Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/0RNwrV4-swScOeUoyDDEx_KbesE.roa
File: 0RNwrV4-swScOeUoyDDEx_KbesE.roa (raw, json)
Hash identifier: ApKyUiDYuRjwoKh2OSj/goPHXRGc/8bugq/9twWrLpY=
Subject key identifier: D1:13:70:AD:5E:3E:B3:04:9C:39:E5:28:C8:30:C4:C7:F2:9B:7A:C1
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 039F
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/0RNwrV4-swScOeUoyDDEx_KbesE.roa
Signing time: Wed 23 Nov 2022 09:15:56 +0000
ROA not before: Wed 23 Nov 2022 09:15:56 +0000
ROA not after: Mon 28 Aug 2023 04:15:34 +0000
asID: 59083
IP address blocks: 43.254.152.0/22 maxlen: 24
43.254.153.0/24 maxlen: 24
43.254.154.0/23 maxlen: 24
43.254.154.0/24 maxlen: 24
43.254.155.0/24 maxlen: 24
59.153.164.0/22 maxlen: 24
59.153.168.0/23 maxlen: 24
103.5.192.0/22 maxlen: 24
103.10.0.0/23 maxlen: 24
103.10.0.0/24 maxlen: 24
103.10.1.0/24 maxlen: 24
103.10.2.0/23 maxlen: 24
103.10.2.0/24 maxlen: 24
103.10.3.0/24 maxlen: 24
103.24.116.0/22 maxlen: 24
103.24.116.0/23 maxlen: 24
103.24.116.0/24 maxlen: 24
103.24.117.0/24 maxlen: 24
103.24.118.0/23 maxlen: 24
103.24.118.0/24 maxlen: 24
103.24.119.0/24 maxlen: 24
150.242.236.0/23 maxlen: 24
150.242.238.0/23 maxlen: 24
202.89.108.0/22 maxlen: 24
202.89.108.0/23 maxlen: 24
202.89.110.0/23 maxlen: 24
202.136.248.0/22 maxlen: 24
202.136.248.0/23 maxlen: 24
202.136.249.0/24 maxlen: 24
202.136.250.0/23 maxlen: 24
202.136.250.0/24 maxlen: 24
202.140.140.0/22 maxlen: 24
202.140.140.0/23 maxlen: 24
202.140.142.0/23 maxlen: 24
202.174.124.0/22 maxlen: 24
203.90.12.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 927 (0x39f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Nov 23 09:15:56 2022 GMT
Not After : Aug 28 04:15:34 2023 GMT
Subject: CN=D11370AD5E3EB3049C39E528C830C4C7F29B7AC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:cc:fc:ad:67:f3:24:de:ae:a7:5e:db:6c:79:
72:58:22:af:e1:1e:b6:42:8d:ac:1a:6f:f3:be:d6:
8a:18:4b:c2:32:c5:fc:cc:0e:78:d3:1f:4c:53:9b:
de:66:01:bb:6e:2a:0e:1b:0a:b1:b6:c9:29:eb:4a:
2a:5b:ec:cc:c5:1e:dc:10:0b:42:fb:10:3a:b7:46:
3f:81:7b:02:b2:11:86:1d:77:66:9c:0d:1a:77:c4:
07:f9:ff:23:4f:e5:3f:5b:83:b1:6b:3e:96:7f:c8:
f8:06:72:2a:92:80:3e:e1:fd:41:17:c7:fb:7a:fb:
31:92:68:92:ca:f8:6a:88:15:86:11:c0:15:b4:ac:
b1:e6:a1:a5:30:25:50:9e:c8:58:67:12:ad:6e:e5:
07:e5:a1:95:a8:77:63:de:1f:50:1e:9d:1e:10:3f:
a5:ea:0e:60:52:d8:ba:87:62:e4:ad:01:66:84:16:
e6:64:76:53:20:3b:c3:94:c1:65:cd:22:42:c1:6d:
70:98:bc:1d:99:40:70:7c:1a:d6:f3:aa:a8:a5:ba:
c6:c7:26:a0:50:a9:d8:10:f1:b3:f7:7f:51:1c:f0:
59:34:4e:7a:df:24:6e:db:c5:f1:52:e0:49:03:46:
67:3e:7d:52:ab:ad:ac:0f:43:34:a4:ea:f6:70:ef:
a8:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:13:70:AD:5E:3E:B3:04:9C:39:E5:28:C8:30:C4:C7:F2:9B:7A:C1
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/0RNwrV4-swScOeUoyDDEx_KbesE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/22
59.153.164.0-59.153.169.255
103.5.192.0/22
103.10.0.0/22
103.24.116.0/22
150.242.236.0/22
202.89.108.0/22
202.136.248.0/22
202.140.140.0/22
202.174.124.0/22
203.90.12.0/22
Signature Algorithm: sha256WithRSAEncryption
49:5e:db:3f:d1:3a:20:d1:f5:28:22:2a:bf:7d:3b:9c:87:ce:
7a:4f:0a:6b:ab:3b:4b:42:dc:63:c1:3a:05:42:5e:0e:41:04:
75:1f:1e:f9:a5:f4:e0:7c:dd:18:a9:72:f8:67:64:db:5c:02:
02:ff:50:95:69:0b:e9:57:74:d9:b7:98:d2:67:70:a3:38:32:
39:9d:16:40:00:59:dc:bf:bc:51:f0:5a:21:ce:ef:d3:f7:c9:
ce:62:d6:f2:d9:c5:ba:56:44:72:1d:a0:00:f6:ed:ab:fb:4f:
5a:28:5e:c0:6f:53:0d:ac:5a:c7:e7:d9:47:00:e6:6c:76:e9:
f1:49:8c:90:62:ce:7c:b6:2b:88:79:cd:07:8a:43:3b:55:b5:
b9:e3:c0:55:98:d3:92:13:1a:68:5a:9d:7a:54:47:5b:25:52:
f3:3d:32:44:ee:3a:3f:25:b0:14:5f:34:43:42:15:da:14:f6:
16:ac:c2:bf:4d:0d:62:5e:33:e8:ab:e6:da:cb:45:56:16:d6:
18:af:38:5a:37:14:d7:1e:18:ab:90:d2:04:1f:4e:56:96:8d:
09:28:ff:0e:a6:41:c2:67:67:76:c9:05:5f:3a:17:5b:dc:5b:
5c:84:fc:4c:af:ef:73:e7:4e:ee:3f:65:19:b7:8d:72:66:8e:
90:20:8d:8a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgICA58wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yMjExMjMw
OTE1NTZaFw0yMzA4MjgwNDE1MzRaMDMxMTAvBgNVBAMTKEQxMTM3MEFENUUzRUIz
MDQ5QzM5RTUyOEM4MzBDNEM3RjI5QjdBQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIzPytZ/Mk3q6nXttseXJYIq/hHrZCjawab/O+1ooYS8IyxfzM
DnjTH0xTm95mAbtuKg4bCrG2ySnrSipb7MzFHtwQC0L7EDq3Rj+BewKyEYYdd2ac
DRp3xAf5/yNP5T9bg7FrPpZ/yPgGciqSgD7h/UEXx/t6+zGSaJLK+GqIFYYRwBW0
rLHmoaUwJVCeyFhnEq1u5QfloZWod2PeH1AenR4QP6XqDmBS2LqHYuStAWaEFuZk
dlMgO8OUwWXNIkLBbXCYvB2ZQHB8GtbzqqilusbHJqBQqdgQ8bP3f1Ec8Fk0Tnrf
JG7bxfFS4EkDRmc+fVKrrawPQzSk6vZw76jDAgMBAAGjggI1MIICMTAdBgNVHQ4E
FgQU0RNwrV4+swScOeUoyDDEx/KbesEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzBSTndyVjQtc3dTY09l
VW95RERFeF9LYmVzRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYwYIKwYBBQUHAQcBAf8EVDBSMFAEAgABMEoD
BAIr/pgwDAMEAjuZpAMEATuZqAMEAmcFwAMEAmcKAAMEAmcYdAMEApby7AMEAspZ
bAMEAsqI+AMEAsqMjAMEAsqufAMEAstaDDANBgkqhkiG9w0BAQsFAAOCAQEASV7b
P9E6INH1KCIqv307nIfOek8Ka6s7S0LcY8E6BUJeDkEEdR8e+aX04HzdGKly+Gdk
21wCAv9QlWkL6Vd02beY0mdwozgyOZ0WQABZ3L+8UfBaIc7v0/fJzmLW8tnFulZE
ch2gAPbtq/tPWihewG9TDaxax+fZRwDmbHbp8UmMkGLOfLYriHnNB4pDO1W1uePA
VZjTkhMaaFqdelRHWyVS8z0yRO46PyWwFF80Q0IV2hT2FqzCv00NYl4z6Kvm2stF
VhbWGK84WjcU1x4Yq5DSBB9OVpaNCSj/DqZBwmdndskFXzoXW9xbXIT8TK/vc+dO
7j9lGbeNcmaOkCCNig==
-----END CERTIFICATE-----
Generated at Fri Jul 28 03:59:38 2023 by rpki-client on console-ams.rpki-client.org