Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/848/EbvfBATUNfEbZX2ASykMeuvATl4.roa
File: EbvfBATUNfEbZX2ASykMeuvATl4.roa (raw, json)
Hash identifier: CpHdnRShgRJ7HLD5oazLy+dcszhwUVEYoOW8KIsnbRE=
Subject key identifier: 11:BB:DF:04:04:D4:35:F1:1B:65:7D:80:4B:29:0C:7A:EB:C0:4E:5E
Certificate issuer: /CN=4716CB5B4481EC13AEDD40B2C302C50F601AF77D
Certificate serial: 1252
Authority key identifier: 47:16:CB:5B:44:81:EC:13:AE:DD:40:B2:C3:02:C5:0F:60:1A:F7:7D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RxbLW0SB7BOu3UCywwLFD2Aa930.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/EbvfBATUNfEbZX2ASykMeuvATl4.roa
Signing time: Wed 24 May 2023 03:53:53 +0000
ROA not before: Wed 24 May 2023 03:53:53 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 31216
IP address blocks: 2401:5180::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4690 (0x1252)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4716CB5B4481EC13AEDD40B2C302C50F601AF77D
Validity
Not Before: May 24 03:53:53 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=11BBDF0404D435F11B657D804B290C7AEBC04E5E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:44:9b:12:80:43:a9:a9:2d:0f:cc:fa:80:a5:
1f:0e:14:bf:9f:c9:27:8a:20:55:2a:75:ef:5b:8d:
76:5d:bb:8d:9e:1c:ab:a2:e3:68:fb:d7:aa:9f:30:
80:9a:39:34:0c:21:11:2d:7a:79:59:82:9f:b3:60:
0d:fc:a9:37:98:b5:ad:c3:77:5d:42:f8:ca:4b:a2:
5c:d8:c1:d8:e9:a1:88:e4:b9:64:ef:31:de:ef:dd:
7c:2e:8c:6f:6b:53:68:15:f0:af:b6:7a:05:63:fa:
c4:e1:91:5e:25:fc:13:7f:2d:8d:1c:00:48:98:01:
88:93:8d:90:63:6f:d1:ca:8a:9b:b9:ce:f3:b4:a4:
ed:6d:69:c3:58:18:97:92:ae:11:50:5b:bd:10:7f:
ee:a8:29:7c:fa:99:d2:12:05:11:db:1a:d4:4a:d2:
8c:66:d1:f0:23:77:81:68:3e:8f:5f:c6:97:0b:0c:
80:5e:f3:aa:2c:6b:a7:54:1b:95:0f:04:57:ef:1e:
90:0c:55:52:d6:72:96:5c:06:f4:c3:4f:96:10:38:
4a:e1:16:d4:f0:9f:71:a8:ce:79:9e:e2:a7:f6:5e:
a9:b3:6c:2c:d5:6a:01:08:5c:65:a9:4d:d4:dc:9b:
8b:3f:65:be:23:95:e0:5a:59:1c:f2:26:33:f1:94:
b2:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:BB:DF:04:04:D4:35:F1:1B:65:7D:80:4B:29:0C:7A:EB:C0:4E:5E
X509v3 Authority Key Identifier:
keyid:47:16:CB:5B:44:81:EC:13:AE:DD:40:B2:C3:02:C5:0F:60:1A:F7:7D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/RxbLW0SB7BOu3UCywwLFD2Aa930.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RxbLW0SB7BOu3UCywwLFD2Aa930.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/EbvfBATUNfEbZX2ASykMeuvATl4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:5180::/32
