Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/MvGOMUgFfXvgJXjGiy7HKCe4bbU.roa
File: MvGOMUgFfXvgJXjGiy7HKCe4bbU.roa (raw, json)
Hash identifier: f4dhdZI2MgQgKbIja8BQgiYFz7uMBoEQbKsW7lTvU74=
Subject key identifier: 32:F1:8E:31:48:05:7D:7B:E0:25:78:C6:8B:2E:C7:28:27:B8:6D:B5
Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756
Certificate serial: 2B
Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/MvGOMUgFfXvgJXjGiy7HKCe4bbU.roa
Signing time: Tue 23 Apr 2024 02:39:41 +0000
ROA not before: Tue 23 Apr 2024 02:39:41 +0000
ROA not after: Tue 15 Apr 2025 09:24:38 +0000
asID: 58834
IP address blocks: 43.243.244.0/22 maxlen: 24
103.27.24.0/22 maxlen: 24
119.2.128.0/17 maxlen: 24
119.2.255.0/24 maxlen: 24
124.240.0.0/17 maxlen: 24
202.168.160.0/19 maxlen: 24
203.132.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Apr 2024 01:49:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43 (0x2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756
Validity
Not Before: Apr 23 02:39:41 2024 GMT
Not After : Apr 15 09:24:38 2025 GMT
Subject: CN=32F18E3148057D7BE02578C68B2EC72827B86DB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c3:b0:a5:c6:7a:6a:b7:68:20:7d:54:bb:a1:
3d:6e:ca:c5:20:07:90:91:13:a9:64:9b:d6:bd:1a:
5a:21:53:ee:eb:8b:a8:0e:91:07:cb:21:2a:af:19:
a3:b5:cf:08:9f:06:98:aa:58:ea:07:7f:e6:8a:b0:
d6:df:ec:7f:92:0f:56:3f:1e:89:5b:36:6d:2f:cd:
0a:5c:67:e6:b7:0b:e8:07:ed:14:f5:ba:0c:52:5c:
34:ab:a0:9a:27:85:3b:85:93:6f:8f:7f:ca:e9:1a:
4d:05:47:4e:65:22:18:aa:e7:43:94:8f:45:ed:44:
ff:4a:f0:7b:ef:fc:a7:84:57:15:09:56:29:92:31:
20:50:32:52:39:af:be:f0:82:f0:a5:97:c8:ce:75:
41:bb:88:ed:7e:f0:32:d8:8c:e6:54:8f:ef:dc:b4:
fe:fd:22:ca:6b:85:5b:0c:43:86:b5:9c:90:15:7a:
11:38:42:cf:1e:55:4b:69:03:15:f0:a6:a8:02:4b:
16:bd:12:a3:57:02:31:1a:a2:eb:9a:6a:38:f5:b0:
6f:3c:bd:1e:20:b5:f9:f0:ac:e5:03:07:e7:f1:15:
96:8c:b4:60:35:9b:b2:ff:2b:2d:ca:af:fe:d3:1a:
e7:b8:9c:2d:02:21:77:3a:4c:f9:a7:63:0b:12:31:
6c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F1:8E:31:48:05:7D:7B:E0:25:78:C6:8B:2E:C7:28:27:B8:6D:B5
X509v3 Authority Key Identifier:
keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/MvGOMUgFfXvgJXjGiy7HKCe4bbU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.244.0/22
103.27.24.0/22
119.2.128.0/17
124.240.0.0/17
202.168.160.0/19
203.132.32.0/19
Signature Algorithm: sha256WithRSAEncryption
6b:55:2d:16:39:fc:91:d5:06:21:b3:e6:2a:85:ab:2b:4e:27:
