Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/4GLAtbodbIq0tqFX0aQLv3bTHQo.roa
File: 4GLAtbodbIq0tqFX0aQLv3bTHQo.roa (raw, json)
Hash identifier: BZ5Fh0tlFRxuVrAxdsj/wAHNX8D9m+lzJLJrGzGjlTQ=
Subject key identifier: E0:62:C0:B5:BA:1D:6C:8A:B4:B6:A1:57:D1:A4:0B:BF:76:D3:1D:0A
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 114B
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/4GLAtbodbIq0tqFX0aQLv3bTHQo.roa
Signing time: Wed 24 May 2023 03:53:34 +0000
ROA not before: Wed 24 May 2023 03:53:34 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 4812
IP address blocks: 106.75.224.0/20 maxlen: 20
106.75.240.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4427 (0x114b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: May 24 03:53:34 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=E062C0B5BA1D6C8AB4B6A157D1A40BBF76D31D0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:dd:84:14:3b:12:ae:cd:58:c6:52:8b:26:c9:
17:9a:a9:a3:a6:a9:8d:51:51:ec:5b:19:18:97:a9:
c7:20:4e:2c:9f:b8:a8:b1:bb:c4:db:c8:b5:ac:77:
a9:73:a2:7a:f2:f1:ec:9f:93:01:bb:39:da:ad:d0:
13:fa:ba:5d:e5:69:44:26:cf:09:fa:94:ae:19:36:
3f:ae:e7:56:42:e1:2f:68:2a:3e:cc:c8:6a:d1:29:
0e:a8:9f:cc:84:f5:67:25:ff:3f:a0:04:3c:c0:ee:
58:2c:21:2a:00:fa:b6:9e:49:98:df:d7:d9:46:b7:
a9:a2:7f:66:0c:a3:d3:0c:5d:9e:46:75:bd:d8:18:
02:db:2a:85:e9:00:72:b0:52:a6:2a:e1:45:cd:69:
f3:44:e4:1b:7a:81:dd:9c:8c:c3:26:99:aa:2a:2e:
46:0e:11:2d:5a:94:fe:d8:3e:dd:43:b3:27:e2:17:
fb:3b:56:02:50:ab:77:00:c5:e1:08:2d:a0:53:7a:
93:6a:60:cc:41:d0:f0:ec:6d:39:a3:60:95:75:17:
43:2b:a3:de:e8:bd:9f:e6:74:3b:70:b5:80:7d:bd:
80:a0:6b:95:7a:fc:28:78:39:83:48:4f:90:c4:df:
88:c4:4e:b9:2a:8f:65:3d:39:56:85:dc:f1:3d:33:
68:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:62:C0:B5:BA:1D:6C:8A:B4:B6:A1:57:D1:A4:0B:BF:76:D3:1D:0A
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/4GLAtbodbIq0tqFX0aQLv3bTHQo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.75.224.0/19
Signature Algorithm: sha256WithRSAEncryption
0a:89:d4:dd:f2:f0:74:08:dd:3a:1f:79:b5:5c:e3:8b:44:36:
29:6d:83:b2:b6:5b:2a:4e:75:98:ef:05:ba:95:99:da:e7:bf:
72:5d:ad:b1:e2:c9:10:11:a0:3e:07:c3:4b:00:3d:88:bf:b4:
15:23:4a:38:00:9a:58:df:76:69:9f:14:4b:27:8b:98:a1:c2:
21:e5:e9:86:3f:05:99:94:95:28:ab:84:5d:f2:06:63:b7:c0:
88:e7:58:f5:32:1d:7b:2f:9d:87:5f:67:39:7a:80:2d:7c:d0:
43:20:37:39:08:76:f7:53:4f:b9:13:d9:3b:95:e2:51:4f:35:
6f:a3:f2:cd:39:6b:c7:0b:c6:cb:f8:36:70:10:73:51:6c:4b:
bc:33:e2:0a:a4:cd:e4:01:74:c9:47:3e:a1:92:e2:4f:84:50:
98:ce:06:5f:bd:52:ca:be:4f:f2:0d:11:93:60:a2:0a:da:ab:
11:89:26:2e:e0:aa:04:75:c5:72:69:89:67:77:67:76:5f:c8:
41:91:6e:70:c0:89:86:b0:a3:01:7d:e8:db:d8:18:b1:11:c2:
0d:b5:fc:69:e0:3a:7c:fb:0d:9a:a5:ab:6a:65:a0:74:6d:39:
e1:2a:51:af:17:04:f3:d5:f5:5a:b3:f0:f2:e0:36:9f:a8:0d:
9b:c1:94:f1
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICEUswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yMzA1MjQw
MzUzMzRaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKEUwNjJDMEI1QkExRDZD
OEFCNEI2QTE1N0QxQTQwQkJGNzZEMzFEMEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL3YQUOxKuzVjGUosmyReaqaOmqY1RUexbGRiXqccgTiyfuKix
u8TbyLWsd6lzonry8eyfkwG7Odqt0BP6ul3laUQmzwn6lK4ZNj+u51ZC4S9oKj7M
yGrRKQ6on8yE9Wcl/z+gBDzA7lgsISoA+raeSZjf19lGt6mif2YMo9MMXZ5Gdb3Y
GALbKoXpAHKwUqYq4UXNafNE5Bt6gd2cjMMmmaoqLkYOES1alP7YPt1DsyfiF/s7
VgJQq3cAxeEILaBTepNqYMxB0PDsbTmjYJV1F0Mro97ovZ/mdDtwtYB9vYCga5V6
/Ch4OYNIT5DE34jETrkqj2U9OVaF3PE9M2ibAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU4GLAtbodbIq0tqFX0aQLv3bTHQowHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3LzRHTEF0Ym9kYklxMHRx
RlgwYVFMdjNiVEhRby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAVqS+AwDQYJKoZIhvcNAQELBQADggEBAAqJ1N3y8HQI3TofebVc44tENiltg7K2
WypOdZjvBbqVmdrnv3JdrbHiyRARoD4Hw0sAPYi/tBUjSjgAmljfdmmfFEsni5ih
wiHl6YY/BZmUlSirhF3yBmO3wIjnWPUyHXsvnYdfZzl6gC180EMgNzkIdvdTT7kT
2TuV4lFPNW+j8s05a8cLxsv4NnAQc1FsS7wz4gqkzeQBdMlHPqGS4k+EUJjOBl+9
Usq+T/INEZNgograqxGJJi7gqgR1xXJpiWd3Z3ZfyEGRbnDAiYawowF96NvYGLER
wg21/GngOnz7DZqlq2ploHRtOeEqUa8XBPPV9Vqz8PLgNp+oDZvBlPE=
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:11:40 2024 by rpki-client on console-ams.rpki-client.org