Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1375/lfGXE2Dj7lPSTQBd4hoV-6JrI8o.roa
File: lfGXE2Dj7lPSTQBd4hoV-6JrI8o.roa (raw, json)
Hash identifier: HDrnJP6wTiBFKf6i8gFKb+D6qpGFM3BL5iEQVngJdeI=
Subject key identifier: 95:F1:97:13:60:E3:EE:53:D2:4D:00:5D:E2:1A:15:FB:A2:6B:23:CA
Certificate issuer: /CN=3ABA8B425232BE58968396DE32A8EB5A05EEA658
Certificate serial: 140D
Authority key identifier: 3A:BA:8B:42:52:32:BE:58:96:83:96:DE:32:A8:EB:5A:05:EE:A6:58
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/lfGXE2Dj7lPSTQBd4hoV-6JrI8o.roa
Signing time: Mon 11 Dec 2023 06:38:28 +0000
ROA not before: Mon 11 Dec 2023 06:38:28 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 31972
IP address blocks: 45.115.228.0/22 maxlen: 24
45.127.216.0/22 maxlen: 24
103.56.8.0/22 maxlen: 24
103.196.204.0/22 maxlen: 24
103.207.48.0/22 maxlen: 24
210.16.104.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 00:19:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5133 (0x140d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ABA8B425232BE58968396DE32A8EB5A05EEA658
Validity
Not Before: Dec 11 06:38:28 2023 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=95F1971360E3EE53D24D005DE21A15FBA26B23CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:33:b3:93:0d:37:89:87:bf:e7:8e:1e:f4:83:
b2:a7:14:73:08:3b:aa:39:91:76:45:46:90:36:b6:
8c:a0:9e:8b:60:86:2c:0d:da:9b:13:7f:b2:0e:b1:
eb:96:0c:87:ce:96:df:98:2f:02:d1:06:30:20:1c:
89:79:8e:88:f7:9c:c4:5f:41:b8:7d:29:c5:81:8f:
c9:fe:1e:80:a6:5f:27:6c:c6:6a:3e:16:9b:04:ef:
7f:bb:08:43:84:ee:7c:c8:f5:56:56:8c:46:98:4b:
5b:c5:cb:2a:51:76:8f:5c:d1:cc:a1:8e:64:4e:33:
9a:6a:f1:b4:6a:64:ea:f5:24:27:22:ee:7b:84:39:
e7:9c:d8:0c:bf:45:e0:0b:58:42:75:4f:53:9d:b1:
eb:72:48:71:32:c6:fd:5c:82:e9:5a:2b:f1:9a:3c:
a4:18:6d:50:e1:30:63:f4:70:08:0b:5f:71:d1:43:
4e:0d:b8:7c:0d:c3:08:2d:22:88:dc:81:a1:b4:36:
bf:85:9f:0f:32:01:ab:62:26:29:06:2f:98:c7:55:
15:9b:70:3d:95:ba:a1:c8:d9:0d:1c:5d:4d:71:fc:
7c:a0:d3:09:9a:5f:5f:e7:2b:c5:4f:b8:b5:38:86:
36:f8:bc:33:b0:a0:c3:86:67:fe:3e:4f:44:a0:6a:
39:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F1:97:13:60:E3:EE:53:D2:4D:00:5D:E2:1A:15:FB:A2:6B:23:CA
X509v3 Authority Key Identifier:
keyid:3A:BA:8B:42:52:32:BE:58:96:83:96:DE:32:A8:EB:5A:05:EE:A6:58
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/lfGXE2Dj7lPSTQBd4hoV-6JrI8o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.115.228.0/22
45.127.216.0/22
103.56.8.0/22
103.196.204.0/22
103.207.48.0/22
