Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/71/l4XUwUph4nJFGvGpUY8x_dnXMFc.roa
File: l4XUwUph4nJFGvGpUY8x_dnXMFc.roa (raw, json)
Hash identifier: aRLzTm1fPmE/266kWtZv6mxpjYTNwRC1rEYgejbQZK0=
Subject key identifier: 97:85:D4:C1:4A:61:E2:72:45:1A:F1:A9:51:8F:31:FD:D9:D7:30:57
Certificate issuer: /CN=706580629A7148E4B22189E7B91F146791116370
Certificate serial: 0CA7
Authority key identifier: 70:65:80:62:9A:71:48:E4:B2:21:89:E7:B9:1F:14:67:91:11:63:70
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/cGWAYppxSOSyIYnnuR8UZ5ERY3A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/71/l4XUwUph4nJFGvGpUY8x_dnXMFc.roa
Signing time: Wed 13 Mar 2024 01:23:57 +0000
ROA not before: Wed 13 Mar 2024 01:23:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 140212
IP address blocks: 110.173.96.0/20 maxlen: 24
110.173.96.0/22 maxlen: 24
110.173.96.0/24 maxlen: 24
110.173.97.0/24 maxlen: 24
110.173.98.0/24 maxlen: 24
110.173.99.0/24 maxlen: 24
110.173.112.0/20 maxlen: 24
110.173.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jul 2024 05:42:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3239 (0xca7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706580629A7148E4B22189E7B91F146791116370
Validity
Not Before: Mar 13 01:23:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9785D4C14A61E272451AF1A9518F31FDD9D73057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:15:03:f2:83:fd:dc:08:21:88:55:1a:d2:64:
de:76:5a:63:30:4b:7f:ff:32:03:9e:17:5f:e3:aa:
c1:5d:22:60:38:b5:ab:a6:e2:19:63:07:58:49:bb:
e8:c1:d6:81:81:ab:d5:69:e1:55:23:bd:8a:cf:eb:
97:7d:9e:ab:e0:b0:eb:96:c6:5c:61:f0:78:ca:1b:
1e:13:f9:7c:eb:f5:04:98:8f:ef:9b:b0:72:6e:23:
56:5a:c4:de:34:83:6c:f4:9b:a5:a1:d2:1a:d7:53:
46:f2:9c:f0:44:d3:48:16:ac:ae:81:d6:6b:3b:c7:
5b:37:ac:82:2e:03:22:bc:4a:94:30:ac:20:46:54:
e8:bd:d0:25:06:31:d9:bd:2a:6a:f2:a1:27:9d:49:
52:9e:18:52:46:cb:0e:68:bd:c2:83:7e:59:09:dd:
ad:4a:f9:f6:bd:ae:47:0a:dc:2f:c9:25:4a:63:83:
0d:33:1c:aa:6d:f8:37:5e:1e:0b:d8:98:ec:7f:93:
f7:29:11:6b:8a:4a:d0:c9:7b:7b:a5:e3:3e:cd:45:
9f:b0:4b:f8:b1:fb:1a:46:47:27:13:e3:29:e4:84:
03:c4:c1:26:88:66:1e:00:a1:0e:9c:31:eb:19:87:
d6:b0:17:c1:e7:3d:1d:b2:c1:b7:c8:bd:7f:af:6d:
30:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:85:D4:C1:4A:61:E2:72:45:1A:F1:A9:51:8F:31:FD:D9:D7:30:57
X509v3 Authority Key Identifier:
keyid:70:65:80:62:9A:71:48:E4:B2:21:89:E7:B9:1F:14:67:91:11:63:70
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/71/cGWAYppxSOSyIYnnuR8UZ5ERY3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/cGWAYppxSOSyIYnnuR8UZ5ERY3A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/71/l4XUwUph4nJFGvGpUY8x_dnXMFc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
