Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/399/Ko465LEJ7QcWwhkVGppyubs0X1Y.roa
File: Ko465LEJ7QcWwhkVGppyubs0X1Y.roa (raw, json)
Hash identifier: Qi9W1j8szbHsdKi3LK4g/YmJyY9SX7J1YC43w6XHnZM=
Subject key identifier: 2A:8E:3A:E4:B1:09:ED:07:16:C2:19:15:1A:9A:72:B9:BB:34:5F:56
Certificate issuer: /CN=51C4C1D52D2E3FE6BF3D9BF1B3D6924B49C5D4E5
Certificate serial: 3E01
Authority key identifier: 51:C4:C1:D5:2D:2E:3F:E6:BF:3D:9B:F1:B3:D6:92:4B:49:C5:D4:E5
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UcTB1S0uP-a_PZvxs9aSS0nF1OU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/Ko465LEJ7QcWwhkVGppyubs0X1Y.roa
Signing time: Fri 04 Aug 2023 13:11:40 +0000
ROA not before: Fri 04 Aug 2023 13:11:40 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 132203
IP address blocks: 203.205.136.0/24 maxlen: 24
203.205.137.0/24 maxlen: 24
203.205.155.0/24 maxlen: 24
203.205.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 May 2024 02:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15873 (0x3e01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51C4C1D52D2E3FE6BF3D9BF1B3D6924B49C5D4E5
Validity
Not Before: Aug 4 13:11:40 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=2A8E3AE4B109ED0716C219151A9A72B9BB345F56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:76:97:df:f2:ae:1d:e7:cf:72:a4:e0:37:34:
3a:98:84:b7:9a:ba:b5:16:f6:3b:e9:21:05:dd:8e:
f4:17:e9:7c:7f:3e:ad:0b:ef:23:e2:62:cc:b6:67:
0b:a5:61:8c:28:3b:0b:e3:d8:fb:ef:e6:3a:f5:c1:
ef:af:c5:fb:b2:e9:ee:86:8a:61:34:4e:84:41:e4:
d4:d1:31:2c:2f:e7:7b:41:08:c9:e0:cf:e2:ed:38:
3c:b5:7d:d3:31:14:50:f1:51:b0:00:11:b5:f3:4a:
14:7c:9f:9a:ea:a6:6e:73:64:cd:ca:ff:ca:eb:ff:
5e:e3:34:0f:7c:b8:b3:60:dc:9c:21:a3:82:e3:f1:
e2:f7:83:d2:d4:ff:83:bc:02:ed:d2:97:34:fe:e9:
3d:b5:7e:6b:d9:83:c5:e9:18:ca:f3:8c:01:6a:63:
35:6b:1c:bb:55:0a:ee:44:1b:f1:0d:38:c4:bb:09:
3f:0e:bf:71:e2:f9:99:1a:36:d6:25:b9:fd:c5:ea:
11:cc:cc:0f:5b:16:35:a1:ca:2a:d5:60:b0:2c:54:
6d:a2:1f:eb:a1:9b:bc:6e:b7:b3:1c:ff:8d:c6:05:
53:3d:8f:20:71:a3:c9:7c:f8:28:72:44:0d:4e:dc:
9f:7e:f9:27:98:14:33:ed:37:90:b6:4b:97:a4:0c:
7c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:8E:3A:E4:B1:09:ED:07:16:C2:19:15:1A:9A:72:B9:BB:34:5F:56
X509v3 Authority Key Identifier:
keyid:51:C4:C1:D5:2D:2E:3F:E6:BF:3D:9B:F1:B3:D6:92:4B:49:C5:D4:E5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/UcTB1S0uP-a_PZvxs9aSS0nF1OU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UcTB1S0uP-a_PZvxs9aSS0nF1OU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/Ko465LEJ7QcWwhkVGppyubs0X1Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.205.136.0/23
