Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/V7WY6nWfoQcWpA_LSYDvvcs1ZiQ.roa
File: V7WY6nWfoQcWpA_LSYDvvcs1ZiQ.roa (raw, json)
Hash identifier: IjJl9aU9BK5zMfcl4eEotwD/aok8+/1B/w03bmlC5c4=
Subject key identifier: 57:B5:98:EA:75:9F:A1:07:16:A4:0F:CB:49:80:EF:BD:CB:35:66:24
Certificate issuer: /CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285
Certificate serial: 08D7
Authority key identifier: DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/V7WY6nWfoQcWpA_LSYDvvcs1ZiQ.roa
Signing time: Mon 28 Aug 2023 11:31:03 +0000
ROA not before: Mon 28 Aug 2023 11:31:03 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 63199
IP address blocks: 2400:5280:2000::/38 maxlen: 38
2400:5280:3c00::/38 maxlen: 38
Validation: Failed, certificate revoked on Mon 01 Apr 2024 10:21:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2263 (0x8d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285
Validity
Not Before: Aug 28 11:31:03 2023 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=57B598EA759FA10716A40FCB4980EFBDCB356624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:77:b9:86:0f:db:08:70:5d:ee:f9:0a:1b:8a:
35:2a:b0:02:d8:07:2f:2d:a3:c6:e8:a0:5d:45:f3:
6d:06:cb:74:9f:4e:94:4f:e7:0a:9c:63:de:12:54:
0c:20:aa:79:5d:69:1d:38:25:f8:3d:73:f2:7e:3d:
6f:09:d3:a1:9c:f6:4d:cd:a6:6a:40:0e:2b:ae:e9:
44:5b:45:bb:c2:fe:7f:ae:19:e0:e9:b7:73:0d:46:
5c:5c:f5:f4:56:d6:18:a2:11:42:6e:a3:4c:6b:98:
0d:fc:43:65:56:6f:87:70:6a:c8:87:7b:34:e6:4d:
9d:c2:4d:d5:59:95:37:12:a7:b4:cd:bc:e3:11:4f:
7a:31:b5:a9:32:07:87:d9:08:96:94:36:32:6c:b7:
1f:1f:75:b9:7c:66:80:1a:1a:6b:ab:29:b0:1b:34:
71:b5:d1:d9:31:5d:43:12:16:72:d7:f9:0c:13:e8:
20:1f:60:dd:dd:ce:fe:7d:5d:95:f2:24:62:3c:a6:
21:0a:1a:07:eb:14:94:9f:46:a7:04:22:3f:9c:92:
1b:18:13:1b:95:44:b3:7d:9f:d0:e0:a0:96:a4:b6:
11:34:0a:f7:4a:21:be:64:db:76:79:01:bc:f2:4a:
12:94:36:16:16:99:49:34:ab:b7:33:f4:8d:b2:82:
c7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:B5:98:EA:75:9F:A1:07:16:A4:0F:CB:49:80:EF:BD:CB:35:66:24
X509v3 Authority Key Identifier:
keyid:DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/V7WY6nWfoQcWpA_LSYDvvcs1ZiQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:5280:2000::/38
2400:5280:3c00::/38
Signature Algorithm: sha256WithRSAEncryption
c3:a2:96:73:07:45:a3:0b:16:04:fb:93:da:ca:b7:eb:c1:57:
fa:f9:9d:5f:7f:5e:b9:b2:27:49:60:dc:35:88:6f:8c:3f:4b:
