Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/767/lUaOo6etl1qAyzxA_QB09iCAYnc.roa
File: lUaOo6etl1qAyzxA_QB09iCAYnc.roa (raw, json)
Hash identifier: Ye32GRkB5+0Y3Ca2S6E6YyMAih/mXFf1TF3vuVjNmeo=
Subject key identifier: 95:46:8E:A3:A7:AD:97:5A:80:CB:3C:40:FD:00:74:F6:20:80:62:77
Certificate issuer: /CN=CC8CF726F2323299108744D6930BEF18D677445D
Certificate serial: 1164
Authority key identifier: CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/lUaOo6etl1qAyzxA_QB09iCAYnc.roa
Signing time: Fri 24 May 2024 02:25:21 +0000
ROA not before: Fri 24 May 2024 02:25:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 48024
IP address blocks: 2403:3d80::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 23 Jul 2024 05:17:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4452 (0x1164)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CC8CF726F2323299108744D6930BEF18D677445D
Validity
Not Before: May 24 02:25:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=95468EA3A7AD975A80CB3C40FD0074F620806277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f7:ac:b6:44:23:ca:7f:b2:ca:ee:67:7f:4f:
0f:d8:e3:06:e1:9d:28:e6:e2:a5:2d:bf:33:28:c6:
c8:40:03:2d:4a:f4:fc:5b:cf:b0:bf:d7:4c:e0:d5:
ff:8f:87:cb:76:33:5a:1f:60:ae:86:3a:ad:84:6a:
1c:24:9d:96:d1:14:75:8f:14:54:4f:9b:0a:85:9b:
e8:d1:73:95:99:d5:bc:a4:b6:06:f2:c6:da:ad:bd:
fb:1d:1a:c8:5b:de:1f:ee:51:a7:7b:da:23:04:65:
a6:ff:32:28:28:92:93:95:51:a1:8d:96:cb:56:79:
ea:82:09:a9:04:18:ba:b1:f3:2c:f6:fa:28:59:53:
c5:df:4d:0d:e3:65:65:f2:39:28:89:0c:fb:0a:68:
66:55:56:46:c2:04:e7:4a:d8:45:49:95:49:8f:69:
06:8f:50:26:7f:e8:0b:0a:c1:a2:a3:f6:30:13:66:
ac:18:59:cf:c1:7a:65:84:d1:ad:f1:48:0d:57:60:
e4:b0:10:e3:b1:82:e0:a1:f1:22:92:ee:cb:87:a8:
95:8c:33:4f:40:7a:44:2f:11:eb:c8:97:68:da:66:
c3:7a:34:97:38:99:6b:55:76:85:00:7f:95:78:71:
de:39:15:f3:95:59:a0:eb:e2:80:1b:5e:89:84:9e:
2c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:46:8E:A3:A7:AD:97:5A:80:CB:3C:40:FD:00:74:F6:20:80:62:77
X509v3 Authority Key Identifier:
keyid:CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/lUaOo6etl1qAyzxA_QB09iCAYnc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:3d80::/32
Signature Algorithm: sha256WithRSAEncryption
a1:9a:f5:bd:5a:af:ef:bd:10:50:cd:ef:fa:8f:6a:cd:c7:61:
fb:07:e2:bc:e6:82:af:e4:e6:7f:40:80:31:67:a7:1a:80:83:
32:d4:c0:5e:2f:0e:98:32:7f:4d:c8:39:52:c8:44:63:42:4d:
e5:2c:01:ec:ee:fc:fd:8c:e7:35:e1:e0:28:00:6d:eb:dd:79:
1c:6a:23:4e:48:61:9d:3d:78:3f:7c:af:9c:88:dd:68:a6:31:
4f:49:f2:cb:6e:94:c5:2a:a3:0c:10:3e:b6:09:c3:c0:27:c1:
ba:92:bf:06:44:ae:1e:2c:92:bc:22:29:5f:0d:40:92:ec:c4:
c4:05:2a:db:d9:aa:18:14:7a:5b:df:d6:31:fc:39:ab:ec:98:
d3:91:71:97:5f:d2:58:ca:56:45:1b:11:38:bc:6b:2d:88:33:
c5:c3:cf:fb:31:17:37:5a:e4:5e:ba:2a:6b:77:70:d9:84:af:
c8:e4:17:6e:7b:3d:c4:74:f4:36:21:e1:5f:d5:62:80:4d:7a:
b8:f3:cb:70:c8:79:ba:ec:5d:1a:3e:15:c2:13:c8:70:99:78:
3a:99:37:c4:18:ed:6d:f9:11:38:e4:b0:19:d9:39:97:b8:6c:
e8:f0:75:b8:39:ac:c7:28:6c:05:9c:d0:07:2b:1f:26:0a:6e:
cf:dc:26:80
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEWQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0M4
Q0Y3MjZGMjMyMzI5OTEwODc0NEQ2OTMwQkVGMThENjc3NDQ1RDAeFw0yNDA1MjQw
MjI1MjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk1NDY4RUEzQTdBRDk3
NUE4MENCM0M0MEZEMDA3NEY2MjA4MDYyNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt96y2RCPKf7LK7md/Tw/Y4wbhnSjm4qUtvzMoxshAAy1K9Pxb
z7C/10zg1f+Ph8t2M1ofYK6GOq2EahwknZbRFHWPFFRPmwqFm+jRc5WZ1byktgby
xtqtvfsdGshb3h/uUad72iMEZab/MigokpOVUaGNlstWeeqCCakEGLqx8yz2+ihZ
U8XfTQ3jZWXyOSiJDPsKaGZVVkbCBOdK2EVJlUmPaQaPUCZ/6AsKwaKj9jATZqwY
Wc/BemWE0a3xSA1XYOSwEOOxguCh8SKS7suHqJWMM09AekQvEevIl2jaZsN6NJc4
mWtVdoUAf5V4cd45FfOVWaDr4oAbXomEniznAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUlUaOo6etl1qAyzxA/QB09iCAYncwHwYDVR0jBBgwFoAUzIz3JvIyMpkQh0TW
kwvvGNZ3RF0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3
L3pJejNKdkl5TXBrUWgwVFdrd3Z2R05aM1JGMC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvekl6M0p2SXlNcGtRaDBUV2t3dnZHTlozUkYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3L2xVYU9vNmV0bDFxQXl6
eEFfUUIwOWlDQVluYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD
BQAkAz2AMA0GCSqGSIb3DQEBCwUAA4IBAQChmvW9Wq/vvRBQze/6j2rNx2H7B+K8
5oKv5OZ/QIAxZ6cagIMy1MBeLw6YMn9NyDlSyERjQk3lLAHs7vz9jOc14eAoAG3r
3XkcaiNOSGGdPXg/fK+ciN1opjFPSfLLbpTFKqMMED62CcPAJ8G6kr8GRK4eLJK8
IilfDUCS7MTEBSrb2aoYFHpb39Yx/Dmr7JjTkXGXX9JYylZFGxE4vGstiDPFw8/7
MRc3WuReuiprd3DZhK/I5Bduez3EdPQ2IeFf1WKATXq488twyHm67F0aPhXCE8hw
mXg6mTfEGO1t+RE45LAZ2TmXuGzo8HW4OazHKGwFnNAHKx8mCm7P3CaA
-----END CERTIFICATE-----
Generated at Tue Jul 23 07:10:28 2024 by rpki-client on console-ams.rpki-client.org