Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/721/BgQtqUSWsT0X1uySoYooyAkDZhk.roa
File: BgQtqUSWsT0X1uySoYooyAkDZhk.roa (raw, json)
Hash identifier: Xq7HzlKjGOrOE6rGP2mz82B9bhmktMJlkMw5/6R1PBA=
Subject key identifier: 06:04:2D:A9:44:96:B1:3D:17:D6:EC:92:A1:8A:28:C8:09:03:66:19
Certificate issuer: /CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A
Certificate serial: 0E38
Authority key identifier: EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/BgQtqUSWsT0X1uySoYooyAkDZhk.roa
Signing time: Fri 19 May 2023 05:53:35 +0000
ROA not before: Fri 19 May 2023 05:53:35 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 136958
IP address blocks: 43.255.212.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:22:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3640 (0xe38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A
Validity
Not Before: May 19 05:53:35 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=06042DA94496B13D17D6EC92A18A28C809036619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:bf:c8:f2:f0:1f:bc:63:d5:38:e4:ad:05:c2:
a2:7f:1c:2a:77:bf:fa:d2:f0:df:66:bc:95:01:fc:
8e:2f:d5:bd:57:ea:eb:2f:90:0d:bc:eb:dd:d0:6a:
a5:cb:58:ce:de:0a:95:de:23:d3:1d:3c:b7:32:7c:
9d:a0:d6:d9:32:12:e0:52:00:51:df:1b:4e:93:c2:
7d:d8:3a:d3:98:b8:aa:9a:66:7c:40:ce:f0:6d:57:
0b:44:f5:26:60:6d:02:d0:a6:ce:72:b3:89:66:84:
5d:98:cb:ba:6e:ec:38:a1:42:37:d0:87:9e:31:48:
20:8e:0c:ca:03:f4:1e:7e:5a:0e:15:02:98:3f:65:
ba:6d:1a:f8:e4:69:72:62:83:ad:32:17:e9:ee:fb:
1c:e2:fc:0e:35:20:7a:21:d0:ed:aa:93:72:36:2a:
60:a0:1d:e9:0e:c8:68:08:b3:b8:2c:68:19:02:b1:
f2:37:cf:c9:df:a3:74:8a:36:f7:cb:d0:a2:33:31:
df:b7:f5:1d:04:e6:0c:3c:3a:fc:c0:25:02:7b:69:
74:b8:03:ad:25:b7:ad:3e:0e:df:2e:22:99:5b:68:
8e:73:40:68:42:6c:59:de:8e:a5:26:37:07:91:61:
b8:6f:50:40:3e:dd:02:c0:30:19:6c:90:4e:39:23:
78:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:04:2D:A9:44:96:B1:3D:17:D6:EC:92:A1:8A:28:C8:09:03:66:19
X509v3 Authority Key Identifier:
keyid:EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/BgQtqUSWsT0X1uySoYooyAkDZhk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.212.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:4a:9e:23:3f:0b:8c:38:79:ca:c5:bb:1a:20:00:0c:50:99:
c5:d4:e2:4c:c4:a6:e5:cf:01:46:31:7b:bb:48:0d:56:8e:14:
23:a0:22:69:16:fd:86:2f:84:cd:be:25:5e:66:91:ec:0e:cb:
d5:8e:95:04:24:95:da:f6:6c:6e:39:f2:b8:ef:83:56:bc:91:
19:92:52:2b:f5:73:bc:b2:68:ca:12:02:de:be:c7:d7:72:d2:
e4:75:68:bf:21:19:a5:d4:d9:e3:b0:45:a2:08:bb:1f:94:e3:
ad:2a:83:39:ac:3e:34:98:e3:49:4e:53:e8:c0:d8:76:99:89:
3d:06:b5:4d:54:f5:88:46:a6:2c:ea:03:63:42:ae:01:00:41:
02:5b:26:45:2f:17:3c:62:22:31:88:a6:e2:fa:ed:3c:e2:8c:
98:41:f7:3b:76:96:19:39:7c:36:95:5d:74:13:d8:16:88:6e:
35:65:e4:f2:f9:c9:0e:87:cc:c8:8b:1f:cd:30:a2:ba:72:74:
96:80:e9:10:f1:64:9a:36:d1:15:1d:8c:42:e7:7d:9e:ca:d5:
4c:6e:67:42:8c:9b:50:41:73:aa:aa:45:ef:f9:77:36:30:79:
18:20:02:46:88:11:a1:37:01:8c:0e:01:94:5c:43:a2:c2:5d:
f4:b8:fa:61
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDjgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUU4
ODdBQ0M3Q0U0QjVGNjZDQ0Y0OTQ2RjAyQkZBQ0JERTI4Qjc2QTAeFw0yMzA1MTkw
NTUzMzVaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDA2MDQyREE5NDQ5NkIx
M0QxN0Q2RUM5MkExOEEyOEM4MDkwMzY2MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUv8jy8B+8Y9U45K0FwqJ/HCp3v/rS8N9mvJUB/I4v1b1X6usv
kA28693QaqXLWM7eCpXeI9MdPLcyfJ2g1tkyEuBSAFHfG06Twn3YOtOYuKqaZnxA
zvBtVwtE9SZgbQLQps5ys4lmhF2Yy7pu7DihQjfQh54xSCCODMoD9B5+Wg4VApg/
ZbptGvjkaXJig60yF+nu+xzi/A41IHoh0O2qk3I2KmCgHekOyGgIs7gsaBkCsfI3
z8nfo3SKNvfL0KIzMd+39R0E5gw8OvzAJQJ7aXS4A60lt60+Dt8uIplbaI5zQGhC
bFnejqUmNweRYbhvUEA+3QLAMBlskE45I3gFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUBgQtqUSWsT0X1uySoYooyAkDZhkwHwYDVR0jBBgwFoAU7oh6zHzktfZsz0lG
8Cv6y94ot2owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIx
LzdvaDZ6SHprdGZac3owbEc4Q3Y2eTk0b3Qyby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvN29oNnpIemt0ZlpzejBsRzhDdjZ5OTRvdDJvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIxL0JnUXRxVVNXc1QwWDF1
eVNvWW9veUFrRFpoay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIr/9QwDQYJKoZIhvcNAQELBQADggEBAI5KniM/C4w4ecrFuxogAAxQmcXU4kzE
puXPAUYxe7tIDVaOFCOgImkW/YYvhM2+JV5mkewOy9WOlQQkldr2bG458rjvg1a8
kRmSUiv1c7yyaMoSAt6+x9dy0uR1aL8hGaXU2eOwRaIIux+U460qgzmsPjSY40lO
U+jA2HaZiT0GtU1U9YhGpizqA2NCrgEAQQJbJkUvFzxiIjGIpuL67TzijJhB9zt2
lhk5fDaVXXQT2BaIbjVl5PL5yQ6HzMiLH80worpydJaA6RDxZJo20RUdjELnfZ7K
1UxuZ0KMm1BBc6qqRe/5dzYweRggAkaIEaE3AYwOAZRcQ6LCXfS4+mE=
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org