Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/K79SS7qmPWdqxnJfRgspjINpHl4.roa
File: K79SS7qmPWdqxnJfRgspjINpHl4.roa (raw, json)
Hash identifier: xZTh4EqgUOs0qGbJEIo4UtLe8/rC5oUZ9XQqaCt4b8k=
Subject key identifier: 2B:BF:52:4B:BA:A6:3D:67:6A:C6:72:5F:46:0B:29:8C:83:69:1E:5E
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 12F1
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/K79SS7qmPWdqxnJfRgspjINpHl4.roa
Signing time: Sat 29 Jun 2024 19:44:17 +0000
ROA not before: Sat 29 Jun 2024 19:44:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4812
IP address blocks: 43.254.152.0/24 maxlen: 24
103.5.192.0/22 maxlen: 24
103.24.116.0/24 maxlen: 24
103.24.118.0/23 maxlen: 24
150.242.238.0/23 maxlen: 24
202.89.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 02:23:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4849 (0x12f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jun 29 19:44:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2BBF524BBAA63D676AC6725F460B298C83691E5E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:09:91:51:ba:14:b7:ff:cd:79:8f:5d:ac:c3:
82:72:28:d1:db:88:40:c0:ef:cb:69:61:00:33:fb:
c5:39:0b:c7:56:50:04:1c:6d:42:01:8a:a2:68:4c:
53:15:7d:c4:08:fe:60:d5:96:f9:68:e0:7e:36:ff:
22:5b:4a:22:6b:f1:0f:40:62:4e:bb:cf:e1:07:ef:
38:e7:24:fd:c4:14:d9:b2:dd:48:bb:da:04:2e:20:
60:74:4b:f8:33:c0:dc:47:7b:8a:4a:e0:be:22:63:
aa:08:d9:64:8c:f2:5c:31:a7:b9:06:f4:7b:2b:47:
90:22:b1:bc:49:d0:71:2d:85:0e:bf:1f:bd:cb:0f:
64:13:96:f4:8f:a8:dd:cd:38:09:ac:43:99:7a:71:
74:11:4f:62:db:ff:bc:32:18:88:ba:68:ea:43:64:
3a:45:93:b4:82:2d:c4:45:b6:bd:bb:d3:99:8b:12:
72:a9:2c:3b:4f:2d:bc:48:44:f4:50:16:b0:11:98:
03:8c:f3:ac:b0:b4:b5:56:d2:a5:f7:3e:08:4c:e3:
36:86:1a:64:b8:29:26:6c:e9:13:4e:d9:c7:ce:ac:
d5:60:c3:dd:7c:37:b4:8e:51:3b:c1:69:8e:26:4d:
80:4d:3b:44:1f:c7:7a:96:65:d3:48:c0:f5:b4:ee:
81:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:BF:52:4B:BA:A6:3D:67:6A:C6:72:5F:46:0B:29:8C:83:69:1E:5E
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/K79SS7qmPWdqxnJfRgspjINpHl4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/24
103.5.192.0/22
103.24.116.0/24
103.24.118.0/23
150.242.238.0/23
202.89.96.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:73:03:2b:7b:66:8d:ec:18:38:ef:9e:80:ab:68:a4:87:63:
54:5f:29:15:5a:b5:aa:98:ce:dc:c1:4f:7d:a6:a3:e5:79:0f:
37:b3:74:bd:c3:cd:20:ca:4c:67:84:f5:4c:22:ae:d7:0a:ee:
67:be:f2:25:02:7c:22:4a:af:f8:b4:b6:01:3c:9d:33:7f:0f:
d6:9f:10:1d:c9:34:06:d0:d6:d9:b0:26:da:8c:7f:b3:b3:6a:
25:0f:e0:19:4d:e6:0d:ca:4d:54:dd:0d:3d:e4:ab:64:a7:ff:
fc:82:eb:44:fa:6a:92:61:df:95:1b:99:7a:da:62:be:61:bf:
a3:17:79:aa:c9:a3:6f:ba:15:30:7a:d2:58:da:5c:9f:7e:95:
6a:d5:22:cd:6f:48:f2:87:c2:df:16:66:a0:3d:6f:e3:f1:d6:
0f:c9:81:7a:2f:af:18:22:92:7d:51:d9:6f:3d:f3:76:01:3f:
dd:0d:4c:f3:68:8b:71:44:bb:b8:4e:8e:3c:6e:41:d2:07:70:
7a:01:0e:02:4e:f5:f1:f5:4f:60:c0:9b:ae:9b:61:90:0c:1c:
c7:c9:8f:41:7b:68:a0:c5:bb:a8:92:5d:59:eb:1d:b4:7f:0e:
1e:d9:5d:93:50:6a:db:e1:ac:09:79:1d:16:e3:d7:02:eb:5e:
3c:3d:a9:c5
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgICEvEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA2Mjkx
OTQ0MTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJCQkY1MjRCQkFBNjNE
Njc2QUM2NzI1RjQ2MEIyOThDODM2OTFFNUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGCZFRuhS3/815j12sw4JyKNHbiEDA78tpYQAz+8U5C8dWUAQc
bUIBiqJoTFMVfcQI/mDVlvlo4H42/yJbSiJr8Q9AYk67z+EH7zjnJP3EFNmy3Ui7
2gQuIGB0S/gzwNxHe4pK4L4iY6oI2WSM8lwxp7kG9HsrR5AisbxJ0HEthQ6/H73L
D2QTlvSPqN3NOAmsQ5l6cXQRT2Lb/7wyGIi6aOpDZDpFk7SCLcRFtr2705mLEnKp
LDtPLbxIRPRQFrARmAOM86ywtLVW0qX3PghM4zaGGmS4KSZs6RNO2cfOrNVgw918
N7SOUTvBaY4mTYBNO0Qfx3qWZdNIwPW07oGlAgMBAAGjggIPMIICCzAdBgNVHQ4E
FgQUK79SS7qmPWdqxnJfRgspjINpHl4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0s3OVNTN3FtUFdkcXhu
SmZSZ3NwaklOcEhsNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQD
BAAr/pgDBAJnBcADBABnGHQDBAFnGHYDBAGW8u4DBADKWWAwDQYJKoZIhvcNAQEL
BQADggEBAH9zAyt7Zo3sGDjvnoCraKSHY1RfKRVataqYztzBT32mo+V5DzezdL3D
zSDKTGeE9UwirtcK7me+8iUCfCJKr/i0tgE8nTN/D9afEB3JNAbQ1tmwJtqMf7Oz
aiUP4BlN5g3KTVTdDT3kq2Sn//yC60T6apJh35UbmXraYr5hv6MXearJo2+6FTB6
0ljaXJ9+lWrVIs1vSPKHwt8WZqA9b+Px1g/JgXovrxgikn1R2W8983YBP90NTPNo
i3FEu7hOjjxuQdIHcHoBDgJO9fH1T2DAm66bYZAMHMfJj0F7aKDFu6iSXVnrHbR/
Dh7ZXZNQatvhrAl5HRbj1wLrXjw9qcU=
-----END CERTIFICATE-----
Generated at Wed Sep 11 03:47:53 2024 by rpki-client on console-fra.rpki-client.org