Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/pmI50j-2g6hUiZf0boy8mZnT5so.roa
File: pmI50j-2g6hUiZf0boy8mZnT5so.roa (raw, json)
Hash identifier: SXxIRJl9yUc/tZcO6UPEdWB/GSPv/hB3CwxymxBxMhs=
Subject key identifier: A6:62:39:D2:3F:B6:83:A8:54:89:97:F4:6E:8C:BC:99:99:D3:E6:CA
Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708
Certificate serial: 14A6
Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/pmI50j-2g6hUiZf0boy8mZnT5so.roa
Signing time: Thu 23 Nov 2023 03:06:06 +0000
ROA not before: Thu 23 Nov 2023 03:06:06 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 4811
IP address blocks: 14.103.0.0/21 maxlen: 24
14.103.8.0/21 maxlen: 24
14.103.16.0/21 maxlen: 24
14.103.24.0/21 maxlen: 24
14.103.32.0/21 maxlen: 24
14.103.40.0/21 maxlen: 24
14.103.48.0/21 maxlen: 24
14.103.56.0/21 maxlen: 24
118.145.32.0/19 maxlen: 24
180.184.144.0/21 maxlen: 24
180.184.152.0/22 maxlen: 24
180.184.168.0/21 maxlen: 24
180.184.176.0/21 maxlen: 24
180.184.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jul 2024 02:50:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5286 (0x14a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708
Validity
Not Before: Nov 23 03:06:06 2023 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=A66239D23FB683A8548997F46E8CBC9999D3E6CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a8:57:06:1d:e6:4c:20:c4:0c:da:20:79:b3:
52:93:18:bd:3e:45:d8:7e:5e:30:39:44:03:5e:c7:
71:2a:81:7a:17:09:a4:71:b9:e5:3f:0e:70:8a:0e:
31:02:6b:a6:f7:ba:a4:be:86:8a:b2:ab:d7:de:47:
f7:53:72:12:72:df:c0:f5:8b:7f:50:32:54:1e:b0:
ba:a9:49:e7:1b:30:e6:8b:77:b2:6b:ed:37:2f:86:
0e:f6:a9:cb:3b:cd:9f:8a:e2:f5:c9:07:f9:88:7a:
bf:62:df:86:79:80:41:3e:62:63:ac:42:5c:24:45:
62:ff:8c:c2:c9:94:2c:be:04:71:be:79:f8:27:06:
63:1d:38:be:0e:a6:21:30:22:8f:0f:74:69:b0:f3:
e7:11:52:54:0b:d4:9d:0a:a0:7c:80:63:d6:12:8a:
ca:aa:9a:c5:fe:f7:25:ea:d8:f8:d3:c7:81:f1:42:
aa:2c:04:c5:59:d4:54:a3:c3:c2:c4:9e:a9:08:e4:
cc:20:7e:3a:4b:e3:f6:88:40:29:25:71:49:fb:cb:
a3:93:ac:7f:3f:5a:20:7c:39:69:45:7b:45:25:8d:
07:df:90:f0:a2:09:e2:b9:c4:ca:ac:ae:00:f7:12:
16:a1:ea:de:09:a3:8c:b5:98:69:6c:85:92:8e:32:
a9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:62:39:D2:3F:B6:83:A8:54:89:97:F4:6E:8C:BC:99:99:D3:E6:CA
X509v3 Authority Key Identifier:
keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/pmI50j-2g6hUiZf0boy8mZnT5so.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
14.103.0.0/18
