Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/-3C9C9rutlwEdK4sA17TRy-4Z8w.roa
File: -3C9C9rutlwEdK4sA17TRy-4Z8w.roa (raw, json)
Hash identifier: loADQdGLwVETdYtQv956cH1AMpSudOPuPT/PVOTDUto=
Subject key identifier: FB:70:BD:0B:DA:EE:B6:5C:04:74:AE:2C:03:5E:D3:47:2F:B8:67:CC
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 0DFC
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/-3C9C9rutlwEdK4sA17TRy-4Z8w.roa
Signing time: Fri 26 Apr 2024 03:25:06 +0000
ROA not before: Fri 26 Apr 2024 03:25:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 34549
IP address blocks: 59.83.136.0/21 maxlen: 24
59.83.240.0/21 maxlen: 24
114.66.149.0/24 maxlen: 24
114.66.169.0/24 maxlen: 24
114.66.181.0/24 maxlen: 24
114.66.183.0/24 maxlen: 24
114.66.212.0/22 maxlen: 24
114.66.212.0/24 maxlen: 24
114.66.214.0/24 maxlen: 24
218.98.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jul 2024 02:17:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3580 (0xdfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Apr 26 03:25:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FB70BD0BDAEEB65C0474AE2C035ED3472FB867CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a5:a0:79:0d:98:cc:c2:5b:3d:76:05:da:55:
eb:74:ca:3a:41:fe:56:3f:a7:96:9b:0c:d1:2d:9d:
a3:fe:1f:01:af:8c:74:33:7d:d9:91:38:ae:cc:fa:
df:aa:92:6c:13:29:00:40:02:58:46:86:0e:50:9d:
a6:06:f3:af:67:ed:d9:ce:7c:5b:8c:4f:8f:32:5a:
37:99:fb:85:c9:ce:23:fc:09:b4:02:3b:41:af:4b:
ab:15:22:12:89:fd:45:6f:73:2a:c8:ef:f2:2e:77:
67:8c:5c:dc:81:18:2e:64:49:f2:51:ab:98:08:34:
18:b4:6c:22:12:49:d1:fd:31:9a:c2:35:73:80:06:
54:4b:c9:37:df:b7:b0:19:a7:25:f8:78:34:22:4a:
2a:06:9f:b4:36:b1:7d:cf:ec:62:11:d5:f3:0f:6d:
66:e9:19:cb:1a:ea:63:c9:bd:57:cf:7e:06:4d:26:
7d:36:68:9f:54:86:58:b1:eb:0b:15:54:56:66:5d:
51:77:65:48:2c:7a:c1:79:07:62:ae:cc:0f:4d:6b:
89:6d:d6:fd:e2:38:51:50:d5:60:f8:8d:e0:a9:b8:
1c:53:3e:9a:78:94:4f:2a:17:87:fa:4d:66:08:eb:
f6:b1:b2:e1:c7:f0:33:d3:94:9d:f8:98:dd:14:7c:
ed:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:70:BD:0B:DA:EE:B6:5C:04:74:AE:2C:03:5E:D3:47:2F:B8:67:CC
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/-3C9C9rutlwEdK4sA17TRy-4Z8w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.83.136.0/21
59.83.240.0/21
114.66.149.0/24
114.66.169.0/24
114.66.181.0/24
114.66.183.0/24
114.66.212.0/22
218.98.80.0/22
Signature Algorithm: sha256WithRSAEncryption
18:12:d9:36:bf:c6:e1:98:66:fe:51:5d:07:2c:5b:a1:d5:27:
56:f5:80:77:68:a1:79:b3:a4:d7:3c:9c:c3:26:b7:e5:6f:e4:
2c:5d:b1:fa:6e:4a:6f:02:25:3f:56:bf:d7:14:3d:4f:c4:dd:
a5:cd:91:95:da:43:66:6a:20:d1:e7:56:e3:bd:45:56:03:af:
d8:7a:18:7f:61:c2:88:0e:fe:f9:a2:97:6a:05:d2:be:fa:ab:
09:b0:1b:f9:c8:ee:4e:4c:ec:cc:d8:3f:55:ac:dc:64:63:85:
c0:c4:5c:df:44:82:a5:02:5b:23:de:f2:77:c6:a6:88:2b:1a:
9f:56:58:5b:4a:90:90:8f:48:41:54:a3:ea:94:ed:d4:26:bc:
2b:e5:60:53:0c:17:dc:98:86:f5:9a:30:39:01:77:41:91:f0:
dc:ec:19:f2:32:a5:4f:ab:59:7c:d1:77:93:d7:21:1d:88:da:
0c:3d:80:09:fd:19:ce:13:6b:74:fb:bd:1d:2b:91:a2:e3:ba:
6d:e8:52:99:76:fc:8d:45:c3:8b:f4:7a:e1:6d:fa:86:92:83:
c6:90:ee:80:3c:e8:11:40:60:1d:ed:61:56:b4:80:77:e4:7b:
cb:30:24:70:b5:ec:38:a3:9a:36:1f:ff:db:ed:ba:47:c4:28:
e2:c7:e9:76
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgICDfwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yNDA0MjYw
MzI1MDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZCNzBCRDBCREFFRUI2
NUMwNDc0QUUyQzAzNUVEMzQ3MkZCODY3Q0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCspaB5DZjMwls9dgXaVet0yjpB/lY/p5abDNEtnaP+HwGvjHQz
fdmROK7M+t+qkmwTKQBAAlhGhg5QnaYG869n7dnOfFuMT48yWjeZ+4XJziP8CbQC
O0GvS6sVIhKJ/UVvcyrI7/Iud2eMXNyBGC5kSfJRq5gINBi0bCISSdH9MZrCNXOA
BlRLyTfft7AZpyX4eDQiSioGn7Q2sX3P7GIR1fMPbWbpGcsa6mPJvVfPfgZNJn02
aJ9Uhlix6wsVVFZmXVF3ZUgsesF5B2KuzA9Na4lt1v3iOFFQ1WD4jeCpuBxTPpp4
lE8qF4f6TWYI6/axsuHH8DPTlJ34mN0UfO2bAgMBAAGjggIdMIICGTAdBgNVHQ4E
FgQU+3C9C9rutlwEdK4sA17TRy+4Z8wwHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvLTNDOUM5cnV0bHdF
ZEs0c0ExN1RSeS00Wjh3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDBJBggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEw
MAMEAztTiAMEAztT8AMEAHJClQMEAHJCqQMEAHJCtQMEAHJCtwMEAnJC1AMEAtpi
UDANBgkqhkiG9w0BAQsFAAOCAQEAGBLZNr/G4Zhm/lFdByxbodUnVvWAd2ihebOk
1zycwya35W/kLF2x+m5KbwIlP1a/1xQ9T8Tdpc2RldpDZmog0edW471FVgOv2HoY
f2HCiA7++aKXagXSvvqrCbAb+cjuTkzszNg/VazcZGOFwMRc30SCpQJbI97yd8am
iCsan1ZYW0qQkI9IQVSj6pTt1Ca8K+VgUwwX3JiG9ZowOQF3QZHw3OwZ8jKlT6tZ
fNF3k9chHYjaDD2ACf0ZzhNrdPu9HSuRouO6behSmXb8jUXDi/R64W36hpKDxpDu
gDzoEUBgHe1hVrSAd+R7yzAkcLXsOKOaNh//2+26R8Qo4sfpdg==
-----END CERTIFICATE-----
Generated at Tue Jul 23 04:36:20 2024 by rpki-client on console-fra.rpki-client.org