Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/4ltKshh3j8DvwMWSct_TOyqk5mI.roa
File: 4ltKshh3j8DvwMWSct_TOyqk5mI.roa (raw, json)
Hash identifier: fhPz4UALyCGzhcsIx+ycVPHkBzjfofTdB57hUUx+qU0=
Subject key identifier: E2:5B:4A:B2:18:77:8F:C0:EF:C0:C5:92:72:DF:D3:3B:2A:A4:E6:62
Certificate issuer: /CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Certificate serial: 0109
Authority key identifier: 0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/4ltKshh3j8DvwMWSct_TOyqk5mI.roa
Signing time: Wed 29 Nov 2023 05:39:24 +0000
ROA not before: Wed 29 Nov 2023 05:39:24 +0000
ROA not after: Thu 10 Oct 2024 06:10:11 +0000
asID: 63567
IP address blocks: 43.241.50.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 22 Jan 2024 01:38:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 265 (0x109)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Validity
Not Before: Nov 29 05:39:24 2023 GMT
Not After : Oct 10 06:10:11 2024 GMT
Subject: CN=E25B4AB218778FC0EFC0C59272DFD33B2AA4E662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8e:02:b4:fd:f3:bb:f3:05:9c:a2:b0:fe:a7:
1f:ac:11:8d:b3:da:e3:ce:5c:73:d3:9b:ae:23:c1:
4e:8b:bb:95:85:58:c3:7f:85:91:d1:a5:62:08:6a:
39:14:df:83:83:90:83:c3:c2:44:fc:2a:c9:56:18:
c7:03:86:f1:30:43:d7:ed:b4:fa:3f:84:a4:66:f5:
ff:50:7d:cd:82:4f:da:ca:90:ae:70:31:73:e1:05:
87:31:eb:b6:a6:f4:02:44:be:32:46:7d:06:cc:b6:
04:da:74:c0:e3:f8:c7:f6:ee:82:7f:0c:97:d4:41:
65:c2:e5:aa:8d:99:a3:a6:52:b1:17:83:a2:0e:9e:
59:33:b8:38:97:f3:17:54:91:ab:aa:55:ed:01:ea:
3e:06:b9:8b:d3:ad:9d:c1:94:00:93:d3:0b:01:99:
2d:41:9c:a6:06:00:a8:c2:ce:71:0b:8b:bb:f4:0c:
37:bf:7c:82:6d:27:0c:32:2c:bd:f0:b2:36:81:58:
3a:6f:f5:d7:c5:82:bd:94:44:8c:0d:26:c3:6d:fe:
01:62:9e:83:33:04:66:f4:42:f7:3b:61:66:2f:f3:
16:38:b5:dd:6b:42:f3:25:01:e7:b7:b7:12:59:53:
f7:4a:28:c0:03:c4:f1:72:ea:78:01:ac:aa:3e:9f:
c6:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:5B:4A:B2:18:77:8F:C0:EF:C0:C5:92:72:DF:D3:3B:2A:A4:E6:62
X509v3 Authority Key Identifier:
keyid:0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/DuhjrFcK7qH5ML6l52qufdVTgE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/4ltKshh3j8DvwMWSct_TOyqk5mI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.50.0/23
Signature Algorithm: sha256WithRSAEncryption
37:d8:1f:93:d7:fc:77:d1:0f:67:dc:2e:21:8b:2a:8f:c9:a3:
00:92:b3:ba:b6:cf:be:12:79:2d:37:bc:32:b6:e2:bd:7d:4a:
cc:84:58:29:63:01:51:6b:64:d9:78:42:a4:06:0a:58:37:01:
88:c5:2a:a9:e0:71:6a:e8:f7:44:c0:db:58:a0:a2:9e:dc:90:
7d:e5:d6:54:b3:55:78:b1:59:5f:69:d6:3e:db:66:f7:04:e3:
a1:14:6d:9b:25:09:dd:9a:5b:4e:46:17:28:35:1f:88:b2:96:
97:1f:78:a5:16:9a:26:44:59:a7:f4:97:d3:e2:0a:e8:b5:a6:
96:c0:a3:4e:70:4f:88:71:8d:56:38:4a:88:43:4a:16:6a:79:
91:21:60:ef:90:68:f7:e9:13:7b:c0:e3:37:6b:1d:9a:a3:1b:
7c:1c:3a:94:e0:44:48:70:99:a2:9b:e6:1a:bc:9b:4b:49:db:
13:22:c1:63:4b:64:f6:1c:0f:84:97:3b:ef:bd:9f:f3:f1:ad:
7c:00:4c:0d:67:e0:a8:03:f6:b4:30:37:3b:39:50:40:b4:2d:
1a:55:d7:c6:5e:61:c2:a9:8f:08:2b:2e:99:fb:ce:f0:67:47:
a2:58:39:bf:97:ff:f0:92:57:ab:6e:fa:60:74:da:c6:da:8b:
76:0d:d5:b7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAQkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVF
ODYzQUM1NzBBRUVBMUY5MzBCRUE1RTc2QUFFN0RENTUzODA0RTAeFw0yMzExMjkw
NTM5MjRaFw0yNDEwMTAwNjEwMTFaMDMxMTAvBgNVBAMTKEUyNUI0QUIyMTg3NzhG
QzBFRkMwQzU5MjcyREZEMzNCMkFBNEU2NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLjgK0/fO78wWcorD+px+sEY2z2uPOXHPTm64jwU6Lu5WFWMN/
hZHRpWIIajkU34ODkIPDwkT8KslWGMcDhvEwQ9fttPo/hKRm9f9Qfc2CT9rKkK5w
MXPhBYcx67am9AJEvjJGfQbMtgTadMDj+Mf27oJ/DJfUQWXC5aqNmaOmUrEXg6IO
nlkzuDiX8xdUkauqVe0B6j4GuYvTrZ3BlACT0wsBmS1BnKYGAKjCznELi7v0DDe/
fIJtJwwyLL3wsjaBWDpv9dfFgr2URIwNJsNt/gFinoMzBGb0Qvc7YWYv8xY4td1r
QvMlAee3txJZU/dKKMADxPFy6ngBrKo+n8ZLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU4ltKshh3j8DvwMWSct/TOyqk5mIwHwYDVR0jBBgwFoAUDuhjrFcK7qH5ML6l
52qufdVTgE4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
L0R1aGpyRmNLN3FINU1MNmw1MnF1ZmRWVGdFNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvRHVoanJGY0s3cUg1TUw2bDUycXVmZFZUZ0U0LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwLzRsdEtzaGgzajhEdndN
V1NjdF9UT3lxazVtSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAEr8TIwDQYJKoZIhvcNAQELBQADggEBADfYH5PX/HfRD2fcLiGLKo/JowCSs7q2
z74SeS03vDK24r19SsyEWCljAVFrZNl4QqQGClg3AYjFKqngcWro90TA21igop7c
kH3l1lSzVXixWV9p1j7bZvcE46EUbZslCd2aW05GFyg1H4iylpcfeKUWmiZEWaf0
l9PiCui1ppbAo05wT4hxjVY4SohDShZqeZEhYO+QaPfpE3vA4zdrHZqjG3wcOpTg
REhwmaKb5hq8m0tJ2xMiwWNLZPYcD4SXO++9n/PxrXwATA1n4KgD9rQwNzs5UEC0
LRpV18ZeYcKpjwgrLpn7zvBnR6JYOb+X//CSV6tu+mB02sbai3YN1bc=
-----END CERTIFICATE-----
Generated at Mon Jan 22 04:52:39 2024 by rpki-client on console-fra.rpki-client.org