Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3272/Qjf32VmCtmNjH_6Zx_n_ZbHTAy4.roa
File: Qjf32VmCtmNjH_6Zx_n_ZbHTAy4.roa (raw, json)
Hash identifier: u5uvBTkGZaUzpMjb/HVAcJPApOyTE8w7c/L3ITMD10I=
Subject key identifier: 42:37:F7:D9:59:82:B6:63:63:1F:FE:99:C7:F9:FF:65:B1:D3:03:2E
Certificate issuer: /CN=B52F0F3FF7371FF1CE9D823E9549FC1158B16A2A
Certificate serial: 03
Authority key identifier: B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/Qjf32VmCtmNjH_6Zx_n_ZbHTAy4.roa
Signing time: Fri 29 Mar 2024 04:34:05 +0000
ROA not before: Fri 29 Mar 2024 04:34:04 +0000
ROA not after: Sat 29 Mar 2025 01:10:17 +0000
asID: 211392
IP address blocks: 157.66.42.0/23 maxlen: 24
157.66.42.0/24 maxlen: 24
157.66.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 07:32:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B52F0F3FF7371FF1CE9D823E9549FC1158B16A2A
Validity
Not Before: Mar 29 04:34:04 2024 GMT
Not After : Mar 29 01:10:17 2025 GMT
Subject: CN=4237F7D95982B663631FFE99C7F9FF65B1D3032E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:39:7d:81:54:2a:99:32:39:0e:0a:76:3e:70:
1f:60:5b:d9:ba:39:43:6e:af:d1:52:7a:6a:c4:41:
d7:f4:2a:35:2c:e4:37:c2:20:fd:d5:30:b7:ed:82:
1f:24:69:05:5f:9d:e9:c1:e2:5e:ea:26:a0:e4:a6:
8d:6d:c3:67:47:d5:09:2b:74:31:29:e8:f4:fb:e1:
c2:49:85:a6:68:5b:cc:62:f5:b5:3a:ae:69:e5:7b:
b8:18:23:a7:41:37:55:8f:7c:55:a8:54:fb:fe:87:
48:80:94:88:a6:22:2c:b0:a6:9f:9f:97:9d:8e:13:
a1:43:32:bb:b3:16:dd:47:0a:d5:cd:8a:01:ad:bc:
64:35:4e:9a:8a:f6:b3:6f:82:bb:8e:f3:5f:14:de:
24:6d:4b:3b:e1:6d:51:26:7a:63:c4:3a:a0:7b:f0:
e6:06:f2:51:b3:7a:8c:af:35:68:87:fc:fb:7c:b2:
cc:6c:70:98:c5:55:7b:a5:05:11:9b:1a:e5:cf:76:
39:be:95:17:d7:79:25:85:77:1f:50:f0:7e:d1:a3:
c4:ac:db:c3:3e:01:c1:d4:8e:f5:61:6d:31:e9:2a:
78:a6:cd:75:11:25:d2:6b:85:35:9e:ef:a3:bd:35:
c4:29:cf:44:50:98:e2:ac:81:ae:3b:15:49:fb:8e:
e5:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:37:F7:D9:59:82:B6:63:63:1F:FE:99:C7:F9:FF:65:B1:D3:03:2E
X509v3 Authority Key Identifier:
keyid:B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/Qjf32VmCtmNjH_6Zx_n_ZbHTAy4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.42.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:9e:b6:2c:a6:aa:b3:7b:e0:57:3e:80:4d:2e:f5:a6:58:0d:
a1:67:0f:6a:5e:0c:ca:52:5a:5f:37:7d:dc:0d:28:30:0f:28:
