Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/Ke1FOgb1_eE0rvUuvgNpAA5Y2Ws.roa
File: Ke1FOgb1_eE0rvUuvgNpAA5Y2Ws.roa (raw, json)
Hash identifier: 4agCgoR84fT08XkK0uAnm3+cTa+A3ChMeRQAPseh1cg=
Subject key identifier: 29:ED:45:3A:06:F5:FD:E1:34:AE:F5:2E:BE:03:69:00:0E:58:D9:6B
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 1145
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/Ke1FOgb1_eE0rvUuvgNpAA5Y2Ws.roa
Signing time: Wed 24 May 2023 03:53:32 +0000
ROA not before: Wed 24 May 2023 03:53:32 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 59077
IP address blocks: 2401:3480::/36 maxlen: 36
2401:3480:2000::/36 maxlen: 36
2401:3480:3000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4421 (0x1145)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: May 24 03:53:32 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=29ED453A06F5FDE134AEF52EBE0369000E58D96B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:13:c8:ce:56:10:1f:d1:0e:3d:f6:f3:88:34:
b6:94:87:1d:98:6a:0f:ac:ca:ec:4f:fa:99:3a:46:
82:ce:74:42:2a:9b:f0:96:06:11:d1:d6:e4:ac:89:
94:89:1c:1c:91:06:6f:d6:87:78:b0:55:43:b2:dc:
f3:54:99:bd:6f:70:aa:92:7d:11:ff:3d:92:2a:4f:
8f:e8:65:a3:8a:d1:7f:88:25:26:1d:40:83:6e:b7:
c8:7a:22:08:20:a1:cb:b5:b3:ad:8f:56:9b:08:2d:
70:99:7f:1a:8b:1a:2f:0d:01:1c:c3:46:37:4a:20:
48:58:a1:6e:5c:a0:69:33:8b:ee:cb:15:11:c1:9c:
01:be:59:72:45:bc:ec:88:6d:7b:22:d1:bf:d5:a6:
09:a9:ee:68:89:72:08:58:fc:dc:9a:23:39:c0:23:
41:37:c1:a0:53:96:91:a8:57:62:db:f1:20:15:fa:
a2:07:5f:af:00:9d:62:bb:12:82:91:fb:08:c0:4b:
46:e6:92:f3:aa:e1:2f:9a:cb:a7:05:b0:5e:2a:34:
0e:84:42:66:a6:58:57:84:01:6e:33:9a:35:a6:7a:
ac:09:1e:d4:07:eb:62:68:52:ce:34:1c:f6:c9:bb:
36:bd:fd:66:b6:06:d1:28:db:24:69:9d:14:03:20:
47:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:ED:45:3A:06:F5:FD:E1:34:AE:F5:2E:BE:03:69:00:0E:58:D9:6B
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/Ke1FOgb1_eE0rvUuvgNpAA5Y2Ws.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:3480::/36
2401:3480:2000::/35
Signature Algorithm: sha256WithRSAEncryption
69:ba:90:0f:4e:ed:ac:7e:ae:b7:06:d1:bd:2c:8b:f1:0e:f0:
d4:5a:f9:82:8e:c1:50:b0:31:42:70:06:26:5e:75:61:32:10:
d2:ef:16:32:a5:25:05:88:45:a5:4a:90:78:6e:f7:63:cb:8b:
fb:5e:58:df:e1:4f:01:c2:8f:6b:06:07:1d:97:10:ac:d7:44:
ee:e6:0a:e0:2a:b2:98:e0:88:90:65:d1:01:23:8e:9f:13:9d:
4f:4c:a6:23:0b:13:30:48:6b:97:41:51:66:75:40:7a:48:f5:
42:32:0d:7d:a8:3d:b0:78:3a:44:46:df:dc:54:4a:0e:de:47:
51:f0:64:f2:2c:04:a4:d1:d5:66:9d:05:5f:4c:7e:44:52:70:
a4:54:be:0e:fe:7f:52:14:b8:db:9b:01:bd:4a:b7:dc:7c:bf:
c3:24:f1:5c:4b:58:62:35:d0:88:fe:15:4b:cb:fa:3e:a6:b1:
2d:55:cb:20:46:8f:3d:22:00:56:ae:23:73:3c:af:59:93:80:
af:f8:ac:f0:66:5d:0b:74:d6:b8:b5:f8:30:80:71:57:53:28:
bb:f8:19:7f:9e:cf:fd:01:d8:e4:f6:02:98:5d:37:f6:3b:d0:
f8:ab:3f:1b:da:ca:02:96:db:d5:a7:4d:14:95:bf:f8:69:cf:
bc:1c:e7:fc
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egAwIBAgICEUUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yMzA1MjQw
MzUzMzJaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDI5RUQ0NTNBMDZGNUZE
RTEzNEFFRjUyRUJFMDM2OTAwMEU1OEQ5NkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClE8jOVhAf0Q499vOINLaUhx2Yag+syuxP+pk6RoLOdEIqm/CW
BhHR1uSsiZSJHByRBm/Wh3iwVUOy3PNUmb1vcKqSfRH/PZIqT4/oZaOK0X+IJSYd
QINut8h6Igggocu1s62PVpsILXCZfxqLGi8NARzDRjdKIEhYoW5coGkzi+7LFRHB
nAG+WXJFvOyIbXsi0b/Vpgmp7miJcghY/NyaIznAI0E3waBTlpGoV2Lb8SAV+qIH
X68AnWK7EoKR+wjAS0bmkvOq4S+ay6cFsF4qNA6EQmamWFeEAW4zmjWmeqwJHtQH
62JoUs40HPbJuza9/Wa2BtEo2yRpnRQDIEdZAgMBAAGjggH7MIIB9zAdBgNVHQ4E
FgQUKe1FOgb1/eE0rvUuvgNpAA5Y2WswHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0tlMUZPZ2IxX2VFMHJ2
VXV2Z05wQUE1WTJXcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKQYIKwYBBQUHAQcBAf8EGjAYMBYEAgACMBAD
BgQkATSAAAMGBSQBNIAgMA0GCSqGSIb3DQEBCwUAA4IBAQBpupAPTu2sfq63BtG9
LIvxDvDUWvmCjsFQsDFCcAYmXnVhMhDS7xYypSUFiEWlSpB4bvdjy4v7Xljf4U8B
wo9rBgcdlxCs10Tu5grgKrKY4IiQZdEBI46fE51PTKYjCxMwSGuXQVFmdUB6SPVC
Mg19qD2weDpERt/cVEoO3kdR8GTyLASk0dVmnQVfTH5EUnCkVL4O/n9SFLjbmwG9
SrfcfL/DJPFcS1hiNdCI/hVLy/o+prEtVcsgRo89IgBWriNzPK9Zk4Cv+KzwZl0L
dNa4tfgwgHFXUyi7+Bl/ns/9Adjk9gKYXTf2O9D4qz8b2soCltvVp00Ulb/4ac+8
HOf8
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org