Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/P5ryt8sr_OpzOHfQvO2xoasOzOM.roa
File: P5ryt8sr_OpzOHfQvO2xoasOzOM.roa (raw, json)
Hash identifier: moHbfvBQZUY8+zl7f1hUWg3uOIFsddsJ18QMlEloTeI=
Subject key identifier: 3F:9A:F2:B7:CB:2B:FC:EA:73:38:77:D0:BC:ED:B1:A1:AB:0E:CC:E3
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 0D11
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/P5ryt8sr_OpzOHfQvO2xoasOzOM.roa
Signing time: Wed 31 Jul 2024 07:35:41 +0000
ROA not before: Wed 31 Jul 2024 07:35:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 136907
IP address blocks: 110.41.90.0/24 maxlen: 24
110.41.208.0/24 maxlen: 24
110.41.209.0/24 maxlen: 24
110.41.210.0/24 maxlen: 24
124.71.250.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Aug 2024 02:56:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3345 (0xd11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Jul 31 07:35:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3F9AF2B7CB2BFCEA733877D0BCEDB1A1AB0ECCE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cd:7e:9b:a7:be:d6:5e:0b:63:71:10:96:0a:
55:71:49:97:f3:0c:b8:04:90:6a:c5:d8:a5:0a:bb:
c5:6d:12:e8:92:66:ae:06:81:78:8d:65:27:93:5e:
8f:9f:d2:90:2a:db:d1:2f:55:0a:4f:0e:30:fa:8b:
27:4d:05:f5:03:85:6d:77:70:03:80:25:53:40:6b:
34:f2:3a:c1:30:68:a6:c1:05:d8:6d:0a:b6:fd:ed:
a6:36:b0:ac:7a:c3:00:61:db:16:c1:03:61:8e:c6:
c5:07:4d:69:82:c9:12:3a:01:80:ed:76:90:2d:35:
de:b8:78:90:9b:5e:8b:27:dd:e3:13:3d:c7:64:74:
a4:30:42:30:77:3a:49:b7:a5:89:b8:ea:4a:6c:3f:
0a:a9:18:35:8b:54:1f:30:8b:f1:e3:71:f0:8d:a9:
f3:be:51:5b:2d:99:a0:da:70:2e:b2:bf:8a:eb:db:
75:a4:f7:de:97:c7:63:d8:bb:73:32:6b:5b:8c:b2:
e4:ba:96:37:45:1a:9f:d3:19:89:9b:40:56:30:66:
38:e0:e6:1b:59:9a:7b:dd:45:8f:e3:a5:e6:cd:d8:
78:56:93:df:21:3c:73:e3:d1:8c:c2:80:e6:54:ea:
6d:2e:78:d0:d7:69:f0:72:20:00:f2:93:f7:f2:cc:
36:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:9A:F2:B7:CB:2B:FC:EA:73:38:77:D0:BC:ED:B1:A1:AB:0E:CC:E3
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/P5ryt8sr_OpzOHfQvO2xoasOzOM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
110.41.90.0/24
110.41.208.0-110.41.210.255
124.71.250.0/23
Signature Algorithm: sha256WithRSAEncryption
79:48:5d:ce:99:20:f9:18:f7:56:73:41:1f:41:93:2a:e8:ce:
95:a1:44:f4:0e:80:f9:d4:af:03:42:57:2f:28:32:ac:53:75:
18:6d:6a:cf:ae:3b:24:ad:4c:3c:2f:a3:72:89:ed:04:6e:90:
10:3f:9b:15:ae:2e:97:cb:10:de:1c:80:4d:91:94:ff:bb:8b:
56:7a:b5:f3:3a:12:31:cd:9c:ec:64:63:72:15:5e:4b:fb:9f:
0b:23:e9:b7:fd:32:6d:f4:44:ad:cf:46:b8:fc:40:01:f3:89:
eb:ac:71:86:74:e5:2a:29:05:11:a0:c3:69:c5:04:5b:87:35:
7b:eb:b8:80:b6:79:1b:c3:8e:50:11:7e:40:00:f7:17:5c:21:
6b:dc:bd:67:89:4e:a6:0d:32:9b:11:d3:79:3d:80:75:82:a7:
e2:06:b7:ec:81:93:49:26:a3:2a:b6:d6:ef:99:e8:b7:79:ad:
60:48:67:05:db:34:dc:96:3b:90:68:ae:35:c5:a6:e9:0b:e7:
27:0b:8b:b8:89:7a:87:f2:bc:de:10:e0:12:8c:63:1e:14:4d:
f0:4c:38:82:51:08:6d:3a:8e:19:3f:c6:88:15:db:1a:3c:ae:
02:9b:73:c5:36:b9:b1:36:66:9d:8a:fc:76:6b:a9:6e:27:9a:
a6:87:d1:ae
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgICDREwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDA3MzEw
NzM1NDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNGOUFGMkI3Q0IyQkZD
RUE3MzM4NzdEMEJDRURCMUExQUIwRUNDRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzzX6bp77WXgtjcRCWClVxSZfzDLgEkGrF2KUKu8VtEuiSZq4G
gXiNZSeTXo+f0pAq29EvVQpPDjD6iydNBfUDhW13cAOAJVNAazTyOsEwaKbBBdht
Crb97aY2sKx6wwBh2xbBA2GOxsUHTWmCyRI6AYDtdpAtNd64eJCbXosn3eMTPcdk
dKQwQjB3Okm3pYm46kpsPwqpGDWLVB8wi/HjcfCNqfO+UVstmaDacC6yv4rr23Wk
996Xx2PYu3Mya1uMsuS6ljdFGp/TGYmbQFYwZjjg5htZmnvdRY/jpebN2HhWk98h
PHPj0YzCgOZU6m0ueNDXafByIADyk/fyzDZpAgMBAAGjggIHMIICAzAdBgNVHQ4E
FgQUP5ryt8sr/OpzOHfQvO2xoasOzOMwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvUDVyeXQ4c3JfT3B6
T0hmUXZPMnhvYXNPek9NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEw
GgMEAG4pWjAMAwQEbinQAwQAbinSAwQBfEf6MA0GCSqGSIb3DQEBCwUAA4IBAQB5
SF3OmSD5GPdWc0EfQZMq6M6VoUT0DoD51K8DQlcvKDKsU3UYbWrPrjskrUw8L6Ny
ie0EbpAQP5sVri6XyxDeHIBNkZT/u4tWerXzOhIxzZzsZGNyFV5L+58LI+m3/TJt
9EStz0a4/EAB84nrrHGGdOUqKQURoMNpxQRbhzV767iAtnkbw45QEX5AAPcXXCFr
3L1niU6mDTKbEdN5PYB1gqfiBrfsgZNJJqMqttbvmei3ea1gSGcF2zTcljuQaK41
xabpC+cnC4u4iXqH8rzeEOASjGMeFE3wTDiCUQhtOo4ZP8aIFdsaPK4Cm3PFNrmx
Nmadivx2a6luJ5qmh9Gu
-----END CERTIFICATE-----
Generated at Fri Aug 2 06:04:30 2024 by rpki-client on console-ams.rpki-client.org