Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/baEmWGqa7bX1toeAg78Fj1TD7CY.roa
File: baEmWGqa7bX1toeAg78Fj1TD7CY.roa (raw, json)
Hash identifier: s33mgttQhjhm8s84A1NRtsSmqtk7uoZO5j6uP2CDFk0=
Subject key identifier: 6D:A1:26:58:6A:9A:ED:B5:F5:B6:87:80:83:BF:05:8F:54:C3:EC:26
Certificate issuer: /CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Certificate serial: 01A9
Authority key identifier: 0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/baEmWGqa7bX1toeAg78Fj1TD7CY.roa
Signing time: Wed 27 Dec 2023 02:12:01 +0000
ROA not before: Wed 27 Dec 2023 02:12:01 +0000
ROA not after: Thu 10 Oct 2024 06:10:11 +0000
asID: 63567
IP address blocks: 43.241.50.0/24 maxlen: 24
103.45.161.0/24 maxlen: 24
103.45.162.0/24 maxlen: 24
103.45.163.0/24 maxlen: 24
103.205.255.0/24 maxlen: 24
103.239.244.0/24 maxlen: 24
103.239.245.0/24 maxlen: 24
103.239.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 01:38:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 425 (0x1a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Validity
Not Before: Dec 27 02:12:01 2023 GMT
Not After : Oct 10 06:10:11 2024 GMT
Subject: CN=6DA126586A9AEDB5F5B6878083BF058F54C3EC26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:45:19:58:aa:86:71:c9:18:85:c2:d3:f0:92:
81:80:74:a8:46:0d:d8:46:e8:b6:69:f9:25:dd:9f:
55:1f:65:69:31:7e:ce:f6:d9:92:bf:76:93:51:4a:
8e:fe:eb:17:87:01:36:0d:fd:87:8e:03:1c:00:71:
c5:52:fe:ed:fd:9e:27:ff:fc:34:79:3c:95:7d:65:
f7:c9:7e:b7:44:62:1b:f7:e2:c8:ee:8a:54:55:10:
bf:68:b7:04:d2:d4:bc:f3:bc:3d:52:e0:96:63:53:
8b:db:4b:11:f9:cf:67:75:e7:52:fb:62:99:32:30:
e9:fd:20:34:21:79:55:6d:de:bb:fe:b2:6b:b8:d7:
08:fc:cf:da:03:40:ec:61:8c:d9:20:29:15:12:18:
fd:00:7d:33:b0:93:8f:bd:fc:43:70:37:6b:86:99:
2c:d2:64:8a:b7:fe:c6:7b:4e:07:9d:00:e8:f8:7e:
07:56:08:33:08:55:5b:8d:af:7e:69:b4:3f:d2:db:
85:a3:02:d7:7e:97:1b:c5:d8:8b:30:a6:23:f4:10:
0e:9a:bd:ad:c3:96:01:52:1b:41:b9:e6:93:cf:f8:
e8:90:22:a5:02:14:24:33:b5:12:1d:37:af:c6:30:
17:f6:a4:3e:ab:8b:b7:f8:ff:78:2d:34:ed:39:db:
52:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A1:26:58:6A:9A:ED:B5:F5:B6:87:80:83:BF:05:8F:54:C3:EC:26
X509v3 Authority Key Identifier:
keyid:0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/DuhjrFcK7qH5ML6l52qufdVTgE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/baEmWGqa7bX1toeAg78Fj1TD7CY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.50.0/24
103.45.161.0-103.45.163.255
103.205.255.0/24
103.239.244.0/23
