Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/ihUFjXfAZAzPOOJROeJrx_wjN9s.roa
File: ihUFjXfAZAzPOOJROeJrx_wjN9s.roa (raw, json)
Hash identifier: AbSqoJIr6OwLpizMREtkUoLuB8mO9MYMyKTNppDRb8g=
Subject key identifier: 8A:15:05:8D:77:C0:64:0C:CF:38:E2:51:39:E2:6B:C7:FC:23:37:DB
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 070D
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ihUFjXfAZAzPOOJROeJrx_wjN9s.roa
Signing time: Thu 18 May 2023 07:24:19 +0000
ROA not before: Thu 18 May 2023 07:24:19 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 139259
IP address blocks: 45.252.8.0/22 maxlen: 24
45.252.12.0/22 maxlen: 24
45.252.16.0/22 maxlen: 24
45.252.20.0/22 maxlen: 24
45.252.24.0/22 maxlen: 24
45.252.28.0/22 maxlen: 24
45.252.32.0/22 maxlen: 24
45.252.36.0/22 maxlen: 24
45.252.40.0/22 maxlen: 24
45.252.44.0/22 maxlen: 24
45.252.48.0/22 maxlen: 24
45.252.100.0/22 maxlen: 24
45.252.144.0/22 maxlen: 24
103.6.108.0/24 maxlen: 24
103.220.248.0/22 maxlen: 24
103.220.252.0/22 maxlen: 24
103.221.0.0/22 maxlen: 24
103.221.4.0/22 maxlen: 24
103.221.8.0/22 maxlen: 24
103.221.12.0/22 maxlen: 24
103.221.16.0/22 maxlen: 24
103.221.20.0/22 maxlen: 24
103.221.24.0/22 maxlen: 24
103.221.28.0/22 maxlen: 24
103.221.32.0/22 maxlen: 24
103.221.36.0/22 maxlen: 24
103.221.40.0/22 maxlen: 24
103.221.44.0/22 maxlen: 24
103.221.48.0/22 maxlen: 24
103.221.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1805 (0x70d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: May 18 07:24:19 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=8A15058D77C0640CCF38E25139E26BC7FC2337DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5b:4f:07:03:e7:23:8b:9e:de:a8:e9:0a:9d:
7a:36:96:29:ff:6c:58:9a:51:46:26:f1:6a:8f:4a:
94:52:0c:2a:16:f2:dd:ea:fb:45:75:ea:83:68:34:
82:c9:43:68:8e:39:24:7e:a6:08:03:86:b4:2a:1e:
f4:3e:f2:02:9c:78:d2:ba:15:c8:9d:f7:ef:d7:a2:
61:72:7b:a2:f2:73:58:e9:46:d2:50:00:99:ae:7c:
f1:0e:b7:39:85:b4:d7:96:63:03:42:78:ad:d6:b8:
a6:d7:51:20:ac:89:eb:89:0d:75:8a:e1:f3:27:c5:
4b:80:ae:d3:02:35:de:0b:5a:f6:ad:d5:7a:ba:35:
ec:70:fe:b5:dc:a1:e4:ba:8f:f5:7d:3e:47:26:f8:
26:75:61:cc:b2:57:66:89:16:82:6d:4f:a1:d1:cc:
2a:29:a5:ac:cc:3c:4f:2b:d9:f7:ad:38:fa:59:a2:
14:3b:88:0c:3d:7d:a5:49:2c:f0:e8:1d:ef:d4:47:
d5:5f:ef:2f:cd:e0:94:8e:e5:cc:40:3b:a5:9e:f3:
f8:cf:7e:0c:fa:8a:78:c2:ef:c5:90:43:dc:a5:b5:
a8:7c:97:a0:9b:ee:2e:97:ce:34:e5:e9:58:96:db:
c3:45:fd:ef:3d:96:2c:4c:b4:08:85:21:4f:6a:19:
4f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:15:05:8D:77:C0:64:0C:CF:38:E2:51:39:E2:6B:C7:FC:23:37:DB
