Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/wO28frlGR9sAwUXwIcMD_Al2vvw.roa
File: wO28frlGR9sAwUXwIcMD_Al2vvw.roa (raw, json)
Hash identifier: 4W1mXAZFN+Ru5Cf/7m76KqNNVSq76wLM6lUYC6pIXZE=
Subject key identifier: C0:ED:BC:7E:B9:46:47:DB:00:C1:45:F0:21:C3:03:FC:09:76:BE:FC
Certificate issuer: /CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Certificate serial: 0278
Authority key identifier: 0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/wO28frlGR9sAwUXwIcMD_Al2vvw.roa
Signing time: Thu 01 Feb 2024 03:55:39 +0000
ROA not before: Thu 01 Feb 2024 03:55:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 63567
IP address blocks: 43.248.176.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 29 Feb 2024 13:57:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 632 (0x278)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Validity
Not Before: Feb 1 03:55:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C0EDBC7EB94647DB00C145F021C303FC0976BEFC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:95:54:0f:67:80:65:94:a3:0e:73:7a:71:16:
ec:0f:1b:fc:5f:07:4f:78:4f:5b:1a:4a:9c:70:fa:
cd:8f:0b:d8:7a:03:45:44:1e:56:09:17:ce:5e:19:
6e:fc:50:c2:4b:82:d3:5e:99:93:f0:1d:4f:56:13:
21:8e:5a:ba:53:97:65:f1:bb:33:74:d8:d6:3b:0f:
f0:61:29:9b:63:6c:e1:58:84:02:a1:59:09:26:5f:
99:dc:44:1b:74:7c:2a:09:8d:da:da:9d:2a:da:c1:
32:8a:1f:fe:b7:44:30:7e:e3:2f:76:ab:46:8d:f2:
f2:70:1e:cf:0e:53:78:ce:4e:5e:62:c2:e3:90:c8:
be:92:c8:58:47:67:e5:e0:47:80:e3:2c:56:b8:e8:
ff:f2:3c:27:4d:97:ef:4d:1f:c5:b8:7b:9d:97:f3:
98:57:60:1b:73:f2:06:9d:a7:f4:50:88:7c:42:dc:
bf:f7:c6:66:8e:39:c4:81:c5:a3:4e:66:da:6c:f1:
a7:45:d0:9f:1f:b4:00:33:91:f1:5e:f5:2e:96:10:
f7:8b:e4:e5:09:7a:4e:e6:22:fb:7b:7f:76:5d:d4:
c7:d8:d7:1f:3e:ad:c8:a2:bc:26:b9:e5:d5:06:39:
f9:d1:08:bd:c9:a0:34:ba:f5:27:7b:f0:b3:09:3f:
a7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:ED:BC:7E:B9:46:47:DB:00:C1:45:F0:21:C3:03:FC:09:76:BE:FC
X509v3 Authority Key Identifier:
keyid:0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/DuhjrFcK7qH5ML6l52qufdVTgE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/wO28frlGR9sAwUXwIcMD_Al2vvw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.176.0/20
Signature Algorithm: sha256WithRSAEncryption
a8:97:f8:e5:ac:1d:a3:2f:99:ee:19:2a:ab:d6:6d:81:09:8e:
ae:d9:d1:11:d9:84:f8:32:92:6e:34:7c:35:6d:df:c7:4d:22:
38:02:7e:33:76:f7:f2:e7:8d:4e:80:1c:88:08:e4:ee:63:02:
66:60:3c:9b:1c:7e:49:21:ca:61:d3:ad:7f:3e:c1:ca:24:e9:
70:7f:17:9a:02:05:19:0d:63:c2:73:0a:14:a6:b1:5c:da:cf:
92:e2:d3:cf:4b:5f:3b:ff:fb:6f:87:a3:46:e1:15:3f:a4:8c:
6f:bc:f2:2e:4f:73:06:43:4c:77:ee:6a:30:85:79:7f:25:02:
8c:0f:e9:de:1d:50:d2:cf:8d:07:24:1c:2f:0e:e1:19:6e:9d:
ab:7a:0a:5c:76:35:07:90:8b:63:8b:82:a0:e6:26:2f:ad:fb:
39:b8:39:41:a8:84:65:e3:05:fc:47:fa:06:a9:c8:92:a6:81:
f5:6c:d7:d3:0f:10:3e:d2:d9:a9:75:59:16:aa:58:4c:cc:9a:
3c:5c:01:5f:01:ec:2f:7c:62:3e:48:99:ff:95:a8:95:a2:e2:
66:c6:30:4e:cd:24:f4:76:06:f5:61:87:57:66:30:32:85:81:
a2:8f:72:cd:92:4f:2a:22:87:2e:06:6f:53:96:2e:d9:71:43:
8a:20:0a:0b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAngwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVF
ODYzQUM1NzBBRUVBMUY5MzBCRUE1RTc2QUFFN0RENTUzODA0RTAeFw0yNDAyMDEw
MzU1MzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMwRURCQzdFQjk0NjQ3
REIwMEMxNDVGMDIxQzMwM0ZDMDk3NkJFRkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAlVQPZ4BllKMOc3pxFuwPG/xfB094T1saSpxw+s2PC9h6A0VE
HlYJF85eGW78UMJLgtNemZPwHU9WEyGOWrpTl2XxuzN02NY7D/BhKZtjbOFYhAKh
WQkmX5ncRBt0fCoJjdranSrawTKKH/63RDB+4y92q0aN8vJwHs8OU3jOTl5iwuOQ
yL6SyFhHZ+XgR4DjLFa46P/yPCdNl+9NH8W4e52X85hXYBtz8gadp/RQiHxC3L/3
xmaOOcSBxaNOZtps8adF0J8ftAAzkfFe9S6WEPeL5OUJek7mIvt7f3Zd1MfY1x8+
rciivCa55dUGOfnRCL3JoDS69Sd78LMJP6fRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUwO28frlGR9sAwUXwIcMD/Al2vvwwHwYDVR0jBBgwFoAUDuhjrFcK7qH5ML6l
52qufdVTgE4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
L0R1aGpyRmNLN3FINU1MNmw1MnF1ZmRWVGdFNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvRHVoanJGY0s3cUg1TUw2bDUycXVmZFZUZ0U0LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL3dPMjhmcmxHUjlzQXdV
WHdJY01EX0FsMnZ2dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQr+LAwDQYJKoZIhvcNAQELBQADggEBAKiX+OWsHaMvme4ZKqvWbYEJjq7Z0RHZ
hPgykm40fDVt38dNIjgCfjN29/LnjU6AHIgI5O5jAmZgPJscfkkhymHTrX8+wcok
6XB/F5oCBRkNY8JzChSmsVzaz5Li089LXzv/+2+Ho0bhFT+kjG+88i5PcwZDTHfu
ajCFeX8lAowP6d4dUNLPjQckHC8O4Rlunat6Clx2NQeQi2OLgqDmJi+t+zm4OUGo
hGXjBfxH+gapyJKmgfVs19MPED7S2al1WRaqWEzMmjxcAV8B7C98Yj5Imf+VqJWi
4mbGME7NJPR2BvVhh1dmMDKFgaKPcs2STyoihy4Gb1OWLtlxQ4ogCgs=
-----END CERTIFICATE-----
Generated at Thu Feb 29 16:39:00 2024 by rpki-client on console-ams.rpki-client.org