Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/ivPuJwSaBZpPbxweO6hEOsKyvBc.roa
File: ivPuJwSaBZpPbxweO6hEOsKyvBc.roa (raw, json)
Hash identifier: TlVYiyH3dodLNFmtv8RRcYy4rP0m4BE5/1JkPq4UYt8=
Subject key identifier: 8A:F3:EE:27:04:9A:05:9A:4F:6F:1C:1E:3B:A8:44:3A:C2:B2:BC:17
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 1143
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/ivPuJwSaBZpPbxweO6hEOsKyvBc.roa
Signing time: Wed 24 May 2023 03:53:32 +0000
ROA not before: Wed 24 May 2023 03:53:32 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 23724
IP address blocks: 106.75.0.0/19 maxlen: 19
106.75.32.0/19 maxlen: 19
106.75.64.0/19 maxlen: 19
106.75.96.0/19 maxlen: 19
117.50.0.0/19 maxlen: 19
117.50.32.0/19 maxlen: 19
117.50.64.0/19 maxlen: 19
117.50.96.0/19 maxlen: 19
117.50.128.0/19 maxlen: 19
117.50.160.0/19 maxlen: 19
117.50.192.0/19 maxlen: 19
117.50.224.0/19 maxlen: 19
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4419 (0x1143)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: May 24 03:53:32 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=8AF3EE27049A059A4F6F1C1E3BA8443AC2B2BC17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d5:ab:a4:19:d6:ed:d4:4e:6e:63:ed:d4:65:
73:2a:ab:c7:3c:58:5f:67:b5:00:fa:36:d7:08:62:
60:3e:8b:2b:1a:0f:f2:d5:c2:d2:20:4c:7d:0f:7a:
e9:de:ed:3c:01:82:38:b3:51:0a:a0:3c:e7:57:c7:
47:58:54:24:e1:1f:f8:1e:98:82:d3:ec:24:df:f2:
85:01:ff:b2:bb:67:ff:23:d6:cd:2d:ae:de:f5:92:
04:f5:ba:7c:01:a1:a6:50:45:9b:a0:25:51:dc:41:
b4:46:64:fc:8b:11:e2:2b:02:44:fa:b5:e2:0c:db:
a9:4b:5b:bb:91:55:59:70:3e:9d:cc:65:85:08:17:
c7:cc:0a:fc:e2:6d:4c:99:e3:23:b4:67:72:c9:b0:
7b:41:21:cb:92:7b:4f:ff:b6:f0:33:6e:89:25:0c:
18:bf:21:27:80:05:35:00:01:e0:6e:a6:2c:e2:85:
23:33:1b:de:01:a6:e9:2d:54:0c:23:58:cc:e7:1a:
86:84:3f:ce:ec:d9:ea:1a:b4:b9:5e:4f:28:9a:0a:
33:76:0a:66:8c:8c:ea:58:84:3d:2d:b5:8b:58:c9:
b4:38:d4:c5:35:8d:66:3a:c6:35:cb:e8:28:47:a1:
0f:1f:4d:b2:b3:5c:d0:17:02:62:10:d0:83:bb:7b:
fa:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F3:EE:27:04:9A:05:9A:4F:6F:1C:1E:3B:A8:44:3A:C2:B2:BC:17
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/ivPuJwSaBZpPbxweO6hEOsKyvBc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.75.0.0/17
117.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
78:84:7b:a5:5a:63:6d:d7:b4:13:48:11:16:49:5f:b9:7a:de:
b5:40:ea:7c:79:93:fa:16:4f:a7:b4:22:29:06:aa:95:53:54:
dd:36:a9:71:81:b9:b1:46:3f:8d:41:3c:ac:f0:fa:39:ae:01:
c1:31:77:b7:06:d6:61:2d:47:3d:e5:0a:d2:bd:aa:bc:d0:4d:
e0:27:a0:ec:b9:ab:68:71:79:ed:77:6f:22:7b:20:44:91:bc:
7f:be:2b:a7:6c:83:f3:cf:b9:ee:17:28:d6:f9:40:68:04:e5:
bb:ae:77:d5:41:4b:a3:ae:e9:0c:e8:ab:11:03:af:d2:30:e2:
e2:d7:7d:f1:04:df:48:f5:a4:87:b0:50:1f:f9:04:5d:a5:f1:
ed:2f:19:04:12:bf:89:a0:e1:64:76:d0:bc:82:51:f0:8a:14:
ee:5f:f0:d5:1a:04:82:3c:cf:69:21:45:f6:ec:9c:a5:23:c8:
ae:56:31:ce:9f:97:d0:44:4c:8f:62:68:d1:df:da:2e:64:c2:
ee:0d:67:3b:8d:61:80:af:80:91:03:6f:6d:3d:8b:e4:ff:30:
d3:66:ed:5f:1b:2e:fd:da:74:62:54:58:4c:c9:d1:45:f4:1a:
22:38:d7:a7:87:c7:72:a0:c9:d9:03:02:86:4d:10:4c:ce:c0:
d7:ad:65:a6
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICEUMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yMzA1MjQw
MzUzMzJaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDhBRjNFRTI3MDQ5QTA1
OUE0RjZGMUMxRTNCQTg0NDNBQzJCMkJDMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDk1aukGdbt1E5uY+3UZXMqq8c8WF9ntQD6NtcIYmA+iysaD/LV
wtIgTH0Peune7TwBgjizUQqgPOdXx0dYVCThH/gemILT7CTf8oUB/7K7Z/8j1s0t
rt71kgT1unwBoaZQRZugJVHcQbRGZPyLEeIrAkT6teIM26lLW7uRVVlwPp3MZYUI
F8fMCvzibUyZ4yO0Z3LJsHtBIcuSe0//tvAzboklDBi/ISeABTUAAeBupizihSMz
G94BpuktVAwjWMznGoaEP87s2eoatLleTyiaCjN2CmaMjOpYhD0ttYtYybQ41MU1
jWY6xjXL6ChHoQ8fTbKzXNAXAmIQ0IO7e/rnAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUivPuJwSaBZpPbxweO6hEOsKyvBcwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2l2UHVKd1NhQlpwUGJ4
d2VPNmhFT3NLeXZCYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJAYIKwYBBQUHAQcBAf8EFTATMBEEAgABMAsD
BAdqSwADAwB1MjANBgkqhkiG9w0BAQsFAAOCAQEAeIR7pVpjbde0E0gRFklfuXre
tUDqfHmT+hZPp7QiKQaqlVNU3TapcYG5sUY/jUE8rPD6Oa4BwTF3twbWYS1HPeUK
0r2qvNBN4Ceg7LmraHF57XdvInsgRJG8f74rp2yD88+57hco1vlAaATlu6531UFL
o67pDOirEQOv0jDi4td98QTfSPWkh7BQH/kEXaXx7S8ZBBK/iaDhZHbQvIJR8IoU
7l/w1RoEgjzPaSFF9uycpSPIrlYxzp+X0ERMj2Jo0d/aLmTC7g1nO41hgK+AkQNv
bT2L5P8w02btXxsu/dp0YlRYTMnRRfQaIjjXp4fHcqDJ2QMChk0QTM7A161lpg==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:11:40 2024 by rpki-client on console-ams.rpki-client.org