Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/NcAQxWvQVzp1B68RocCqvInua0c.roa
File: NcAQxWvQVzp1B68RocCqvInua0c.roa (raw, json)
Hash identifier: xaLLSr+EL3oZH79Qz+gGcXM7AqekZQyeKf37j6/pfrA=
Subject key identifier: 35:C0:10:C5:6B:D0:57:3A:75:07:AF:11:A1:C0:AA:BC:89:EE:6B:47
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 04D5
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/NcAQxWvQVzp1B68RocCqvInua0c.roa
Signing time: Wed 26 Jun 2024 12:20:23 +0000
ROA not before: Wed 26 Jun 2024 12:20:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 136897
IP address blocks: 124.175.32.0/21 maxlen: 24
124.175.40.0/21 maxlen: 24
124.175.64.0/21 maxlen: 24
124.175.128.0/21 maxlen: 24
124.175.136.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 04:09:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1237 (0x4d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Jun 26 12:20:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=35C010C56BD0573A7507AF11A1C0AABC89EE6B47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:35:5e:dc:cd:88:19:f3:75:c5:9e:b8:a9:42:
74:8e:7e:e7:b4:ab:dc:da:9d:86:df:7a:72:91:01:
c9:ca:56:3f:db:0b:40:ec:23:c5:60:ac:9b:65:a7:
6d:c4:9f:df:07:4a:c6:07:b4:f2:33:03:df:86:cf:
45:44:5a:32:dd:43:77:ac:68:fe:8d:d3:ed:09:39:
32:2b:c7:7d:83:d4:b6:d6:a1:49:da:b5:84:3d:89:
a0:41:32:26:92:b0:3a:4e:84:95:13:66:17:e1:c8:
1c:97:cf:27:45:86:53:ec:5b:5b:aa:62:89:e4:72:
6d:80:a0:0c:48:93:a1:e9:67:8c:8f:0b:1c:23:8a:
ec:88:22:f5:4f:9c:50:0f:03:9b:29:f3:91:3d:57:
da:d0:f0:e3:6a:a4:70:e8:62:93:79:5f:78:e8:bf:
0f:dc:b4:55:d0:01:fc:43:b0:84:60:20:34:fe:2e:
32:22:f5:03:b2:3b:95:5b:93:e4:cb:d7:7e:41:0e:
e7:e9:af:35:69:a6:53:3e:1b:0a:f5:68:0d:0b:08:
9f:0f:2b:02:72:31:a3:93:67:8e:68:7a:18:13:d8:
ff:2a:0c:56:5a:f4:67:3f:b0:59:7c:f3:65:1d:7b:
90:91:ed:bf:67:0c:8a:e6:75:6a:4b:37:74:77:02:
55:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:C0:10:C5:6B:D0:57:3A:75:07:AF:11:A1:C0:AA:BC:89:EE:6B:47
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/NcAQxWvQVzp1B68RocCqvInua0c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.175.32.0/20
124.175.64.0/21
124.175.128.0/20
Signature Algorithm: sha256WithRSAEncryption
18:e1:29:2a:e4:2c:30:de:60:bc:1d:20:4d:63:1d:8a:1d:65:
e9:c8:89:47:af:d5:3c:e5:85:4b:3c:86:6c:3f:76:79:a0:60:
c7:d2:e6:00:c8:22:05:f1:f0:ca:94:01:1b:58:37:33:30:34:
51:5d:3d:15:fe:7a:ba:eb:a8:94:82:7b:89:5a:cb:ea:d8:d7:
95:95:a2:78:22:f8:ac:04:46:18:b9:08:bb:e8:4b:ee:0d:f8:
40:26:8d:fa:bd:66:cb:be:22:dd:80:15:51:d5:03:58:43:0c:
7e:a2:5c:da:22:fa:74:ed:85:f7:8c:9b:85:69:4a:65:bf:93:
a4:be:54:d6:2b:3f:4f:ca:55:f5:2a:c4:46:57:5f:73:fc:aa:
50:df:2f:31:fc:02:42:5f:76:3e:46:d8:17:e1:1b:e2:38:d2:
03:55:11:a1:5c:d0:88:8d:73:a9:38:0d:9c:e7:b2:88:c3:4f:
43:ae:92:ef:7d:8f:44:44:fb:a1:9a:86:42:73:f2:b0:6f:08:
e4:09:51:98:24:c7:ed:82:0f:58:70:6a:11:ce:55:42:28:b8:
dd:1f:8e:d9:dc:2f:53:65:e7:86:c4:ba:c6:3d:2e:bf:f9:cd:
ce:1f:a2:70:42:d2:3c:bc:2d:79:04:a0:9c:18:28:d6:06:27:
cf:54:a7:ab
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICBNUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNDA2MjYx
MjIwMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM1QzAxMEM1NkJEMDU3
M0E3NTA3QUYxMUExQzBBQUJDODlFRTZCNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRNV7czYgZ83XFnripQnSOfue0q9zanYbfenKRAcnKVj/bC0Ds
I8VgrJtlp23En98HSsYHtPIzA9+Gz0VEWjLdQ3esaP6N0+0JOTIrx32D1LbWoUna
tYQ9iaBBMiaSsDpOhJUTZhfhyByXzydFhlPsW1uqYonkcm2AoAxIk6HpZ4yPCxwj
iuyIIvVPnFAPA5sp85E9V9rQ8ONqpHDoYpN5X3jovw/ctFXQAfxDsIRgIDT+LjIi
9QOyO5Vbk+TL135BDufprzVpplM+Gwr1aA0LCJ8PKwJyMaOTZ45oehgT2P8qDFZa
9Gc/sFl882Ude5CR7b9nDIrmdWpLN3R3AlXFAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUNcAQxWvQVzp1B68RocCqvInua0cwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvTmNBUXhXdlFWenAxQjY4Um9j
Q3F2SW51YTBjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBHyv
IAMEA3yvQAMEBHyvgDANBgkqhkiG9w0BAQsFAAOCAQEAGOEpKuQsMN5gvB0gTWMd
ih1l6ciJR6/VPOWFSzyGbD92eaBgx9LmAMgiBfHwypQBG1g3MzA0UV09Ff56uuuo
lIJ7iVrL6tjXlZWieCL4rARGGLkIu+hL7g34QCaN+r1my74i3YAVUdUDWEMMfqJc
2iL6dO2F94ybhWlKZb+TpL5U1is/T8pV9SrERldfc/yqUN8vMfwCQl92PkbYF+Eb
4jjSA1URoVzQiI1zqTgNnOeyiMNPQ66S732PRET7oZqGQnPysG8I5AlRmCTH7YIP
WHBqEc5VQii43R+O2dwvU2XnhsS6xj0uv/nNzh+icELSPLwteQSgnBgo1gYnz1Sn
qw==
-----END CERTIFICATE-----
Generated at Mon Aug 12 05:43:53 2024 by rpki-client on console-fra.rpki-client.org