69:bb:67:81:69:18:92:93:fc:6b:1b:5f:76:81:8b:f3:4e:bd:
bc:04:11:50:55:ac:1e:9c:40:74:52:cf:b0:55:ed:6e:2a:ba:
d6:b6:d0:60:43:5f:c8:0d:c4:bc:12:8d:91:24:7e:23:0e:9b:
66:14:1e:50:cc:2b:19:9e:e6:79:78:49:57:cd:72:82:46:f7:
31:61:8d:18:62:64:ad:4c:b4:a2:64:8f:ba:2d:8c:84:c8:f7:
16:ec:49:56:82:5c:c5:6c:73:44:f0:21:cf:aa:a4:29:f1:97:
08:6f:46:91:17:e9:54:f8:60:9c:b1:a8:96:12:6d:0d:ff:78:
ae:c1:08:67:91:7c:22:1b:07:d5:39:9f:82:81:d6:13:c6:af:
09:70:f8:49:4f:09:a6:42:7d:c1:46:9a:71:7d:9c:4c:cf:16:
0e:a6:3a:69:48:d6:5b:ce:b6:f0:ee:26:b5:73:af:a8:7f:d8:
88:39:3b:f7:62:cd:bd:59:ca:28:2e:4b:7d:c6:5e:f2:65:aa:
5a:4c:c1:d3:23:63:16:11:c2:9c:77:47:dd:f1:0b:a1:9e:e7:
4f:c7:1f:70
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egAwIBAgICCNcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREE5
OTNGRTVDMDRGRjlGMjJDNTI2MjYzMEJFQzM3RjVCM0E3ODI4NTAeFw0yMzA4Mjgx
MTMxMDNaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKDU3QjU5OEVBNzU5RkEx
MDcxNkE0MEZDQjQ5ODBFRkJEQ0IzNTY2MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCud7mGD9sIcF3u+QobijUqsALYBy8to8booF1F820Gy3SfTpRP
5wqcY94SVAwgqnldaR04Jfg9c/J+PW8J06Gc9k3NpmpADiuu6URbRbvC/n+uGeDp
t3MNRlxc9fRW1hiiEUJuo0xrmA38Q2VWb4dwasiHezTmTZ3CTdVZlTcSp7TNvOMR
T3oxtakyB4fZCJaUNjJstx8fdbl8ZoAaGmurKbAbNHG10dkxXUMSFnLX+QwT6CAf
YN3dzv59XZXyJGI8piEKGgfrFJSfRqcEIj+ckhsYExuVRLN9n9DgoJakthE0CvdK
Ib5k23Z5AbzyShKUNhYWmUk0q7cz9I2ygsedAgMBAAGjggH7MIIB9zAdBgNVHQ4E
FgQUV7WY6nWfoQcWpA/LSYDvvcs1ZiQwHwYDVR0jBBgwFoAU2pk/5cBP+fIsUmJj
C+w39bOngoUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0
LzJwa181Y0JQLWZJc1VtSmpDLXczOWJPbmdvVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMnBrXzVjQlAtZklzVW1KakMtdzM5Yk9uZ29VLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0L1Y3V1k2bldmb1FjV3BB
X0xTWUR2dmNzMVppUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKQYIKwYBBQUHAQcBAf8EGjAYMBYEAgACMBAD
BgIkAFKAIAMGAiQAUoA8MA0GCSqGSIb3DQEBCwUAA4IBAQDDopZzB0WjCxYE+5Pa
yrfrwVf6+Z1ff165sidJYNw1iG+MP0tpu2eBaRiSk/xrG192gYvzTr28BBFQVawe
nEB0Us+wVe1uKrrWttBgQ1/IDcS8Eo2RJH4jDptmFB5QzCsZnuZ5eElXzXKCRvcx
YY0YYmStTLSiZI+6LYyEyPcW7ElWglzFbHNE8CHPqqQp8ZcIb0aRF+lU+GCcsaiW
Em0N/3iuwQhnkXwiGwfVOZ+CgdYTxq8JcPhJTwmmQn3BRppxfZxMzxYOpjppSNZb
zrbw7ia1c6+of9iIOTv3Ys29WcooLkt9xl7yZapaTMHTI2MWEcKcd0fd8QuhnudP
xx9w
-----END CERTIFICATE-----
Generated at Mon Apr 1 11:21:44 2024 by rpki-client on console-fra.rpki-client.org