Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/s3YN6CHmhdzCJmfHokmLVOh33T4.roa
File: s3YN6CHmhdzCJmfHokmLVOh33T4.roa (raw, json)
Hash identifier: aAHt7kuKhiFYd1uDyAJmMFq0U0jTZc4BWCD/J9I86tU=
Subject key identifier: B3:76:0D:E8:21:E6:85:DC:C2:26:67:C7:A2:49:8B:54:E8:77:DD:3E
Certificate issuer: /CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Certificate serial: 019C
Authority key identifier: 0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/s3YN6CHmhdzCJmfHokmLVOh33T4.roa
Signing time: Mon 25 Dec 2023 05:50:10 +0000
ROA not before: Mon 25 Dec 2023 05:50:10 +0000
ROA not after: Thu 10 Oct 2024 06:10:11 +0000
asID: 63567
IP address blocks: 43.241.50.0/24 maxlen: 24
43.248.188.0/24 maxlen: 24
43.248.189.0/24 maxlen: 24
103.45.161.0/24 maxlen: 24
103.45.162.0/24 maxlen: 24
103.45.163.0/24 maxlen: 24
103.205.255.0/24 maxlen: 24
103.239.244.0/24 maxlen: 24
103.239.245.0/24 maxlen: 24
103.239.247.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 412 (0x19c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Validity
Not Before: Dec 25 05:50:10 2023 GMT
Not After : Oct 10 06:10:11 2024 GMT
Subject: CN=B3760DE821E685DCC22667C7A2498B54E877DD3E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0a:a6:18:e6:7b:d5:0c:e2:af:94:fb:a0:ef:
55:86:60:4f:b2:3d:03:2b:ea:83:42:65:74:54:d4:
6e:f0:cd:1a:b3:e1:d7:7d:be:68:23:31:70:df:b4:
03:4a:07:a8:03:cc:49:1f:cc:34:4d:58:d0:fe:42:
d6:24:02:2c:06:bc:03:c7:96:9b:a3:10:ee:4a:97:
f7:97:66:69:87:c4:ab:60:d9:44:da:b4:5d:b2:30:
87:76:29:ee:ad:82:dd:ab:a4:17:41:59:13:62:37:
e0:68:34:53:d0:ec:3d:ec:9d:1b:89:9f:37:56:90:
96:33:c2:f9:83:35:e6:ca:2d:9d:38:30:d1:f3:df:
ff:28:5e:d0:25:b1:d4:29:50:2f:b1:ad:fc:c7:84:
ad:2d:0b:08:3e:68:3d:27:71:53:ec:c4:a4:fe:eb:
79:ad:f0:f9:aa:01:7a:85:88:20:5a:cc:e6:37:0e:
67:8a:79:3c:31:0a:a2:e8:dc:9c:1d:7b:e9:2f:f0:
35:b5:00:d9:9b:a7:47:90:38:2c:5d:90:2e:14:99:
44:6f:82:44:2c:0c:ec:22:ba:12:52:10:b7:ec:08:
54:df:6d:f8:9a:b0:fd:39:9c:5b:75:41:1b:d8:b0:
0d:39:00:25:9d:88:d6:a2:06:cd:72:3e:55:77:78:
4d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:76:0D:E8:21:E6:85:DC:C2:26:67:C7:A2:49:8B:54:E8:77:DD:3E
X509v3 Authority Key Identifier:
keyid:0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/DuhjrFcK7qH5ML6l52qufdVTgE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/s3YN6CHmhdzCJmfHokmLVOh33T4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.50.0/24
43.248.188.0/23
103.45.161.0-103.45.163.255
103.205.255.0/24
103.239.244.0/23
103.239.247.0/24
Signature Algorithm: sha256WithRSAEncryption