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ihUFjXfAZAzPOOJROeJrx_wjN9s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.8.0-45.252.51.255
45.252.100.0/22
45.252.144.0/22
103.6.108.0/24
103.220.248.0-103.221.51.255
103.221.92.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:69:e5:36:6e:46:8c:51:87:27:e4:68:df:31:61:eb:98:22:
42:77:55:fc:eb:99:96:ad:82:b3:0c:e9:12:d8:59:cf:f5:80:
5d:e5:fd:91:13:eb:0a:a5:2f:21:a2:35:f7:f9:74:4d:30:10:
b3:00:35:5b:02:17:b6:10:ef:3c:24:59:04:dc:c5:8b:00:8e:
fd:fd:56:9d:7f:34:f4:e0:35:ff:eb:84:1d:21:01:c8:3d:cb:
30:2c:cf:11:2c:3e:a5:20:68:58:8d:86:68:f7:3a:36:c5:9f:
8c:14:39:46:e8:5c:13:2b:62:b5:e7:41:3f:09:f4:5d:06:c4:
e2:7a:61:e8:be:c9:d4:67:0c:ff:5a:1f:7e:2e:e2:0f:e8:f9:
51:b4:bc:75:fb:b7:04:84:70:10:01:84:4c:74:e4:54:96:61:
04:f5:49:19:b7:4f:7a:ec:61:ed:18:d0:43:63:1b:94:ed:b5:
af:5b:13:ff:87:94:32:f4:8c:10:56:df:91:bc:05:73:3c:80:
7a:92:b4:8c:60:9a:25:88:d3:a8:4b:79:9d:62:88:95:2b:e8:
9c:66:2a:4c:77:a1:f4:f6:b1:f3:af:d6:9d:a9:3e:00:0b:e8:
65:c9:46:0c:65:12:d7:1a:5b:66:f7:97:fc:91:cc:82:1a:3c:
28:bc:c1:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgICBw0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yMzA1MTgw
NzI0MTlaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDhBMTUwNThENzdDMDY0
MENDRjM4RTI1MTM5RTI2QkM3RkMyMzM3REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5W08HA+cji57eqOkKnXo2lin/bFiaUUYm8WqPSpRSDCoW8t3q
+0V16oNoNILJQ2iOOSR+pggDhrQqHvQ+8gKceNK6Fcid9+/XomFye6Lyc1jpRtJQ
AJmufPEOtzmFtNeWYwNCeK3WuKbXUSCsieuJDXWK4fMnxUuArtMCNd4LWvat1Xq6
Nexw/rXcoeS6j/V9Pkcm+CZ1YcyyV2aJFoJtT6HRzCoppazMPE8r2fetOPpZohQ7
iAw9faVJLPDoHe/UR9Vf7y/N4JSO5cxAO6We8/jPfgz6injC78WQQ9yltah8l6Cb
7i6XzjTl6ViW28NF/e89lixMtAiFIU9qGU97AgMBAAGjggIfMIICGzAdBgNVHQ4E
FgQUihUFjXfAZAzPOOJROeJrx/wjN9swHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2loVUZqWGZBWkF6UE9P
SlJPZUpyeF93ak45cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwTQYIKwYBBQUHAQcBAf8EPjA8MDoEAgABMDQw
DAMEAy38CAMEAi38MAMEAi38ZAMEAi38kAMEAGcGbDAMAwQDZ9z4AwQCZ90wAwQC
Z91cMA0GCSqGSIb3DQEBCwUAA4IBAQBvaeU2bkaMUYcn5GjfMWHrmCJCd1X865mW
rYKzDOkS2FnP9YBd5f2RE+sKpS8hojX3+XRNMBCzADVbAhe2EO88JFkE3MWLAI79
/VadfzT04DX/64QdIQHIPcswLM8RLD6lIGhYjYZo9zo2xZ+MFDlG6FwTK2K150E/
CfRdBsTiemHovsnUZwz/Wh9+LuIP6PlRtLx1+7cEhHAQAYRMdORUlmEE9UkZt096
7GHtGNBDYxuU7bWvWxP/h5Qy9IwQVt+RvAVzPIB6krSMYJoliNOoS3mdYoiVK+ic
ZipMd6H09rHzr9adqT4AC+hlyUYMZRLXGltm95f8kcyCGjwovMFa
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:11:40 2024 by rpki-client on console-ams.rpki-client.org