Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/uusEuRJkmeLsxGMC-FZByLEF2DA.roa
File: uusEuRJkmeLsxGMC-FZByLEF2DA.roa (raw, json)
Hash identifier: sFyhKU87ZxLHAvJ7k3LeTP8M+PnZlUfbA3BkZEp/QBE=
Subject key identifier: BA:EB:04:B9:12:64:99:E2:EC:C4:63:02:F8:56:41:C8:B1:05:D8:30
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 1149
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/uusEuRJkmeLsxGMC-FZByLEF2DA.roa
Signing time: Wed 24 May 2023 03:53:34 +0000
ROA not before: Wed 24 May 2023 03:53:34 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 136958
IP address blocks: 42.240.128.0/20 maxlen: 20
42.240.144.0/20 maxlen: 20
42.240.160.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4425 (0x1149)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: May 24 03:53:34 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=BAEB04B9126499E2ECC46302F85641C8B105D830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:23:6c:43:28:92:50:cd:c5:05:16:4f:2f:62:
16:d2:2e:9d:23:4a:34:ff:7c:eb:fe:5b:69:4a:70:
1d:a7:fd:3e:47:f0:90:bc:a9:d0:15:a9:39:62:36:
b1:a8:ab:61:ea:77:e6:42:6f:90:da:11:0b:cf:7f:
c9:bf:ee:14:3a:65:6f:b2:d0:4c:22:62:95:57:95:
dd:0b:0e:db:d6:74:49:70:83:25:91:5b:2b:b6:92:
1a:d8:dd:11:54:67:07:ed:b9:21:e6:eb:2c:0a:81:
e6:fd:04:a4:2d:90:c7:c4:d8:ec:e4:b0:3b:02:e9:
10:04:f2:37:67:8d:70:65:af:f9:37:17:43:83:5b:
f5:d2:43:34:b4:2f:0b:3a:d4:3b:af:54:d5:97:ad:
1e:37:cf:2f:db:bc:4b:5b:2e:7e:fb:f7:58:70:01:
1f:3a:1a:bc:2e:18:90:ec:f5:46:01:56:38:43:ef:
56:3d:22:33:d8:e3:67:35:e1:1e:d8:57:7f:25:bc:
5a:34:bf:c1:ea:0d:f4:bd:55:1b:86:16:6d:93:da:
35:ad:99:5e:6e:42:c3:0f:4c:68:48:9b:ea:ee:a7:
10:25:6b:19:31:3c:cb:81:d5:01:6f:32:66:a7:04:
23:ac:40:54:d0:1a:ab:78:51:2e:5e:70:2a:86:60:
8a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:EB:04:B9:12:64:99:E2:EC:C4:63:02:F8:56:41:C8:B1:05:D8:30
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/uusEuRJkmeLsxGMC-FZByLEF2DA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
42.240.128.0-42.240.175.255
Signature Algorithm: sha256WithRSAEncryption
ad:bc:78:ae:e0:33:69:d6:6f:d3:6e:48:26:60:f4:20:6c:3a:
23:f1:13:65:ab:f2:42:9e:26:e1:0f:bb:81:e6:10:7d:27:46:
d0:4a:0b:b3:d1:4f:d6:1e:56:bb:27:7d:91:00:0b:a1:58:41:
9a:22:27:0e:54:48:a3:84:55:28:51:28:cf:7a:0a:fa:fe:a8:
60:03:3f:96:62:43:02:e6:76:10:24:e9:df:37:01:1d:0e:3b:
24:61:e1:53:e1:67:a9:65:15:32:48:b9:12:86:04:2c:f0:16:
76:56:32:81:51:76:5f:08:57:6a:1b:76:86:b3:6f:ac:f9:0d:
a0:41:c4:5a:19:76:ec:a9:85:42:a9:7e:e8:43:c7:dd:9a:5b:
bd:3e:29:a0:b7:ad:23:a9:e6:85:9a:11:f4:3a:43:9b:14:ce:
e4:7c:36:48:64:42:5b:49:aa:e3:30:00:39:ef:d1:8a:a4:7f:
37:04:84:57:23:60:82:60:4d:c7:66:b7:b2:7c:23:33:f0:65:
ad:80:92:a9:2a:cf:62:9e:68:85:0c:a4:72:86:20:2c:a6:6e:
60:95:cd:54:5b:b5:12:58:29:6f:60:40:c4:85:be:28:1f:22:
d1:8b:f2:8b:7b:92:77:cb:bf:00:c9:0d:c7:94:bb:5c:21:7e:
5e:c3:51:9c
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICEUkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yMzA1MjQw
MzUzMzRaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKEJBRUIwNEI5MTI2NDk5
RTJFQ0M0NjMwMkY4NTY0MUM4QjEwNUQ4MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJI2xDKJJQzcUFFk8vYhbSLp0jSjT/fOv+W2lKcB2n/T5H8JC8
qdAVqTliNrGoq2Hqd+ZCb5DaEQvPf8m/7hQ6ZW+y0EwiYpVXld0LDtvWdElwgyWR
Wyu2khrY3RFUZwftuSHm6ywKgeb9BKQtkMfE2OzksDsC6RAE8jdnjXBlr/k3F0OD
W/XSQzS0Lws61DuvVNWXrR43zy/bvEtbLn7791hwAR86GrwuGJDs9UYBVjhD71Y9
IjPY42c14R7YV38lvFo0v8HqDfS9VRuGFm2T2jWtmV5uQsMPTGhIm+rupxAlaxkx
PMuB1QFvMmanBCOsQFTQGqt4US5ecCqGYIpzAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUuusEuRJkmeLsxGMC+FZByLEF2DAwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3V1c0V1UkprbWVMc3hH
TUMtRlpCeUxFRjJEQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4w
DAMEByrwgAMEBCrwoDANBgkqhkiG9w0BAQsFAAOCAQEArbx4ruAzadZv025IJmD0
IGw6I/ETZavyQp4m4Q+7geYQfSdG0EoLs9FP1h5Wuyd9kQALoVhBmiInDlRIo4RV
KFEoz3oK+v6oYAM/lmJDAuZ2ECTp3zcBHQ47JGHhU+FnqWUVMki5EoYELPAWdlYy
gVF2XwhXaht2hrNvrPkNoEHEWhl27KmFQql+6EPH3ZpbvT4poLetI6nmhZoR9DpD
mxTO5Hw2SGRCW0mq4zAAOe/RiqR/NwSEVyNggmBNx2a3snwjM/BlrYCSqSrPYp5o
hQykcoYgLKZuYJXNVFu1Elgpb2BAxIW+KB8i0Yvyi3uSd8u/AMkNx5S7XCF+XsNR
nA==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org