Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/_nwz-pojd7ETW2H58vaDroiLkFQ.roa
File: _nwz-pojd7ETW2H58vaDroiLkFQ.roa (raw, json)
Hash identifier: Vj1TWjlFTg3Y089oFNWQYR7+ibvRQLI0X7mrGNh4DOw=
Subject key identifier: FE:7C:33:FA:9A:23:77:B1:13:5B:61:F9:F2:F6:83:AE:88:8B:90:54
Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B
Certificate serial: 1051
Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/_nwz-pojd7ETW2H58vaDroiLkFQ.roa
Signing time: Mon 05 Jun 2023 06:36:51 +0000
ROA not before: Mon 05 Jun 2023 06:36:51 +0000
ROA not after: Tue 04 Jun 2024 06:12:36 +0000
asID: 45110
IP address blocks: 43.254.228.0/22 maxlen: 24
43.254.228.0/24 maxlen: 24
43.254.229.0/24 maxlen: 24
43.254.230.0/24 maxlen: 24
103.200.220.0/22 maxlen: 24
111.118.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 06:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4177 (0x1051)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B
Validity
Not Before: Jun 5 06:36:51 2023 GMT
Not After : Jun 4 06:12:36 2024 GMT
Subject: CN=FE7C33FA9A2377B1135B61F9F2F683AE888B9054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:45:78:ff:57:05:e2:f2:ad:fb:c6:bc:9d:fc:
26:98:ff:35:3e:43:60:71:4b:d7:a7:ff:3f:3f:e1:
7b:4d:b9:04:32:65:47:70:17:f3:79:56:91:84:17:
e9:ff:07:0b:3f:45:c0:fc:a2:43:f8:40:82:82:46:
90:36:a2:50:45:d5:55:d4:54:0f:87:60:63:22:eb:
35:41:e8:0d:a3:ab:d6:fb:82:70:e2:12:c6:cb:35:
ba:52:75:f8:b4:e5:d1:c8:d9:ad:05:14:b9:ab:01:
5c:31:68:ff:cc:81:bf:a7:01:2d:ae:e0:57:c0:f8:
8c:ec:e9:d1:9c:b0:0d:63:d0:55:ad:53:3d:12:a6:
39:44:41:a6:b8:75:4e:e0:d8:5a:b6:7f:b2:e8:46:
28:6b:30:76:ad:5c:5c:1f:22:06:3f:e9:bc:ba:a0:
96:07:04:e1:96:15:81:09:9d:e5:93:b8:96:0a:6f:
a5:9d:f1:53:33:ac:4e:4d:f7:26:88:2f:96:18:c4:
67:46:90:e5:c4:6e:90:0f:09:30:96:19:1e:fe:1f:
e5:00:ab:eb:6d:75:69:99:9a:21:8f:30:8d:7c:a9:
de:f3:0a:08:db:fb:53:7b:5c:c8:65:5a:69:bb:3c:
1f:78:d1:37:bc:4e:43:f6:26:a3:1d:c3:c1:a1:70:
f7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:7C:33:FA:9A:23:77:B1:13:5B:61:F9:F2:F6:83:AE:88:8B:90:54
X509v3 Authority Key Identifier:
keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/_nwz-pojd7ETW2H58vaDroiLkFQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.228.0/22
103.200.220.0/22
111.118.200.0/24
Signature Algorithm: sha256WithRSAEncryption
12:f1:2e:62:3a:ce:69:56:cd:f3:0f:b3:bd:3f:ef:16:2c:cd:
d3:21:01:3f:ea:29:20:a3:6e:56:a2:b7:c4:d1:22:69:02:5e:
98:8d:59:af:0c:64:ac:9e:0f:12:5b:cf:dd:b4:56:f0:28:35:
59:46:03:87:a3:ac:25:c1:89:b4:2a:b5:e2:2b:83:b4:e7:c4:
7a:7b:3e:85:86:f1:9f:7a:3c:21:41:bf:a1:35:d4:a0:5c:d7:
1a:18:98:7f:aa:a0:2b:89:1f:55:d8:4d:9c:9c:83:18:37:4a:
76:98:3c:fd:8a:4f:46:43:2f:a6:13:9c:31:2d:cc:ff:29:22:
60:0b:53:02:7a:13:53:a1:df:ea:3a:80:54:97:cd:7d:13:5e:
77:f2:c3:eb:e2:f9:87:72:ed:9a:9d:3c:11:ec:5f:2a:24:36:
4d:8f:67:95:0a:06:66:7e:64:0a:cb:06:8b:25:50:8a:34:47:
b6:8b:b8:a0:ab:6f:3a:fa:20:44:54:40:76:14:07:79:4a:04:
0e:41:0d:b2:58:37:68:a4:ad:cd:20:70:92:1c:ff:66:0f:e1:
3c:dc:7e:eb:1f:be:92:60:0c:ad:0d:32:89:05:f9:15:29:b0:
c2:3e:51:09:96:93:08:88:82:e5:0c:72:1b:16:15:86:d7:dc:
ff:d6:8b:5a
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICEFEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1
MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yMzA2MDUw
NjM2NTFaFw0yNDA2MDQwNjEyMzZaMDMxMTAvBgNVBAMTKEZFN0MzM0ZBOUEyMzc3
QjExMzVCNjFGOUYyRjY4M0FFODg4QjkwNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2RXj/VwXi8q37xryd/CaY/zU+Q2BxS9en/z8/4XtNuQQyZUdw
F/N5VpGEF+n/Bws/RcD8okP4QIKCRpA2olBF1VXUVA+HYGMi6zVB6A2jq9b7gnDi
EsbLNbpSdfi05dHI2a0FFLmrAVwxaP/Mgb+nAS2u4FfA+Izs6dGcsA1j0FWtUz0S
pjlEQaa4dU7g2Fq2f7LoRihrMHatXFwfIgY/6by6oJYHBOGWFYEJneWTuJYKb6Wd
8VMzrE5N9yaIL5YYxGdGkOXEbpAPCTCWGR7+H+UAq+ttdWmZmiGPMI18qd7zCgjb
+1N7XMhlWmm7PB940Te8TkP2JqMdw8GhcPe/AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQU/nwz+pojd7ETW2H58vaDroiLkFQwHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt
4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx
L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxL19ud3otcG9qZDdFVFcy
SDU4dmFEcm9pTGtGUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAIr/uQDBAJnyNwDBABvdsgwDQYJKoZIhvcNAQELBQADggEBABLxLmI6zmlWzfMP
s70/7xYszdMhAT/qKSCjblait8TRImkCXpiNWa8MZKyeDxJbz920VvAoNVlGA4ej
rCXBibQqteIrg7TnxHp7PoWG8Z96PCFBv6E11KBc1xoYmH+qoCuJH1XYTZycgxg3
SnaYPP2KT0ZDL6YTnDEtzP8pImALUwJ6E1Oh3+o6gFSXzX0TXnfyw+vi+Ydy7Zqd
PBHsXyokNk2PZ5UKBmZ+ZArLBoslUIo0R7aLuKCrbzr6IERUQHYUB3lKBA5BDbJY
N2ikrc0gcJIc/2YP4TzcfusfvpJgDK0NMokF+RUpsMI+UQmWkwiIguUMchsWFYbX
3P/Wi1o=
-----END CERTIFICATE-----
Generated at Tue May 21 10:00:39 2024 by rpki-client on console-fra.rpki-client.org