Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/H8Ntb2hF6jngRN3SanFwGl9L41E.roa
File: H8Ntb2hF6jngRN3SanFwGl9L41E.roa (raw, json)
Hash identifier: mwiQDPj+neh+EcR/QTyObZPHt+xpcZGaEAu1MW4Jdmk=
Subject key identifier: 1F:C3:6D:6F:68:45:EA:39:E0:44:DD:D2:6A:71:70:1A:5F:4B:E3:51
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 12F2
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/H8Ntb2hF6jngRN3SanFwGl9L41E.roa
Signing time: Sat 29 Jun 2024 19:44:17 +0000
ROA not before: Sat 29 Jun 2024 19:44:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 59083
IP address blocks: 43.254.152.0/22 maxlen: 24
43.254.153.0/24 maxlen: 24
43.254.154.0/23 maxlen: 24
43.254.154.0/24 maxlen: 24
43.254.155.0/24 maxlen: 24
59.153.168.0/23 maxlen: 24
103.5.192.0/22 maxlen: 24
103.10.0.0/23 maxlen: 24
103.10.0.0/24 maxlen: 24
103.10.1.0/24 maxlen: 24
103.10.2.0/23 maxlen: 24
103.10.2.0/24 maxlen: 24
103.10.3.0/24 maxlen: 24
103.24.116.0/22 maxlen: 24
103.24.117.0/24 maxlen: 24
150.242.238.0/23 maxlen: 24
202.89.108.0/22 maxlen: 24
202.89.108.0/23 maxlen: 24
202.89.110.0/23 maxlen: 24
202.136.248.0/22 maxlen: 24
202.136.248.0/23 maxlen: 24
202.136.249.0/24 maxlen: 24
202.136.250.0/23 maxlen: 24
202.136.250.0/24 maxlen: 24
202.174.124.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 02:23:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4850 (0x12f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jun 29 19:44:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1FC36D6F6845EA39E044DDD26A71701A5F4BE351
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:dd:ad:7c:fc:c0:74:c5:fa:ca:5d:51:cc:38:
2e:fb:9c:7b:9d:0a:35:0b:6f:9a:f2:45:96:df:4e:
bc:62:97:27:76:e5:bd:dd:84:cd:5c:b2:2b:10:8e:
7f:ba:11:a5:a3:01:77:ea:95:6a:57:1a:c9:d7:92:
04:c0:2f:77:d1:f4:dc:ce:24:0b:68:b1:47:72:6d:
10:df:fc:f8:87:66:3b:bf:17:93:17:ac:d1:12:1c:
c8:c1:f9:68:f0:28:c6:d1:88:cb:87:28:fa:8c:72:
84:3d:6e:c6:57:bf:81:4b:96:ff:e8:fa:3a:fd:f2:
9f:61:b2:9c:fb:6b:3a:e3:40:5e:eb:76:74:c7:5b:
9d:6b:63:78:7b:0d:d7:66:2b:10:0d:ad:6f:a1:53:
e9:a7:8d:e1:ec:ff:74:ce:60:7d:b8:f9:7a:d8:03:
9b:10:53:88:fb:27:77:e8:a7:f0:58:ed:24:ea:76:
03:98:09:38:f6:cb:80:0c:fb:f4:2d:5a:ef:01:1a:
db:06:f4:9d:c5:f5:52:55:6e:a0:ae:3b:28:82:d1:
43:04:b9:b0:84:f4:ab:12:5c:97:0e:92:6d:b3:73:
58:c6:0e:ab:dd:4f:d6:9a:0a:bc:e0:32:e7:d5:96:
4f:c7:de:b2:81:a9:7b:3e:42:4a:39:ba:5f:20:5d:
39:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C3:6D:6F:68:45:EA:39:E0:44:DD:D2:6A:71:70:1A:5F:4B:E3:51