118.145.32.0/19
180.184.144.0-180.184.155.255
180.184.168.0-180.184.187.255
Signature Algorithm: sha256WithRSAEncryption
0e:6a:ec:d5:45:15:f8:c2:6b:ee:00:a3:0d:40:f9:32:bb:b7:
b8:fd:8a:1c:1f:87:fc:8e:30:ae:6b:79:a3:25:77:79:fc:e2:
f7:4e:46:e3:9e:0f:b5:dd:9c:6d:9f:16:0b:50:d9:e0:fd:47:
df:ed:34:33:83:b2:27:ed:86:7a:79:c9:5a:ad:cc:35:6a:77:
d9:d3:cf:f9:e3:8e:32:d9:1e:65:0f:6d:3b:05:fb:e0:ab:64:
e5:e0:09:43:be:37:0c:14:97:fb:4d:b2:d5:34:10:87:f5:6d:
ba:77:45:ed:7a:d7:32:c5:bd:75:86:f2:9a:7f:81:78:5a:e8:
08:c4:28:ca:c2:81:da:97:a2:16:12:92:67:66:c6:b6:07:2e:
19:23:b1:a3:46:61:dd:06:44:bc:ef:68:87:86:2b:0e:9d:9a:
4a:58:c7:6a:f2:6d:9b:e6:39:e8:a7:c9:22:31:84:10:ba:61:
65:01:0a:47:ce:20:80:21:92:35:8a:1d:fa:73:1c:61:bb:f2:
d2:f4:ba:4f:fa:46:28:38:2a:1a:12:95:a9:22:0c:2a:a6:99:
3e:69:9c:51:15:aa:bc:c7:96:17:04:29:d3:9a:b4:1b:14:bf:
a1:ab:af:cd:dc:32:69:d1:66:ba:1d:d1:98:da:33:12:7a:27:
b6:f3:c1:00
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgICFKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4
QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yMzExMjMw
MzA2MDZaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKEE2NjIzOUQyM0ZCNjgz
QTg1NDg5OTdGNDZFOENCQzk5OTlEM0U2Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/qFcGHeZMIMQM2iB5s1KTGL0+Rdh+XjA5RANex3EqgXoXCaRx
ueU/DnCKDjECa6b3uqS+hoqyq9feR/dTchJy38D1i39QMlQesLqpSecbMOaLd7Jr
7Tcvhg72qcs7zZ+K4vXJB/mIer9i34Z5gEE+YmOsQlwkRWL/jMLJlCy+BHG+efgn
BmMdOL4OpiEwIo8PdGmw8+cRUlQL1J0KoHyAY9YSisqqmsX+9yXq2PjTx4HxQqos
BMVZ1FSjw8LEnqkI5MwgfjpL4/aIQCklcUn7y6OTrH8/WiB8OWlFe0UljQffkPCi
CeK5xMqsrgD3Ehah6t4Jo4y1mGlshZKOMqmlAgMBAAGjggIVMIICETAdBgNVHQ4E
FgQUpmI50j+2g6hUiZf0boy8mZnT5sowHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw
dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvcG1JNTBqLTJnNmhV
aVpmMGJveThtWm5UNXNvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDBBBggrBgEFBQcBBwEB/wQyMDAwLgQCAAEw
KAMEBg5nAAMEBXaRIDAMAwQEtLiQAwQCtLiYMAwDBAO0uKgDBAK0uLgwDQYJKoZI
hvcNAQELBQADggEBAA5q7NVFFfjCa+4Aow1A+TK7t7j9ihwfh/yOMK5reaMld3n8
4vdORuOeD7XdnG2fFgtQ2eD9R9/tNDODsifthnp5yVqtzDVqd9nTz/njjjLZHmUP
bTsF++CrZOXgCUO+NwwUl/tNstU0EIf1bbp3Re161zLFvXWG8pp/gXha6AjEKMrC
gdqXohYSkmdmxrYHLhkjsaNGYd0GRLzvaIeGKw6dmkpYx2rybZvmOeinySIxhBC6
YWUBCkfOIIAhkjWKHfpzHGG78tL0uk/6Rig4KhoSlakiDCqmmT5pnFEVqrzHlhcE
KdOatBsUv6Grr83cMmnRZrod0ZjaMxJ6J7bzwQA=
-----END CERTIFICATE-----
Generated at Thu Jul 4 04:33:24 2024 by rpki-client on console-fra.rpki-client.org