Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/fKhg4Jw-OMdvbkjh3YA9fvNXao0.roa
File: fKhg4Jw-OMdvbkjh3YA9fvNXao0.roa (raw, json)
Hash identifier: hCRjC9GBYNNv1x6FErot67cPJk7skFT27jkwb+/VBHI=
Subject key identifier: 7C:A8:60:E0:9C:3E:38:C7:6F:6E:48:E1:DD:80:3D:7E:F3:57:6A:8D
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 0FBB
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/fKhg4Jw-OMdvbkjh3YA9fvNXao0.roa
Signing time: Mon 06 Mar 2023 13:36:55 +0000
ROA not before: Mon 06 Mar 2023 13:36:55 +0000
ROA not after: Sat 17 Feb 2024 02:46:59 +0000
asID: 23724
IP address blocks: 101.237.34.0/24 maxlen: 24
101.237.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Feb 2024 02:49:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4027 (0xfbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Mar 6 13:36:55 2023 GMT
Not After : Feb 17 02:46:59 2024 GMT
Subject: CN=7CA860E09C3E38C76F6E48E1DD803D7EF3576A8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:90:4d:2f:08:c9:98:d4:1f:eb:5b:85:99:0c:
01:26:d8:de:59:e5:c6:2f:63:7b:35:8f:e7:76:1f:
e7:c9:89:0b:0a:e2:cc:5d:89:59:28:3c:b0:f5:01:
00:33:fc:a7:37:0f:4a:68:15:a0:f9:47:82:c2:07:
7f:fe:22:23:d0:79:fd:86:a9:6c:69:2a:c0:6e:51:
f7:52:46:c4:70:08:6c:e8:91:46:dc:fb:20:50:c5:
6f:e3:f2:40:b0:22:63:e3:74:97:20:cf:c9:1c:fc:
2d:12:a3:19:fb:5e:c1:ea:b5:0e:1f:98:22:4b:05:
f7:8f:aa:9a:fb:17:ef:84:f8:fe:23:8c:2e:5b:7c:
07:d5:81:b7:9c:1d:08:70:b0:33:f4:fa:ee:11:a2:
2e:5f:cf:70:23:9d:00:98:63:89:9f:6e:aa:eb:d4:
b7:c2:59:11:85:b1:8c:ec:1d:a0:5e:5e:bc:63:b8:
0b:13:67:d8:60:b1:fc:ff:fc:41:9b:71:a5:63:f9:
14:d2:45:ec:fb:d6:5f:80:c5:bc:5e:63:23:64:64:
f1:a2:3f:b5:31:cc:ed:7d:42:b7:96:9a:8d:ac:73:
bb:ec:62:86:23:f1:01:0c:ae:e6:5b:65:51:11:17:
b8:87:41:a3:69:6c:5e:0a:d4:a9:e5:ed:65:9d:3f:
94:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:A8:60:E0:9C:3E:38:C7:6F:6E:48:E1:DD:80:3D:7E:F3:57:6A:8D
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/fKhg4Jw-OMdvbkjh3YA9fvNXao0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.237.34.0/24
101.237.37.0/24
Signature Algorithm: sha256WithRSAEncryption
38:a9:7c:25:99:8c:f6:ab:d0:ce:f7:0c:00:c9:dd:d3:4f:0e:
a5:6a:16:14:eb:9c:98:ce:14:ea:89:0c:17:90:a3:28:ff:66:
5d:a3:c9:b8:08:e8:a9:6e:86:f2:97:d8:ab:1c:5a:49:38:ea:
52:f3:e2:31:2c:b4:e0:7e:c3:85:a7:ad:b8:f8:4a:06:0e:5f:
86:d5:6f:0c:69:5a:6d:e8:43:ed:a6:e7:38:9e:a3:8d:b3:5f:
30:c0:7f:93:b5:15:33:80:a3:c1:e5:30:23:9c:83:fe:b2:3a:
84:9d:86:be:22:99:28:68:d9:6f:af:3a:7d:a9:90:45:60:a4:
b5:fa:ff:42:c1:8a:74:57:34:20:9f:0c:be:52:34:d5:18:c1:
6c:93:80:af:79:da:b4:67:46:b0:a1:ff:fb:d4:06:5f:cf:ef:
a6:7c:bd:7c:27:21:3c:32:a9:f8:9c:14:80:42:8c:e0:46:99:
9e:1b:2a:c0:fb:96:e4:2c:81:67:e1:90:45:c5:cc:72:29:0c:
bc:3c:f3:d7:b6:d2:89:1f:dc:a6:e2:f8:52:03:da:98:ed:d3:
48:8d:69:2b:9b:89:91:50:be:63:7c:6f:8b:c3:7f:41:96:8d:
13:a3:52:45:7a:99:88:d1:4c:eb:a0:3c:22:31:5a:eb:57:bb:
15:0f:d3:d1
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICD7swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yMzAzMDYx
MzM2NTVaFw0yNDAyMTcwMjQ2NTlaMDMxMTAvBgNVBAMTKDdDQTg2MEUwOUMzRTM4
Qzc2RjZFNDhFMUREODAzRDdFRjM1NzZBOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTkE0vCMmY1B/rW4WZDAEm2N5Z5cYvY3s1j+d2H+fJiQsK4sxd
iVkoPLD1AQAz/Kc3D0poFaD5R4LCB3/+IiPQef2GqWxpKsBuUfdSRsRwCGzokUbc
+yBQxW/j8kCwImPjdJcgz8kc/C0Soxn7XsHqtQ4fmCJLBfePqpr7F++E+P4jjC5b
fAfVgbecHQhwsDP0+u4Roi5fz3AjnQCYY4mfbqrr1LfCWRGFsYzsHaBeXrxjuAsT
Z9hgsfz//EGbcaVj+RTSRez71l+AxbxeYyNkZPGiP7UxzO19QreWmo2sc7vsYoYj
8QEMruZbZVERF7iHQaNpbF4K1Knl7WWdP5R7AgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUfKhg4Jw+OMdvbkjh3YA9fvNXao0wHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2ZLaGc0SnctT01kdmJr
amgzWUE5ZnZOWGFvMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BABl7SIDBABl7SUwDQYJKoZIhvcNAQELBQADggEBADipfCWZjPar0M73DADJ3dNP
DqVqFhTrnJjOFOqJDBeQoyj/Zl2jybgI6KluhvKX2KscWkk46lLz4jEstOB+w4Wn
rbj4SgYOX4bVbwxpWm3oQ+2m5zieo42zXzDAf5O1FTOAo8HlMCOcg/6yOoSdhr4i
mSho2W+vOn2pkEVgpLX6/0LBinRXNCCfDL5SNNUYwWyTgK952rRnRrCh//vUBl/P
76Z8vXwnITwyqficFIBCjOBGmZ4bKsD7luQsgWfhkEXFzHIpDLw889e20okf3Kbi
+FID2pjt00iNaSubiZFQvmN8b4vDf0GWjROjUkV6mYjRTOugPCIxWutXuxUP09E=
-----END CERTIFICATE-----
Generated at Sat Feb 3 06:16:26 2024 by rpki-client on console-ams.rpki-client.org