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/H8Ntb2hF6jngRN3SanFwGl9L41E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/22
59.153.168.0/23
103.5.192.0/22
103.10.0.0/22
103.24.116.0/22
150.242.238.0/23
202.89.108.0/22
202.136.248.0/22
202.174.124.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:08:0f:31:cf:d1:cb:da:e8:a8:95:2e:1a:fc:9c:74:1d:d1:
7f:14:01:7d:8c:13:29:ab:03:c8:33:b8:77:99:b8:d1:dc:f6:
29:6a:c4:96:16:4f:cf:eb:c5:59:86:01:81:ea:af:a7:32:56:
87:43:e8:4a:04:d5:ae:2f:b7:ae:22:20:ad:e8:e6:f9:40:13:
5f:83:59:dc:a3:e6:72:6d:12:0e:a2:f2:91:62:71:26:10:d7:
5b:5a:b1:5e:b3:f8:70:fd:ff:b0:52:80:e8:50:e0:4f:1a:f9:
55:52:59:d1:58:81:cc:4d:22:3b:af:f1:b2:6e:4e:14:ba:31:
47:ea:20:af:c5:cb:e3:2c:f6:7d:3b:ea:e4:e3:44:90:f9:20:
c6:ab:29:11:c8:d6:ed:46:21:eb:73:b4:04:e7:7f:15:20:90:
d2:3b:16:a6:30:19:96:49:94:2e:2d:e4:5f:5b:63:b2:d7:a6:
f7:6d:fc:00:02:45:e6:17:4a:9e:de:2b:22:37:15:3c:ab:db:
52:66:6e:95:ae:27:12:00:db:54:c3:2f:ab:ce:a1:ee:29:db:
01:69:1e:4a:50:44:51:fb:47:9c:a6:16:82:65:39:e4:ab:a5:
40:fb:7e:12:76:62:fe:15:ad:02:51:1b:f4:46:9d:da:e7:f4:
09:13:09:33
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgICEvIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA2Mjkx
OTQ0MTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFGQzM2RDZGNjg0NUVB
MzlFMDQ0REREMjZBNzE3MDFBNUY0QkUzNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDz3a18/MB0xfrKXVHMOC77nHudCjULb5ryRZbfTrxilyd25b3d
hM1csisQjn+6EaWjAXfqlWpXGsnXkgTAL3fR9NzOJAtosUdybRDf/PiHZju/F5MX
rNESHMjB+WjwKMbRiMuHKPqMcoQ9bsZXv4FLlv/o+jr98p9hspz7azrjQF7rdnTH
W51rY3h7DddmKxANrW+hU+mnjeHs/3TOYH24+XrYA5sQU4j7J3fop/BY7STqdgOY
CTj2y4AM+/QtWu8BGtsG9J3F9VJVbqCuOyiC0UMEubCE9KsSXJcOkm2zc1jGDqvd
T9aaCrzgMufVlk/H3rKBqXs+Qko5ul8gXTlbAgMBAAGjggIhMIICHTAdBgNVHQ4E
FgQUH8Ntb2hF6jngRN3SanFwGl9L41EwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0g4TnRiMmhGNmpuZ1JO
M1NhbkZ3R2w5TDQxRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYD
BAIr/pgDBAE7magDBAJnBcADBAJnCgADBAJnGHQDBAGW8u4DBALKWWwDBALKiPgD
BALKrnwwDQYJKoZIhvcNAQELBQADggEBAG8IDzHP0cva6KiVLhr8nHQd0X8UAX2M
EymrA8gzuHeZuNHc9ilqxJYWT8/rxVmGAYHqr6cyVodD6EoE1a4vt64iIK3o5vlA
E1+DWdyj5nJtEg6i8pFicSYQ11tasV6z+HD9/7BSgOhQ4E8a+VVSWdFYgcxNIjuv
8bJuThS6MUfqIK/Fy+Ms9n076uTjRJD5IMarKRHI1u1GIetztATnfxUgkNI7FqYw
GZZJlC4t5F9bY7LXpvdt/AACReYXSp7eKyI3FTyr21JmbpWuJxIA21TDL6vOoe4p
2wFpHkpQRFH7R5ymFoJlOeSrpUD7fhJ2Yv4VrQJRG/RGndrn9AkTCTM=
-----END CERTIFICATE-----
Generated at Wed Sep 11 05:04:09 2024 by rpki-client on console-ams.rpki-client.org