110.173.96.0/19
Signature Algorithm: sha256WithRSAEncryption
7d:f9:16:8e:4a:9f:3a:9c:fb:ef:57:35:94:78:39:a8:64:80:
17:2d:64:08:a5:3f:0b:70:8f:e9:88:4d:ba:52:ee:a2:54:31:
a7:b9:f9:84:f4:5e:84:00:5f:20:7b:d9:00:8c:84:e2:9c:ad:
9c:2c:4b:44:c9:f0:c0:41:2e:6c:0c:ab:20:e1:e5:5b:20:81:
3a:e9:db:b0:cc:60:a2:fc:f4:21:17:cf:c5:73:42:ed:68:41:
b6:fd:c0:c1:6b:68:c6:e9:c2:42:4a:ea:49:49:1d:a9:23:a6:
56:6c:58:e9:ef:57:74:1b:5b:c7:e1:c3:1e:5d:57:dd:df:e3:
41:a0:0c:de:ad:d2:e9:6a:83:f7:33:82:db:48:e8:0d:24:10:
d5:cf:ba:3e:9d:30:99:7f:8f:42:59:80:07:24:ba:f6:a4:cb:
ed:e8:95:f5:6f:d1:03:e1:18:e6:66:7d:4d:90:af:d5:8a:fe:
ed:0f:e6:ca:1b:01:33:52:8b:3c:82:e9:f4:fe:04:0f:5f:15:
bb:8e:68:73:fd:59:44:35:1c:0d:2b:2f:cc:39:be:3a:c1:87:
68:69:27:36:ee:cf:e7:5f:0e:a8:6b:d3:c3:7d:9d:96:25:1f:
fb:f4:35:2d:5f:79:ed:aa:bb:0e:76:7d:b5:80:2d:f9:6d:23:
69:b9:2d:dd
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDKcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzA2
NTgwNjI5QTcxNDhFNEIyMjE4OUU3QjkxRjE0Njc5MTExNjM3MDAeFw0yNDAzMTMw
MTIzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3ODVENEMxNEE2MUUy
NzI0NTFBRjFBOTUxOEYzMUZERDlENzMwNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeFQPyg/3cCCGIVRrSZN52WmMwS3//MgOeF1/jqsFdImA4taum
4hljB1hJu+jB1oGBq9Vp4VUjvYrP65d9nqvgsOuWxlxh8HjKGx4T+Xzr9QSYj++b
sHJuI1ZaxN40g2z0m6Wh0hrXU0bynPBE00gWrK6B1ms7x1s3rIIuAyK8SpQwrCBG
VOi90CUGMdm9KmryoSedSVKeGFJGyw5ovcKDflkJ3a1K+fa9rkcK3C/JJUpjgw0z
HKpt+DdeHgvYmOx/k/cpEWuKStDJe3ul4z7NRZ+wS/ix+xpGRycT4ynkhAPEwSaI
Zh4AoQ6cMesZh9awF8HnPR2ywbfIvX+vbTCjAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUl4XUwUph4nJFGvGpUY8x/dnXMFcwHwYDVR0jBBgwFoAUcGWAYppxSOSyIYnn
uR8UZ5ERY3AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzEv
Y0dXQVlwcHhTT1N5SVlubnVSOFVaNUVSWTNBLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9jR1dBWXBweFNPU3lJWW5udVI4VVo1RVJZM0EuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83MS9sNFhVd1VwaDRuSkZHdkdw
VVk4eF9kblhNRmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF
bq1gMA0GCSqGSIb3DQEBCwUAA4IBAQB9+RaOSp86nPvvVzWUeDmoZIAXLWQIpT8L
cI/piE26Uu6iVDGnufmE9F6EAF8ge9kAjITinK2cLEtEyfDAQS5sDKsg4eVbIIE6
6duwzGCi/PQhF8/Fc0LtaEG2/cDBa2jG6cJCSupJSR2pI6ZWbFjp71d0G1vH4cMe
XVfd3+NBoAzerdLpaoP3M4LbSOgNJBDVz7o+nTCZf49CWYAHJLr2pMvt6JX1b9ED
4RjmZn1NkK/Viv7tD+bKGwEzUos8gun0/gQPXxW7jmhz/VlENRwNKy/MOb46wYdo
aSc27s/nXw6oa9PDfZ2WJR/79DUtX3ntqrsOdn21gC35bSNpuS3d
-----END CERTIFICATE-----
Generated at Tue Jul 9 06:56:01 2024 by rpki-client on console-ams.rpki-client.org