Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/QHhsDbDJVR6br6FcsuiJpsvcWxY.roa
File: QHhsDbDJVR6br6FcsuiJpsvcWxY.roa (raw, json)
Hash identifier: NMNKnWFSYk2FQwMCTOCoNFuELsJ3hJZqesPmGqMpnh8=
Subject key identifier: 40:78:6C:0D:B0:C9:55:1E:9B:AF:A1:5C:B2:E8:89:A6:CB:DC:5B:16
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 086D
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/QHhsDbDJVR6br6FcsuiJpsvcWxY.roa
Signing time: Fri 28 Jul 2023 03:38:18 +0000
ROA not before: Fri 28 Jul 2023 03:38:18 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 59083
IP address blocks: 43.254.152.0/22 maxlen: 24
43.254.153.0/24 maxlen: 24
43.254.154.0/23 maxlen: 24
43.254.154.0/24 maxlen: 24
43.254.155.0/24 maxlen: 24
59.153.164.0/22 maxlen: 24
59.153.168.0/23 maxlen: 24
103.5.192.0/22 maxlen: 24
103.10.0.0/23 maxlen: 24
103.10.0.0/24 maxlen: 24
103.10.1.0/24 maxlen: 24
103.10.2.0/23 maxlen: 24
103.10.2.0/24 maxlen: 24
103.10.3.0/24 maxlen: 24
103.24.116.0/22 maxlen: 24
103.24.116.0/23 maxlen: 24
103.24.116.0/24 maxlen: 24
103.24.117.0/24 maxlen: 24
103.24.118.0/23 maxlen: 24
103.24.118.0/24 maxlen: 24
103.24.119.0/24 maxlen: 24
150.242.236.0/23 maxlen: 24
150.242.238.0/23 maxlen: 24
202.89.108.0/22 maxlen: 24
202.89.108.0/23 maxlen: 24
202.89.110.0/23 maxlen: 24
202.136.248.0/22 maxlen: 24
202.136.248.0/23 maxlen: 24
202.136.249.0/24 maxlen: 24
202.136.250.0/23 maxlen: 24
202.136.250.0/24 maxlen: 24
202.140.140.0/22 maxlen: 24
202.140.140.0/23 maxlen: 24
202.140.142.0/23 maxlen: 24
202.174.124.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 02:33:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2157 (0x86d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jul 28 03:38:18 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=40786C0DB0C9551E9BAFA15CB2E889A6CBDC5B16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b3:cf:12:27:62:ac:d7:c9:c9:29:56:d7:93:
5a:1b:d1:2a:07:c2:12:f9:27:36:e1:29:38:bd:26:
40:92:ce:8b:13:02:36:a4:d9:52:13:1e:ef:68:dc:
32:79:f1:3e:4a:c0:fe:90:77:01:e6:fc:5f:96:0c:
bb:dc:89:3e:dc:cc:4c:96:29:a2:a1:36:db:29:18:
6e:ea:4c:59:a8:56:ac:63:4a:32:01:1d:fb:28:c7:
12:ee:f2:fe:47:8c:24:40:6e:83:77:c8:ad:6c:b8:
29:66:cf:28:73:b2:7a:fb:37:e4:0b:92:2f:5a:79:
73:fa:19:1b:b1:ee:31:bd:50:16:d2:c5:1a:dc:35:
83:76:6c:fe:48:0e:7a:27:dd:b2:2c:77:84:de:e2:
20:73:f4:58:9d:11:74:8e:a9:a7:90:de:7d:a1:94:
a1:c2:98:be:eb:d0:1d:c4:1b:73:29:3b:30:d4:b6:
89:b2:23:35:e5:0f:cc:d1:38:f4:30:7b:c1:01:70:
ca:6a:07:d6:a8:c0:ad:91:3d:64:ab:9a:5d:7c:df:
9f:ff:c9:11:26:b4:d8:70:49:3d:fc:23:12:00:bc:
c0:9b:99:24:2a:7b:e8:6d:75:af:70:b7:fb:89:8a:
ca:95:bd:02:77:e5:50:e2:73:ed:8c:7e:b3:d2:fb:
a8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:78:6C:0D:B0:C9:55:1E:9B:AF:A1:5C:B2:E8:89:A6:CB:DC:5B:16
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/QHhsDbDJVR6br6FcsuiJpsvcWxY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/22
59.153.164.0-59.153.169.255
103.5.192.0/22
103.10.0.0/22
103.24.116.0/22
150.242.236.0/22
202.89.108.0/22
202.136.248.0/22
202.140.140.0/22
202.174.124.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:47:b8:d8:64:8c:5d:2d:04:23:62:d7:16:18:7c:36:8a:bd:
cf:1b:76:6d:9b:1b:33:dc:e5:d3:d5:04:39:11:cd:79:1b:0c:
67:87:8d:9f:3d:62:4d:77:6b:4e:3c:9c:ef:d8:ee:89:46:ff:
ef:2d:93:51:b2:21:8a:5b:63:e9:e5:90:9a:d0:e6:25:5e:f7:
c0:ca:42:49:ad:2b:ce:36:b4:80:61:57:7c:1e:08:f0:37:3f:
53:3c:dd:0b:b8:46:23:e5:54:4c:8a:a5:dd:02:af:a9:88:ed:
a3:c6:a2:a5:e7:e6:71:99:af:76:d6:c6:90:c4:87:ff:52:9e:
19:e6:b4:41:22:6e:58:90:9a:3a:44:ac:fe:11:ff:0d:5a:4a:
d2:66:7d:ed:1a:d2:46:ac:23:47:df:71:25:d0:ae:9a:da:03:
f1:da:63:31:e1:a5:bb:a1:4e:91:1b:66:d7:eb:59:d5:d0:39:
ea:c8:cf:22:2b:42:5b:66:a5:50:62:05:1f:25:31:09:e9:57:
3e:cd:0a:5f:07:fb:e7:48:a7:36:5e:99:03:c8:a5:09:91:ef:
87:24:23:7f:1e:17:ed:25:ab:e2:4a:2b:ac:7c:fa:7d:8c:55:
81:86:60:f3:50:71:37:74:74:f1:00:54:34:4f:e9:fc:fb:0c:
26:e4:f4:a3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgICCG0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yMzA3Mjgw
MzM4MThaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDQwNzg2QzBEQjBDOTU1
MUU5QkFGQTE1Q0IyRTg4OUE2Q0JEQzVCMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHs88SJ2Ks18nJKVbXk1ob0SoHwhL5JzbhKTi9JkCSzosTAjak
2VITHu9o3DJ58T5KwP6QdwHm/F+WDLvciT7czEyWKaKhNtspGG7qTFmoVqxjSjIB
HfsoxxLu8v5HjCRAboN3yK1suClmzyhzsnr7N+QLki9aeXP6GRux7jG9UBbSxRrc
NYN2bP5IDnon3bIsd4Te4iBz9FidEXSOqaeQ3n2hlKHCmL7r0B3EG3MpOzDUtomy
IzXlD8zROPQwe8EBcMpqB9aowK2RPWSrml1835//yREmtNhwST38IxIAvMCbmSQq
e+htda9wt/uJisqVvQJ35VDic+2MfrPS+6hvAgMBAAGjggIvMIICKzAdBgNVHQ4E
FgQUQHhsDbDJVR6br6FcsuiJpsvcWxYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1FIaHNEYkRKVlI2YnI2
RmNzdWlKcHN2Y1d4WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwXQYIKwYBBQUHAQcBAf8ETjBMMEoEAgABMEQD
BAIr/pgwDAMEAjuZpAMEATuZqAMEAmcFwAMEAmcKAAMEAmcYdAMEApby7AMEAspZ
bAMEAsqI+AMEAsqMjAMEAsqufDANBgkqhkiG9w0BAQsFAAOCAQEAtUe42GSMXS0E
I2LXFhh8Noq9zxt2bZsbM9zl09UEORHNeRsMZ4eNnz1iTXdrTjyc79juiUb/7y2T
UbIhiltj6eWQmtDmJV73wMpCSa0rzja0gGFXfB4I8Dc/UzzdC7hGI+VUTIql3QKv
qYjto8aipefmcZmvdtbGkMSH/1KeGea0QSJuWJCaOkSs/hH/DVpK0mZ97RrSRqwj
R99xJdCumtoD8dpjMeGlu6FOkRtm1+tZ1dA56sjPIitCW2alUGIFHyUxCelXPs0K
Xwf750inNl6ZA8ilCZHvhyQjfx4X7SWr4korrHz6fYxVgYZg81BxN3R08QBUNE/p
/PsMJuT0ow==
-----END CERTIFICATE-----
Generated at Mon Mar 25 03:55:16 2024 by rpki-client on console-ams.rpki-client.org