9c:3b:20:f4:59:89:98:50:4d:2e:97:34:df:fa:1b:00:74:d3:
ea:22:1b:e1:b2:82:31:6c:85:1b:bd:2d:65:7c:21:bd:03:34:
85:14:10:ab:e4:31:25:31:03:de:f9:98:74:52:87:bb:fe:6a:
ea:e1:79:fd:6c:fe:ca:88:67:e4:a3:52:f4:c1:f5:88:cb:5d:
d1:bf:08:d3:08:4c:7c:5f:e6:e6:21:8a:a2:48:76:4f:e2:76:
c2:0d:ee:fb:31:b3:fc:0a:2d:1f:29:90:cd:8d:be:6b:d1:08:
c8:3b:51:3d:43:5b:10:88:6d:25:5d:88:17:aa:6b:63:e9:f8:
c0:dd:fd:79:eb:3d:6a:56:a9:31:8c:3d:75:70:70:e8:5c:fd:
f0:7c:8a:d9:a3:b3:19:d6:97:5a:c5:75:94:6d:3e:19:15:14:
e4:6a:19:be:26:42:6d:bb:8a:6d:ea:64:e6:64:73:5c:42:d3:
47:a5:f4:52:89:3b:56:d5:96:67:80:5c:00:37:a1:3d:62:78:
a9:2e:f4:a4:33:c9:e1:3d:a7:9e:51:6c:a0:cb:db:de:be:ee:
46:35:db:bb
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhCNTJG
MEYzRkY3MzcxRkYxQ0U5RDgyM0U5NTQ5RkMxMTU4QjE2QTJBMB4XDTI0MDMyOTA0
MzQwNFoXDTI1MDMyOTAxMTAxN1owMzExMC8GA1UEAxMoNDIzN0Y3RDk1OTgyQjY2
MzYzMUZGRTk5QzdGOUZGNjVCMUQzMDMyRTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANI5fYFUKpkyOQ4Kdj5wH2Bb2bo5Q26v0VJ6asRB1/QqNSzkN8Ig
/dUwt+2CHyRpBV+d6cHiXuomoOSmjW3DZ0fVCSt0MSno9PvhwkmFpmhbzGL1tTqu
aeV7uBgjp0E3VY98VahU+/6HSICUiKYiLLCmn5+XnY4ToUMyu7MW3UcK1c2KAa28
ZDVOmor2s2+Cu47zXxTeJG1LO+FtUSZ6Y8Q6oHvw5gbyUbN6jK81aIf8+3yyzGxw
mMVVe6UFEZsa5c92Ob6VF9d5JYV3H1DwftGjxKzbwz4BwdSO9WFtMekqeKbNdREl
0muFNZ7vo701xCnPRFCY4qyBrjsVSfuO5RUCAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBRCN/fZWYK2Y2Mf/pnH+f9lsdMDLjAfBgNVHSMEGDAWgBS1Lw8/9zcf8c6dgj6V
SfwRWLFqKjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMjcy
L3RTOFBQX2MzSF9IT25ZSS1sVW44RVZpeGFpby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdFM4UFBfYzNIX0hPbllJLWxVbjhFVml4YWlvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3Mi9RamYzMlZtQ3RtTmpI
XzZaeF9uX1piSFRBeTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBnUIqMA0GCSqGSIb3DQEBCwUAA4IBAQBOnrYspqqze+BXPoBNLvWmWA2hZw9q
XgzKUlpfN33cDSgwDyicOyD0WYmYUE0ulzTf+hsAdNPqIhvhsoIxbIUbvS1lfCG9
AzSFFBCr5DElMQPe+Zh0Uoe7/mrq4Xn9bP7KiGfko1L0wfWIy13RvwjTCEx8X+bm
IYqiSHZP4nbCDe77MbP8Ci0fKZDNjb5r0QjIO1E9Q1sQiG0lXYgXqmtj6fjA3f15
6z1qVqkxjD11cHDoXP3wfIrZo7MZ1pdaxXWUbT4ZFRTkahm+JkJtu4pt6mTmZHNc
QtNHpfRSiTtW1ZZngFwAN6E9YnipLvSkM8nhPaeeUWygy9vevu5GNdu7
-----END CERTIFICATE-----
Generated at Tue Nov 5 10:21:31 2024 by rpki-client on console-fra.rpki-client.org