Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/cuFw0KmPxPKZaO9bExkJ_jfctlY.roa
File: cuFw0KmPxPKZaO9bExkJ_jfctlY.roa (raw, json)
Hash identifier: pxAPqyK1RqJGu0swGdM3XAU/eqVcsnraulJzHFw640g=
Subject key identifier: 72:E1:70:D0:A9:8F:C4:F2:99:68:EF:5B:13:19:09:FE:37:DC:B6:56
Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708
Certificate serial: 14EF
Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/cuFw0KmPxPKZaO9bExkJ_jfctlY.roa
Signing time: Thu 07 Dec 2023 10:15:32 +0000
ROA not before: Thu 07 Dec 2023 10:15:32 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 137718
IP address blocks: 14.103.0.0/16 maxlen: 24
103.159.142.0/23 maxlen: 24
118.145.32.0/19 maxlen: 24
118.145.128.0/17 maxlen: 24
180.184.0.0/16 maxlen: 24
180.184.24.0/21 maxlen: 24
180.184.56.0/21 maxlen: 24
180.184.144.0/21 maxlen: 24
180.184.152.0/22 maxlen: 24
180.184.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jul 2024 17:10:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5359 (0x14ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708
Validity
Not Before: Dec 7 10:15:32 2023 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=72E170D0A98FC4F29968EF5B131909FE37DCB656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:04:95:a5:3a:13:75:9c:e7:03:40:ef:a0:25:
07:7a:01:ff:e4:60:96:47:3c:ad:42:72:a1:1e:49:
00:ac:1d:bb:c9:9e:c9:ea:94:02:2f:61:87:72:64:
19:1b:67:08:09:37:ae:4b:42:d5:ba:d9:85:e5:b2:
29:5f:c1:43:47:ae:d2:01:b9:a6:a7:ec:10:bd:bc:
63:83:fb:65:69:5a:62:08:45:fb:0b:d7:0b:0e:3b:
c5:5a:be:26:8d:0e:29:4b:ce:ab:c4:13:d4:cc:99:
fa:bf:da:19:55:92:38:65:97:28:ab:a3:23:82:f9:
64:88:76:aa:92:54:4c:70:b1:9a:76:ee:a2:d7:24:
e6:27:14:02:ea:35:eb:b1:d1:33:7d:a2:ed:d8:76:
8c:99:13:df:af:1a:91:87:72:fc:e7:da:d1:10:87:
6f:f4:e3:5e:e4:0c:58:a7:de:0f:24:35:28:0c:23:
56:f9:b3:39:e7:1b:c4:6c:84:43:35:b5:11:ea:78:
88:fa:c6:cf:ca:bf:54:9d:b6:7c:ba:d6:64:05:2f:
27:c2:9d:32:eb:df:41:0d:dd:8b:10:f5:b9:81:b1:
97:9e:8d:11:c0:6e:04:27:24:18:2b:52:d9:75:a8:
e5:ad:2f:79:cc:91:5e:10:ec:87:fe:dd:b9:e3:8f:
ae:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E1:70:D0:A9:8F:C4:F2:99:68:EF:5B:13:19:09:FE:37:DC:B6:56
X509v3 Authority Key Identifier:
keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/cuFw0KmPxPKZaO9bExkJ_jfctlY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
14.103.0.0/16
103.159.142.0/23
118.145.32.0/19
118.145.128.0/17
180.184.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:c8:f2:32:c9:fe:1d:26:e4:95:2f:23:bf:b9:ea:08:80:ce:
84:40:94:3d:e1:02:8c:ae:07:a7:a3:de:da:68:39:80:e0:0a:
86:ea:9c:5a:b9:2d:16:c5:66:fc:4e:71:47:0b:4f:44:af:68:
73:82:1e:37:44:0a:ba:61:83:db:f6:0b:40:91:fe:1e:e7:1a:
8c:ed:aa:98:88:f7:96:fa:2e:f4:70:a4:d2:ea:fd:37:10:bd:
ee:c3:da:23:4c:e2:60:c3:af:42:96:b6:1a:c9:00:46:38:ea:
a7:c1:d6:65:7e:15:a8:99:30:c8:e3:c7:13:f4:9d:45:8c:de:
af:8b:20:d4:c4:78:4e:9c:89:62:43:86:22:9d:9c:0a:d4:9b:
b6:42:48:55:23:23:49:01:f2:0c:89:f6:c9:10:ae:4a:73:be:
ad:ee:2d:3d:8f:8d:bb:49:ff:59:54:cd:1f:70:c3:58:b0:56:
69:ff:6e:c0:44:d0:f2:db:d0:56:f8:26:1c:4f:1e:9c:92:24:
6c:af:3d:38:1c:6d:45:bb:c6:bd:ee:9a:33:45:2f:ca:19:3e:
9b:7f:04:c7:70:a2:50:1d:8a:63:a2:b8:56:2a:f0:0d:6d:dc:
d8:33:68:a8:e7:e6:6f:de:78:dd:f1:c0:56:d0:89:08:d6:de:
86:49:d5:6a
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICFO8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4
QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yMzEyMDcx
MDE1MzJaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDcyRTE3MEQwQTk4RkM0
RjI5OTY4RUY1QjEzMTkwOUZFMzdEQ0I2NTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5BJWlOhN1nOcDQO+gJQd6Af/kYJZHPK1CcqEeSQCsHbvJnsnq
lAIvYYdyZBkbZwgJN65LQtW62YXlsilfwUNHrtIBuaan7BC9vGOD+2VpWmIIRfsL
1wsOO8VaviaNDilLzqvEE9TMmfq/2hlVkjhllyiroyOC+WSIdqqSVExwsZp27qLX
JOYnFALqNeux0TN9ou3YdoyZE9+vGpGHcvzn2tEQh2/0417kDFin3g8kNSgMI1b5
sznnG8RshEM1tRHqeIj6xs/Kv1Sdtny61mQFLyfCnTLr30EN3YsQ9bmBsZeejRHA
bgQnJBgrUtl1qOWtL3nMkV4Q7If+3bnjj64ZAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUcuFw0KmPxPKZaO9bExkJ/jfctlYwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw
dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvY3VGdzBLbVB4UEta
YU85YkV4a0pfamZjdGxZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDA1BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEw
HAMDAA5nAwQBZ5+OAwQFdpEgAwQHdpGAAwMAtLgwDQYJKoZIhvcNAQELBQADggEB
AIHI8jLJ/h0m5JUvI7+56giAzoRAlD3hAoyuB6ej3tpoOYDgCobqnFq5LRbFZvxO
cUcLT0SvaHOCHjdECrphg9v2C0CR/h7nGoztqpiI95b6LvRwpNLq/TcQve7D2iNM
4mDDr0KWthrJAEY46qfB1mV+FaiZMMjjxxP0nUWM3q+LINTEeE6ciWJDhiKdnArU
m7ZCSFUjI0kB8gyJ9skQrkpzvq3uLT2PjbtJ/1lUzR9ww1iwVmn/bsBE0PLb0Fb4
JhxPHpySJGyvPTgcbUW7xr3umjNFL8oZPpt/BMdwolAdimOiuFYq8A1t3NgzaKjn
5m/eeN3xwFbQiQjW3oZJ1Wo=
-----END CERTIFICATE-----
Generated at Tue Jul 30 19:32:45 2024 by rpki-client on console-fra.rpki-client.org