Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2776/nQht7KmiZYB3klA5t9MMsUFXTSA.roa
File: nQht7KmiZYB3klA5t9MMsUFXTSA.roa (raw, json)
Hash identifier: +q7luy0lUkwL4YVwDWcVCWNCEqle0bRbcByea8QGSD4=
Subject key identifier: 9D:08:6D:EC:A9:A2:65:80:77:92:50:39:B7:D3:0C:B1:41:57:4D:20
Certificate issuer: /CN=86DB0D88746FFC0814E589A139240F2F742D0C56
Certificate serial: 0746
Authority key identifier: 86:DB:0D:88:74:6F:FC:08:14:E5:89:A1:39:24:0F:2F:74:2D:0C:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/nQht7KmiZYB3klA5t9MMsUFXTSA.roa
Signing time: Thu 08 Jun 2023 02:13:32 +0000
ROA not before: Thu 08 Jun 2023 02:13:32 +0000
ROA not after: Fri 07 Jun 2024 02:05:43 +0000
asID: 63566
IP address blocks: 103.252.248.0/24 maxlen: 24
118.194.59.0/24 maxlen: 24
122.11.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 May 2024 02:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1862 (0x746)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86DB0D88746FFC0814E589A139240F2F742D0C56
Validity
Not Before: Jun 8 02:13:32 2023 GMT
Not After : Jun 7 02:05:43 2024 GMT
Subject: CN=9D086DECA9A2658077925039B7D30CB141574D20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:21:89:62:f9:d3:19:46:6f:a1:7b:2b:13:1e:
d9:65:7e:ca:4f:08:c9:4f:45:58:20:e7:49:6b:ca:
4b:22:02:17:0c:54:84:8c:0b:f5:c6:a5:81:df:6a:
86:76:5d:65:02:a7:86:0d:6b:70:43:83:ff:50:d3:
ae:64:da:eb:48:1d:13:0d:21:67:0a:df:47:a0:79:
ff:21:25:31:c5:2a:c5:7d:7e:6c:24:07:91:7b:9f:
89:92:64:bc:99:bd:20:ec:5f:11:8f:9c:be:f0:ed:
d6:65:d3:c9:b7:33:96:a5:ce:5a:a4:db:e6:50:dd:
e4:80:ee:76:70:8f:72:06:cc:7c:39:2a:68:ef:53:
b4:c4:9f:b3:68:be:db:4a:06:19:7d:c7:4a:52:b1:
82:74:68:1f:48:24:0d:8f:0d:7b:0f:f8:d6:80:1c:
2b:41:c1:89:bb:fc:c8:5d:1f:50:50:a5:62:b2:4a:
f4:ec:9b:6a:12:0e:1a:ec:50:20:f9:0a:fe:00:d1:
3d:fd:15:12:23:cb:1e:8e:19:d8:5e:09:bc:be:85:
e4:1b:78:81:3f:08:00:13:41:0f:f6:8f:b8:11:0e:
5e:1a:3b:66:e3:1a:44:9d:69:d2:f7:64:d7:81:35:
76:8b:a0:5c:1d:1c:34:05:05:08:dd:92:ac:06:ac:
a7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:08:6D:EC:A9:A2:65:80:77:92:50:39:B7:D3:0C:B1:41:57:4D:20
X509v3 Authority Key Identifier:
keyid:86:DB:0D:88:74:6F:FC:08:14:E5:89:A1:39:24:0F:2F:74:2D:0C:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/htsNiHRv_AgU5YmhOSQPL3QtDFY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/nQht7KmiZYB3klA5t9MMsUFXTSA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.252.248.0/24
118.194.59.0/24
122.11.0.0/24
