Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/r_3icRj-JSk0b6YllNt7DXxLtIo.roa
File: r_3icRj-JSk0b6YllNt7DXxLtIo.roa (raw, json)
Hash identifier: S8bLEwj5L8wnTiFGGUNzp8rBjTfmAovduPm8dajfMPc=
Subject key identifier: AF:FD:E2:71:18:FE:25:29:34:6F:A6:25:94:DB:7B:0D:7C:4B:B4:8A
Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Certificate serial: 014B
Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/r_3icRj-JSk0b6YllNt7DXxLtIo.roa
Signing time: Mon 22 Jul 2024 05:39:56 +0000
ROA not before: Mon 22 Jul 2024 05:39:56 +0000
ROA not after: Wed 21 May 2025 03:30:10 +0000
asID: 398704
IP address blocks: 113.31.64.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jul 2024 14:32:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 331 (0x14b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF
Validity
Not Before: Jul 22 05:39:56 2024 GMT
Not After : May 21 03:30:10 2025 GMT
Subject: CN=AFFDE27118FE2529346FA62594DB7B0D7C4BB48A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:0b:bf:18:25:7d:4c:b3:15:a6:82:c3:34:8a:
1c:06:98:24:b9:ed:1c:e4:67:c7:81:49:35:a7:86:
3f:99:cc:e0:8a:78:da:05:94:36:60:a2:cd:25:b8:
51:00:b2:0b:05:e7:8a:b4:7e:c6:a5:d7:46:bf:53:
f7:d7:0f:0d:4a:31:43:3f:a2:49:4a:c4:92:80:ef:
cf:8b:d1:60:29:f3:9e:57:ff:11:0d:f8:a7:71:e2:
ab:93:e7:da:97:3d:7c:48:d2:11:73:50:73:46:1a:
25:44:77:82:d6:39:ef:2d:35:1d:a2:e2:ba:bf:8f:
01:ef:c3:c5:1d:13:0f:4d:52:c3:63:4c:c4:14:88:
41:e6:51:bd:43:bd:52:98:3e:e9:2d:fb:78:cb:fb:
6e:b1:0d:e6:2b:78:43:df:03:f1:4c:08:80:d8:d3:
90:41:76:20:e8:3f:01:75:29:9f:bf:b7:cf:d2:f9:
1e:06:55:3c:56:5e:c2:0d:57:60:31:13:1d:26:d3:
53:2d:41:7d:eb:db:db:f1:2a:a9:f8:55:ec:ec:05:
40:04:12:d5:08:18:fd:4a:7c:6a:b6:33:26:28:15:
39:39:ee:fa:1a:95:84:c9:0d:46:4c:95:77:60:30:
62:fd:37:5a:0f:2d:a1:37:41:7a:7b:0f:eb:b4:30:
54:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:FD:E2:71:18:FE:25:29:34:6F:A6:25:94:DB:7B:0D:7C:4B:B4:8A
X509v3 Authority Key Identifier:
keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/r_3icRj-JSk0b6YllNt7DXxLtIo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.31.64.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:b4:89:ec:44:66:74:4b:c1:65:1a:70:88:37:bb:e7:85:55:
7f:31:67:be:69:cc:45:02:a4:aa:c1:a8:15:87:a2:52:6b:07:
f2:4b:60:4f:f0:e4:12:eb:1b:5a:a1:d0:88:7b:be:27:b8:03:
1b:63:70:11:6e:5c:54:59:6a:ae:de:fa:f5:3d:36:ba:c5:d5:
69:2e:51:3f:1e:e1:6f:96:d2:9f:61:f2:9e:71:c7:7d:34:65:
6c:e3:b5:c9:dc:c9:10:33:eb:de:19:a6:2e:35:8e:e5:d4:e9:
54:8e:80:63:49:fd:74:4b:74:b1:a2:6d:ed:6c:06:13:1f:8c:
2b:6a:5e:be:e2:d1:6f:c2:ce:c0:e6:b2:81:4a:e1:c7:1a:7d:
be:92:6a:2d:a5:24:ea:a1:0c:a5:d1:89:f1:9e:02:6c:3c:d0:
c6:4c:28:72:35:eb:15:39:5e:d8:65:fc:6b:df:48:95:6e:d6:
dc:1a:d9:d1:f6:58:60:c8:c0:c9:a1:5a:8a:4c:07:a7:d8:fa:
c7:90:ee:22:3f:12:6e:81:5f:2f:d4:42:1f:82:dd:fe:1c:55:
64:d5:e2:4a:5b:9e:c8:f8:d8:3a:ad:98:97:b2:62:3d:f6:1c:
05:35:3a:97:56:87:4e:38:ee:61:80:4f:d4:89:b7:91:b2:2c:
c8:87:dc:cc
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAUswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3
MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNDA3MjIw
NTM5NTZaFw0yNTA1MjEwMzMwMTBaMDMxMTAvBgNVBAMTKEFGRkRFMjcxMThGRTI1
MjkzNDZGQTYyNTk0REI3QjBEN0M0QkI0OEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsC78YJX1MsxWmgsM0ihwGmCS57RzkZ8eBSTWnhj+ZzOCKeNoF
lDZgos0luFEAsgsF54q0fsal10a/U/fXDw1KMUM/oklKxJKA78+L0WAp855X/xEN
+Kdx4quT59qXPXxI0hFzUHNGGiVEd4LWOe8tNR2i4rq/jwHvw8UdEw9NUsNjTMQU
iEHmUb1DvVKYPukt+3jL+26xDeYreEPfA/FMCIDY05BBdiDoPwF1KZ+/t8/S+R4G
VTxWXsINV2AxEx0m01MtQX3r29vxKqn4VezsBUAEEtUIGP1KfGq2MyYoFTk57voa
lYTJDUZMlXdgMGL9N1oPLaE3QXp7D+u0MFRvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUr/3icRj+JSk0b6YllNt7DXxLtIowHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF
YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw
L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3JfM2ljUmotSlNrMGI2
WWxsTnQ3RFh4THRJby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BANxH0AwDQYJKoZIhvcNAQELBQADggEBAJy0iexEZnRLwWUacIg3u+eFVX8xZ75p
zEUCpKrBqBWHolJrB/JLYE/w5BLrG1qh0Ih7vie4AxtjcBFuXFRZaq7e+vU9NrrF
1WkuUT8e4W+W0p9h8p5xx300ZWzjtcncyRAz694Zpi41juXU6VSOgGNJ/XRLdLGi
be1sBhMfjCtqXr7i0W/CzsDmsoFK4ccafb6Sai2lJOqhDKXRifGeAmw80MZMKHI1
6xU5Xthl/GvfSJVu1twa2dH2WGDIwMmhWopMB6fY+seQ7iI/Em6BXy/UQh+C3f4c
VWTV4kpbnsj42DqtmJeyYj32HAU1OpdWh0447mGAT9SJt5GyLMiH3Mw=
-----END CERTIFICATE-----
Generated at Wed Jul 24 18:15:04 2024 by rpki-client on console-fra.rpki-client.org