Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/656/tffrhRjs705sLao_53sEFAQehKI.roa
File: tffrhRjs705sLao_53sEFAQehKI.roa (raw, json)
Hash identifier: 6op0nQ/nQbSSImChLq/bVNszaWqPOB+gPq875TXfgbE=
Subject key identifier: B5:F7:EB:85:18:EC:EF:4E:6C:2D:AA:3F:E7:7B:04:14:04:1E:84:A2
Certificate issuer: /CN=64DC20D9612C5B77499A6D223A652B2E38B11647
Certificate serial: 0D42
Authority key identifier: 64:DC:20:D9:61:2C:5B:77:49:9A:6D:22:3A:65:2B:2E:38:B1:16:47
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZNwg2WEsW3dJmm0iOmUrLjixFkc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/tffrhRjs705sLao_53sEFAQehKI.roa
Signing time: Fri 04 Aug 2023 13:08:23 +0000
ROA not before: Fri 04 Aug 2023 13:08:23 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 132203
IP address blocks: 49.51.128.0/19 maxlen: 24
49.51.146.0/23 maxlen: 24
49.51.160.0/20 maxlen: 24
119.28.164.0/24 maxlen: 24
119.28.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 May 2024 02:26:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3394 (0xd42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64DC20D9612C5B77499A6D223A652B2E38B11647
Validity
Not Before: Aug 4 13:08:23 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=B5F7EB8518ECEF4E6C2DAA3FE77B0414041E84A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:87:48:a5:08:69:12:37:7e:21:08:d2:ba:0f:
1e:ca:1f:7c:8b:47:73:57:fc:37:3e:86:72:d8:b6:
90:ab:70:77:c7:d9:4c:b7:ff:d6:50:c2:85:14:ca:
27:d9:b0:1a:28:c6:5b:37:b4:0a:c1:d9:b6:ea:41:
74:cc:de:44:5f:02:14:b4:20:2d:6c:72:f9:63:75:
d7:dc:be:8d:14:12:4e:e2:6c:95:6e:d5:eb:8a:75:
ed:dc:f2:1b:ca:ad:22:07:ce:34:44:6b:42:70:c8:
7d:00:4e:3d:66:65:a0:e2:c4:c7:38:e2:c2:29:15:
0f:85:76:87:16:65:fd:be:0a:34:31:18:39:29:5b:
0e:43:92:c8:5d:a4:d5:b1:9b:f5:c5:64:00:4b:a3:
08:7e:e1:c1:90:ef:54:1f:75:34:e8:63:73:30:b7:
1a:39:c2:da:51:02:70:fa:36:c9:4c:73:b7:76:6a:
58:28:d9:42:3c:76:b2:80:0b:2e:f1:1c:ed:ac:d9:
a5:b2:a2:df:70:32:84:7b:99:c9:51:aa:04:44:bb:
b0:99:fc:8f:6e:ce:fc:4f:54:8d:7f:e6:f0:8a:1d:
9f:1b:92:ec:2a:90:3b:b7:6a:43:34:d3:81:ec:6e:
33:32:f9:51:71:61:32:2c:47:f6:49:49:24:07:b3:
7b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F7:EB:85:18:EC:EF:4E:6C:2D:AA:3F:E7:7B:04:14:04:1E:84:A2
X509v3 Authority Key Identifier:
keyid:64:DC:20:D9:61:2C:5B:77:49:9A:6D:22:3A:65:2B:2E:38:B1:16:47
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/ZNwg2WEsW3dJmm0iOmUrLjixFkc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZNwg2WEsW3dJmm0iOmUrLjixFkc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/656/tffrhRjs705sLao_53sEFAQehKI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.51.128.0-49.51.175.255