Signature Algorithm: sha256WithRSAEncryption
85:ec:a6:72:09:dd:0e:a7:d4:2e:44:3d:24:35:13:d2:13:34:
ba:45:13:93:f1:46:1c:6b:90:a7:aa:c2:e4:0b:59:2d:9c:5b:
89:ae:2f:ee:b5:6c:d4:f1:11:f8:22:46:a8:04:fb:3b:39:bc:
77:81:67:9a:a4:65:f9:66:4a:0a:84:dc:c9:6f:85:a3:a2:a0:
9a:94:07:f4:6a:91:4d:82:55:3a:fd:a0:25:24:f8:f8:09:1a:
5c:73:8d:e0:dc:30:e6:6d:76:ee:31:d7:ab:17:e8:9b:3e:d3:
70:da:51:d1:ab:ac:74:db:49:4a:b6:19:2b:4b:8a:2c:e6:f0:
90:36:ec:a3:b1:29:ff:da:24:42:e2:0c:37:60:13:f6:31:d6:
a4:41:9f:3e:a3:e0:9b:95:1e:2f:59:8d:0f:57:2a:1c:6c:76:
9b:85:ed:e4:98:0f:3d:fb:7f:e9:07:a1:1b:8b:37:27:cf:89:
08:dc:a2:96:02:25:39:78:cd:c6:34:74:31:b8:66:dd:84:0c:
78:18:19:72:cd:54:bf:98:fc:84:62:ea:d3:34:ec:3d:7b:46:
c1:35:30:9f:6e:8b:ad:2d:48:18:37:a7:68:08:c8:fb:c7:97:
bd:28:30:09:65:08:54:6e:ea:ae:dd:86:8e:44:a2:12:ba:7b:
77:a9:b1:62
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICElIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDcx
NkNCNUI0NDgxRUMxM0FFREQ0MEIyQzMwMkM1MEY2MDFBRjc3RDAeFw0yMzA1MjQw
MzUzNTNaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDExQkJERjA0MDRENDM1
RjExQjY1N0Q4MDRCMjkwQzdBRUJDMDRFNUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4RJsSgEOpqS0PzPqApR8OFL+fySeKIFUqde9bjXZdu42eHKui
42j716qfMICaOTQMIREtenlZgp+zYA38qTeYta3Dd11C+MpLolzYwdjpoYjkuWTv
Md7v3XwujG9rU2gV8K+2egVj+sThkV4l/BN/LY0cAEiYAYiTjZBjb9HKipu5zvO0
pO1tacNYGJeSrhFQW70Qf+6oKXz6mdISBRHbGtRK0oxm0fAjd4FoPo9fxpcLDIBe
86osa6dUG5UPBFfvHpAMVVLWcpZcBvTDT5YQOErhFtTwn3Goznme4qf2XqmzbCzV
agEIXGWpTdTcm4s/Zb4jleBaWRzyJjPxlLINAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUEbvfBATUNfEbZX2ASykMeuvATl4wHwYDVR0jBBgwFoAURxbLW0SB7BOu3UCy
wwLFD2Aa930wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODQ4
L1J4YkxXMFNCN0JPdTNVQ3l3d0xGRDJBYTkzMC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvUnhiTFcwU0I3Qk91M1VDeXd3TEZEMkFhOTMwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODQ4L0VidmZCQVRVTmZFYlpY
MkFTeWtNZXV2QVRsNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD
BQAkAVGAMA0GCSqGSIb3DQEBCwUAA4IBAQCF7KZyCd0Op9QuRD0kNRPSEzS6RROT
8UYca5CnqsLkC1ktnFuJri/utWzU8RH4IkaoBPs7Obx3gWeapGX5ZkoKhNzJb4Wj
oqCalAf0apFNglU6/aAlJPj4CRpcc43g3DDmbXbuMderF+ibPtNw2lHRq6x020lK
thkrS4os5vCQNuyjsSn/2iRC4gw3YBP2MdakQZ8+o+CblR4vWY0PVyocbHabhe3k
mA89+3/pB6Ebizcnz4kI3KKWAiU5eM3GNHQxuGbdhAx4GBlyzVS/mPyEYurTNOw9
e0bBNTCfboutLUgYN6doCMj7x5e9KDAJZQhUbuqu3YaORKISunt3qbFi
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org