Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/v1gpz5HjoVZI_uqz58yZokGPTlc.roa
File: v1gpz5HjoVZI_uqz58yZokGPTlc.roa (raw, json)
Hash identifier: DwB+NFGqRjqPplJRT88nz/Zrdl87W8oTNVXND1Hvtj8=
Subject key identifier: BF:58:29:CF:91:E3:A1:56:48:FE:EA:B3:E7:CC:99:A2:41:8F:4E:57
Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Certificate serial: 0888
Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/v1gpz5HjoVZI_uqz58yZokGPTlc.roa
Signing time: Fri 11 Aug 2023 08:11:12 +0000
ROA not before: Fri 11 Aug 2023 08:11:12 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 58593
IP address blocks: 40.72.0.0/15 maxlen: 32
40.72.0.0/16 maxlen: 32
40.72.0.0/17 maxlen: 32
40.72.128.0/17 maxlen: 32
40.72.254.0/24 maxlen: 32
40.72.255.0/24 maxlen: 32
40.73.0.0/17 maxlen: 32
40.73.99.0/24 maxlen: 32
40.73.128.0/17 maxlen: 32
40.125.128.0/17 maxlen: 32
40.126.64.0/18 maxlen: 32
52.130.0.0/20 maxlen: 32
52.130.16.0/20 maxlen: 32
52.130.32.0/19 maxlen: 32
52.130.64.0/19 maxlen: 32
52.130.96.0/20 maxlen: 32
52.130.112.0/20 maxlen: 32
52.130.128.0/18 maxlen: 32
52.130.192.0/18 maxlen: 32
52.131.0.0/17 maxlen: 32
52.131.128.0/17 maxlen: 32
139.217.0.0/16 maxlen: 32
139.217.0.0/17 maxlen: 32
139.217.128.0/17 maxlen: 32
139.219.0.0/16 maxlen: 32
139.219.0.0/17 maxlen: 32
139.219.128.0/17 maxlen: 32
143.64.0.0/16 maxlen: 32
159.27.0.0/16 maxlen: 32
Validation: Failed, certificate revoked on Fri 17 May 2024 08:22:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2184 (0x888)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Validity
Not Before: Aug 11 08:11:12 2023 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=BF5829CF91E3A15648FEEAB3E7CC99A2418F4E57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:51:d6:f8:b1:b0:52:e7:fc:79:17:d3:7f:4b:
0e:ae:40:b4:89:6c:9e:ee:f2:35:ea:32:82:14:df:
fa:9d:9e:8b:0b:b5:73:90:56:ec:ca:07:7d:d6:e9:
b7:89:a9:22:b3:b0:0a:51:3d:91:05:36:52:a2:64:
b4:4d:8f:5c:64:1b:a8:f6:c1:15:bc:36:c0:05:a8:
8f:fb:30:87:6f:31:0d:2e:3c:c5:a8:2e:49:03:80:
3f:b6:7a:ba:72:45:05:9e:37:d7:54:58:1a:b3:59:
86:4e:9b:cb:12:b8:2f:c0:35:80:7e:c7:99:9b:98:
33:4a:cd:01:91:a5:0f:8c:01:5e:42:88:62:66:79:
1f:50:2b:30:d2:95:38:ea:8e:8a:cd:c2:3c:1b:b7:
55:3c:a2:04:06:98:86:d7:ad:6b:70:93:eb:d7:ca:
f0:50:88:98:3f:f0:f6:2a:56:14:40:8f:45:c5:cf:
7f:08:82:88:b0:09:57:5e:c5:74:1e:78:90:47:d8:
8e:51:d5:f2:b4:63:52:30:eb:b8:2c:36:ef:57:59:
7f:7d:c2:03:89:87:99:25:c3:3b:03:bd:f8:30:be:
9b:34:e1:d8:fa:e5:8a:3f:5d:af:bd:e4:97:08:29:
cb:a4:5e:6a:6f:d2:4a:d2:c0:c5:73:f9:6a:78:31:
8b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:58:29:CF:91:E3:A1:56:48:FE:EA:B3:E7:CC:99:A2:41:8F:4E:57
X509v3 Authority Key Identifier:
keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/v1gpz5HjoVZI_uqz58yZokGPTlc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
40.72.0.0/15
40.125.128.0/17
40.126.64.0/18
52.130.0.0/15
139.217.0.0/16
139.219.0.0/16
143.64.0.0/16
159.27.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:cd:94:39:85:19:de:06:db:a7:59:5d:d5:27:52:16:d0:ad:
aa:fb:f9:52:82:10:22:2d:b3:1f:39:f3:9e:fb:e8:af:0e:30:
68:d5:ad:a0:6a:01:eb:f8:da:60:09:29:20:ee:71:1e:5b:82:
53:fa:b8:ff:87:be:99:d5:dd:ab:dc:8d:83:e3:7e:eb:7a:37:
60:2a:31:c9:2b:e8:d5:55:48:d1:51:14:63:e6:4b:08:f6:a8:
a0:2a:e2:66:ac:4b:d5:36:d0:fd:bf:a3:ce:06:5d:57:eb:7c:
86:67:52:73:fd:a2:c8:41:51:a7:64:91:a0:d9:63:ef:53:e0:
94:03:c1:93:c5:d6:b4:2d:55:8e:a2:45:1f:1f:ae:a8:fe:d2:
ac:fd:87:59:10:50:4f:e1:b3:57:92:20:f8:e3:a2:3d:e7:a9:
a9:9b:02:17:ed:89:07:60:1e:aa:72:74:de:b0:91:25:b1:1d:
70:08:a4:10:9e:ac:05:41:be:1c:f1:82:15:55:64:46:7e:66:
6e:fb:cf:68:06:f6:c4:74:38:03:73:23:09:2c:8d:e3:51:c2:
af:ab:df:0f:32:f0:b5:87:28:6c:d5:3f:ec:5a:db:e1:6d:29:
d8:2d:8d:cc:03:f7:78:40:af:1a:f8:cd:e1:8f:b5:2b:76:0e:
7f:a8:57:8a
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgICCIgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE
Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yMzA4MTEw
ODExMTJaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKEJGNTgyOUNGOTFFM0Ex
NTY0OEZFRUFCM0U3Q0M5OUEyNDE4RjRFNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKUdb4sbBS5/x5F9N/Sw6uQLSJbJ7u8jXqMoIU3/qdnosLtXOQ
VuzKB33W6beJqSKzsApRPZEFNlKiZLRNj1xkG6j2wRW8NsAFqI/7MIdvMQ0uPMWo
LkkDgD+2erpyRQWeN9dUWBqzWYZOm8sSuC/ANYB+x5mbmDNKzQGRpQ+MAV5CiGJm
eR9QKzDSlTjqjorNwjwbt1U8ogQGmIbXrWtwk+vXyvBQiJg/8PYqVhRAj0XFz38I
goiwCVdexXQeeJBH2I5R1fK0Y1Iw67gsNu9XWX99wgOJh5klwzsDvfgwvps04dj6
5Yo/Xa+95JcIKcukXmpv0krSwMVz+Wp4MYslAgMBAAGjggIXMIICEzAdBgNVHQ4E
FgQUv1gpz5HjoVZI/uqz58yZokGPTlcwHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0
je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy
MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvdjFncHo1SGpvVlpJ
X3VxejU4eVpva0dQVGxjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEw
KgMDAShIAwQHKH2AAwQGKH5AAwMBNIIDAwCL2QMDAIvbAwMAj0ADAwCfGzANBgkq
hkiG9w0BAQsFAAOCAQEAk82UOYUZ3gbbp1ld1SdSFtCtqvv5UoIQIi2zHznznvvo
rw4waNWtoGoB6/jaYAkpIO5xHluCU/q4/4e+mdXdq9yNg+N+63o3YCoxySvo1VVI
0VEUY+ZLCPaooCriZqxL1TbQ/b+jzgZdV+t8hmdSc/2iyEFRp2SRoNlj71PglAPB
k8XWtC1VjqJFHx+uqP7SrP2HWRBQT+GzV5Ig+OOiPeepqZsCF+2JB2AeqnJ03rCR
JbEdcAikEJ6sBUG+HPGCFVVkRn5mbvvPaAb2xHQ4A3MjCSyN41HCr6vfDzLwtYco
bNU/7Frb4W0p2C2NzAP3eECvGvjN4Y+1K3YOf6hXig==
-----END CERTIFICATE-----
Generated at Fri May 17 11:31:46 2024 by rpki-client on console-fra.rpki-client.org