203.205.155.0/24
203.205.159.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:33:2f:f9:aa:6d:d8:d7:d8:e3:7f:57:29:6e:f4:6f:31:53:
e6:c3:6d:b7:26:32:74:3e:ce:89:a8:b6:98:8b:e8:11:f0:b3:
99:45:f1:d5:c6:65:9a:aa:85:c6:92:07:09:b3:5e:18:9e:0b:
af:a2:69:3b:7f:05:12:a2:76:d6:81:47:3c:34:f1:44:48:b5:
ed:24:96:70:fd:09:4c:3e:77:06:a8:4a:7a:6e:5b:5b:8f:d9:
a1:c0:ef:69:98:42:56:ba:6e:e0:53:4b:80:21:37:30:5b:31:
76:99:b3:6a:b4:7f:ea:a1:45:49:80:69:c9:d9:5b:47:ff:77:
35:9e:f1:6d:02:25:61:1b:be:d3:56:41:30:5b:a4:c2:85:05:
c0:af:75:b6:d6:02:a5:7d:b8:a8:9f:3b:f3:ca:2e:d7:a7:c9:
09:ce:79:35:9f:fa:61:96:ad:11:6d:b7:f8:c3:47:40:84:27:
47:f4:3b:80:f0:f9:45:8b:f9:cb:08:90:f3:e3:ee:4a:ad:ae:
8e:39:4a:0d:49:21:a5:41:de:d6:58:3b:0b:66:28:ff:3a:99:
f1:e1:55:ce:5c:18:3c:ec:a8:d4:cb:59:01:4b:a2:5f:ad:e9:
b5:d4:9b:53:49:3b:2f:a8:be:f3:12:b6:d3:08:fe:69:ac:09:
9f:ea:c0:98
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICPgEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTFD
NEMxRDUyRDJFM0ZFNkJGM0Q5QkYxQjNENjkyNEI0OUM1RDRFNTAeFw0yMzA4MDQx
MzExNDBaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDJBOEUzQUU0QjEwOUVE
MDcxNkMyMTkxNTFBOUE3MkI5QkIzNDVGNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrdpff8q4d589ypOA3NDqYhLeaurUW9jvpIQXdjvQX6Xx/Pq0L
7yPiYsy2ZwulYYwoOwvj2Pvv5jr1we+vxfuy6e6GimE0ToRB5NTRMSwv53tBCMng
z+LtODy1fdMxFFDxUbAAEbXzShR8n5rqpm5zZM3K/8rr/17jNA98uLNg3Jwho4Lj
8eL3g9LU/4O8Au3SlzT+6T21fmvZg8XpGMrzjAFqYzVrHLtVCu5EG/ENOMS7CT8O
v3Hi+ZkaNtYluf3F6hHMzA9bFjWhyirVYLAsVG2iH+uhm7xut7Mc/43GBVM9jyBx
o8l8+ChyRA1O3J9++SeYFDPtN5C2S5ekDHw5AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUKo465LEJ7QcWwhkVGppyubs0X1YwHwYDVR0jBBgwFoAUUcTB1S0uP+a/PZvx
s9aSS0nF1OUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzk5
L1VjVEIxUzB1UC1hX1BadnhzOWFTUzBuRjFPVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvVWNUQjFTMHVQLWFfUFp2eHM5YVNTMG5GMU9VLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzk5L0tvNDY1TEVKN1FjV3do
a1ZHcHB5dWJzMFgxWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAHLzYgDBADLzZsDBADLzZ8wDQYJKoZIhvcNAQELBQADggEBAMIzL/mqbdjX2ON/
Vylu9G8xU+bDbbcmMnQ+zomotpiL6BHws5lF8dXGZZqqhcaSBwmzXhieC6+iaTt/
BRKidtaBRzw08URIte0klnD9CUw+dwaoSnpuW1uP2aHA72mYQla6buBTS4AhNzBb
MXaZs2q0f+qhRUmAacnZW0f/dzWe8W0CJWEbvtNWQTBbpMKFBcCvdbbWAqV9uKif
O/PKLtenyQnOeTWf+mGWrRFtt/jDR0CEJ0f0O4Dw+UWL+csIkPPj7kqtro45Sg1J
IaVB3tZYOwtmKP86mfHhVc5cGDzsqNTLWQFLol+t6bXUm1NJOy+ovvMSttMI/mms
CZ/qwJg=
-----END CERTIFICATE-----
Generated at Fri May 24 04:47:34 2024 by rpki-client on console-ams.rpki-client.org