Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/71/q3CYXHQMV0MNCWbS4KHiO7GTHLI.roa
File: q3CYXHQMV0MNCWbS4KHiO7GTHLI.roa (raw, json)
Hash identifier: BYck/hBXOHJzjkmGOnjFdLZHBBYbwce/KexJ2i2v1qM=
Subject key identifier: AB:70:98:5C:74:0C:57:43:0D:09:66:D2:E0:A1:E2:3B:B1:93:1C:B2
Certificate issuer: /CN=706580629A7148E4B22189E7B91F146791116370
Certificate serial: 0CA6
Authority key identifier: 70:65:80:62:9A:71:48:E4:B2:21:89:E7:B9:1F:14:67:91:11:63:70
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/cGWAYppxSOSyIYnnuR8UZ5ERY3A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/71/q3CYXHQMV0MNCWbS4KHiO7GTHLI.roa
Signing time: Wed 13 Mar 2024 01:23:57 +0000
ROA not before: Wed 13 Mar 2024 01:23:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 63889
IP address blocks: 110.173.96.0/20 maxlen: 24
110.173.96.0/22 maxlen: 24
110.173.96.0/24 maxlen: 24
110.173.97.0/24 maxlen: 24
110.173.98.0/24 maxlen: 24
110.173.99.0/24 maxlen: 24
110.173.112.0/20 maxlen: 24
110.173.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jul 2024 05:42:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3238 (0xca6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706580629A7148E4B22189E7B91F146791116370
Validity
Not Before: Mar 13 01:23:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AB70985C740C57430D0966D2E0A1E23BB1931CB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d9:2e:e6:83:7b:5a:1f:c3:64:f1:e7:d5:14:
56:9f:63:df:4e:d1:46:38:d0:52:92:bf:d0:2c:fd:
cd:22:12:e8:ae:8a:d6:b0:69:d2:e4:00:40:73:01:
3b:81:ab:7c:02:b5:24:f3:01:a2:d1:74:ed:d2:d0:
dc:a7:27:33:7a:79:e7:eb:ab:0c:c2:a7:83:66:b2:
7a:25:cc:1a:bc:60:47:db:60:22:08:88:a8:13:c4:
2e:a5:8e:07:08:3b:7c:9e:9e:0c:98:92:f0:ac:98:
fd:7a:2a:26:e6:76:3c:ca:f7:3c:d2:8b:e8:00:11:
13:56:b3:70:33:13:a2:cf:7c:1b:41:4f:18:3e:bf:
90:bd:cf:72:08:46:67:e1:f6:cb:be:1d:7a:c7:b1:
90:40:e5:bc:e4:47:f1:10:4b:bc:4f:c6:47:da:81:
9f:72:56:81:2f:b2:20:ef:ec:a0:58:bd:f0:b8:2c:
9e:60:35:90:be:89:68:6d:38:e6:e8:ca:68:56:5d:
09:83:5a:89:62:35:86:41:be:78:91:62:6d:e3:8b:
fd:da:4e:ba:3a:84:cb:3c:40:7e:1b:d4:56:a8:05:
87:f7:03:ac:3d:75:f3:3e:6a:94:a3:a7:4f:4c:89:
47:50:6f:7f:14:6b:8a:93:05:8e:ed:a8:49:c4:c3:
5f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:70:98:5C:74:0C:57:43:0D:09:66:D2:E0:A1:E2:3B:B1:93:1C:B2
X509v3 Authority Key Identifier:
keyid:70:65:80:62:9A:71:48:E4:B2:21:89:E7:B9:1F:14:67:91:11:63:70
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/71/cGWAYppxSOSyIYnnuR8UZ5ERY3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/cGWAYppxSOSyIYnnuR8UZ5ERY3A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/71/q3CYXHQMV0MNCWbS4KHiO7GTHLI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
