fa:d9:6b:64:19:6a:4e:f6:5b:09:4f:4f:07:e0:25:f8:47:99:
5c:17:7f:74:74:e9:eb:1b:87:eb:bc:25:15:66:2c:63:09:6e:
89:b9:06:5e:1b:3c:b7:a7:76:31:8a:25:f6:96:8e:4d:91:f3:
b8:77:8e:96
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICBsswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy
NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yMzA5Mjcw
MTQ0MjVaFw0yNDA5MjQwMjExMjBaMDMxMTAvBgNVBAMTKDY4RjM4NTY1MDcxRUE3
QjRCNEY0QTcyRkU5OTJDRUY1NjM2Q0U5QTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkaJIZEwLRjD4VvoB2uSK3FCqjikhYPgylBha0V3nhivM4aZGL
V1lPuhukaWXSxnybei+NaO8ICtm9l/hRCDZ+G0WzKQKXCTJxky69ipA9OQOlpG/o
+qA5g1sb8Q63NZYzf4UEtgQXvdaFwy0ET6kR/nSHhn3pyl3fmnwB3xAFJkHX7Y/i
C/5WhmLZ5a08vLa6WGAI1vz7bj57VtTaok/Lm43jhZEeoWK2Q+Zq/Dl/Co478a8/
Zf3/2N30RMdsN/Dxl8uGKyQJO87o53uxq5F1AhaQ2ouUOMeFRqSCN+gvARID5gXT
0WRaV8dNhOh8D8xvoM/omdEr5CPqVzTGAMJxAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUaPOFZQcep7S09Kcv6ZLO9WNs6aIwHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7
wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv
bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS9hUE9GWlFjZXA3UzA5S2N2
NlpMTzlXTnM2YUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
05NPMA0GCSqGSIb3DQEBCwUAA4IBAQBIXMvYXE0/rfpty8MIZBHWEkFK1h8lHGZl
NbBSr88hu2xKRD2pJ7HNZz++Zcd9p8qRjIXI8cpqJYrjnpxnaCANprf03DcaqniT
8Pe8YVulLGio8AzSnamAWxB9y8wcqpJDD50P2MTjOKVw2M+dDnDye4tJ4pcoKRe1
aESt16EdjLu8W2KfsYd/KwpwZcjiT1+9YMVDXaCkHqZAIHe7iAgex/MrPuXI8GlL
iTWQXj37nxWu9AFs6ZYTWKEMI2X/Hg5FPKLuwVf62WtkGWpO9lsJT08H4CX4R5lc
F390dOnrG4frvCUVZixjCW6JuQZeGzy3p3YxiiX2lo5NkfO4d46W
-----END CERTIFICATE-----
Generated at Fri May 31 12:25:33 2024 by rpki-client on console-fra.rpki-client.org