Signature Algorithm: sha256WithRSAEncryption
99:21:32:21:fc:51:aa:e8:41:0c:5e:df:b7:3e:7a:cb:7a:79:
8e:9a:9d:8f:29:78:66:6f:01:a7:8d:de:35:28:18:62:65:fe:
38:bd:9b:f3:68:54:18:a6:ae:96:0a:eb:05:dc:20:f8:e2:4e:
c2:3b:db:d7:31:ab:8a:73:f6:5e:12:37:22:55:3e:4e:2c:c9:
eb:a4:a7:9b:08:be:d7:f2:f3:a4:48:c4:de:37:9f:aa:ae:33:
1e:a5:f1:26:82:20:00:24:78:c1:4c:45:61:84:36:17:ef:73:
27:e0:8b:80:0c:3e:f6:72:55:0a:61:c1:b1:0f:aa:06:e2:6f:
cf:4f:ed:df:31:29:86:60:f6:f7:36:71:09:8e:86:41:39:1e:
25:eb:6a:9e:ab:21:be:cd:7d:a4:22:de:70:fe:c5:8b:3c:df:
66:c1:3c:22:2f:23:6e:8a:ce:27:92:af:2e:4b:32:ee:cb:ff:
90:ae:cd:41:8e:33:8b:13:86:34:c2:31:1a:2a:a0:0d:f6:52:
18:17:4b:05:4c:fe:cf:5b:fe:12:66:37:3b:bf:f7:22:de:67:
26:98:18:37:f4:74:07:85:a6:de:1d:14:7d:1b:f1:95:ba:a8:
16:f6:7a:c2:8d:19:d2:ae:3c:bc:bc:85:a4:b5:42:0a:8f:46:
48:4e:14:ab
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgICB0YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODZE
QjBEODg3NDZGRkMwODE0RTU4OUExMzkyNDBGMkY3NDJEMEM1NjAeFw0yMzA2MDgw
MjEzMzJaFw0yNDA2MDcwMjA1NDNaMDMxMTAvBgNVBAMTKDlEMDg2REVDQTlBMjY1
ODA3NzkyNTAzOUI3RDMwQ0IxNDE1NzREMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsIYli+dMZRm+heysTHtllfspPCMlPRVgg50lryksiAhcMVISM
C/XGpYHfaoZ2XWUCp4YNa3BDg/9Q065k2utIHRMNIWcK30egef8hJTHFKsV9fmwk
B5F7n4mSZLyZvSDsXxGPnL7w7dZl08m3M5alzlqk2+ZQ3eSA7nZwj3IGzHw5Kmjv
U7TEn7NovttKBhl9x0pSsYJ0aB9IJA2PDXsP+NaAHCtBwYm7/MhdH1BQpWKySvTs
m2oSDhrsUCD5Cv4A0T39FRIjyx6OGdheCby+heQbeIE/CAATQQ/2j7gRDl4aO2bj
GkSdadL3ZNeBNXaLoFwdHDQFBQjdkqwGrKfvAgMBAAGjggH/MIIB+zAdBgNVHQ4E
FgQUnQht7KmiZYB3klA5t9MMsUFXTSAwHwYDVR0jBBgwFoAUhtsNiHRv/AgU5Ymh
OSQPL3QtDFYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc3
Ni9odHNOaUhSdl9BZ1U1WW1oT1NRUEwzUXRERlkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2h0c05pSFJ2X0FnVTVZbWhPU1FQTDNRdERGWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NzYvblFodDdLbWlaWUIz
a2xBNXQ5TU1zVUZYVFNBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEw
EgMEAGf8+AMEAHbCOwMEAHoLADANBgkqhkiG9w0BAQsFAAOCAQEAmSEyIfxRquhB
DF7ftz56y3p5jpqdjyl4Zm8Bp43eNSgYYmX+OL2b82hUGKaulgrrBdwg+OJOwjvb
1zGrinP2XhI3IlU+TizJ66Snmwi+1/LzpEjE3jefqq4zHqXxJoIgACR4wUxFYYQ2
F+9zJ+CLgAw+9nJVCmHBsQ+qBuJvz0/t3zEphmD29zZxCY6GQTkeJetqnqshvs19
pCLecP7FizzfZsE8Ii8jborOJ5KvLksy7sv/kK7NQY4zixOGNMIxGiqgDfZSGBdL
BUz+z1v+EmY3O7/3It5nJpgYN/R0B4Wm3h0UfRvxlbqoFvZ6wo0Z0q48vLyFpLVC
Co9GSE4Uqw==
-----END CERTIFICATE-----
Generated at Fri May 24 04:47:34 2024 by rpki-client on console-ams.rpki-client.org