110.173.96.0/19
Signature Algorithm: sha256WithRSAEncryption
9e:ed:39:61:46:d0:ba:21:e3:15:f3:5d:a1:d9:a1:f0:86:6d:
6f:60:d5:36:c5:ea:ef:c1:22:77:dd:4e:30:5f:0c:dd:2a:95:
c6:da:77:6a:64:b7:ee:a3:b6:24:15:48:16:0c:10:88:82:95:
76:89:67:05:a5:25:80:bf:1e:04:ba:01:bc:07:70:4c:d7:6e:
45:77:5d:06:5e:ac:ea:ca:5d:15:5c:3b:b6:a9:75:0b:5a:e8:
62:ac:3f:a4:9b:88:dc:17:c2:a9:b4:be:8a:fd:14:46:72:13:
da:95:ad:75:06:5a:59:e3:08:d4:58:02:eb:9c:c2:8c:bc:6b:
5e:1c:8c:f3:8a:40:7c:92:18:74:73:2e:53:ff:b8:4c:57:0f:
52:fc:bb:52:3a:83:85:4c:16:0a:b8:fe:1a:72:fb:ca:5b:27:
31:c9:55:43:18:87:ee:2c:f7:a2:ec:84:dc:03:b2:c8:1e:0f:
3c:cf:5e:20:ba:c8:63:25:06:d8:dd:60:16:8f:2a:a5:99:f7:
6e:1b:7e:06:84:4d:9b:bb:86:e6:18:5f:d3:4e:c8:d2:8f:29:
ef:0a:1e:00:f8:3a:d8:fc:40:1a:12:d0:2d:c9:57:0c:53:0a:
d4:b8:95:68:f3:11:7e:17:98:60:be:a5:cb:ac:ca:4a:4e:31:
24:84:d7:88
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzA2
NTgwNjI5QTcxNDhFNEIyMjE4OUU3QjkxRjE0Njc5MTExNjM3MDAeFw0yNDAzMTMw
MTIzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFCNzA5ODVDNzQwQzU3
NDMwRDA5NjZEMkUwQTFFMjNCQjE5MzFDQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP2S7mg3taH8Nk8efVFFafY99O0UY40FKSv9As/c0iEuiuitaw
adLkAEBzATuBq3wCtSTzAaLRdO3S0NynJzN6eefrqwzCp4NmsnolzBq8YEfbYCII
iKgTxC6ljgcIO3yengyYkvCsmP16KibmdjzK9zzSi+gAERNWs3AzE6LPfBtBTxg+
v5C9z3IIRmfh9su+HXrHsZBA5bzkR/EQS7xPxkfagZ9yVoEvsiDv7KBYvfC4LJ5g
NZC+iWhtOOboymhWXQmDWoliNYZBvniRYm3ji/3aTro6hMs8QH4b1FaoBYf3A6w9
dfM+apSjp09MiUdQb38Ua4qTBY7tqEnEw1+HAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUq3CYXHQMV0MNCWbS4KHiO7GTHLIwHwYDVR0jBBgwFoAUcGWAYppxSOSyIYnn
uR8UZ5ERY3AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzEv
Y0dXQVlwcHhTT1N5SVlubnVSOFVaNUVSWTNBLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9jR1dBWXBweFNPU3lJWW5udVI4VVo1RVJZM0EuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83MS9xM0NZWEhRTVYwTU5DV2JT
NEtIaU83R1RITEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF
bq1gMA0GCSqGSIb3DQEBCwUAA4IBAQCe7TlhRtC6IeMV812h2aHwhm1vYNU2xerv
wSJ33U4wXwzdKpXG2ndqZLfuo7YkFUgWDBCIgpV2iWcFpSWAvx4EugG8B3BM125F
d10GXqzqyl0VXDu2qXULWuhirD+km4jcF8KptL6K/RRGchPala11BlpZ4wjUWALr
nMKMvGteHIzzikB8khh0cy5T/7hMVw9S/LtSOoOFTBYKuP4acvvKWycxyVVDGIfu
LPei7ITcA7LIHg88z14gushjJQbY3WAWjyqlmfduG34GhE2bu4bmGF/TTsjSjynv
Ch4A+DrY/EAaEtAtyVcMUwrUuJVo8xF+F5hgvqXLrMpKTjEkhNeI
-----END CERTIFICATE-----
Generated at Tue Jul 9 06:56:01 2024 by rpki-client on console-ams.rpki-client.org