Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/tAtbXMXkAjrY70_b0kvSe-ulc7c.roa
File: tAtbXMXkAjrY70_b0kvSe-ulc7c.roa (raw, json)
Hash identifier: In93q4Y+l2X7/H3yjD+nZowknZQ0M+wYm/4nw0Q9R1A=
Subject key identifier: B4:0B:5B:5C:C5:E4:02:3A:D8:EF:4F:DB:D2:4B:D2:7B:EB:A5:73:B7
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 0A0E
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/tAtbXMXkAjrY70_b0kvSe-ulc7c.roa
Signing time: Thu 07 Mar 2024 09:36:55 +0000
ROA not before: Thu 07 Mar 2024 09:36:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 136907
IP address blocks: 110.41.90.0/24 maxlen: 24
110.41.208.0/24 maxlen: 24
110.41.209.0/24 maxlen: 24
110.41.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jun 2024 08:18:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2574 (0xa0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Mar 7 09:36:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B40B5B5CC5E4023AD8EF4FDBD24BD27BEBA573B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:cd:a3:a0:ff:80:a3:53:11:50:e9:0a:47:2e:
a0:c4:79:ce:13:87:2e:7c:32:6d:07:79:1d:1b:6d:
62:a6:98:2b:aa:cb:91:8c:8d:bb:39:92:37:19:ed:
08:eb:20:7e:8b:d0:c7:da:af:86:6e:e4:a9:f1:b5:
f5:10:8d:85:69:a3:38:ef:34:00:1e:b8:72:cb:e4:
83:32:88:1c:b0:26:3d:1c:d6:8f:1a:58:29:d4:b9:
bd:55:82:7a:ea:62:ba:eb:7a:6b:15:ec:c7:a7:e5:
e3:e2:ca:d1:5a:51:d5:ee:56:84:a4:71:e6:58:27:
4d:bc:60:39:be:2f:0a:32:01:bb:65:36:43:ae:d4:
bc:e8:67:aa:cc:d2:96:56:ad:b9:c0:26:18:e4:08:
ab:13:00:8d:73:81:92:9e:dc:ad:ac:f3:e7:f7:b8:
4b:87:13:05:2b:73:2e:7d:3d:9a:5f:8f:db:a0:ee:
62:25:e7:d5:00:82:6c:f3:f3:85:c9:05:90:c5:1c:
80:22:58:21:3c:ae:d8:31:1e:f8:ec:d0:25:d0:54:
d8:9b:12:ee:82:0f:1a:a9:cb:a7:95:6a:b4:89:9f:
31:b2:a8:fc:84:da:33:10:5a:f6:ab:eb:4e:be:3c:
85:81:fc:1a:24:a9:62:61:dc:8b:79:a0:58:fb:2d:
89:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:0B:5B:5C:C5:E4:02:3A:D8:EF:4F:DB:D2:4B:D2:7B:EB:A5:73:B7
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/tAtbXMXkAjrY70_b0kvSe-ulc7c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
110.41.90.0/24
110.41.208.0-110.41.210.255
Signature Algorithm: sha256WithRSAEncryption
50:a8:95:ec:42:f3:8c:27:66:84:70:f2:a6:eb:f2:dc:ec:ca:
f9:44:82:17:b1:58:9a:d2:73:ef:0f:91:a2:2e:b5:16:08:d0:
94:55:1d:d6:51:07:2c:27:81:2f:1c:80:da:a4:f0:da:de:10:
81:33:c5:58:1a:6a:b1:35:be:2a:d2:8b:d9:b6:82:f7:ec:36:
11:c4:7f:0b:8b:e7:8d:e0:40:ad:89:35:d0:d1:4b:4e:34:74:
e1:ce:2d:55:d5:2d:cc:e8:d7:13:b5:f9:8e:9c:08:cd:f7:0e:
9c:37:e0:40:30:94:ff:59:da:cd:5c:84:57:10:8e:94:87:a2:
05:72:0d:1e:a4:5e:6c:2c:8e:73:de:cf:69:85:25:75:bb:4c:
b1:a3:f4:71:0f:03:d9:34:31:7a:b8:c8:b2:06:2c:69:43:d2:
fe:1b:ac:84:f3:dc:80:fe:67:6b:91:63:24:7f:df:93:ba:e1:
94:75:51:59:39:ca:58:a3:4f:e6:ee:b7:e7:ae:b3:ec:0a:5c:
cd:8b:ec:87:54:24:05:f8:09:58:67:14:88:c9:b6:35:85:5e:
1e:3f:1f:0a:44:71:85:da:b3:5b:83:46:90:16:d7:8b:8c:84:
e2:ea:a6:ba:80:a6:12:63:85:e7:74:fc:01:57:77:e4:fd:cd:
7a:47:27:ae
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgICCg4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDAzMDcw
OTM2NTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI0MEI1QjVDQzVFNDAy
M0FEOEVGNEZEQkQyNEJEMjdCRUJBNTczQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtzaOg/4CjUxFQ6QpHLqDEec4Thy58Mm0HeR0bbWKmmCuqy5GM
jbs5kjcZ7QjrIH6L0Mfar4Zu5KnxtfUQjYVpozjvNAAeuHLL5IMyiBywJj0c1o8a
WCnUub1VgnrqYrrremsV7Men5ePiytFaUdXuVoSkceZYJ028YDm+LwoyAbtlNkOu
1LzoZ6rM0pZWrbnAJhjkCKsTAI1zgZKe3K2s8+f3uEuHEwUrcy59PZpfj9ug7mIl
59UAgmzz84XJBZDFHIAiWCE8rtgxHvjs0CXQVNibEu6CDxqpy6eVarSJnzGyqPyE
2jMQWvar606+PIWB/BokqWJh3It5oFj7LYmlAgMBAAGjggIBMIIB/TAdBgNVHQ4E
FgQUtAtbXMXkAjrY70/b0kvSe+ulc7cwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvdEF0YlhNWGtBanJZ
NzBfYjBrdlNlLXVsYzdjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEw
FAMEAG4pWjAMAwQEbinQAwQAbinSMA0GCSqGSIb3DQEBCwUAA4IBAQBQqJXsQvOM
J2aEcPKm6/Lc7Mr5RIIXsVia0nPvD5GiLrUWCNCUVR3WUQcsJ4EvHIDapPDa3hCB
M8VYGmqxNb4q0ovZtoL37DYRxH8Li+eN4ECtiTXQ0UtONHThzi1V1S3M6NcTtfmO
nAjN9w6cN+BAMJT/WdrNXIRXEI6Uh6IFcg0epF5sLI5z3s9phSV1u0yxo/RxDwPZ
NDF6uMiyBixpQ9L+G6yE89yA/mdrkWMkf9+TuuGUdVFZOcpYo0/m7rfnrrPsClzN
i+yHVCQF+AlYZxSIybY1hV4ePx8KRHGF2rNbg0aQFteLjITi6qa6gKYSY4XndPwB
V3fk/c16Ryeu
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:53:23 2024 by rpki-client on console-ams.rpki-client.org