Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/o5rXztTa5WQyy5yv47w3VsV5dJk.roa
File: o5rXztTa5WQyy5yv47w3VsV5dJk.roa (raw, json)
Hash identifier: xGbrOL0KgRhkfRSuYtCX1SsUUJuapavb7SuHpHXcVn8=
Subject key identifier: A3:9A:D7:CE:D4:DA:E5:64:32:CB:9C:AF:E3:BC:37:56:C5:79:74:99
Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708
Certificate serial: 1473
Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/o5rXztTa5WQyy5yv47w3VsV5dJk.roa
Signing time: Tue 14 Nov 2023 17:29:51 +0000
ROA not before: Tue 14 Nov 2023 17:29:51 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 137718
IP address blocks: 14.103.0.0/16 maxlen: 24
103.159.142.0/23 maxlen: 24
118.145.128.0/17 maxlen: 24
180.184.0.0/16 maxlen: 24
180.184.24.0/21 maxlen: 24
180.184.32.0/21 maxlen: 24
180.184.144.0/21 maxlen: 24
180.184.152.0/22 maxlen: 24
180.184.184.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5235 (0x1473)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708
Validity
Not Before: Nov 14 17:29:51 2023 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=A39AD7CED4DAE56432CB9CAFE3BC3756C5797499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:65:b7:3d:87:16:94:15:1e:7a:cb:90:fd:c3:
ae:a2:58:b4:3c:03:15:11:33:a6:d0:39:fe:69:4c:
0f:1b:63:7d:35:ad:61:2a:95:62:e4:d2:d9:c4:02:
73:11:82:58:e9:16:f5:c2:6c:04:f0:37:36:df:e5:
9f:e0:a5:d4:b5:a7:1e:91:13:65:fd:79:e9:bf:36:
b6:38:34:0d:4b:f7:ca:49:91:e2:93:d1:bd:d1:0d:
86:8a:7e:fa:73:24:f1:ab:21:93:cd:39:36:93:a9:
29:a0:7b:70:8f:ac:18:99:6c:f6:bb:c2:66:cb:16:
09:fa:65:e6:0d:3c:7e:63:47:fe:1c:cc:88:27:48:
ab:77:b0:03:dd:19:38:8f:9d:7a:b3:f0:cb:82:4f:
2b:80:e4:e5:4c:2e:0d:c1:bc:1e:29:a4:bc:15:6a:
53:10:c1:79:64:93:f7:79:86:4b:b6:25:ca:be:c8:
cf:c4:2b:d3:37:79:58:7f:94:4f:6b:f2:02:51:d9:
db:a0:4f:9b:69:ae:22:d3:17:52:83:3f:73:25:e8:
5f:6c:0c:d8:d7:88:1a:36:97:13:b9:fd:e4:17:bd:
bc:65:00:4a:e6:9d:26:56:19:41:ec:0a:15:c7:f8:
d4:72:a2:ae:c6:74:d3:6a:cd:f4:20:a7:66:8f:74:
b7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:9A:D7:CE:D4:DA:E5:64:32:CB:9C:AF:E3:BC:37:56:C5:79:74:99
X509v3 Authority Key Identifier:
keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/o5rXztTa5WQyy5yv47w3VsV5dJk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
14.103.0.0/16
103.159.142.0/23
118.145.128.0/17
180.184.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:e4:0d:91:c9:38:31:37:7e:50:64:1c:06:14:73:30:79:77:
ab:7d:1a:7d:e8:01:ba:d7:db:f0:9b:89:0a:d1:3f:06:3a:ba:
2a:21:7d:63:eb:4e:9d:e8:57:46:6b:63:8d:fb:76:81:0b:a6:
47:87:3d:78:1b:f1:d9:39:ad:48:d6:71:01:69:8d:e1:57:2e:
9b:5d:f7:9c:4d:98:06:59:37:6a:b4:25:52:18:52:e4:07:0f:
0c:7f:3b:62:9d:ee:d7:3b:ea:52:22:65:54:b9:3b:9f:fb:bf:
a6:91:2a:70:88:3a:6b:81:03:77:d8:18:1e:e6:47:b9:57:86:
33:cd:d4:1a:83:0a:55:c5:fc:1d:9c:c7:4b:3c:b7:eb:1a:d7:
4b:a7:61:f7:72:81:76:ff:c6:02:77:c1:43:d4:30:64:8a:c0:
b9:a4:a1:9c:87:62:e6:df:04:1b:c7:ba:81:db:b6:a7:46:ab:
85:8d:8d:7e:ed:6a:4f:c2:3b:0f:18:51:49:c0:3d:99:4d:9e:
8b:59:b8:ac:d2:92:65:52:b7:6e:e2:e9:d6:f6:7b:1c:a6:f0:
a2:4a:de:c0:21:91:9c:56:20:fe:a6:b7:32:7c:20:27:86:28:
3e:b1:23:62:98:7a:c4:68:0e:4d:be:f7:ff:73:56:9d:29:62:
bc:31:a7:5b
-----BEGIN CERTIFICATE-----
MIIE5zCCA8+gAwIBAgICFHMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4
QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yMzExMTQx
NzI5NTFaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKEEzOUFEN0NFRDREQUU1
NjQzMkNCOUNBRkUzQkMzNzU2QzU3OTc0OTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyZbc9hxaUFR56y5D9w66iWLQ8AxURM6bQOf5pTA8bY301rWEq
lWLk0tnEAnMRgljpFvXCbATwNzbf5Z/gpdS1px6RE2X9eem/NrY4NA1L98pJkeKT
0b3RDYaKfvpzJPGrIZPNOTaTqSmge3CPrBiZbPa7wmbLFgn6ZeYNPH5jR/4czIgn
SKt3sAPdGTiPnXqz8MuCTyuA5OVMLg3BvB4ppLwValMQwXlkk/d5hku2Jcq+yM/E
K9M3eVh/lE9r8gJR2dugT5tpriLTF1KDP3Ml6F9sDNjXiBo2lxO5/eQXvbxlAErm
nSZWGUHsChXH+NRyoq7GdNNqzfQgp2aPdLcvAgMBAAGjggIDMIIB/zAdBgNVHQ4E
FgQUo5rXztTa5WQyy5yv47w3VsV5dJkwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw
dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvbzVyWHp0VGE1V1F5
eTV5djQ3dzNWc1Y1ZEprLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAvBggrBgEFBQcBBwEB/wQgMB4wHAQCAAEw
FgMDAA5nAwQBZ5+OAwQHdpGAAwMAtLgwDQYJKoZIhvcNAQELBQADggEBAHfkDZHJ
ODE3flBkHAYUczB5d6t9Gn3oAbrX2/CbiQrRPwY6uiohfWPrTp3oV0ZrY437doEL
pkeHPXgb8dk5rUjWcQFpjeFXLptd95xNmAZZN2q0JVIYUuQHDwx/O2Kd7tc76lIi
ZVS5O5/7v6aRKnCIOmuBA3fYGB7mR7lXhjPN1BqDClXF/B2cx0s8t+sa10unYfdy
gXb/xgJ3wUPUMGSKwLmkoZyHYubfBBvHuoHbtqdGq4WNjX7tak/COw8YUUnAPZlN
notZuKzSkmVSt27i6db2exym8KJK3sAhkZxWIP6mtzJ8ICeGKD6xI2KYesRoDk2+
9/9zVp0pYrwxp1s=
-----END CERTIFICATE-----
Generated at Tue Nov 14 18:54:04 2023 by rpki-client on console-ams.rpki-client.org