Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/NeZ855CTcmEV2tJFO_Y3QbluOgE.roa
File: NeZ855CTcmEV2tJFO_Y3QbluOgE.roa (raw, json)
Hash identifier: PTNqtmcj3K+M8n9pzqDbvlAxT0z0koiSq7dC839eO1I=
Subject key identifier: 35:E6:7C:E7:90:93:72:61:15:DA:D2:45:3B:F6:37:41:B9:6E:3A:01
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 12F3
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/NeZ855CTcmEV2tJFO_Y3QbluOgE.roa
Signing time: Sat 29 Jun 2024 19:44:18 +0000
ROA not before: Sat 29 Jun 2024 19:44:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 138527
IP address blocks: 45.252.8.0/22 maxlen: 24
45.252.12.0/22 maxlen: 24
45.252.16.0/22 maxlen: 24
45.252.20.0/22 maxlen: 24
45.252.24.0/22 maxlen: 24
45.252.28.0/22 maxlen: 24
45.252.32.0/22 maxlen: 24
45.252.36.0/22 maxlen: 24
45.252.40.0/22 maxlen: 24
45.252.44.0/22 maxlen: 24
45.252.48.0/22 maxlen: 24
45.252.100.0/22 maxlen: 24
45.252.144.0/22 maxlen: 24
103.198.240.0/22 maxlen: 24
103.220.248.0/22 maxlen: 24
103.220.252.0/22 maxlen: 24
103.221.0.0/22 maxlen: 24
103.221.4.0/22 maxlen: 24
103.221.8.0/22 maxlen: 24
103.221.12.0/22 maxlen: 24
103.221.16.0/22 maxlen: 24
103.221.20.0/22 maxlen: 24
103.221.24.0/22 maxlen: 24
103.221.28.0/22 maxlen: 24
103.221.32.0/22 maxlen: 24
103.221.36.0/22 maxlen: 24
103.221.40.0/22 maxlen: 24
103.221.44.0/22 maxlen: 24
103.221.48.0/22 maxlen: 24
103.221.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 02:23:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4851 (0x12f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jun 29 19:44:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=35E67CE79093726115DAD2453BF63741B96E3A01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:bc:29:f4:20:af:65:f2:cc:b3:4e:ce:02:bc:
b2:a3:d6:54:45:72:ba:7c:5e:77:0c:75:7b:52:ae:
52:99:49:07:da:30:62:01:bf:7c:7c:ac:32:5b:c6:
9e:51:db:d3:3d:a0:18:13:71:23:16:13:c3:86:d0:
89:8e:e8:b7:16:70:35:89:62:7e:41:90:c7:e8:8d:
4c:c3:01:fe:70:b9:98:01:b5:d5:de:5d:95:23:f9:
e9:8c:0f:d7:d6:8d:e7:1b:59:e9:b6:78:27:91:f3:
a6:57:fa:8d:07:ff:77:3d:69:73:d7:a5:6f:25:b0:
a1:42:ed:e5:40:85:54:fc:3b:c5:ea:74:4a:4d:f7:
4c:8e:92:cb:bc:85:17:f9:f4:10:dc:a6:24:17:e7:
ba:7e:1e:f8:59:cc:49:93:17:4e:af:7f:84:3f:48:
d1:35:a7:0e:a9:3e:8f:44:ea:fb:0e:30:fc:67:80:
e5:e2:fe:45:28:d8:84:f9:7e:c6:b9:55:ac:20:e6:
fc:83:b2:b1:ef:d6:91:c4:60:70:fe:88:38:ac:b5:
b7:39:1a:b5:45:20:6c:14:d1:a5:4f:4b:47:1d:19:
3c:ea:77:ec:41:5b:21:29:c5:d7:1f:30:e9:df:5c:
2f:e7:90:8f:2e:2b:61:25:de:8c:d8:a7:5a:e0:05:
5a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E6:7C:E7:90:93:72:61:15:DA:D2:45:3B:F6:37:41:B9:6E:3A:01
