Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/T92khRqzwW7fDjYNk3Odmu6s-NM.roa
File: T92khRqzwW7fDjYNk3Odmu6s-NM.roa (raw, json)
Hash identifier: tyw89S7raEk+o/VeWQYArvTI8liqFhUxFwo1Wpq0TNg=
Subject key identifier: 4F:DD:A4:85:1A:B3:C1:6E:DF:0E:36:0D:93:73:9D:9A:EE:AC:F8:D3
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0A41
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/T92khRqzwW7fDjYNk3Odmu6s-NM.roa
Signing time: Tue 21 May 2024 10:29:39 +0000
ROA not before: Tue 21 May 2024 10:29:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 62387
IP address blocks: 119.59.192.0/22 maxlen: 24
119.59.196.0/22 maxlen: 24
119.59.204.0/22 maxlen: 24
119.59.212.0/22 maxlen: 24
119.59.216.0/22 maxlen: 24
119.59.224.0/22 maxlen: 24
119.59.228.0/22 maxlen: 24
119.59.240.0/22 maxlen: 24
119.59.248.0/22 maxlen: 24
123.98.24.0/22 maxlen: 24
123.98.36.0/22 maxlen: 24
123.98.52.0/22 maxlen: 24
123.98.92.0/22 maxlen: 24
211.149.76.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Jun 2024 12:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2625 (0xa41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: May 21 10:29:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4FDDA4851AB3C16EDF0E360D93739D9AEEACF8D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c2:46:c4:96:d7:a3:99:5a:22:19:d0:3e:9d:
74:b9:05:6f:ff:c2:d9:e7:ab:31:07:bf:ca:c8:9d:
46:f8:fb:c5:27:4f:3a:ef:0d:18:5e:dc:59:07:37:
b0:5f:59:45:19:55:46:12:3b:2b:55:8a:c8:94:ee:
31:32:4c:60:58:71:81:64:64:4c:d5:72:d5:72:77:
2b:5f:f7:7f:f2:74:ac:27:aa:51:8f:b1:54:3d:7d:
2d:7c:be:b8:6a:6b:57:e7:bd:68:90:04:a6:70:44:
31:4b:79:3b:92:84:3a:19:97:ce:cb:67:9d:86:6c:
b5:aa:de:96:bc:9c:d3:73:21:31:44:6a:3c:22:56:
d7:81:12:8c:0e:a5:0e:54:20:1e:15:30:c1:58:f6:
98:f3:fd:f4:c3:fb:a2:04:b0:c4:76:fe:fc:26:66:
57:b2:9e:a1:98:7c:b9:45:06:c0:53:cf:40:3c:97:
66:c4:75:58:4e:3e:8b:7c:7a:41:4a:31:d3:80:01:
48:01:c3:d0:b7:a8:01:fa:39:67:15:26:e0:d5:2d:
16:4f:dd:e4:d9:ba:30:2e:98:ad:36:1b:90:59:48:
f3:ff:5a:60:30:f1:71:e2:69:1b:8a:56:33:ba:fa:
6a:96:bf:16:75:cb:30:22:3c:31:69:37:16:2a:27:
f3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:DD:A4:85:1A:B3:C1:6E:DF:0E:36:0D:93:73:9D:9A:EE:AC:F8:D3
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/T92khRqzwW7fDjYNk3Odmu6s-NM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.59.192.0/21
119.59.204.0/22
119.59.212.0-119.59.219.255
119.59.224.0/21
