Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/NMBFb1kPLFBCl_Ep1tCnrCkIeJ8.roa
File: NMBFb1kPLFBCl_Ep1tCnrCkIeJ8.roa (raw, json)
Hash identifier: FHrhYTWar6Aj1JsTXOxomOLap9w0bNOEwoO08lbwrbo=
Subject key identifier: 34:C0:45:6F:59:0F:2C:50:42:97:F1:29:D6:D0:A7:AC:29:08:78:9F
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 0706
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/NMBFb1kPLFBCl_Ep1tCnrCkIeJ8.roa
Signing time: Thu 18 May 2023 07:24:16 +0000
ROA not before: Thu 18 May 2023 07:24:16 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 17621
IP address blocks: 43.254.152.0/24 maxlen: 24
103.5.192.0/22 maxlen: 24
103.24.116.0/24 maxlen: 24
103.24.118.0/23 maxlen: 24
150.242.238.0/23 maxlen: 24
202.89.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1798 (0x706)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: May 18 07:24:16 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=34C0456F590F2C504297F129D6D0A7AC2908789F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:50:35:d2:a9:90:b1:e8:fa:47:c3:9d:03:25:
68:00:78:13:91:31:5f:a4:b2:fd:83:4a:5a:56:82:
62:9f:33:cc:d6:dd:18:56:22:36:d3:cd:ce:87:f9:
0a:51:bf:5b:9f:b7:71:9b:2f:75:99:90:e4:85:7b:
a0:c7:b7:1f:a9:c7:30:43:d6:ac:ed:32:9b:10:e0:
36:2a:fd:b9:5b:86:a8:7a:ad:c9:93:b4:e1:14:04:
ed:a0:3d:1b:0b:f6:a8:9c:c8:4d:7a:d1:5c:e9:22:
15:bc:cf:52:96:9e:39:1e:5b:6b:91:41:a1:13:58:
a3:c5:3f:87:da:97:9b:f4:70:d4:23:44:41:af:8f:
4e:e3:c1:d3:fe:31:37:b3:2d:58:c3:98:60:a4:1a:
76:15:4c:28:db:d7:e5:31:b9:e3:2a:51:4b:7a:be:
45:1c:9c:67:3a:17:08:93:cb:7e:f7:7a:e5:5b:87:
97:3e:f6:7b:25:40:23:b0:f7:37:af:0f:b9:8a:3e:
77:2d:b5:17:85:f0:9b:2d:a0:5a:ae:c4:14:f7:db:
b0:dc:e2:5d:3d:22:30:b8:6f:31:55:71:e2:2c:57:
51:ac:4c:82:5c:b6:86:75:d6:9f:63:3d:61:67:eb:
d8:7c:a2:a5:89:ed:1a:11:c2:ae:44:14:21:cb:8b:
0a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:C0:45:6F:59:0F:2C:50:42:97:F1:29:D6:D0:A7:AC:29:08:78:9F
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/NMBFb1kPLFBCl_Ep1tCnrCkIeJ8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/24
103.5.192.0/22
103.24.116.0/24
103.24.118.0/23
150.242.238.0/23
202.89.96.0/24
Signature Algorithm: sha256WithRSAEncryption
46:00:6c:fe:6f:05:d6:9c:3b:9b:54:41:eb:39:1b:18:7e:e6:
ca:4c:57:8b:63:08:d9:50:e0:85:2d:d4:b0:5e:e4:18:f7:89:
d1:59:ce:58:81:46:a7:e1:59:2f:7c:3d:79:22:68:72:09:ff:
59:04:e5:dc:d4:6b:67:8a:03:3b:74:90:b5:4d:01:d2:94:7e:
70:de:2a:25:4f:70:c0:09:b9:05:7f:7b:85:5a:cd:8d:08:70:
8d:93:11:67:8d:1b:26:7e:66:af:f1:e4:79:c5:eb:91:3a:7e:
00:8b:42:d6:0c:89:e5:6d:b5:f2:32:df:66:34:f8:a2:4c:7b:
0b:eb:24:f2:6a:d9:d3:62:cc:cd:c4:bd:42:3c:ef:69:6d:d2:
49:a2:94:2a:cf:0a:58:7a:47:46:07:63:41:f6:a8:d9:5d:e5:
e7:7b:9c:ba:e3:73:95:ad:97:62:e5:cf:2c:77:e2:e1:89:cf:
4a:c5:b4:6d:9f:99:88:30:82:8c:04:38:d2:ba:26:43:ce:46:
a7:90:a1:bd:4b:57:ef:55:9c:47:41:d3:b9:ed:06:bd:5b:57:
3b:ca:59:9b:d2:c7:4d:6a:d5:1c:bb:72:29:12:5b:b3:c0:6b:
dc:bf:5d:5e:09:10:1c:10:4e:c8:3b:90:0b:3e:32:56:07:0e:
9e:66:54:94
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgICBwYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yMzA1MTgw
NzI0MTZaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDM0QzA0NTZGNTkwRjJD
NTA0Mjk3RjEyOUQ2RDBBN0FDMjkwODc4OUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiUDXSqZCx6PpHw50DJWgAeBORMV+ksv2DSlpWgmKfM8zW3RhW
IjbTzc6H+QpRv1uft3GbL3WZkOSFe6DHtx+pxzBD1qztMpsQ4DYq/blbhqh6rcmT
tOEUBO2gPRsL9qicyE160VzpIhW8z1KWnjkeW2uRQaETWKPFP4fal5v0cNQjREGv
j07jwdP+MTezLVjDmGCkGnYVTCjb1+UxueMqUUt6vkUcnGc6FwiTy373euVbh5c+
9nslQCOw9zevD7mKPncttReF8JstoFquxBT327Dc4l09IjC4bzFVceIsV1GsTIJc
toZ11p9jPWFn69h8oqWJ7RoRwq5EFCHLiwq9AgMBAAGjggIPMIICCzAdBgNVHQ4E
FgQUNMBFb1kPLFBCl/Ep1tCnrCkIeJ8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L05NQkZiMWtQTEZCQ2xf
RXAxdENuckNrSWVKOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQD
BAAr/pgDBAJnBcADBABnGHQDBAFnGHYDBAGW8u4DBADKWWAwDQYJKoZIhvcNAQEL
BQADggEBAEYAbP5vBdacO5tUQes5Gxh+5spMV4tjCNlQ4IUt1LBe5Bj3idFZzliB
RqfhWS98PXkiaHIJ/1kE5dzUa2eKAzt0kLVNAdKUfnDeKiVPcMAJuQV/e4VazY0I
cI2TEWeNGyZ+Zq/x5HnF65E6fgCLQtYMieVttfIy32Y0+KJMewvrJPJq2dNizM3E
vUI872lt0kmilCrPClh6R0YHY0H2qNld5ed7nLrjc5Wtl2Llzyx34uGJz0rFtG2f
mYgwgowEONK6JkPORqeQob1LV+9VnEdB07ntBr1bVzvKWZvSx01q1Ry7cikSW7PA
a9y/XV4JEBwQTsg7kAs+MlYHDp5mVJQ=
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:11:40 2024 by rpki-client on console-ams.rpki-client.org