Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/848/GkWxobUwKdjSybXvU_kTrXPNIak.roa
File: GkWxobUwKdjSybXvU_kTrXPNIak.roa (raw, json)
Hash identifier: d3AHBZ6l8cLAs57k99I82+7ALIdcP6aL3u7XAtwxZ60=
Subject key identifier: 1A:45:B1:A1:B5:30:29:D8:D2:C9:B5:EF:53:F9:13:AD:73:CD:21:A9
Certificate issuer: /CN=4716CB5B4481EC13AEDD40B2C302C50F601AF77D
Certificate serial: 1253
Authority key identifier: 47:16:CB:5B:44:81:EC:13:AE:DD:40:B2:C3:02:C5:0F:60:1A:F7:7D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RxbLW0SB7BOu3UCywwLFD2Aa930.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/GkWxobUwKdjSybXvU_kTrXPNIak.roa
Signing time: Wed 24 May 2023 03:53:53 +0000
ROA not before: Wed 24 May 2023 03:53:53 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 59000
IP address blocks: 2401:5180::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4691 (0x1253)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4716CB5B4481EC13AEDD40B2C302C50F601AF77D
Validity
Not Before: May 24 03:53:53 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=1A45B1A1B53029D8D2C9B5EF53F913AD73CD21A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:21:50:8a:23:f5:d7:04:4a:cc:56:40:c0:40:
e1:36:20:12:64:16:21:66:00:1b:04:ba:02:ee:81:
02:ab:9b:1d:48:37:a7:a3:ce:d2:87:79:2d:8b:b6:
33:f3:93:c0:d8:e4:77:82:5b:2b:20:aa:81:51:58:
d3:04:d6:74:f7:11:a9:c0:77:da:69:d4:68:b6:a9:
fd:57:31:f4:9c:5a:25:90:6d:40:7f:91:c0:a7:ca:
5f:bf:01:6f:a9:8a:3c:95:29:25:7b:ea:f9:6a:ce:
2b:fc:af:9b:31:de:bf:23:69:42:06:9f:93:18:a0:
64:51:8b:df:63:73:82:2c:35:8f:db:4c:50:3e:d6:
ce:e2:0c:af:20:58:be:17:eb:2d:37:52:60:11:0f:
c7:20:ec:d0:96:f5:b2:24:20:ac:f2:42:11:de:b9:
00:53:fd:a7:c6:8c:bc:c4:63:51:e3:e5:c8:9f:b1:
3b:54:2a:31:ee:32:e1:fa:2b:14:11:b0:6a:7a:c9:
5d:26:c5:68:dd:51:2a:95:ef:97:77:87:94:b4:04:
6b:07:7e:f8:9b:3e:c2:cd:08:10:db:72:74:da:f2:
7b:02:31:3e:17:a3:1f:36:a9:7e:2c:bc:1b:4a:f3:
91:c9:81:87:44:79:53:7b:b8:bc:a9:3a:8a:eb:11:
a7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:45:B1:A1:B5:30:29:D8:D2:C9:B5:EF:53:F9:13:AD:73:CD:21:A9
X509v3 Authority Key Identifier:
keyid:47:16:CB:5B:44:81:EC:13:AE:DD:40:B2:C3:02:C5:0F:60:1A:F7:7D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/RxbLW0SB7BOu3UCywwLFD2Aa930.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RxbLW0SB7BOu3UCywwLFD2Aa930.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/GkWxobUwKdjSybXvU_kTrXPNIak.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:5180::/32
