Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/N4Wc1QkqSILPJPX6eOhK9U6-zzQ.roa
File: N4Wc1QkqSILPJPX6eOhK9U6-zzQ.roa (raw, json)
Hash identifier: xyXzbjx5L/nx37r0lZYdkoLMNv6+H/P3w/kCuyBLahs=
Subject key identifier: 37:85:9C:D5:09:2A:48:82:CF:24:F5:FA:78:E8:4A:F5:4E:BE:CF:34
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 114D
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/N4Wc1QkqSILPJPX6eOhK9U6-zzQ.roa
Signing time: Wed 24 May 2023 03:53:36 +0000
ROA not before: Wed 24 May 2023 03:53:36 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 4811
IP address blocks: 106.75.208.0/20 maxlen: 20
113.31.96.0/20 maxlen: 20
113.31.112.0/20 maxlen: 20
113.31.144.0/20 maxlen: 20
113.31.160.0/20 maxlen: 20
113.31.176.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4429 (0x114d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: May 24 03:53:36 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=37859CD5092A4882CF24F5FA78E84AF54EBECF34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d6:ed:55:f4:09:7d:fa:1d:70:9f:76:96:92:
c7:62:4a:e7:62:fc:57:71:a4:58:22:d5:4b:6a:71:
09:fe:c3:e1:06:f3:0a:29:57:3a:b3:49:8f:a7:0e:
b7:ae:f9:10:6b:4d:88:ed:2b:a6:7c:73:0c:7c:e6:
ed:2f:1b:d9:35:96:cb:ec:5a:45:78:26:9e:c5:51:
5b:ca:ef:cf:6b:0d:d5:1f:ab:40:28:f0:75:4d:29:
fc:72:85:7f:8b:2e:8e:66:3b:8b:06:48:24:bd:a6:
4d:53:0f:68:18:da:21:f4:d9:3b:db:64:01:2d:83:
52:5f:0c:7c:e1:e7:d7:ab:09:ab:2d:dd:fb:59:17:
7d:fd:39:f3:cb:5c:0c:d2:b3:23:fb:65:53:0a:43:
c7:87:58:30:18:b0:4a:69:7c:46:94:fd:2c:09:45:
95:96:53:60:05:c5:d4:31:2e:91:d7:c5:33:e5:d3:
68:e2:8f:09:6d:9b:41:7c:34:dd:0f:31:72:c3:2b:
76:dd:e5:9a:37:f3:8e:a7:d9:68:b6:9f:4e:6c:dd:
32:f6:26:7f:7a:24:21:2b:07:ac:25:37:da:b6:74:
55:83:03:f4:34:35:6d:95:38:83:9e:44:ed:2e:71:
d0:4d:8b:e7:a7:be:c6:6e:5a:bd:b2:c1:83:95:74:
41:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:85:9C:D5:09:2A:48:82:CF:24:F5:FA:78:E8:4A:F5:4E:BE:CF:34
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/N4Wc1QkqSILPJPX6eOhK9U6-zzQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.75.208.0/20
113.31.96.0/19
113.31.144.0-113.31.191.255
Signature Algorithm: sha256WithRSAEncryption
11:49:19:36:e9:b8:6d:33:af:64:b7:e7:18:f3:ff:4a:89:0e:
7c:5b:00:98:75:14:e7:2d:6a:eb:a2:4b:8b:65:f0:9b:bd:e3:
80:16:07:4e:4f:85:eb:4a:05:51:5c:34:f9:38:f5:cd:28:cb:
5e:56:38:dc:dc:47:5e:18:9a:78:78:f9:4f:4a:79:5c:b7:d2:
ba:26:cf:71:11:37:b2:7c:76:26:80:9d:4d:44:68:2c:37:ac:
c1:ab:b0:58:c6:a6:25:5f:52:2c:f0:ab:8a:0f:3c:c9:b9:2b:
f5:f8:60:f5:5f:44:d5:aa:68:59:51:34:0a:00:84:2d:2f:cd:
45:e4:5d:0b:4c:12:bb:a5:71:97:06:be:3d:b3:c2:bd:0c:b3:
1e:b2:90:61:15:fb:17:6f:b0:b2:48:fe:f5:f5:6e:5c:80:d9:
37:72:c4:24:5b:1b:68:91:64:d0:f2:eb:14:70:cf:07:47:c0:
9e:2e:21:c4:72:88:22:4a:1e:75:d3:27:db:85:9e:a2:cf:2e:
69:48:9a:52:a4:b0:80:ec:f3:6b:e8:ac:32:a1:47:a8:db:59:
f5:62:f9:ee:94:53:0d:9e:f1:33:5f:81:f5:e7:fe:a8:96:04:
ec:07:01:a6:cb:bc:ab:04:a0:10:6c:3a:6c:71:e3:47:e8:e9:
6a:cd:e8:5a
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgICEU0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yMzA1MjQw
MzUzMzZaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDM3ODU5Q0Q1MDkyQTQ4
ODJDRjI0RjVGQTc4RTg0QUY1NEVCRUNGMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt1u1V9Al9+h1wn3aWksdiSudi/FdxpFgi1UtqcQn+w+EG8wop
VzqzSY+nDreu+RBrTYjtK6Z8cwx85u0vG9k1lsvsWkV4Jp7FUVvK789rDdUfq0Ao
8HVNKfxyhX+LLo5mO4sGSCS9pk1TD2gY2iH02TvbZAEtg1JfDHzh59erCast3ftZ
F339OfPLXAzSsyP7ZVMKQ8eHWDAYsEppfEaU/SwJRZWWU2AFxdQxLpHXxTPl02ji
jwltm0F8NN0PMXLDK3bd5Zo3846n2Wi2n05s3TL2Jn96JCErB6wlN9q2dFWDA/Q0
NW2VOIOeRO0ucdBNi+envsZuWr2ywYOVdEFNAgMBAAGjggIFMIICATAdBgNVHQ4E
FgQUN4Wc1QkqSILPJPX6eOhK9U6+zzQwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L040V2MxUWtxU0lMUEpQ
WDZlT2hLOVU2LXp6US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgABMBoD
BARqS9ADBAVxH2AwDAMEBHEfkAMEBnEfgDANBgkqhkiG9w0BAQsFAAOCAQEAEUkZ
Num4bTOvZLfnGPP/SokOfFsAmHUU5y1q66JLi2Xwm73jgBYHTk+F60oFUVw0+Tj1
zSjLXlY43NxHXhiaeHj5T0p5XLfSuibPcRE3snx2JoCdTURoLDeswauwWMamJV9S
LPCrig88ybkr9fhg9V9E1apoWVE0CgCELS/NReRdC0wSu6Vxlwa+PbPCvQyzHrKQ
YRX7F2+wskj+9fVuXIDZN3LEJFsbaJFk0PLrFHDPB0fAni4hxHKIIkoeddMn24We
os8uaUiaUqSwgOzza+isMqFHqNtZ9WL57pRTDZ7xM1+B9ef+qJYE7AcBpsu8qwSg
EGw6bHHjR+jpas3oWg==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org