Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/IjxEUTGZWNHUR5slHN1TKWphHwI.roa
File: IjxEUTGZWNHUR5slHN1TKWphHwI.roa (raw, json)
Hash identifier: dSovbwJjywk8wgJJ06+yhh+1Ev+8XTqQJjgIdPsa9Vw=
Subject key identifier: 22:3C:44:51:31:99:58:D1:D4:47:9B:25:1C:DD:53:29:6A:61:1F:02
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 04DC
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/IjxEUTGZWNHUR5slHN1TKWphHwI.roa
Signing time: Wed 26 Jun 2024 13:41:32 +0000
ROA not before: Wed 26 Jun 2024 13:41:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 2914
IP address blocks: 124.175.0.0/21 maxlen: 24
124.175.8.0/21 maxlen: 24
124.175.16.0/21 maxlen: 24
124.175.24.0/21 maxlen: 24
124.175.72.0/21 maxlen: 24
124.175.80.0/21 maxlen: 24
124.175.88.0/21 maxlen: 24
124.175.96.0/21 maxlen: 24
124.175.104.0/21 maxlen: 24
124.175.112.0/21 maxlen: 24
124.175.120.0/21 maxlen: 24
124.175.160.0/21 maxlen: 24
124.175.168.0/21 maxlen: 24
124.175.176.0/21 maxlen: 24
124.175.184.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 04:09:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1244 (0x4dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Jun 26 13:41:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=223C4451319958D1D4479B251CDD53296A611F02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9f:96:74:7e:7a:b0:8c:5f:56:15:24:44:a2:
22:ce:3b:72:45:1b:b0:de:61:54:53:1c:c7:f9:5f:
9f:db:c5:f6:2a:6c:ac:b6:67:8c:5d:42:85:e8:1a:
99:57:47:d1:b0:24:86:55:38:51:f9:99:a5:69:76:
62:18:ce:c4:5c:15:19:ad:fa:72:20:66:ac:32:0a:
3d:ec:d9:94:f7:e8:e8:ec:ee:a9:3b:20:2b:c6:c6:
58:b7:03:48:19:a1:21:e2:70:5b:b5:8d:f6:64:86:
11:24:bb:6c:0f:ab:47:5a:e1:47:60:3f:83:5d:f0:
2c:c2:22:52:ae:ca:c4:d2:58:8b:b8:15:75:c3:2c:
c9:5b:ab:57:a3:24:3e:fe:ce:c3:dd:4d:2b:7d:a5:
64:36:90:ad:1b:b9:79:1a:9e:2f:79:cd:9f:f2:c3:
91:23:da:60:d4:4e:d4:cc:42:06:8e:9c:e0:a2:c9:
07:90:3f:b3:97:80:5e:83:5e:b1:3a:1c:59:af:85:
6d:2f:9f:da:06:74:89:75:7c:cf:08:0a:cd:77:4e:
fe:09:3f:f8:93:86:e6:e1:7c:6d:a9:b1:99:e1:c8:
0d:56:08:bc:93:21:0c:44:e2:86:38:b3:b0:53:23:
67:a2:52:8b:47:da:61:03:11:1d:6d:38:20:46:1e:
0a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:3C:44:51:31:99:58:D1:D4:47:9B:25:1C:DD:53:29:6A:61:1F:02
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/IjxEUTGZWNHUR5slHN1TKWphHwI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.175.0.0/19
124.175.72.0-124.175.127.255
124.175.160.0/19
Signature Algorithm: sha256WithRSAEncryption
82:67:de:81:7c:91:e8:fc:d3:3b:50:12:2f:9e:d0:1b:c1:c0:
36:51:4b:bb:a6:de:56:d2:ad:b7:0f:db:72:1d:70:5a:55:c5:
95:46:08:83:f7:34:82:7c:c0:d9:00:a8:8c:a5:71:90:66:33:
36:df:db:24:48:ea:72:39:a5:95:15:b9:4c:31:f9:db:b4:76:
33:10:42:38:1b:cb:38:58:f0:07:6c:72:39:c1:d4:65:e4:39:
44:f6:d7:b8:a2:64:a5:0c:3e:1c:ff:fc:b4:e5:64:fc:d2:6f:
9a:a1:6d:69:60:b2:cf:ed:d0:20:31:52:2a:c7:1f:80:f2:a2:
e9:d2:fe:9c:90:19:9f:65:a6:5b:a6:a8:ed:5c:52:f0:4f:09:
90:fc:59:1a:8c:c4:28:e4:10:27:70:c5:5c:2a:c1:23:ba:a8:
ef:60:b3:5e:bf:2e:77:b4:14:2c:0a:1e:8d:40:93:c3:c4:e9:
68:fe:35:5d:bb:be:57:19:4d:93:de:fc:14:80:81:ce:0e:06:
57:57:15:1e:c3:2d:14:cd:4d:54:cc:ad:b6:74:69:2f:ec:55:
f1:d9:c1:a6:99:a8:83:8d:49:df:1e:45:00:e1:2d:93:4e:1a:
57:b6:e2:fc:9e:1d:74:92:7d:19:50:a2:23:2e:63:0a:89:49:
c2:94:0e:31
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgICBNwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNDA2MjYx
MzQxMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIyM0M0NDUxMzE5OTU4
RDFENDQ3OUIyNTFDREQ1MzI5NkE2MTFGMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9n5Z0fnqwjF9WFSREoiLOO3JFG7DeYVRTHMf5X5/bxfYqbKy2
Z4xdQoXoGplXR9GwJIZVOFH5maVpdmIYzsRcFRmt+nIgZqwyCj3s2ZT36Ojs7qk7
ICvGxli3A0gZoSHicFu1jfZkhhEku2wPq0da4UdgP4Nd8CzCIlKuysTSWIu4FXXD
LMlbq1ejJD7+zsPdTSt9pWQ2kK0buXkani95zZ/yw5Ej2mDUTtTMQgaOnOCiyQeQ
P7OXgF6DXrE6HFmvhW0vn9oGdIl1fM8ICs13Tv4JP/iThubhfG2psZnhyA1WCLyT
IQxE4oY4s7BTI2eiUotH2mEDER1tOCBGHgrFAgMBAAGjggIBMIIB/TAdBgNVHQ4E
FgQUIjxEUTGZWNHUR5slHN1TKWphHwIwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvSWp4RVVUR1pXTkhVUjVzbEhO
MVRLV3BoSHdJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEBXyv
ADAMAwQDfK9IAwQHfK8AAwQFfK+gMA0GCSqGSIb3DQEBCwUAA4IBAQCCZ96BfJHo
/NM7UBIvntAbwcA2UUu7pt5W0q23D9tyHXBaVcWVRgiD9zSCfMDZAKiMpXGQZjM2
39skSOpyOaWVFblMMfnbtHYzEEI4G8s4WPAHbHI5wdRl5DlE9te4omSlDD4c//y0
5WT80m+aoW1pYLLP7dAgMVIqxx+A8qLp0v6ckBmfZaZbpqjtXFLwTwmQ/FkajMQo
5BAncMVcKsEjuqjvYLNevy53tBQsCh6NQJPDxOlo/jVdu75XGU2T3vwUgIHODgZX
VxUewy0UzU1UzK22dGkv7FXx2cGmmaiDjUnfHkUA4S2TThpXtuL8nh10kn0ZUKIj
LmMKiUnClA4x
-----END CERTIFICATE-----
Generated at Mon Aug 12 06:53:16 2024 by rpki-client on console-ams.rpki-client.org