210.16.104.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:b6:c0:53:68:50:93:a7:06:74:7d:a5:f3:55:2c:d0:db:1c:
96:93:8f:6b:8d:4e:66:c3:98:7b:71:ea:60:c3:2b:48:7b:d7:
85:f0:b3:0f:44:85:7a:48:ef:82:78:4d:91:66:3c:8b:39:b4:
39:68:a1:38:b5:1a:0f:2a:ba:a9:52:07:2a:d3:8d:76:b8:dc:
55:f6:42:7b:1d:cb:17:8e:70:4a:95:f5:41:37:99:45:80:dd:
66:25:ee:d2:15:a2:db:85:68:8a:e8:97:91:af:08:dd:82:20:
cf:bd:c8:09:4d:62:9d:04:67:ba:45:cc:55:0a:db:a9:9a:5d:
76:1c:e9:95:c0:00:f6:5f:e5:4b:e5:7d:0d:f9:2c:d0:96:4e:
c6:be:53:21:34:72:09:74:55:76:0e:34:ce:e5:cb:f4:56:5f:
36:f9:40:44:90:69:e3:5c:91:8e:22:55:54:b3:31:82:9b:ea:
54:6a:a5:93:8a:3a:08:e1:80:81:7c:f4:f4:1e:3c:db:7d:ad:
b3:89:0b:ad:c7:bd:a2:35:23:5d:6c:03:19:4d:1a:8c:28:b2:
c4:5d:04:83:86:e4:1d:3d:10:a4:55:c2:1e:10:d4:b5:b1:fd:
e8:6c:96:20:df:e0:00:f6:99:6f:7c:f1:e9:d3:7b:38:bb:28:
6a:5a:b3:a6
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgICFA0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FC
QThCNDI1MjMyQkU1ODk2ODM5NkRFMzJBOEVCNUEwNUVFQTY1ODAeFw0yMzEyMTEw
NjM4MjhaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDk1RjE5NzEzNjBFM0VF
NTNEMjREMDA1REUyMUExNUZCQTI2QjIzQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFM7OTDTeJh7/njh70g7KnFHMIO6o5kXZFRpA2toygnotghiwN
2psTf7IOseuWDIfOlt+YLwLRBjAgHIl5joj3nMRfQbh9KcWBj8n+HoCmXydsxmo+
FpsE73+7CEOE7nzI9VZWjEaYS1vFyypRdo9c0cyhjmROM5pq8bRqZOr1JCci7nuE
Oeec2Ay/ReALWEJ1T1OdsetySHEyxv1cgulaK/GaPKQYbVDhMGP0cAgLX3HRQ04N
uHwNwwgtIojcgaG0Nr+Fnw8yAatiJikGL5jHVRWbcD2VuqHI2Q0cXU1x/Hyg0wma
X1/nK8VPuLU4hjb4vDOwoMOGZ/4+T0Sgajl5AgMBAAGjggIRMIICDTAdBgNVHQ4E
FgQUlfGXE2Dj7lPSTQBd4hoV+6JrI8owHwYDVR0jBBgwFoAUOrqLQlIyvliWg5be
MqjrWgXuplgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
NS9PcnFMUWxJeXZsaVdnNWJlTXFqcldnWHVwbGcuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09ycUxRbEl5dmxpV2c1YmVNcWpyV2dYdXBsZy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEzNzUvbGZHWEUyRGo3bFBT
VFFCZDRob1YtNkpySThvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEw
JAMEAi1z5AMEAi1/2AMEAmc4CAMEAmfEzAMEAmfPMAMEAtIQaDANBgkqhkiG9w0B
AQsFAAOCAQEAXbbAU2hQk6cGdH2l81Us0NsclpOPa41OZsOYe3HqYMMrSHvXhfCz
D0SFekjvgnhNkWY8izm0OWihOLUaDyq6qVIHKtONdrjcVfZCex3LF45wSpX1QTeZ
RYDdZiXu0hWi24VoiuiXka8I3YIgz73ICU1inQRnukXMVQrbqZpddhzplcAA9l/l
S+V9Dfks0JZOxr5TITRyCXRVdg40zuXL9FZfNvlARJBp41yRjiJVVLMxgpvqVGql
k4o6COGAgXz09B48232ts4kLrce9ojUjXWwDGU0ajCiyxF0Eg4bkHT0QpFXCHhDU
tbH96GyWIN/gAPaZb3zx6dN7OLsoalqzpg==
-----END CERTIFICATE-----
Generated at Tue Sep 24 01:46:28 2024 by rpki-client on console-fra.rpki-client.org