103.239.247.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:af:89:16:20:02:f6:11:97:b6:ed:af:c4:8b:fa:f8:83:ad:
92:71:6f:1c:3f:0d:ea:66:9a:66:66:b5:94:45:ef:49:16:6b:
0d:6b:b8:95:68:ed:87:ec:1e:f4:6a:1b:bf:b0:c3:10:d8:36:
f8:02:0c:91:a4:f6:2a:d8:e9:d6:5e:86:3b:0f:22:86:a3:cb:
38:dd:2e:04:2f:be:d9:a4:f3:8d:76:2d:c9:45:7f:17:9e:f5:
cd:ab:9e:7c:36:ad:5e:89:4e:b3:cf:a4:39:7e:3d:78:38:4c:
f9:cc:0c:29:fa:06:52:a4:ea:04:ae:1c:63:9d:47:59:4b:5c:
11:cc:1e:62:ea:66:34:77:6d:97:e0:c1:7e:00:bb:80:9f:cd:
f5:b7:09:91:8a:02:d6:b3:6b:01:27:9f:e7:b9:ef:04:4d:3d:
41:47:11:6d:54:69:40:08:ed:4b:cc:6e:94:67:ff:7f:e8:9e:
0c:1f:84:34:4b:58:31:92:20:36:17:84:e6:8c:62:aa:e5:9b:
c6:26:2d:c8:14:9f:7d:cf:f4:98:4e:34:2c:41:ac:7e:20:19:
3f:f0:a4:ff:77:df:d3:7f:b1:53:e8:0b:40:a2:45:8e:ed:5c:
d1:76:2c:08:cb:0a:a9:43:be:51:b7:21:b8:04:8d:b6:67:5b:
a1:cd:9a:6c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgICAakwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVF
ODYzQUM1NzBBRUVBMUY5MzBCRUE1RTc2QUFFN0RENTUzODA0RTAeFw0yMzEyMjcw
MjEyMDFaFw0yNDEwMTAwNjEwMTFaMDMxMTAvBgNVBAMTKDZEQTEyNjU4NkE5QUVE
QjVGNUI2ODc4MDgzQkYwNThGNTRDM0VDMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6RRlYqoZxyRiFwtPwkoGAdKhGDdhG6LZp+SXdn1UfZWkxfs72
2ZK/dpNRSo7+6xeHATYN/YeOAxwAccVS/u39nif//DR5PJV9ZffJfrdEYhv34sju
ilRVEL9otwTS1LzzvD1S4JZjU4vbSxH5z2d151L7YpkyMOn9IDQheVVt3rv+smu4
1wj8z9oDQOxhjNkgKRUSGP0AfTOwk4+9/ENwN2uGmSzSZIq3/sZ7TgedAOj4fgdW
CDMIVVuNr35ptD/S24WjAtd+lxvF2IswpiP0EA6ava3DlgFSG0G55pPP+OiQIqUC
FCQztRIdN6/GMBf2pD6ri7f4/3gtNO0521KbAgMBAAGjggIRMIICDTAdBgNVHQ4E
FgQUbaEmWGqa7bX1toeAg78Fj1TD7CYwHwYDVR0jBBgwFoAUDuhjrFcK7qH5ML6l
52qufdVTgE4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
L0R1aGpyRmNLN3FINU1MNmw1MnF1ZmRWVGdFNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvRHVoanJGY0s3cUg1TUw2bDUycXVmZFZUZ0U0LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL2JhRW1XR3FhN2JYMXRv
ZUFnNzhGajFURDdDWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwPwYIKwYBBQUHAQcBAf8EMDAuMCwEAgABMCYD
BAAr8TIwDAMEAGctoQMEAmctoAMEAGfN/wMEAWfv9AMEAGfv9zANBgkqhkiG9w0B
AQsFAAOCAQEAj6+JFiAC9hGXtu2vxIv6+IOtknFvHD8N6maaZma1lEXvSRZrDWu4
lWjth+we9Gobv7DDENg2+AIMkaT2Ktjp1l6GOw8ihqPLON0uBC++2aTzjXYtyUV/
F571zauefDatXolOs8+kOX49eDhM+cwMKfoGUqTqBK4cY51HWUtcEcweYupmNHdt
l+DBfgC7gJ/N9bcJkYoC1rNrASef57nvBE09QUcRbVRpQAjtS8xulGf/f+ieDB+E
NEtYMZIgNheE5oxiquWbxiYtyBSffc/0mE40LEGsfiAZP/Ck/3ff03+xU+gLQKJF
ju1c0XYsCMsKqUO+UbchuASNtmdboc2abA==
-----END CERTIFICATE-----
Generated at Mon Jan 22 05:12:43 2024 by rpki-client on console-ams.rpki-client.org