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/NeZ855CTcmEV2tJFO_Y3QbluOgE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.8.0-45.252.51.255
45.252.100.0/22
45.252.144.0/22
103.198.240.0/22
103.220.248.0-103.221.51.255
103.221.92.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:3b:8f:dd:c7:18:9e:2f:b7:d2:77:56:ab:d5:03:c6:8f:ad:
35:78:1e:2e:e6:4e:1e:a1:c1:e2:c2:1d:d2:77:1f:b3:2a:68:
bd:d7:d5:84:4a:53:26:04:8b:11:73:ad:d4:3f:67:51:3f:4c:
5e:1f:3d:17:e0:92:82:e0:52:dd:c8:a4:bf:a4:cf:21:35:ed:
8c:16:9a:3b:bf:36:94:df:f6:55:1a:ab:28:7b:72:b8:38:3e:
c0:8b:c3:e6:11:64:9f:18:25:68:49:fb:14:1b:a0:1f:14:f5:
9d:d7:74:8b:06:22:83:21:2b:ba:66:92:5b:c0:36:14:69:94:
af:0e:cf:03:61:ea:6d:83:58:a8:6e:5f:e6:06:37:cc:39:fa:
39:1a:86:b4:92:3e:62:6b:70:70:84:ec:a1:7c:f6:77:73:bd:
29:2b:9c:99:ae:34:36:91:cd:23:3b:18:0d:38:81:1d:2f:ae:
a1:97:07:22:05:8a:4f:85:c7:35:1a:c1:2c:5a:b3:93:ee:fa:
33:73:b1:05:19:84:fd:27:28:6f:c6:08:1f:3d:5d:ce:3c:32:
17:42:30:27:d8:9e:af:10:91:ca:dd:eb:73:b1:97:b5:f6:17:
0f:27:13:d7:15:1c:de:ae:f9:9c:d7:d0:1f:2e:eb:da:b9:8f:
3e:b5:9a:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgICEvMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA2Mjkx
OTQ0MThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM1RTY3Q0U3OTA5Mzcy
NjExNURBRDI0NTNCRjYzNzQxQjk2RTNBMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJvCn0IK9l8syzTs4CvLKj1lRFcrp8XncMdXtSrlKZSQfaMGIB
v3x8rDJbxp5R29M9oBgTcSMWE8OG0ImO6LcWcDWJYn5BkMfojUzDAf5wuZgBtdXe
XZUj+emMD9fWjecbWem2eCeR86ZX+o0H/3c9aXPXpW8lsKFC7eVAhVT8O8XqdEpN
90yOksu8hRf59BDcpiQX57p+HvhZzEmTF06vf4Q/SNE1pw6pPo9E6vsOMPxngOXi
/kUo2IT5fsa5Vawg5vyDsrHv1pHEYHD+iDistbc5GrVFIGwU0aVPS0cdGTzqd+xB
WyEpxdcfMOnfXC/nkI8uK2El3ozYp1rgBVoPAgMBAAGjggIfMIICGzAdBgNVHQ4E
FgQUNeZ855CTcmEV2tJFO/Y3QbluOgEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L05lWjg1NUNUY21FVjJ0
SkZPX1kzUWJsdU9nRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwTQYIKwYBBQUHAQcBAf8EPjA8MDoEAgABMDQw
DAMEAy38CAMEAi38MAMEAi38ZAMEAi38kAMEAmfG8DAMAwQDZ9z4AwQCZ90wAwQC
Z91cMA0GCSqGSIb3DQEBCwUAA4IBAQB8O4/dxxieL7fSd1ar1QPGj601eB4u5k4e
ocHiwh3Sdx+zKmi919WESlMmBIsRc63UP2dRP0xeHz0X4JKC4FLdyKS/pM8hNe2M
Fpo7vzaU3/ZVGqsoe3K4OD7Ai8PmEWSfGCVoSfsUG6AfFPWd13SLBiKDISu6ZpJb
wDYUaZSvDs8DYeptg1iobl/mBjfMOfo5Goa0kj5ia3BwhOyhfPZ3c70pK5yZrjQ2
kc0jOxgNOIEdL66hlwciBYpPhcc1GsEsWrOT7vozc7EFGYT9JyhvxggfPV3OPDIX
QjAn2J6vEJHK3etzsZe19hcPJxPXFRzervmc19AfLuvauY8+tZrz
-----END CERTIFICATE-----
Generated at Wed Sep 11 03:47:53 2024 by rpki-client on console-fra.rpki-client.org