Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/721/gaQyXvKfCK8PvvqXSF9E5SzhJh0.roa
File: gaQyXvKfCK8PvvqXSF9E5SzhJh0.roa (raw, json)
Hash identifier: VIgLXuxDAmH54DoQS4H1dmdj81lXr8HSOsVEQDrg8uQ=
Subject key identifier: 81:A4:32:5E:F2:9F:08:AF:0F:BE:FA:97:48:5F:44:E5:2C:E1:26:1D
Certificate issuer: /CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A
Certificate serial: 0E37
Authority key identifier: EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/gaQyXvKfCK8PvvqXSF9E5SzhJh0.roa
Signing time: Fri 19 May 2023 05:53:34 +0000
ROA not before: Fri 19 May 2023 05:53:34 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 134764
IP address blocks: 43.255.212.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:22:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3639 (0xe37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A
Validity
Not Before: May 19 05:53:34 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=81A4325EF29F08AF0FBEFA97485F44E52CE1261D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8d:3e:52:ba:a4:d7:20:f2:f0:31:7d:95:14:
39:5a:56:01:00:2d:3d:5a:85:fd:81:0c:d8:ce:2a:
eb:ad:bd:bf:4b:6b:1c:30:3d:cf:d8:b7:2e:2b:93:
20:26:3a:67:2f:8a:17:53:f4:e2:84:23:dc:45:d7:
82:07:9a:28:08:b8:9a:8c:5a:8a:67:bc:6b:5d:7a:
d3:fb:fd:84:0d:a1:c6:21:d4:3d:77:e1:ff:86:6e:
19:eb:33:ab:f9:8d:6e:7c:3d:d9:ca:e1:f2:f7:a1:
9c:f2:d9:cc:bb:1c:2e:4f:ee:6a:b0:7b:b5:27:34:
7c:9d:8a:00:5b:a4:9a:51:d3:01:58:6f:83:33:58:
d0:e3:10:e5:82:79:61:82:2f:6b:db:03:29:23:09:
58:d8:ee:b3:89:ff:99:02:a7:37:8b:20:9c:c5:60:
64:39:dc:fa:a8:a7:0c:a0:3e:90:34:f3:94:4d:a5:
2a:1b:82:89:5b:f7:1e:fb:11:37:e3:9f:9d:70:1e:
99:71:a2:3d:d5:12:c2:65:2c:7b:7b:24:43:e1:58:
f7:48:5d:52:fd:eb:20:fb:61:c0:a9:ea:66:82:8c:
a0:a9:86:b5:74:f2:76:2c:f1:72:11:24:76:d5:a1:
03:39:7f:02:23:34:f6:43:84:93:0f:a5:76:a7:90:
e1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A4:32:5E:F2:9F:08:AF:0F:BE:FA:97:48:5F:44:E5:2C:E1:26:1D
X509v3 Authority Key Identifier:
keyid:EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/gaQyXvKfCK8PvvqXSF9E5SzhJh0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.212.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:55:a7:ad:58:27:74:4e:ac:3c:7e:6e:fb:79:b1:b6:cd:96:
c8:b4:45:c0:99:b8:6b:74:29:f8:85:60:4b:04:7a:24:5b:de:
76:ac:77:2a:fb:10:51:39:82:38:86:ce:8a:23:a2:1f:81:84:
f8:a8:6d:f3:2b:de:29:41:c6:69:86:3c:28:d2:03:fe:02:4c:
4e:40:8e:56:41:d4:1a:0c:68:84:0b:50:72:39:ab:8f:7d:d6:
35:3a:9e:a5:e8:52:c1:c8:a5:59:45:4d:a9:b1:b5:6f:cb:68:
64:5c:d9:39:5c:e6:ed:22:2e:ca:36:b2:48:72:65:13:7a:73:
54:49:4e:ca:0a:ee:d0:af:c1:3c:47:d4:67:d1:d5:c2:e2:ee:
d4:25:c2:d1:e4:ed:11:eb:83:15:b1:98:50:e0:f0:4b:53:dc:
54:23:18:e0:37:97:ff:83:f9:5e:c5:07:ea:18:90:42:68:b6:
9d:62:5e:5e:f8:45:4e:6f:b5:58:f2:a2:35:f4:95:c3:e8:87:
13:db:3f:40:e0:75:14:5a:92:47:c8:8d:2d:e6:29:3d:b6:55:
24:2e:90:de:ef:3c:7c:c3:f7:97:24:2c:10:cb:93:3b:52:d6:
6f:03:d0:b2:3b:79:e4:ee:1a:4f:ff:7a:cc:7d:91:40:37:fb:
5c:a7:94:13
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDjcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUU4
ODdBQ0M3Q0U0QjVGNjZDQ0Y0OTQ2RjAyQkZBQ0JERTI4Qjc2QTAeFw0yMzA1MTkw
NTUzMzRaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDgxQTQzMjVFRjI5RjA4
QUYwRkJFRkE5NzQ4NUY0NEU1MkNFMTI2MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrjT5SuqTXIPLwMX2VFDlaVgEALT1ahf2BDNjOKuutvb9Laxww
Pc/Yty4rkyAmOmcvihdT9OKEI9xF14IHmigIuJqMWopnvGtdetP7/YQNocYh1D13
4f+GbhnrM6v5jW58PdnK4fL3oZzy2cy7HC5P7mqwe7UnNHydigBbpJpR0wFYb4Mz
WNDjEOWCeWGCL2vbAykjCVjY7rOJ/5kCpzeLIJzFYGQ53PqopwygPpA085RNpSob
golb9x77ETfjn51wHplxoj3VEsJlLHt7JEPhWPdIXVL96yD7YcCp6maCjKCphrV0
8nYs8XIRJHbVoQM5fwIjNPZDhJMPpXankOFFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUgaQyXvKfCK8PvvqXSF9E5SzhJh0wHwYDVR0jBBgwFoAU7oh6zHzktfZsz0lG
8Cv6y94ot2owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIx
LzdvaDZ6SHprdGZac3owbEc4Q3Y2eTk0b3Qyby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvN29oNnpIemt0ZlpzejBsRzhDdjZ5OTRvdDJvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIxL2dhUXlYdktmQ0s4UHZ2
cVhTRjlFNVN6aEpoMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIr/9QwDQYJKoZIhvcNAQELBQADggEBAKRVp61YJ3ROrDx+bvt5sbbNlsi0RcCZ
uGt0KfiFYEsEeiRb3nasdyr7EFE5gjiGzoojoh+BhPiobfMr3ilBxmmGPCjSA/4C
TE5AjlZB1BoMaIQLUHI5q4991jU6nqXoUsHIpVlFTamxtW/LaGRc2Tlc5u0iLso2
skhyZRN6c1RJTsoK7tCvwTxH1GfR1cLi7tQlwtHk7RHrgxWxmFDg8EtT3FQjGOA3
l/+D+V7FB+oYkEJotp1iXl74RU5vtVjyojX0lcPohxPbP0DgdRRakkfIjS3mKT22
VSQukN7vPHzD95ckLBDLkztS1m8D0LI7eeTuGk//esx9kUA3+1ynlBM=
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:11:40 2024 by rpki-client on console-ams.rpki-client.org