Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/YDprhfrA8jt3kv9vrNcUP5-tjPQ.roa
File: YDprhfrA8jt3kv9vrNcUP5-tjPQ.roa (raw, json)
Hash identifier: JwOYO41wQAlqj1fi0N412HVVfz5FvSBFzhz/XSA89sM=
Subject key identifier: 60:3A:6B:85:FA:C0:F2:3B:77:92:FF:6F:AC:D7:14:3F:9F:AD:8C:F4
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 114A
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/YDprhfrA8jt3kv9vrNcUP5-tjPQ.roa
Signing time: Wed 24 May 2023 03:53:34 +0000
ROA not before: Wed 24 May 2023 03:53:34 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 4808
IP address blocks: 106.75.0.0/19 maxlen: 19
106.75.32.0/19 maxlen: 19
106.75.64.0/19 maxlen: 19
106.75.96.0/19 maxlen: 19
117.50.0.0/19 maxlen: 19
117.50.32.0/19 maxlen: 19
117.50.64.0/19 maxlen: 19
117.50.96.0/19 maxlen: 19
117.50.128.0/19 maxlen: 19
117.50.160.0/19 maxlen: 19
117.50.192.0/19 maxlen: 19
117.50.224.0/19 maxlen: 19
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4426 (0x114a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: May 24 03:53:34 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=603A6B85FAC0F23B7792FF6FACD7143F9FAD8CF4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:75:a6:77:9d:97:e7:8e:45:95:e1:19:e8:cc:
3e:aa:fc:4a:4d:99:d4:3e:bb:82:73:ee:31:d6:32:
5d:40:fb:7a:87:83:24:03:6e:bc:07:d2:93:e5:7b:
5a:de:5e:f7:c3:fa:3e:4d:9d:c1:96:51:85:ec:0a:
de:84:5f:d9:b7:27:5a:ac:6b:5c:ea:8b:c0:5c:f8:
15:2d:ea:45:29:8e:9e:58:d0:1a:bd:0f:35:d5:74:
85:0d:3e:64:61:fe:4b:83:f7:ea:73:d4:56:ef:73:
18:06:97:0a:bd:f5:96:75:21:42:70:f5:95:df:0a:
92:94:32:00:b4:99:5f:89:36:ff:33:df:b9:22:1e:
5d:5c:a2:e6:27:c0:a7:ea:ee:e5:e1:83:f4:9e:eb:
5b:0e:3a:1c:65:dc:82:a0:92:79:46:41:a8:88:fb:
cb:c9:ed:0d:76:94:26:91:35:b9:11:3e:4b:6d:45:
19:6b:fe:97:2b:f3:5a:7f:01:f7:30:51:cf:b4:80:
14:e6:c5:18:0d:9a:32:2b:43:e6:e8:d6:fe:ed:e8:
61:ef:76:42:aa:a2:04:9c:55:5b:fb:d2:f8:fd:4a:
3c:ca:15:98:ca:87:fc:41:51:33:4c:27:12:5b:fa:
c0:a7:65:7a:4b:94:9e:08:7d:e9:bf:e5:61:d7:55:
79:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:3A:6B:85:FA:C0:F2:3B:77:92:FF:6F:AC:D7:14:3F:9F:AD:8C:F4
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/YDprhfrA8jt3kv9vrNcUP5-tjPQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.75.0.0/17
117.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:b0:23:35:f2:16:a7:9d:1c:49:15:5e:7b:b0:e1:2d:99:1f:
4b:fb:22:f9:3c:25:83:2a:f3:08:5b:3d:91:2b:ec:7d:90:24:
6b:f0:53:12:16:8a:75:de:53:d8:5d:c7:ca:84:a7:d8:7f:b4:
64:f6:0a:b3:3c:57:02:0a:bf:81:2f:48:eb:91:0f:3e:10:2f:
0f:d4:61:ed:63:47:d1:c8:3d:5e:9c:88:14:f1:8e:21:07:a4:
73:19:d9:e5:57:16:fd:aa:d7:e4:df:86:c4:7c:33:e2:2f:f3:
01:68:c7:3f:a1:15:a5:ae:76:94:3a:f6:a6:f9:2e:fd:0e:09:
d0:81:eb:80:9d:39:fa:b2:50:c8:b4:46:0f:59:9e:60:55:73:
42:d1:ec:cc:99:70:3b:c4:b5:4f:86:3e:e7:c4:71:c8:b7:94:
db:99:8c:4e:c0:3b:05:ee:c3:3c:00:c1:c9:c1:d6:da:76:47:
9f:39:de:e8:dc:57:76:7d:78:20:81:ea:24:c6:ae:56:ca:c7:
dc:29:d4:53:d8:dd:6f:47:60:1e:2e:f6:67:37:10:4c:20:3f:
83:90:cd:10:76:7d:82:60:01:0b:9a:97:69:17:ca:d2:82:37:
9b:ca:00:40:72:e3:aa:13:9d:60:9d:d0:8b:01:50:cb:75:e0:
82:9d:08:02
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICEUowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yMzA1MjQw
MzUzMzRaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDYwM0E2Qjg1RkFDMEYy
M0I3NzkyRkY2RkFDRDcxNDNGOUZBRDhDRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgdaZ3nZfnjkWV4RnozD6q/EpNmdQ+u4Jz7jHWMl1A+3qHgyQD
brwH0pPle1reXvfD+j5NncGWUYXsCt6EX9m3J1qsa1zqi8Bc+BUt6kUpjp5Y0Bq9
DzXVdIUNPmRh/kuD9+pz1FbvcxgGlwq99ZZ1IUJw9ZXfCpKUMgC0mV+JNv8z37ki
Hl1couYnwKfq7uXhg/Se61sOOhxl3IKgknlGQaiI+8vJ7Q12lCaRNbkRPkttRRlr
/pcr81p/AfcwUc+0gBTmxRgNmjIrQ+bo1v7t6GHvdkKqogScVVv70vj9SjzKFZjK
h/xBUTNMJxJb+sCnZXpLlJ4Ifem/5WHXVXkxAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUYDprhfrA8jt3kv9vrNcUP5+tjPQwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L1lEcHJoZnJBOGp0M2t2
OXZyTmNVUDUtdGpQUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJAYIKwYBBQUHAQcBAf8EFTATMBEEAgABMAsD
BAdqSwADAwB1MjANBgkqhkiG9w0BAQsFAAOCAQEAmbAjNfIWp50cSRVee7DhLZkf
S/si+TwlgyrzCFs9kSvsfZAka/BTEhaKdd5T2F3HyoSn2H+0ZPYKszxXAgq/gS9I
65EPPhAvD9Rh7WNH0cg9XpyIFPGOIQekcxnZ5VcW/arX5N+GxHwz4i/zAWjHP6EV
pa52lDr2pvku/Q4J0IHrgJ05+rJQyLRGD1meYFVzQtHszJlwO8S1T4Y+58RxyLeU
25mMTsA7Be7DPADBycHW2nZHnzne6NxXdn14IIHqJMauVsrH3CnUU9jdb0dgHi72
ZzcQTCA/g5DNEHZ9gmABC5qXaRfK0oI3m8oAQHLjqhOdYJ3QiwFQy3Xggp0IAg==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org