Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/wGpr873iCepOwnMKcLzCKmS-Vts.roa
File: wGpr873iCepOwnMKcLzCKmS-Vts.roa (raw, json)
Hash identifier: 4DSAqgYEIiXyFABqdH34IucBFsh1La5AqgSVBqCqdAs=
Subject key identifier: C0:6A:6B:F3:BD:E2:09:EA:4E:C2:73:0A:70:BC:C2:2A:64:BE:56:DB
Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Certificate serial: 03
Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/wGpr873iCepOwnMKcLzCKmS-Vts.roa
Signing time: Wed 01 Jun 2022 07:07:46 +0000
ROA not before: Wed 01 Jun 2022 07:07:46 +0000
ROA not after: Thu 01 Jun 2023 06:58:54 +0000
asID: 58593
IP address blocks: 40.72.0.0/15 maxlen: 32
40.72.0.0/16 maxlen: 32
40.72.0.0/17 maxlen: 32
40.72.128.0/17 maxlen: 32
40.72.254.0/24 maxlen: 32
40.72.255.0/24 maxlen: 32
40.73.0.0/17 maxlen: 32
40.73.99.0/24 maxlen: 32
40.73.128.0/17 maxlen: 32
40.125.128.0/17 maxlen: 32
40.126.64.0/18 maxlen: 32
52.130.0.0/20 maxlen: 32
52.130.16.0/20 maxlen: 32
52.130.32.0/19 maxlen: 32
52.130.64.0/19 maxlen: 32
52.130.96.0/20 maxlen: 32
52.130.112.0/20 maxlen: 32
52.130.128.0/18 maxlen: 32
52.130.192.0/18 maxlen: 32
52.131.0.0/17 maxlen: 32
52.131.128.0/17 maxlen: 32
139.217.0.0/16 maxlen: 32
139.217.0.0/17 maxlen: 32
139.217.128.0/17 maxlen: 32
139.219.0.0/16 maxlen: 32
139.219.0.0/17 maxlen: 32
139.219.128.0/17 maxlen: 32
159.27.0.0/16 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Validity
Not Before: Jun 1 07:07:46 2022 GMT
Not After : Jun 1 06:58:54 2023 GMT
Subject: CN=C06A6BF3BDE209EA4EC2730A70BCC22A64BE56DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:44:b1:23:76:2b:fb:9b:7c:b0:bf:d6:11:a8:
d5:cf:bd:f8:c8:d4:78:4d:3f:1d:00:82:13:e1:7f:
ea:8a:6e:0a:0d:36:e0:3c:77:13:a9:f7:ce:c4:d9:
8b:93:6a:9d:ae:c4:99:fc:4e:e2:b3:02:02:d5:b4:
3e:70:f8:23:09:6c:18:e6:34:fb:fa:87:8f:90:e9:
10:82:a1:91:3f:80:34:77:ee:e6:3d:6c:c0:9c:77:
6a:b7:bd:4c:29:f0:98:3b:a8:d5:f0:c9:e5:a6:ef:
13:85:1c:d6:a2:68:18:36:06:40:34:a8:6c:7e:85:
d6:5e:ac:e2:ad:85:f1:7e:5a:cd:c1:c8:91:86:c6:
51:7c:34:42:71:6f:45:85:1a:ae:d8:6b:ac:aa:38:
c4:36:4b:9a:00:d4:a0:b8:6f:41:50:f9:bd:29:85:
09:b4:fe:67:a2:2c:ba:d5:d5:7b:48:e2:55:b8:9f:
a1:d7:30:7e:43:9b:ef:14:d5:e9:0b:27:4c:48:f5:
fb:9e:00:66:b8:fb:2f:6c:0d:ac:56:9c:8e:8b:6d:
5c:51:91:ff:76:d5:5a:95:3a:f5:79:62:74:87:7b:
73:e1:82:9b:18:80:12:ca:30:a3:34:21:97:b3:0f:
f8:df:07:aa:f3:8b:d4:e0:12:76:56:44:7b:68:c3:
2a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:6A:6B:F3:BD:E2:09:EA:4E:C2:73:0A:70:BC:C2:2A:64:BE:56:DB
X509v3 Authority Key Identifier:
keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/wGpr873iCepOwnMKcLzCKmS-Vts.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
40.72.0.0/15
40.125.128.0/17
40.126.64.0/18
52.130.0.0/15
139.217.0.0/16
139.219.0.0/16
159.27.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:a3:f3:e4:10:54:86:31:e9:ed:b6:42:5d:54:2b:32:e9:cd:
1e:c0:4b:02:37:ea:85:1a:b0:da:c9:4b:51:ac:32:2d:0b:55:
fd:0f:c8:18:ec:c7:05:28:fe:cc:8d:9a:31:2a:ba:5c:13:62:
0b:05:5d:40:93:82:57:7d:f7:5e:6e:e8:21:7f:ed:88:9c:3a:
a9:9a:d9:8f:ce:7e:f7:94:37:6f:51:b0:dd:77:d3:f7:e5:24:
a8:d2:57:e7:a2:6b:60:18:93:33:f8:cc:6f:aa:fd:bd:55:08:
4c:51:e8:b5:14:0d:d9:39:55:1e:94:3d:84:68:46:53:9d:99:
a9:12:64:b6:05:6e:58:8e:e2:64:89:61:04:94:04:b6:da:30:
76:a5:7c:fe:9f:e0:c4:65:9b:8a:b7:13:55:3f:99:bc:2b:82:
aa:f8:3a:92:e7:15:bd:a2:f8:58:78:9c:3d:e3:e9:95:ad:0b:
ac:34:75:5f:9d:fb:f5:dc:b7:b3:e1:52:2a:1e:9b:ce:5f:1c:
1b:d6:bb:7a:1f:78:05:fa:8e:67:17:b1:14:45:1d:18:43:cd:
d7:7d:37:71:9e:df:1f:38:47:a5:0f:18:f8:2c:01:7f:21:33:
31:c9:7a:29:14:a1:18:9d:0c:a2:65:8f:d8:b5:d5:fd:7b:1c:
7c:81:e9:8d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyMURD
ODc1OTY1QzJCQTYxRDFEQUNCQjQ4REVFMTQwNTU0QUE1QUVGMB4XDTIyMDYwMTA3
MDc0NloXDTIzMDYwMTA2NTg1NFowMzExMC8GA1UEAxMoQzA2QTZCRjNCREUyMDlF
QTRFQzI3MzBBNzBCQ0MyMkE2NEJFNTZEQjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKpEsSN2K/ubfLC/1hGo1c+9+MjUeE0/HQCCE+F/6opuCg024Dx3
E6n3zsTZi5Nqna7EmfxO4rMCAtW0PnD4IwlsGOY0+/qHj5DpEIKhkT+ANHfu5j1s
wJx3are9TCnwmDuo1fDJ5abvE4Uc1qJoGDYGQDSobH6F1l6s4q2F8X5azcHIkYbG
UXw0QnFvRYUarthrrKo4xDZLmgDUoLhvQVD5vSmFCbT+Z6IsutXVe0jiVbifodcw
fkOb7xTV6QsnTEj1+54AZrj7L2wNrFacjottXFGR/3bVWpU69XlidId7c+GCmxiA
EsowozQhl7MP+N8HqvOL1OASdlZEe2jDKksCAwEAAaOCAhIwggIOMB0GA1UdDgQW
BBTAamvzveIJ6k7CcwpwvMIqZL5W2zAfBgNVHSMEGDAWgBQh3IdZZcK6YdHay7SN
7hQFVKpa7zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjIw
L0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvSWR5SFdXWEN1bUhSMnN1MGplNFVCVlNxV3U4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYyMC93R3ByODczaUNlcE93
bk1LY0x6Q0ttUy1WdHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAATAl
AwMBKEgDBAcofYADBAYofkADAwE0ggMDAIvZAwMAi9sDAwCfGzANBgkqhkiG9w0B
AQsFAAOCAQEALaPz5BBUhjHp7bZCXVQrMunNHsBLAjfqhRqw2slLUawyLQtV/Q/I
GOzHBSj+zI2aMSq6XBNiCwVdQJOCV333Xm7oIX/tiJw6qZrZj85+95Q3b1Gw3XfT
9+UkqNJX56JrYBiTM/jMb6r9vVUITFHotRQN2TlVHpQ9hGhGU52ZqRJktgVuWI7i
ZIlhBJQEttowdqV8/p/gxGWbircTVT+ZvCuCqvg6kucVvaL4WHicPePpla0LrDR1
X5379dy3s+FSKh6bzl8cG9a7eh94BfqOZxexFEUdGEPN1303cZ7fHzhHpQ8Y+CwB
fyEzMcl6KRShGJ0MomWP2LXV/XscfIHpjQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:19 2023 by rpki-client on console-fra.rpki-client.org