119.59.240.0/22
119.59.248.0/22
123.98.24.0/22
123.98.36.0/22
123.98.52.0/22
123.98.92.0/22
211.149.76.0/22
Signature Algorithm: sha256WithRSAEncryption
07:aa:9a:be:e5:f8:40:73:26:88:f1:90:7e:0e:0e:0c:94:cf:
45:d2:ad:1f:aa:6c:cb:78:44:42:a6:ec:b2:05:b9:fa:7d:c2:
a7:84:e2:f7:4a:a0:1e:83:86:eb:78:d5:9b:d5:7c:11:61:0d:
57:22:5f:e5:9e:4e:ba:c6:39:f8:45:00:f8:41:e4:75:95:73:
2d:fd:61:e6:66:a3:5c:87:fb:7b:59:8d:62:98:0e:81:7e:ae:
71:1c:b5:0c:e8:36:b8:e6:46:f4:a8:34:99:5d:f8:a8:6b:9f:
6a:4f:40:1c:eb:2e:e5:2d:bb:75:93:5b:6b:dc:ee:d8:a3:de:
23:db:02:72:11:59:10:db:10:a4:7d:92:c3:83:0b:d1:67:d1:
ea:68:66:0f:ea:0e:87:7c:b9:1f:4f:d5:2f:35:21:0d:ac:f8:
99:93:f7:21:bd:9e:71:b9:2c:ca:fa:49:b7:65:7b:c3:ae:35:
a0:aa:43:49:fa:18:cd:e8:cf:64:be:02:d5:e0:a9:d9:13:60:
1d:cb:15:bc:cf:70:78:19:28:e3:ef:bb:38:a4:f8:5d:d9:30:
80:9f:4d:71:52:05:49:40:a0:7e:ab:2e:80:78:d3:79:b6:b1:
2a:08:fe:68:37:47:e0:c5:21:a2:50:96:6c:83:66:2c:0f:9f:
37:78:43:1f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgICCkEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA1MjEx
MDI5MzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRGRERBNDg1MUFCM0Mx
NkVERjBFMzYwRDkzNzM5RDlBRUVBQ0Y4RDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2wkbEltejmVoiGdA+nXS5BW//wtnnqzEHv8rInUb4+8UnTzrv
DRhe3FkHN7BfWUUZVUYSOytVisiU7jEyTGBYcYFkZEzVctVydytf93/ydKwnqlGP
sVQ9fS18vrhqa1fnvWiQBKZwRDFLeTuShDoZl87LZ52GbLWq3pa8nNNzITFEajwi
VteBEowOpQ5UIB4VMMFY9pjz/fTD+6IEsMR2/vwmZleynqGYfLlFBsBTz0A8l2bE
dVhOPot8ekFKMdOAAUgBw9C3qAH6OWcVJuDVLRZP3eTZujAumK02G5BZSPP/WmAw
8XHiaRuKVjO6+mqWvxZ1yzAiPDFpNxYqJ/MLAgMBAAGjggI1MIICMTAdBgNVHQ4E
FgQUT92khRqzwW7fDjYNk3Odmu6s+NMwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1Q5MmtoUnF6d1c3ZkRq
WU5rM09kbXU2cy1OTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYwYIKwYBBQUHAQcBAf8EVDBSMFAEAgABMEoD
BAN3O8ADBAJ3O8wwDAMEAnc71AMEAnc72AMEA3c74AMEAnc78AMEAnc7+AMEAnti
GAMEAntiJAMEAntiNAMEAntiXAMEAtOVTDANBgkqhkiG9w0BAQsFAAOCAQEAB6qa
vuX4QHMmiPGQfg4ODJTPRdKtH6psy3hEQqbssgW5+n3Cp4Ti90qgHoOG63jVm9V8
EWENVyJf5Z5OusY5+EUA+EHkdZVzLf1h5majXIf7e1mNYpgOgX6ucRy1DOg2uOZG
9Kg0mV34qGufak9AHOsu5S27dZNba9zu2KPeI9sCchFZENsQpH2Sw4ML0WfR6mhm
D+oOh3y5H0/VLzUhDaz4mZP3Ib2ecbksyvpJt2V7w641oKpDSfoYzejPZL4C1eCp
2RNgHcsVvM9weBko4++7OKT4XdkwgJ9NcVIFSUCgfqsugHjTebaxKgj+aDdH4MUh
olCWbINmLA+fN3hDHw==
-----END CERTIFICATE-----
Generated at Wed Jun 19 16:25:58 2024 by rpki-client on console-ams.rpki-client.org