Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/2z-lR6kJwFhO5eg9Fe90JI2_EpU.roa
File: 2z-lR6kJwFhO5eg9Fe90JI2_EpU.roa (raw, json)
Hash identifier: /nJoCjQ139Ksa/SqSJJcDuDsF0qiduI7LouAn6iJ4GQ=
Subject key identifier: DB:3F:A5:47:A9:09:C0:58:4E:E5:E8:3D:15:EF:74:24:8D:BF:12:95
Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Certificate serial: 1339
Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/2z-lR6kJwFhO5eg9Fe90JI2_EpU.roa
Signing time: Wed 01 Nov 2023 02:12:29 +0000
ROA not before: Wed 01 Nov 2023 02:12:29 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 139021
IP address blocks: 43.250.116.0/22 maxlen: 24
103.235.184.0/22 maxlen: 24
150.242.224.0/22 maxlen: 24
219.234.8.0/21 maxlen: 24
219.234.16.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 May 2024 05:30:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4921 (0x1339)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Validity
Not Before: Nov 1 02:12:29 2023 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=DB3FA547A909C0584EE5E83D15EF74248DBF1295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:14:d0:b2:f7:00:21:e0:b3:9d:78:15:12:f0:
eb:f1:8d:2e:ea:6e:25:d4:be:b9:f0:bb:6f:01:63:
f2:14:ea:84:f9:d4:a4:98:fa:6a:68:bd:ab:a4:ff:
7e:f9:28:86:4f:8f:14:47:7a:5e:53:da:67:11:66:
49:45:fb:34:ff:51:17:a7:55:db:49:ff:2d:60:19:
d2:8e:91:bf:bd:9f:eb:c0:4c:31:07:aa:b7:c3:ea:
42:37:b5:32:4b:f8:3e:d3:b1:48:0b:66:fe:5c:58:
b9:4f:67:e3:20:3c:f8:29:96:ec:0f:64:41:ee:c9:
ea:62:c1:97:22:bd:06:e8:fb:15:97:54:50:01:fe:
0f:10:41:29:78:65:82:71:9e:f8:13:93:53:5e:a9:
a5:38:d5:23:ca:6a:43:29:a6:d7:b6:77:a0:7c:5b:
ed:d2:13:f9:f7:4d:a9:70:13:93:bf:53:22:c8:35:
f3:f5:35:62:8a:07:17:91:1e:fc:1a:92:36:89:fc:
c5:aa:2a:ae:8c:33:15:d2:17:23:54:61:b6:d1:37:
f8:37:f5:f5:3d:4c:eb:4d:1a:bd:6a:0c:21:15:12:
2a:4b:5f:4c:58:d4:ef:08:ee:4e:1e:a5:b9:f6:12:
6d:3d:54:4a:66:cd:ca:3c:fa:6e:0f:3c:08:99:66:
2e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3F:A5:47:A9:09:C0:58:4E:E5:E8:3D:15:EF:74:24:8D:BF:12:95
X509v3 Authority Key Identifier:
keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/2z-lR6kJwFhO5eg9Fe90JI2_EpU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.116.0/22
103.235.184.0/22
150.242.224.0/22
219.234.8.0-219.234.31.255
Signature Algorithm: sha256WithRSAEncryption
13:fc:d3:41:39:02:a4:4a:39:f6:c2:b9:2c:a5:5e:52:65:ce:
69:69:57:7e:7d:aa:3c:be:9f:a0:84:1c:5a:63:07:6b:df:16:
4d:2a:7b:e7:ff:41:f8:b9:6f:63:52:73:a2:82:f2:0e:ad:68:
73:34:b7:31:fe:af:f6:3a:c7:3a:75:b4:16:96:5a:51:4e:75:
8c:3c:f2:bb:89:cd:f6:41:47:88:9a:fa:67:67:0b:92:57:da:
20:be:82:14:c0:c2:65:d5:c7:db:5a:f9:dc:cd:81:9e:93:3e:
96:37:ff:ac:ea:a7:4c:92:17:6e:d3:54:78:3b:28:5a:b0:0d:
c3:c7:eb:c2:98:fd:70:b1:0d:57:6c:ac:3b:3b:6c:ea:86:12:
7f:06:cc:9b:48:bb:a8:2d:7e:74:fb:7b:ef:01:02:f9:8c:49:
ef:a9:a2:e9:bd:99:ac:2e:a8:07:35:c2:0e:b9:c8:bf:b8:96:
c8:6c:cc:54:03:69:cb:27:dd:55:68:00:cf:6d:b7:a2:21:36:
5e:0f:26:e1:77:50:71:21:13:da:96:d2:c9:ce:fd:95:07:e3:
d7:4e:0d:be:79:77:d8:0a:e9:ba:c6:3f:bb:a7:e5:ab:4a:7b:
90:11:11:7f:9a:da:a5:49:78:00:1c:50:ab:3a:dc:4b:0b:38:
ba:e5:5a:01
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgICEzkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz
QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yMzExMDEw
MjEyMjlaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKERCM0ZBNTQ3QTkwOUMw
NTg0RUU1RTgzRDE1RUY3NDI0OERCRjEyOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+FNCy9wAh4LOdeBUS8OvxjS7qbiXUvrnwu28BY/IU6oT51KSY
+mpovauk/375KIZPjxRHel5T2mcRZklF+zT/URenVdtJ/y1gGdKOkb+9n+vATDEH
qrfD6kI3tTJL+D7TsUgLZv5cWLlPZ+MgPPgpluwPZEHuyepiwZcivQbo+xWXVFAB
/g8QQSl4ZYJxnvgTk1NeqaU41SPKakMppte2d6B8W+3SE/n3TalwE5O/UyLINfP1
NWKKBxeRHvwakjaJ/MWqKq6MMxXSFyNUYbbRN/g39fU9TOtNGr1qDCEVEipLX0xY
1O8I7k4epbn2Em09VEpmzco8+m4PPAiZZi5nAgMBAAGjggINMIICCTAdBgNVHQ4E
FgQU2z+lR6kJwFhO5eg9Fe90JI2/EpUwHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A
r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4
OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvMnotbFI2a0p3RmhP
NWVnOUZlOTBKSTJfRXBVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDA5BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEw
IAMEAiv6dAMEAmfruAMEApby4DAMAwQD2+oIAwQF2+oAMA0GCSqGSIb3DQEBCwUA
A4IBAQAT/NNBOQKkSjn2wrkspV5SZc5paVd+fao8vp+ghBxaYwdr3xZNKnvn/0H4
uW9jUnOigvIOrWhzNLcx/q/2Osc6dbQWllpRTnWMPPK7ic32QUeImvpnZwuSV9og
voIUwMJl1cfbWvnczYGekz6WN/+s6qdMkhdu01R4OyhasA3Dx+vCmP1wsQ1XbKw7
O2zqhhJ/BsybSLuoLX50+3vvAQL5jEnvqaLpvZmsLqgHNcIOuci/uJbIbMxUA2nL
J91VaADPbbeiITZeDybhd1BxIRPaltLJzv2VB+PXTg2+eXfYCum6xj+7p+WrSnuQ
ERF/mtqlSXgAHFCrOtxLCzi65VoB
-----END CERTIFICATE-----
Generated at Tue May 14 07:53:16 2024 by rpki-client on console-fra.rpki-client.org