34:89:90:a1:48:9d:ef:b8:58:82:d2:0d:6a:72:02:4a:8e:bb:
4a:8a:2c:b3:d9:82:12:25:c8:60:03:fe:d4:2d:be:18:b6:c4:
d0:ac:1a:d7:ea:9c:9b:c1:25:4d:f7:63:3e:8c:69:9f:34:42:
84:f2:ef:0a:39:51:52:3b:22:52:dc:db:b7:80:2f:00:f6:9d:
93:c6:f5:13:cf:d1:fa:cc:3b:bc:b6:9d:bc:8d:39:86:25:20:
05:f0:0c:a0:69:55:87:c3:ad:5c:5c:2d:ec:1a:ef:40:d5:fd:
51:ae:09:e1:3c:9d:da:68:e0:e1:7d:49:f5:cb:bb:57:dc:3f:
64:ec:60:81:4b:81:1e:39:c9:40:87:7e:1f:be:1d:46:8f:5e:
bd:36:7b:da:4f:84:18:a7:f5:3c:bc:af:12:48:05:aa:5c:6e:
24:18:1f:f2:dd:71:38:e4:35:33:c5:46:d1:55:86:e9:f3:50:
52:ea:6f:3a:69:91:48:0a:a6:ec:67:9c:1d:c1:2d:ad:07:d7:
d6:ea:ac:8a:1d:f9:65:84:32:a1:25:7b:df:47:cf:97:19:29:
7e:a9:64:4f:49:0a:f4:9e:9c:fd:2b:83:7a:88:52:13:c5:99:
52:13:b8:6e:91:4a:bd:80:f5:f3:66:96:20:5e:ba:1a:d2:e2:
01:f7:a8:02
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgICAZwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVF
ODYzQUM1NzBBRUVBMUY5MzBCRUE1RTc2QUFFN0RENTUzODA0RTAeFw0yMzEyMjUw
NTUwMTBaFw0yNDEwMTAwNjEwMTFaMDMxMTAvBgNVBAMTKEIzNzYwREU4MjFFNjg1
RENDMjI2NjdDN0EyNDk4QjU0RTg3N0REM0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdCqYY5nvVDOKvlPug71WGYE+yPQMr6oNCZXRU1G7wzRqz4dd9
vmgjMXDftANKB6gDzEkfzDRNWND+QtYkAiwGvAPHlpujEO5Kl/eXZmmHxKtg2UTa
tF2yMId2Ke6tgt2rpBdBWRNiN+BoNFPQ7D3snRuJnzdWkJYzwvmDNebKLZ04MNHz
3/8oXtAlsdQpUC+xrfzHhK0tCwg+aD0ncVPsxKT+63mt8PmqAXqFiCBazOY3DmeK
eTwxCqLo3Jwde+kv8DW1ANmbp0eQOCxdkC4UmURvgkQsDOwiuhJSELfsCFTfbfia
sP05nFt1QRvYsA05ACWdiNaiBs1yPlV3eE1TAgMBAAGjggIXMIICEzAdBgNVHQ4E
FgQUs3YN6CHmhdzCJmfHokmLVOh33T4wHwYDVR0jBBgwFoAUDuhjrFcK7qH5ML6l
52qufdVTgE4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
L0R1aGpyRmNLN3FINU1MNmw1MnF1ZmRWVGdFNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvRHVoanJGY0s3cUg1TUw2bDUycXVmZFZUZ0U0LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL3MzWU42Q0htaGR6Q0pt
Zkhva21MVk9oMzNUNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwRQYIKwYBBQUHAQcBAf8ENjA0MDIEAgABMCwD
BAAr8TIDBAEr+LwwDAMEAGctoQMEAmctoAMEAGfN/wMEAWfv9AMEAGfv9zANBgkq
hkiG9w0BAQsFAAOCAQEANImQoUid77hYgtINanICSo67Sooss9mCEiXIYAP+1C2+
GLbE0Kwa1+qcm8ElTfdjPoxpnzRChPLvCjlRUjsiUtzbt4AvAPadk8b1E8/R+sw7
vLadvI05hiUgBfAMoGlVh8OtXFwt7BrvQNX9Ua4J4Tyd2mjg4X1J9cu7V9w/ZOxg
gUuBHjnJQId+H74dRo9evTZ72k+EGKf1PLyvEkgFqlxuJBgf8t1xOOQ1M8VG0VWG
6fNQUupvOmmRSAqm7GecHcEtrQfX1uqsih35ZYQyoSV730fPlxkpfqlkT0kK9J6c
/SuDeohSE8WZUhO4bpFKvYD182aWIF66GtLiAfeoAg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 03:53:04 2023 by rpki-client on console-fra.rpki-client.org