Signature Algorithm: sha256WithRSAEncryption
20:6e:e1:f2:fd:37:8a:ae:5d:21:83:2e:98:b7:8e:ae:fc:3d:
fc:d0:e5:7b:74:6d:18:53:95:6e:02:e3:6b:12:25:d7:ec:6b:
26:ae:0a:e2:22:f5:59:0a:21:71:8a:c8:c6:2c:bf:43:4e:83:
34:e9:9e:1e:2f:aa:b1:d2:19:75:c9:d6:04:c2:e7:cb:0f:8a:
04:f2:04:a7:7f:2d:fb:bc:05:57:10:49:9c:5c:0c:bc:b3:0d:
19:f5:67:b6:45:17:96:a8:c5:2b:1d:2c:b4:5d:89:54:84:00:
f7:13:82:f4:ca:71:e9:11:83:bc:12:d3:44:b0:a4:d5:9d:3d:
b2:22:e3:d7:52:48:96:75:48:59:68:a2:a1:d4:1a:71:ff:97:
ab:5c:55:94:7d:ef:99:ae:78:0e:74:9c:bf:ac:01:62:3a:67:
b3:3d:f3:e4:14:a6:14:ca:03:de:d8:93:7a:f9:f1:cc:d8:28:
c6:05:e1:05:af:1f:e5:85:6e:e7:f8:ae:c5:cb:5c:de:9d:6c:
7a:d5:6b:f2:10:81:20:bc:57:e6:b4:c1:96:4e:df:2b:e6:4e:
0f:9f:97:0e:7c:93:0d:51:52:a8:ce:e4:7a:be:84:ee:df:20:
f6:51:36:b5:94:7a:47:a0:b4:ed:35:1c:2b:04:20:7e:c2:a5:
f8:b6:a7:03
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICElMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDcx
NkNCNUI0NDgxRUMxM0FFREQ0MEIyQzMwMkM1MEY2MDFBRjc3RDAeFw0yMzA1MjQw
MzUzNTNaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDFBNDVCMUExQjUzMDI5
RDhEMkM5QjVFRjUzRjkxM0FENzNDRDIxQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8IVCKI/XXBErMVkDAQOE2IBJkFiFmABsEugLugQKrmx1IN6ej
ztKHeS2LtjPzk8DY5HeCWysgqoFRWNME1nT3EanAd9pp1Gi2qf1XMfScWiWQbUB/
kcCnyl+/AW+pijyVKSV76vlqziv8r5sx3r8jaUIGn5MYoGRRi99jc4IsNY/bTFA+
1s7iDK8gWL4X6y03UmARD8cg7NCW9bIkIKzyQhHeuQBT/afGjLzEY1Hj5cifsTtU
KjHuMuH6KxQRsGp6yV0mxWjdUSqV75d3h5S0BGsHfvibPsLNCBDbcnTa8nsCMT4X
ox82qX4svBtK85HJgYdEeVN7uLypOorrEacZAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUGkWxobUwKdjSybXvU/kTrXPNIakwHwYDVR0jBBgwFoAURxbLW0SB7BOu3UCy
wwLFD2Aa930wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODQ4
L1J4YkxXMFNCN0JPdTNVQ3l3d0xGRDJBYTkzMC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvUnhiTFcwU0I3Qk91M1VDeXd3TEZEMkFhOTMwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODQ4L0drV3hvYlV3S2RqU3li
WHZVX2tUclhQTklhay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD
BQAkAVGAMA0GCSqGSIb3DQEBCwUAA4IBAQAgbuHy/TeKrl0hgy6Yt46u/D380OV7
dG0YU5VuAuNrEiXX7GsmrgriIvVZCiFxisjGLL9DToM06Z4eL6qx0hl1ydYEwufL
D4oE8gSnfy37vAVXEEmcXAy8sw0Z9We2RReWqMUrHSy0XYlUhAD3E4L0ynHpEYO8
EtNEsKTVnT2yIuPXUkiWdUhZaKKh1Bpx/5erXFWUfe+ZrngOdJy/rAFiOmezPfPk
FKYUygPe2JN6+fHM2CjGBeEFrx/lhW7n+K7Fy1zenWx61WvyEIEgvFfmtMGWTt8r
5k4Pn5cOfJMNUVKozuR6voTu3yD2UTa1lHpHoLTtNRwrBCB+wqX4tqcD
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:11:40 2024 by rpki-client on console-ams.rpki-client.org