Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/FXgDENsut3GK3FUGSVMEhQNVPgM.roa
File: FXgDENsut3GK3FUGSVMEhQNVPgM.roa (raw, json)
Hash identifier: bts7I5BNdZDm2Gp7LNjlcaRWYLL4Pw1AYFhukqSWuqA=
Subject key identifier: 15:78:03:10:DB:2E:B7:71:8A:DC:55:06:49:53:04:85:03:55:3E:03
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 0FAF
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/FXgDENsut3GK3FUGSVMEhQNVPgM.roa
Signing time: Tue 23 Jul 2024 02:17:18 +0000
ROA not before: Tue 23 Jul 2024 02:17:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 34549
IP address blocks: 59.83.136.0/21 maxlen: 24
59.83.240.0/21 maxlen: 24
114.66.149.0/24 maxlen: 24
114.66.169.0/24 maxlen: 24
114.66.181.0/24 maxlen: 24
114.66.183.0/24 maxlen: 24
114.66.212.0/22 maxlen: 24
114.66.212.0/24 maxlen: 24
114.66.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 08:20:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4015 (0xfaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Jul 23 02:17:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=15780310DB2EB7718ADC55064953048503553E03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:db:7b:2b:ec:d9:18:63:84:32:22:87:50:9b:
82:55:4a:3b:28:1b:be:12:e2:ac:7f:28:fc:e5:50:
e1:cc:1c:7b:f8:bf:c4:8b:cb:84:4b:5e:c8:c1:76:
66:73:f0:33:70:13:73:40:3c:6d:a6:da:2d:0d:64:
2f:d2:07:a6:e3:a9:1f:1c:c6:38:ad:74:06:76:c2:
ee:bc:eb:25:87:4a:0b:67:2f:59:fd:42:3b:da:af:
6b:c6:c4:b6:28:77:bd:39:b9:4d:96:2d:88:27:f5:
03:66:49:0b:96:86:60:10:ea:1b:d9:4d:fc:22:6a:
05:17:7f:44:af:c9:2b:b9:71:bc:7c:f7:cd:06:64:
f8:63:6f:82:fb:61:21:16:82:21:c7:3a:34:b1:4b:
64:c7:c5:4b:36:44:7e:01:2f:9c:a8:7c:f5:f1:e3:
31:73:05:3d:69:f1:e7:c6:39:3a:9d:b2:16:58:78:
81:91:e8:63:e1:e9:e6:00:e7:97:17:75:22:68:cb:
d0:d7:dd:d9:d7:5c:20:2d:90:75:d6:d0:09:39:14:
6c:ec:6e:46:bc:a8:10:31:07:32:d4:72:95:be:bd:
65:bb:2a:58:4c:35:a5:c1:c9:9c:46:ec:9a:b4:b1:
f3:e1:e9:ff:f5:e7:88:16:8b:92:d4:40:1b:9f:6e:
58:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:78:03:10:DB:2E:B7:71:8A:DC:55:06:49:53:04:85:03:55:3E:03
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/FXgDENsut3GK3FUGSVMEhQNVPgM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.83.136.0/21
59.83.240.0/21
114.66.149.0/24
114.66.169.0/24
114.66.181.0/24
114.66.183.0/24
114.66.212.0/22
Signature Algorithm: sha256WithRSAEncryption
98:a5:c6:6e:2a:14:32:e0:00:d1:a2:b5:0b:5f:5c:ad:1a:2a:
f0:f4:01:19:41:54:cb:6e:10:6c:a2:b3:42:1f:a6:3a:2b:55:
b0:e2:12:9f:7b:46:d7:8d:d3:92:88:54:40:e5:ad:48:44:28:
f5:34:1e:46:f2:e6:7f:dd:a0:22:32:60:b2:57:d8:2f:4c:d0:
8d:c5:81:18:a5:37:0a:83:23:7c:74:e6:1e:9e:08:ec:2d:e6:
aa:35:5b:38:02:e1:67:93:b6:dd:9d:c4:7e:d1:1a:f8:c4:c7:
f5:e1:a0:bc:66:db:1e:30:8d:91:0a:92:a9:08:59:fe:52:a0:
8a:13:1e:e7:da:71:d0:f7:61:db:9e:23:be:1f:f6:4a:de:94:
45:80:0b:6f:1c:27:26:a5:dd:01:d9:99:bb:34:04:cb:28:95:
89:03:14:c0:1c:f8:24:04:b5:b4:2e:7d:07:02:f4:38:c9:b3:
8c:3d:c4:c2:f7:c4:a6:e1:37:9b:66:d9:3f:fd:05:87:7d:66:
88:52:82:26:74:87:7a:de:b0:c6:58:4e:f2:9d:df:c4:90:b7:
79:ab:78:79:21:74:4a:75:8f:1c:72:3b:5e:f0:8c:53:9a:4a:
5e:56:b0:8b:0b:82:bf:40:ed:4a:a0:db:1e:fc:70:6e:7d:38:
10:e7:8e:32
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgICD68wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yNDA3MjMw
MjE3MThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE1NzgwMzEwREIyRUI3
NzE4QURDNTUwNjQ5NTMwNDg1MDM1NTNFMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw23sr7NkYY4QyIodQm4JVSjsoG74S4qx/KPzlUOHMHHv4v8SL
y4RLXsjBdmZz8DNwE3NAPG2m2i0NZC/SB6bjqR8cxjitdAZ2wu686yWHSgtnL1n9
Qjvar2vGxLYod705uU2WLYgn9QNmSQuWhmAQ6hvZTfwiagUXf0SvySu5cbx8980G
ZPhjb4L7YSEWgiHHOjSxS2THxUs2RH4BL5yofPXx4zFzBT1p8efGOTqdshZYeIGR
6GPh6eYA55cXdSJoy9DX3dnXXCAtkHXW0Ak5FGzsbka8qBAxBzLUcpW+vWW7KlhM
NaXByZxG7Jq0sfPh6f/154gWi5LUQBufbli3AgMBAAGjggIXMIICEzAdBgNVHQ4E
FgQUFXgDENsut3GK3FUGSVMEhQNVPgMwHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvRlhnREVOc3V0M0dL
M0ZVR1NWTUVoUU5WUGdNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEw
KgMEAztTiAMEAztT8AMEAHJClQMEAHJCqQMEAHJCtQMEAHJCtwMEAnJC1DANBgkq
hkiG9w0BAQsFAAOCAQEAmKXGbioUMuAA0aK1C19crRoq8PQBGUFUy24QbKKzQh+m
OitVsOISn3tG143TkohUQOWtSEQo9TQeRvLmf92gIjJgslfYL0zQjcWBGKU3CoMj
fHTmHp4I7C3mqjVbOALhZ5O23Z3EftEa+MTH9eGgvGbbHjCNkQqSqQhZ/lKgihMe
59px0Pdh254jvh/2St6URYALbxwnJqXdAdmZuzQEyyiViQMUwBz4JAS1tC59BwL0
OMmzjD3EwvfEpuE3m2bZP/0Fh31miFKCJnSHet6wxlhO8p3fxJC3eat4eSF0SnWP
HHI7XvCMU5pKXlawiwuCv0DtSqDbHvxwbn04EOeOMg==
-----END CERTIFICATE-----
Generated at Thu Nov 14 10:30:26 2024 by rpki-client on console-ams.rpki-client.org