45:19:1e:58:17:0f:18:e1:a6:ec:40:62:f6:ed:2b:36:41:88:
57:66:fb:97:08:65:b1:c9:02:ac:90:3b:d3:74:b2:3e:ee:47:
ec:85:5d:40:31:cc:3c:cb:5d:bf:0e:82:18:0f:53:09:7c:4e:
b7:51:64:7e:ea:b3:72:d5:5e:32:0b:cb:c5:4d:ff:1e:43:37:
d8:ce:8b:da:a6:eb:28:a5:c2:a1:bc:2f:49:e7:f1:91:60:c9:
db:17:6c:4e:00:42:8f:28:16:ee:42:59:6a:3c:71:1f:fd:83:
ba:da:4d:1d:95:f7:25:6e:a5:ad:48:49:6b:ff:15:a2:66:9c:
17:c4:14:cb:75:87:a4:2e:e6:cd:2c:81:f6:e5:3b:38:14:f7:
02:33:ff:fd:9d:6b:02:70:f3:f4:22:f6:32:aa:78:db:d7:4e:
05:22:a3:a6:fb:84:96:de:25:59:25:e1:a8:c0:ea:24:29:03:
89:9b:96:0a:0c:34:5a:40:8b:4a:e3:4d:de:26:79:8e:78:d3:
93:9d:4a:6f:6b:e2:48:bd:13:71:29:db:28:fd:da:0a:70:be:
8d:21:0b:81:9b:25:ca:b9:ba:27:aa:e9:c7:56:d3:ce:82:bc:
fe:26:00:6c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIBKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhERUJG
QzkwMEVEQzM0RjgxREE0ODI3RjFGOUY2M0QwNEUwRTJGNzU2MB4XDTI0MDQyMzAy
Mzk0MVoXDTI1MDQxNTA5MjQzOFowMzExMC8GA1UEAxMoMzJGMThFMzE0ODA1N0Q3
QkUwMjU3OEM2OEIyRUM3MjgyN0I4NkRCNTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK3DsKXGemq3aCB9VLuhPW7KxSAHkJETqWSb1r0aWiFT7uuLqA6R
B8shKq8Zo7XPCJ8GmKpY6gd/5oqw1t/sf5IPVj8eiVs2bS/NClxn5rcL6AftFPW6
DFJcNKugmieFO4WTb49/yukaTQVHTmUiGKrnQ5SPRe1E/0rwe+/8p4RXFQlWKZIx
IFAyUjmvvvCC8KWXyM51QbuI7X7wMtiM5lSP79y0/v0iymuFWwxDhrWckBV6EThC
zx5VS2kDFfCmqAJLFr0So1cCMRqi65pqOPWwbzy9HiC1+fCs5QMH5/EVloy0YDWb
sv8rLcqv/tMa57icLQIhdzpM+adjCxIxbLsCAwEAAaOCAg8wggILMB0GA1UdDgQW
BBQy8Y4xSAV9e+AleMaLLscoJ7httTAfBgNVHSMEGDAWgBTev8kA7cNPgdpIJ/H5
9j0E4OL3VjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82MjMv
M3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC8zcl9KQU8zRFQ0SGFTQ2Z4LWZZOUJPRGk5MVkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82MjMvTXZHT01VZ0ZmWHZnSlhq
R2l5N0hLQ2U0YmJVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj
LmNuL3JyZHAvbm90aWZ5LnhtbDA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAME
Aivz9AMEAmcbGAMEB3cCgAMEB3zwAAMEBcqooAMEBcuEIDANBgkqhkiG9w0BAQsF
AAOCAQEAa1UtFjn8kdUGIbPmKoWrK04nRRkeWBcPGOGm7EBi9u0rNkGIV2b7lwhl
sckCrJA703SyPu5H7IVdQDHMPMtdvw6CGA9TCXxOt1FkfuqzctVeMgvLxU3/HkM3
2M6L2qbrKKXCobwvSefxkWDJ2xdsTgBCjygW7kJZajxxH/2DutpNHZX3JW6lrUhJ
a/8VomacF8QUy3WHpC7mzSyB9uU7OBT3AjP//Z1rAnDz9CL2Mqp429dOBSKjpvuE
lt4lWSXhqMDqJCkDiZuWCgw0WkCLSuNN3iZ5jnjTk51Kb2viSL0TcSnbKP3aCnC+
jSELgZslyrm6J6rpx1bTzoK8/iYAbA==
-----END CERTIFICATE-----
Generated at Wed Apr 24 04:43:08 2024 by rpki-client on console-ams.rpki-client.org