Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/GH7-eBXdzAKbW_bzb04EqcilVXc.roa
File: GH7-eBXdzAKbW_bzb04EqcilVXc.roa (raw, json)
Hash identifier: UORSUuiqb91Qo5vNbUzJis4/a++EvGrvFTSuITlaba8=
Subject key identifier: 18:7E:FE:78:15:DD:CC:02:9B:5B:F6:F3:6F:4E:04:A9:C8:A5:55:77
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 1144
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/GH7-eBXdzAKbW_bzb04EqcilVXc.roa
Signing time: Wed 24 May 2023 03:53:32 +0000
ROA not before: Wed 24 May 2023 03:53:32 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 58466
IP address blocks: 2401:3480:3000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4420 (0x1144)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: May 24 03:53:32 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=187EFE7815DDCC029B5BF6F36F4E04A9C8A55577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ed:bb:29:7e:0f:e3:0f:1d:c4:f7:f7:71:3c:
8b:e4:31:da:01:8a:0c:42:a0:7b:82:a6:54:a7:b1:
94:6d:f3:b5:27:39:87:5a:9d:48:1c:ed:58:2b:52:
6f:2b:90:b0:a7:78:c0:1f:55:3a:8c:44:18:5d:5a:
81:10:d7:3a:87:20:0f:a9:f5:f3:b6:d8:7e:38:82:
d8:5d:39:01:1d:0a:c5:1e:53:40:6e:35:0c:e2:f4:
6d:72:41:56:b9:4e:1c:1d:aa:98:dd:29:93:60:2e:
c9:9b:cb:34:cd:f1:56:55:14:0c:c4:e8:bd:29:fa:
78:8e:18:63:a7:f0:46:8f:38:e0:95:ea:a7:98:4a:
80:4f:a2:9b:eb:90:6f:de:19:64:1e:e0:20:26:f6:
01:29:e0:03:bc:3d:7d:b2:43:3d:04:fc:10:ba:3e:
c8:15:5e:9c:5f:04:65:93:1f:73:1f:29:22:f1:69:
ea:b3:ee:6c:6e:dc:bd:05:71:95:ef:d0:65:65:85:
35:fb:b4:a9:54:35:59:2d:15:13:51:cb:2a:cd:7d:
46:16:eb:e0:7b:90:e4:99:58:ba:e3:e6:e9:2a:bc:
d7:3d:0b:c2:88:83:b5:0a:94:dd:dc:cf:15:42:7d:
cf:54:24:10:78:6e:a7:ee:ae:c6:4c:b2:33:02:a2:
1e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:7E:FE:78:15:DD:CC:02:9B:5B:F6:F3:6F:4E:04:A9:C8:A5:55:77
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/GH7-eBXdzAKbW_bzb04EqcilVXc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:3480:3000::/36
Signature Algorithm: sha256WithRSAEncryption
5b:21:82:54:3f:c1:c9:75:23:a6:4c:8a:fc:52:48:b9:5d:99:
5e:b5:f9:b9:cd:e5:a5:ea:72:32:91:cc:86:83:32:2d:97:63:
5a:1e:48:cf:88:e8:1c:a7:99:69:c0:1c:72:e5:cb:ac:0a:86:
0c:57:19:8a:8b:67:df:ee:dd:5a:9a:75:e0:17:7f:7a:eb:05:
37:1d:d0:4d:06:90:b4:a9:35:c4:e8:e9:c4:0a:d0:f0:d2:4d:
6a:1b:16:6a:b8:61:75:93:de:69:a3:3e:a5:04:1f:9f:55:d9:
3e:f2:71:ff:af:f6:73:b3:9c:5e:9f:8c:ac:23:fe:b5:f8:46:
9d:d7:72:51:0e:8e:0b:ff:aa:38:41:a2:1e:6d:cc:75:53:4e:
07:13:1d:e8:cf:4e:6e:23:78:9e:8e:e2:fa:36:8d:36:1a:af:
91:de:30:91:ba:6a:73:18:cf:1b:5c:fa:b5:e8:f7:0c:4c:9c:
72:84:fb:0c:70:70:85:dc:40:7c:43:f2:98:0c:b5:8b:37:fd:
77:1f:21:06:a1:ce:4b:71:11:c5:55:88:20:9d:d3:ef:a7:4f:
d2:48:d7:2c:fc:3d:ee:23:29:02:2b:e5:f3:87:5f:74:10:9f:
0c:28:7a:40:a9:2f:b2:1f:71:14:ad:48:5e:59:2a:d5:8c:d9:
66:73:38:40
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEUQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yMzA1MjQw
MzUzMzJaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDE4N0VGRTc4MTVEREND
MDI5QjVCRjZGMzZGNEUwNEE5QzhBNTU1NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDY7bspfg/jDx3E9/dxPIvkMdoBigxCoHuCplSnsZRt87UnOYda
nUgc7VgrUm8rkLCneMAfVTqMRBhdWoEQ1zqHIA+p9fO22H44gthdOQEdCsUeU0Bu
NQzi9G1yQVa5ThwdqpjdKZNgLsmbyzTN8VZVFAzE6L0p+niOGGOn8EaPOOCV6qeY
SoBPopvrkG/eGWQe4CAm9gEp4AO8PX2yQz0E/BC6PsgVXpxfBGWTH3MfKSLxaeqz
7mxu3L0FcZXv0GVlhTX7tKlUNVktFRNRyyrNfUYW6+B7kOSZWLrj5ukqvNc9C8KI
g7UKlN3czxVCfc9UJBB4bqfursZMsjMCoh7pAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUGH7+eBXdzAKbW/bzb04EqcilVXcwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0dINy1lQlhkekFLYldf
YnpiMDRFcWNpbFZYYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgD
BgQkATSAMDANBgkqhkiG9w0BAQsFAAOCAQEAWyGCVD/ByXUjpkyK/FJIuV2ZXrX5
uc3lpepyMpHMhoMyLZdjWh5Iz4joHKeZacAccuXLrAqGDFcZiotn3+7dWpp14Bd/
eusFNx3QTQaQtKk1xOjpxArQ8NJNahsWarhhdZPeaaM+pQQfn1XZPvJx/6/2c7Oc
Xp+MrCP+tfhGnddyUQ6OC/+qOEGiHm3MdVNOBxMd6M9ObiN4no7i+jaNNhqvkd4w
kbpqcxjPG1z6tej3DEyccoT7DHBwhdxAfEPymAy1izf9dx8hBqHOS3ERxVWIIJ3T
76dP0kjXLPw97iMpAivl84dfdBCfDCh6QKkvsh9xFK1IXlkq1YzZZnM4QA==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:11:40 2024 by rpki-client on console-ams.rpki-client.org