Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/-okArmeKABVobjuW9zw7TD_k_Co.roa
File: -okArmeKABVobjuW9zw7TD_k_Co.roa (raw, json)
Hash identifier: 2/ODQNpAQB7glQOiyjjg+RW2PwKxLvqnkJUU0M6jUbU=
Subject key identifier: FA:89:00:AE:67:8A:00:15:68:6E:3B:96:F7:3C:3B:4C:3F:E4:FC:2A
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 1142
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/-okArmeKABVobjuW9zw7TD_k_Co.roa
Signing time: Wed 24 May 2023 03:53:31 +0000
ROA not before: Wed 24 May 2023 03:53:31 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 23724
IP address blocks: 2401:3480::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4418 (0x1142)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: May 24 03:53:31 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=FA8900AE678A0015686E3B96F73C3B4C3FE4FC2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:1d:49:e5:b0:9b:93:e4:3b:44:28:e4:52:38:
3c:c8:00:e2:f7:a2:98:63:d7:cf:c1:ee:c6:2f:70:
97:ba:c8:18:8e:d2:35:60:f1:58:9c:52:a2:13:86:
c8:37:69:cb:22:45:74:7b:93:28:c8:12:8a:fe:be:
39:a5:b9:72:dd:c8:29:fd:1a:5b:79:6e:2e:90:de:
49:a9:6e:5c:bc:2e:df:2a:ee:63:6f:e3:93:07:8d:
c9:c1:54:8c:08:6f:9a:c7:35:c3:83:14:55:2d:19:
fa:4b:0c:dd:9b:79:17:b2:3a:8d:bf:4c:89:74:02:
14:32:2a:ed:39:38:38:d4:2e:cb:a5:32:73:82:af:
dd:e6:e6:ef:a4:55:6d:32:70:e8:e8:d0:b0:89:0a:
30:15:f4:bb:ab:38:c1:5f:ba:1a:b1:15:cd:5d:66:
0d:a4:84:fb:cc:d5:72:17:eb:58:ef:9e:f2:31:c0:
32:63:04:e3:61:dc:b3:d2:35:11:b4:10:85:05:0e:
72:bd:ea:88:9c:12:50:1a:15:f4:39:2a:2b:8f:49:
4f:3e:0b:c8:ba:7f:02:94:e1:b1:21:f3:c1:3d:5b:
be:16:d6:37:97:96:be:20:3c:cc:15:72:2a:3b:96:
84:4b:2c:c6:81:e8:da:3c:d3:da:04:7e:4d:0d:47:
a2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:89:00:AE:67:8A:00:15:68:6E:3B:96:F7:3C:3B:4C:3F:E4:FC:2A
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/-okArmeKABVobjuW9zw7TD_k_Co.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:3480::/36
Signature Algorithm: sha256WithRSAEncryption
6c:1c:3f:f6:f4:ed:4f:a3:84:d4:e2:c8:5b:c6:7a:be:b9:cf:
6f:75:67:d9:49:51:d5:3a:e0:81:28:02:92:e3:09:41:13:3c:
10:bf:fa:ff:dd:2e:1d:0d:d2:4a:ba:ed:7b:e8:55:30:71:af:
57:23:c0:68:67:f7:20:4a:12:98:04:e1:98:14:43:0a:fe:c0:
54:9e:f0:d8:bf:50:f5:f9:a0:ab:3f:fb:72:ea:52:e3:b1:fe:
cd:9f:cc:21:cb:43:a6:26:9c:d6:7c:ff:e7:e8:7c:6a:f9:7a:
d3:6e:fc:2d:c7:14:1e:50:ea:5d:3c:b7:7e:8e:cf:38:d6:be:
f9:7d:62:5f:4d:ec:32:2a:f7:45:75:21:f6:26:c9:40:24:87:
8a:8e:2f:5e:31:bc:70:5b:74:9c:ea:18:ff:5f:19:5b:5c:31:
74:6c:a7:ec:4f:30:53:e5:e8:13:a8:db:09:37:97:a6:35:f5:
98:8d:16:ef:71:1d:00:92:23:23:6d:95:36:a0:8b:3d:6b:51:
05:99:c9:12:67:06:56:32:1f:fc:e7:10:b6:1e:3d:03:59:42:
14:9a:b4:f1:f5:48:d6:ca:23:5f:31:24:a2:3c:c3:a9:c4:73:
2c:19:8c:63:99:98:ff:13:0e:13:8f:42:5a:67:2d:85:23:2b:
88:e5:37:3b
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEUIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yMzA1MjQw
MzUzMzFaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKEZBODkwMEFFNjc4QTAw
MTU2ODZFM0I5NkY3M0MzQjRDM0ZFNEZDMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkHUnlsJuT5DtEKORSODzIAOL3ophj18/B7sYvcJe6yBiO0jVg
8VicUqIThsg3acsiRXR7kyjIEor+vjmluXLdyCn9Glt5bi6Q3kmpbly8Lt8q7mNv
45MHjcnBVIwIb5rHNcODFFUtGfpLDN2beReyOo2/TIl0AhQyKu05ODjULsulMnOC
r93m5u+kVW0ycOjo0LCJCjAV9LurOMFfuhqxFc1dZg2khPvM1XIX61jvnvIxwDJj
BONh3LPSNRG0EIUFDnK96oicElAaFfQ5KiuPSU8+C8i6fwKU4bEh88E9W74W1jeX
lr4gPMwVcio7loRLLMaB6No809oEfk0NR6KHAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU+okArmeKABVobjuW9zw7TD/k/CowHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3Ly1va0FybWVLQUJWb2Jq
dVc5enc3VERfa19Dby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgD
BgQkATSAADANBgkqhkiG9w0BAQsFAAOCAQEAbBw/9vTtT6OE1OLIW8Z6vrnPb3Vn
2UlR1TrggSgCkuMJQRM8EL/6/90uHQ3SSrrte+hVMHGvVyPAaGf3IEoSmAThmBRD
Cv7AVJ7w2L9Q9fmgqz/7cupS47H+zZ/MIctDpiac1nz/5+h8avl60278LccUHlDq
XTy3fo7PONa++X1iX03sMir3RXUh9ibJQCSHio4vXjG8cFt0nOoY/18ZW1wxdGyn
7E8wU+XoE6jbCTeXpjX1mI0W73EdAJIjI22VNqCLPWtRBZnJEmcGVjIf/OcQth49
A1lCFJq08fVI1sojXzEkojzDqcRzLBmMY5mY/xMOE49CWmcthSMriOU3Ow==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:11:40 2024 by rpki-client on console-ams.rpki-client.org