Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/721/XQoCZdNwJRo5_YuVC680IKdsKOw.roa
File: XQoCZdNwJRo5_YuVC680IKdsKOw.roa (raw, json)
Hash identifier: s+q3FaIg2Fqcv6lNtoe2Ad25SjKbs15JXZKee/1yUkY=
Subject key identifier: 5D:0A:02:65:D3:70:25:1A:39:FD:8B:95:0B:AF:34:20:A7:6C:28:EC
Certificate issuer: /CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A
Certificate serial: 13FD
Authority key identifier: EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/XQoCZdNwJRo5_YuVC680IKdsKOw.roa
Signing time: Wed 13 Mar 2024 01:22:14 +0000
ROA not before: Wed 13 Mar 2024 01:22:14 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 136958
IP address blocks: 43.255.212.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 24 Sep 2024 00:18:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5117 (0x13fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A
Validity
Not Before: Mar 13 01:22:14 2024 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=5D0A0265D370251A39FD8B950BAF3420A76C28EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:25:3a:7e:05:5d:e7:c0:07:c7:7d:51:d7:38:
21:39:45:ba:e3:58:85:91:1d:ba:c8:15:c5:81:60:
c1:f0:53:f7:8b:22:3e:20:80:21:85:03:dd:35:12:
11:ac:d0:67:24:e7:41:0b:f5:ab:60:00:1a:4d:3a:
f7:4c:13:10:90:96:b9:5a:f5:5c:2f:40:b3:23:73:
89:5b:d3:ca:64:46:c9:65:a5:92:6f:2b:ec:d6:48:
bf:79:f2:eb:c8:43:8d:14:32:42:e9:93:b3:46:4b:
6e:fe:06:12:3b:c2:ab:ff:c7:97:91:05:cf:cb:15:
1b:00:47:df:f1:ce:8a:57:e5:5d:e1:c2:7d:6c:1c:
9e:ff:24:87:63:7d:b3:bc:06:97:d9:30:8a:c9:63:
3e:2f:83:c7:31:66:17:2f:c5:6f:2d:17:5a:9e:fa:
90:59:a1:fc:20:ff:ab:97:86:81:cc:5c:9c:02:40:
75:d6:26:49:93:c4:fb:41:db:78:2c:ae:96:e2:d4:
5d:89:c8:aa:b7:78:77:94:dd:88:2e:f6:06:ac:de:
41:90:e9:c1:98:c4:2e:eb:47:f1:64:c0:11:38:de:
45:6d:00:3a:0d:1c:e4:26:0b:c9:c9:0e:38:f1:aa:
0a:75:0a:bf:c3:c1:34:04:20:25:82:5c:ef:ce:47:
f3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:0A:02:65:D3:70:25:1A:39:FD:8B:95:0B:AF:34:20:A7:6C:28:EC
X509v3 Authority Key Identifier:
keyid:EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/XQoCZdNwJRo5_YuVC680IKdsKOw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.212.0/22
Signature Algorithm: sha256WithRSAEncryption
12:2a:6c:74:9b:66:24:93:68:cb:e4:de:a8:6d:85:ce:43:e6:
d2:d4:8f:81:cb:ab:cc:f0:fb:cb:8b:29:e8:f4:e8:bf:05:16:
74:0e:df:88:a0:b5:49:7f:27:67:db:7a:40:0a:f0:e3:dd:9b:
8b:c6:5b:e8:8a:91:d8:51:25:4e:01:88:ef:7d:1a:c6:cc:2b:
a7:a3:67:24:c3:36:ac:5e:97:64:73:b3:37:a5:49:ec:78:fd:
2e:bf:ae:c1:79:f4:3c:2d:5d:61:4a:4c:87:ac:86:b0:54:db:
e8:05:21:80:6b:6f:c8:cf:ed:ef:a7:95:3a:68:0a:eb:5c:f4:
76:2f:e0:ef:dd:b6:9b:9c:d3:da:7d:d8:89:a6:98:07:04:e5:
b9:25:e4:95:b7:09:d3:a0:ee:db:78:69:98:aa:6d:29:75:7a:
8f:b6:e2:aa:ac:56:ea:9c:9c:8d:ce:b8:5a:af:ed:2c:ba:c0:
81:90:fd:5f:a6:39:c9:12:1a:51:8b:91:64:0f:ba:06:a9:76:
1b:6e:01:61:d3:21:22:ac:50:cd:e7:67:00:d2:ef:80:02:68:
ac:52:5e:ee:70:91:c4:fc:ed:82:21:f0:6e:d6:cb:e5:09:86:
84:6c:2f:68:b9:1f:58:c9:0f:3f:e4:c6:5b:d8:7e:f4:60:d2:
69:ee:88:1d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICE/0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUU4
ODdBQ0M3Q0U0QjVGNjZDQ0Y0OTQ2RjAyQkZBQ0JERTI4Qjc2QTAeFw0yNDAzMTMw
MTIyMTRaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDVEMEEwMjY1RDM3MDI1
MUEzOUZEOEI5NTBCQUYzNDIwQTc2QzI4RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqJTp+BV3nwAfHfVHXOCE5RbrjWIWRHbrIFcWBYMHwU/eLIj4g
gCGFA901EhGs0Gck50EL9atgABpNOvdMExCQlrla9VwvQLMjc4lb08pkRsllpZJv
K+zWSL958uvIQ40UMkLpk7NGS27+BhI7wqv/x5eRBc/LFRsAR9/xzopX5V3hwn1s
HJ7/JIdjfbO8BpfZMIrJYz4vg8cxZhcvxW8tF1qe+pBZofwg/6uXhoHMXJwCQHXW
JkmTxPtB23gsrpbi1F2JyKq3eHeU3Ygu9gas3kGQ6cGYxC7rR/FkwBE43kVtADoN
HOQmC8nJDjjxqgp1Cr/DwTQEICWCXO/OR/MFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUXQoCZdNwJRo5/YuVC680IKdsKOwwHwYDVR0jBBgwFoAU7oh6zHzktfZsz0lG
8Cv6y94ot2owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIx
LzdvaDZ6SHprdGZac3owbEc4Q3Y2eTk0b3Qyby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvN29oNnpIemt0ZlpzejBsRzhDdjZ5OTRvdDJvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIxL1hRb0NaZE53SlJvNV9Z
dVZDNjgwSUtkc0tPdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIr/9QwDQYJKoZIhvcNAQELBQADggEBABIqbHSbZiSTaMvk3qhthc5D5tLUj4HL
q8zw+8uLKej06L8FFnQO34igtUl/J2fbekAK8OPdm4vGW+iKkdhRJU4BiO99GsbM
K6ejZyTDNqxel2RzszelSex4/S6/rsF59DwtXWFKTIeshrBU2+gFIYBrb8jP7e+n
lTpoCutc9HYv4O/dtpuc09p92ImmmAcE5bkl5JW3CdOg7tt4aZiqbSl1eo+24qqs
VuqcnI3OuFqv7Sy6wIGQ/V+mOckSGlGLkWQPugapdhtuAWHTISKsUM3nZwDS74AC
aKxSXu5wkcT87YIh8G7Wy+UJhoRsL2i5H1jJDz/kxlvYfvRg0mnuiB0=
-----END CERTIFICATE-----
Generated at Tue Sep 24 01:53:40 2024 by rpki-client on console-ams.rpki-client.org