Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1826/jOUpmaFOiHTrkU2XhtCGwWvm8lM.roa
File: jOUpmaFOiHTrkU2XhtCGwWvm8lM.roa (raw, json)
Hash identifier: wfeNrDy4kxbaitZKry5McpGXhKX6I4TXNxrVsdV/cak=
Subject key identifier: 8C:E5:29:99:A1:4E:88:74:EB:91:4D:97:86:D0:86:C1:6B:E6:F2:53
Certificate issuer: /CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F
Certificate serial: 0BD2
Authority key identifier: 75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/jOUpmaFOiHTrkU2XhtCGwWvm8lM.roa
Signing time: Sat 20 Jan 2024 15:56:03 +0000
ROA not before: Sat 20 Jan 2024 15:56:03 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 152320
IP address blocks: 45.254.24.0/24 maxlen: 24
45.254.25.0/24 maxlen: 24
45.254.26.0/24 maxlen: 24
45.254.27.0/24 maxlen: 24
103.223.120.0/24 maxlen: 24
103.223.121.0/24 maxlen: 24
103.223.122.0/24 maxlen: 24
103.223.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 00:21:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3026 (0xbd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F
Validity
Not Before: Jan 20 15:56:03 2024 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=8CE52999A14E8874EB914D9786D086C16BE6F253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:aa:d7:06:7b:8b:8e:a2:49:0a:92:00:82:32:
8a:52:ea:f0:3e:6d:a8:c1:93:50:72:32:fd:46:2c:
80:e0:67:7e:31:37:0a:77:92:0d:48:e9:df:b1:08:
da:82:d5:0d:a5:c7:cb:5d:cc:7e:fa:7b:ea:7b:b0:
48:a4:55:11:52:ab:79:89:ee:02:fe:89:83:e7:6c:
c0:7c:bd:c2:0b:b7:e3:6d:4a:35:f8:b1:52:dd:71:
66:3f:45:d6:df:fe:6f:f1:80:ee:2d:e4:60:30:3e:
25:c0:ce:af:63:f4:15:28:6d:14:75:3b:c7:3b:6b:
2b:6d:00:d1:41:a1:68:cf:a6:45:a0:2f:75:ce:e2:
f7:c9:53:7f:8a:77:a3:99:df:b9:1a:25:9a:8b:fe:
bc:36:3c:f8:98:9f:21:2c:63:24:4f:96:13:c6:e0:
57:db:d8:76:9c:84:69:e8:50:ee:5e:9f:22:62:7b:
08:87:9e:6a:29:2a:85:eb:15:e8:21:0d:d5:5a:91:
71:9d:93:bc:d3:c5:42:99:15:a2:41:81:a5:fa:1c:
50:98:47:65:bc:9c:e0:f4:69:7d:72:d7:aa:34:d2:
f4:29:4a:da:00:34:a5:4f:c3:65:57:f7:b5:58:0a:
20:ea:14:ad:dd:06:fc:f8:e2:25:83:c0:ca:2d:23:
bf:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E5:29:99:A1:4E:88:74:EB:91:4D:97:86:D0:86:C1:6B:E6:F2:53
X509v3 Authority Key Identifier:
keyid:75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/jOUpmaFOiHTrkU2XhtCGwWvm8lM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.254.24.0/22
103.223.120.0/22
Signature Algorithm: sha256WithRSAEncryption
af:4e:ad:4a:20:e2:8c:a3:2a:db:2f:a0:15:18:62:ec:fc:84:
84:11:88:d9:62:2d:10:5b:b5:cb:03:e4:8a:30:85:ad:99:f4:
bb:62:7d:86:00:e5:f3:18:5f:ee:17:c8:83:dc:ca:46:9a:2e:
c5:ca:7b:2f:ab:82:cf:e5:3a:e2:02:4d:8b:6b:c9:3a:23:84:
5b:de:8f:d1:ff:ce:6c:db:fd:34:18:02:b5:df:d7:21:5c:59:
ac:6c:7b:69:85:87:87:fb:ae:9e:8d:a8:f5:ae:5e:84:b6:98:
45:97:be:2a:50:b6:2f:ca:ca:c1:14:22:ab:09:00:0f:8c:59:
05:0e:ac:99:4a:0e:a9:03:38:35:86:f2:33:91:a1:69:b2:c0:
8d:68:47:ce:89:b4:fe:1b:37:84:e6:0d:12:9c:2c:71:a0:a1:
a4:84:fd:0d:80:02:d1:9f:0e:cd:1b:98:64:36:ed:2e:4e:95:
8c:d3:eb:cf:fb:e7:c9:63:0d:b3:e6:32:41:08:d6:41:b1:ea:
c4:3d:8a:a5:ef:c7:ea:3d:03:c0:ea:4e:9a:b0:de:29:ce:44:
63:58:37:42:2f:ac:0b:45:8e:b9:d2:69:60:36:44:d3:fe:a1:
06:66:ed:31:69:00:d4:6e:9b:7f:a4:82:5d:60:f9:9e:93:cd:
eb:dd:aa:2f
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICC9IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzUz
MjREM0I4RjFENUVCQTU3NzBFNjYxRUUxNkFGMjRBNzUwNTU0RjAeFw0yNDAxMjAx
NTU2MDNaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDhDRTUyOTk5QTE0RTg4
NzRFQjkxNEQ5Nzg2RDA4NkMxNkJFNkYyNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjqtcGe4uOokkKkgCCMopS6vA+bajBk1ByMv1GLIDgZ34xNwp3
kg1I6d+xCNqC1Q2lx8tdzH76e+p7sEikVRFSq3mJ7gL+iYPnbMB8vcILt+NtSjX4
sVLdcWY/Rdbf/m/xgO4t5GAwPiXAzq9j9BUobRR1O8c7ayttANFBoWjPpkWgL3XO
4vfJU3+Kd6OZ37kaJZqL/rw2PPiYnyEsYyRPlhPG4Ffb2HachGnoUO5enyJiewiH
nmopKoXrFeghDdVakXGdk7zTxUKZFaJBgaX6HFCYR2W8nOD0aX1y16o00vQpStoA
NKVPw2VX97VYCiDqFK3dBvz44iWDwMotI7/ZAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUjOUpmaFOiHTrkU2XhtCGwWvm8lMwHwYDVR0jBBgwFoAUdTJNO48dXrpXcOZh
7havJKdQVU8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgy
Ni9kVEpOTzQ4ZFhycFhjT1poN2hhdkpLZFFWVTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2RUSk5PNDhkWHJwWGNPWmg3aGF2SktkUVZVOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4MjYvak9VcG1hRk9pSFRy
a1UyWGh0Q0d3V3ZtOGxNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAi3+GAMEAmffeDANBgkqhkiG9w0BAQsFAAOCAQEAr06tSiDijKMq2y+gFRhi
7PyEhBGI2WItEFu1ywPkijCFrZn0u2J9hgDl8xhf7hfIg9zKRpouxcp7L6uCz+U6
4gJNi2vJOiOEW96P0f/ObNv9NBgCtd/XIVxZrGx7aYWHh/uuno2o9a5ehLaYRZe+
KlC2L8rKwRQiqwkAD4xZBQ6smUoOqQM4NYbyM5GhabLAjWhHzom0/hs3hOYNEpws
caChpIT9DYAC0Z8OzRuYZDbtLk6VjNPrz/vnyWMNs+YyQQjWQbHqxD2Kpe/H6j0D
wOpOmrDeKc5EY1g3Qi+sC0WOudJpYDZE0/6hBmbtMWkA1G6bf6SCXWD5npPN692q
Lw==
-----END CERTIFICATE-----
Generated at Tue Sep 24 01:53:40 2024 by rpki-client on console-ams.rpki-client.org