Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/yDjOeFXOa_jFN7laJkmltyKPDMw.roa
File: yDjOeFXOa_jFN7laJkmltyKPDMw.roa (raw, json)
Hash identifier: uFLA7jetbq5HcA17Rz64/iteXud6cjfJUzFShsJcuEE=
Subject key identifier: C8:38:CE:78:55:CE:6B:F8:C5:37:B9:5A:26:49:A5:B7:22:8F:0C:CC
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 12E6
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/yDjOeFXOa_jFN7laJkmltyKPDMw.roa
Signing time: Sat 29 Jun 2024 19:44:14 +0000
ROA not before: Sat 29 Jun 2024 19:44:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 17621
IP address blocks: 43.254.152.0/24 maxlen: 24
103.5.192.0/22 maxlen: 24
103.24.116.0/24 maxlen: 24
103.24.118.0/23 maxlen: 24
150.242.238.0/23 maxlen: 24
202.89.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 02:23:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4838 (0x12e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jun 29 19:44:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C838CE7855CE6BF8C537B95A2649A5B7228F0CCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cc:2f:89:28:de:e2:83:74:7c:56:dd:a5:f6:
6b:1b:f2:a9:08:f2:ac:0d:0b:ec:db:27:6e:6a:d0:
0b:44:73:be:18:4f:f2:e0:67:04:75:1c:2c:b3:a9:
c3:8f:fb:fd:ca:8e:fc:1c:0c:97:c6:73:e6:f8:0f:
c5:84:f8:c6:cd:51:94:7a:ec:18:25:f3:33:53:f4:
ca:c5:d2:5e:e0:d1:19:9b:98:43:bc:62:65:d6:38:
32:89:15:2c:83:d7:c2:19:f0:e0:8b:00:c6:7b:95:
8b:76:62:9c:79:b1:fe:21:16:6f:40:61:e7:bf:9e:
21:19:2c:85:1b:a2:38:6b:98:18:66:dd:be:c3:6a:
d2:97:76:50:06:a9:23:4d:bb:ab:1b:77:8b:6c:4d:
16:ec:85:ec:c7:95:14:2e:2c:38:08:28:c1:ba:bf:
55:eb:40:cc:40:2b:d6:6a:00:e4:20:3e:a8:48:6c:
81:2c:dd:82:c7:8f:6e:8c:09:ac:16:1e:b9:91:08:
d5:33:04:fe:b1:e2:89:c6:e3:3f:63:5f:86:b4:70:
4b:90:f5:1a:eb:45:74:42:0b:d9:5b:4f:0f:e4:eb:
fa:c2:69:f0:40:dc:64:f1:ca:ef:c7:a2:35:5a:bc:
0d:1d:44:b7:b6:8b:60:5d:e8:f1:d4:42:f6:db:97:
3e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:38:CE:78:55:CE:6B:F8:C5:37:B9:5A:26:49:A5:B7:22:8F:0C:CC
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/yDjOeFXOa_jFN7laJkmltyKPDMw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/24
103.5.192.0/22
103.24.116.0/24
103.24.118.0/23
150.242.238.0/23
202.89.96.0/24
Signature Algorithm: sha256WithRSAEncryption
15:5c:3d:f6:72:89:fc:b1:f2:a6:c6:1f:f9:df:aa:50:61:b5:
34:65:85:f5:46:f8:d9:a4:8d:18:07:81:6b:43:61:d3:56:3d:
d5:ba:c2:70:f3:25:38:ca:91:2c:5a:88:a4:1f:b4:e1:72:9c:
5b:62:f9:79:53:28:a3:e4:e5:ab:01:5b:58:81:40:0e:8b:6d:
e3:00:c7:6d:dc:85:55:63:37:79:ea:78:70:4e:52:cf:cb:c2:
ba:74:69:63:f5:84:15:37:6d:9d:ed:e6:31:85:ef:f2:61:e1:
49:46:0c:60:4b:42:33:8b:a4:60:61:3d:26:73:20:a3:d6:fd:
2b:a6:ff:1c:5c:25:d2:10:4e:11:45:5d:1a:e0:98:71:ef:ae:
93:e6:7f:b2:60:9a:26:ef:41:39:ca:33:f1:a0:c9:ee:6a:d0:
11:97:8e:48:08:65:6e:38:32:e2:35:42:b0:c3:d3:62:db:14:
a8:55:64:29:04:55:e3:a6:89:e2:ed:ee:29:98:98:c0:c4:de:
79:35:36:8b:ae:c9:69:13:c8:11:0d:47:7b:61:c9:f6:07:7b:
f8:f7:0d:91:4a:83:18:bd:f8:3d:d3:4a:70:d0:76:fd:a5:96:
25:40:83:d3:df:08:e3:6b:2c:cf:be:fe:ac:51:44:6a:d3:21:
6e:38:ef:c8
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgICEuYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA2Mjkx
OTQ0MTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM4MzhDRTc4NTVDRTZC
RjhDNTM3Qjk1QTI2NDlBNUI3MjI4RjBDQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFzC+JKN7ig3R8Vt2l9msb8qkI8qwNC+zbJ25q0AtEc74YT/Lg
ZwR1HCyzqcOP+/3KjvwcDJfGc+b4D8WE+MbNUZR67Bgl8zNT9MrF0l7g0RmbmEO8
YmXWODKJFSyD18IZ8OCLAMZ7lYt2Ypx5sf4hFm9AYee/niEZLIUbojhrmBhm3b7D
atKXdlAGqSNNu6sbd4tsTRbshezHlRQuLDgIKMG6v1XrQMxAK9ZqAOQgPqhIbIEs
3YLHj26MCawWHrmRCNUzBP6x4onG4z9jX4a0cEuQ9RrrRXRCC9lbTw/k6/rCafBA
3GTxyu/HojVavA0dRLe2i2Bd6PHUQvbblz4RAgMBAAGjggIPMIICCzAdBgNVHQ4E
FgQUyDjOeFXOa/jFN7laJkmltyKPDMwwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3lEak9lRlhPYV9qRk43
bGFKa21sdHlLUERNdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQD
BAAr/pgDBAJnBcADBABnGHQDBAFnGHYDBAGW8u4DBADKWWAwDQYJKoZIhvcNAQEL
BQADggEBABVcPfZyifyx8qbGH/nfqlBhtTRlhfVG+NmkjRgHgWtDYdNWPdW6wnDz
JTjKkSxaiKQftOFynFti+XlTKKPk5asBW1iBQA6LbeMAx23chVVjN3nqeHBOUs/L
wrp0aWP1hBU3bZ3t5jGF7/Jh4UlGDGBLQjOLpGBhPSZzIKPW/Sum/xxcJdIQThFF
XRrgmHHvrpPmf7JgmibvQTnKM/Ggye5q0BGXjkgIZW44MuI1QrDD02LbFKhVZCkE
VeOmieLt7imYmMDE3nk1NouuyWkTyBENR3thyfYHe/j3DZFKgxi9+D3TSnDQdv2l
liVAg9PfCONrLM++/qxRRGrTIW4478g=
-----END CERTIFICATE-----
Generated at Wed Sep 11 05:04:09 2024 by rpki-client on console-ams.rpki-client.org