119.28.164.0/23
Signature Algorithm: sha256WithRSAEncryption
00:0e:b3:79:88:a1:f1:f5:f5:70:1f:c6:db:7f:06:5b:2f:dc:
c5:67:3d:0a:50:78:93:8a:6a:2a:c2:eb:51:aa:cc:b0:bc:50:
2d:56:f1:f2:be:91:4d:e4:cb:82:6e:73:af:cc:d5:e8:63:14:
77:7b:82:fd:fe:7c:49:2f:84:f6:6e:6c:e2:61:f8:a2:77:c5:
51:92:84:d7:cc:b4:3b:24:a2:e2:8f:8e:3c:a7:9b:dc:80:7f:
f5:58:ce:96:27:05:17:f9:eb:f0:73:c3:50:f4:7d:71:a3:d0:
b6:d5:33:2f:e3:fd:2b:f2:0f:30:ac:13:c2:3f:20:db:7f:c8:
ed:78:99:1b:a3:1e:d6:ba:de:2e:fb:0d:07:b1:32:03:29:8e:
26:9f:9d:54:8b:a8:70:62:90:53:48:b5:9b:f1:d8:e1:60:a8:
63:f1:92:eb:d6:22:fa:73:f0:7b:1a:53:49:0f:78:c2:1a:f0:
af:09:91:0d:58:5a:9a:15:bb:26:76:ef:5b:2c:fa:80:6a:5d:
c7:c5:53:dd:c6:1f:3e:01:d7:9d:8f:da:a2:3b:d8:ec:11:34:
4f:8a:41:06:a4:5b:d0:95:76:da:6c:b0:f0:ef:5d:e2:86:69:
bb:37:3e:dc:8e:22:3e:47:7d:88:02:84:0c:9c:93:84:b7:6b:
ca:d1:c5:84
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgICDUIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjRE
QzIwRDk2MTJDNUI3NzQ5OUE2RDIyM0E2NTJCMkUzOEIxMTY0NzAeFw0yMzA4MDQx
MzA4MjNaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKEI1RjdFQjg1MThFQ0VG
NEU2QzJEQUEzRkU3N0IwNDE0MDQxRTg0QTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkh0ilCGkSN34hCNK6Dx7KH3yLR3NX/Dc+hnLYtpCrcHfH2Uy3
/9ZQwoUUyifZsBooxls3tArB2bbqQXTM3kRfAhS0IC1scvljddfcvo0UEk7ibJVu
1euKde3c8hvKrSIHzjREa0JwyH0ATj1mZaDixMc44sIpFQ+FdocWZf2+CjQxGDkp
Ww5DkshdpNWxm/XFZABLowh+4cGQ71QfdTToY3Mwtxo5wtpRAnD6NslMc7d2algo
2UI8drKACy7xHO2s2aWyot9wMoR7mclRqgREu7CZ/I9uzvxPVI1/5vCKHZ8bkuwq
kDu3akM004HsbjMy+VFxYTIsR/ZJSSQHs3szAgMBAAGjggH/MIIB+zAdBgNVHQ4E
FgQUtffrhRjs705sLao/53sEFAQehKIwHwYDVR0jBBgwFoAUZNwg2WEsW3dJmm0i
OmUrLjixFkcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU2
L1pOd2cyV0VzVzNkSm1tMGlPbVVyTGppeEZrYy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvWk53ZzJXRXNXM2RKbW0waU9tVXJMaml4RmtjLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU2L3RmZnJoUmpzNzA1c0xh
b181M3NFRkFRZWhLSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQw
DAMEBzEzgAMEBDEzoAMEAXccpDANBgkqhkiG9w0BAQsFAAOCAQEAAA6zeYih8fX1
cB/G238GWy/cxWc9ClB4k4pqKsLrUarMsLxQLVbx8r6RTeTLgm5zr8zV6GMUd3uC
/f58SS+E9m5s4mH4onfFUZKE18y0OySi4o+OPKeb3IB/9VjOlicFF/nr8HPDUPR9
caPQttUzL+P9K/IPMKwTwj8g23/I7XiZG6Me1rreLvsNB7EyAymOJp+dVIuocGKQ
U0i1m/HY4WCoY/GS69Yi+nPwexpTSQ94whrwrwmRDVhamhW7JnbvWyz6gGpdx8VT
3cYfPgHXnY/aojvY7BE0T4pBBqRb0JV22myw8O9d4oZpuzc+3I4iPkd9iAKEDJyT
hLdrytHFhA==
-----END CERTIFICATE-----
Generated at Fri May 24 02:54:56 2024 by rpki-client on console-fra.rpki-client.org