Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/mjw9ELTVh9an8X9oaqIDNUNl6Ho.roa
File: mjw9ELTVh9an8X9oaqIDNUNl6Ho.roa (raw, json)
Hash identifier: ja2bafLi43vHxKD2efuI2L8KkgQCkJL/rMa/e4q0grA=
Subject key identifier: 9A:3C:3D:10:B4:D5:87:D6:A7:F1:7F:68:6A:A2:03:35:43:65:E8:7A
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 1147
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/mjw9ELTVh9an8X9oaqIDNUNl6Ho.roa
Signing time: Wed 24 May 2023 03:53:33 +0000
ROA not before: Wed 24 May 2023 03:53:33 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 58466
IP address blocks: 42.240.128.0/20 maxlen: 20
42.240.144.0/20 maxlen: 20
42.240.160.0/20 maxlen: 20
106.75.128.0/20 maxlen: 20
106.75.144.0/20 maxlen: 20
106.75.160.0/20 maxlen: 20
106.75.176.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4423 (0x1147)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: May 24 03:53:33 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=9A3C3D10B4D587D6A7F17F686AA203354365E87A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:cd:29:d0:dc:45:6d:1f:66:4b:ab:32:6d:8d:
d7:a4:5d:d0:ab:ef:d9:9f:7b:49:7e:bf:5d:4f:8c:
00:9b:bf:c8:13:74:44:ae:61:f9:b0:70:b4:42:ed:
64:5d:f1:35:70:ca:3a:c6:49:03:56:34:ee:98:bf:
ad:50:c9:78:b1:11:77:95:dc:13:30:8e:9a:63:75:
f2:86:9e:98:bc:60:b4:75:9e:be:f3:ea:58:6d:80:
99:c9:58:72:ef:1d:04:f4:7c:6c:68:8b:d1:26:3d:
32:6c:71:0c:24:78:fa:e5:9a:e9:52:c8:d4:1c:0d:
fb:2c:7e:15:fa:ff:e5:33:ff:d4:dc:a0:4f:26:ee:
2b:20:2b:c5:0b:9d:fb:69:38:36:e5:b5:68:c4:e3:
f2:eb:d3:af:e0:7e:a9:5a:c5:a6:42:2b:46:0f:45:
33:67:e6:0f:f9:41:72:b4:ee:1a:f0:55:b8:f5:4f:
16:d5:7c:f0:a2:01:5d:4d:c5:ba:eb:36:22:20:48:
fa:f1:63:ca:cf:00:64:ba:08:39:75:23:a9:42:44:
ca:bb:1a:c5:0e:4b:29:a2:a1:38:65:66:ce:ce:b1:
27:a8:e4:ba:1c:d8:84:c3:29:24:01:aa:4a:09:6d:
b8:48:73:82:23:27:a8:ae:2f:95:85:65:02:91:73:
88:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:3C:3D:10:B4:D5:87:D6:A7:F1:7F:68:6A:A2:03:35:43:65:E8:7A
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/mjw9ELTVh9an8X9oaqIDNUNl6Ho.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
42.240.128.0-42.240.175.255
106.75.128.0/18
Signature Algorithm: sha256WithRSAEncryption
25:97:38:4d:08:7d:cc:72:53:57:4a:56:9a:00:fd:ba:e8:cf:
bc:15:b9:38:36:66:d9:e4:0d:60:b4:52:c9:f8:44:81:72:04:
d8:a3:e3:13:c2:b1:d0:0d:e9:b1:14:b1:01:68:7d:5e:0b:b4:
2f:8b:91:f2:d1:e0:0f:9f:7b:7e:1a:13:a2:4d:04:ce:f5:4d:
71:83:1b:cd:eb:cc:54:c7:36:da:dd:4f:f4:8c:1e:37:5f:55:
6a:40:8d:31:24:14:9d:b9:ce:50:74:ee:98:f8:64:04:92:7f:
ad:2f:73:99:ab:1a:4b:3e:e9:84:e8:a6:e0:56:2e:fd:db:07:
79:d3:96:5e:f8:77:3e:6e:80:86:5f:ac:2a:99:ae:b3:58:3f:
9f:d9:ba:a6:ec:51:bf:05:c3:a0:46:62:5c:3c:bd:bd:fd:4b:
ad:fa:51:7c:5e:fd:75:0d:a6:47:61:55:c7:60:40:49:08:30:
9c:e2:88:5d:b1:fb:b0:87:dc:2e:af:2a:67:2e:0a:80:4b:47:
76:88:be:a4:4b:5b:e3:96:0e:d1:b1:42:8f:b9:a9:e8:51:1c:
4b:6e:b4:43:12:76:24:74:37:3f:a1:14:97:6f:a6:ee:99:cf:
a1:2a:be:26:41:63:64:23:9d:20:9c:17:09:3a:6a:e4:5e:aa:
66:25:e8:f7
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgICEUcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yMzA1MjQw
MzUzMzNaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDlBM0MzRDEwQjRENTg3
RDZBN0YxN0Y2ODZBQTIwMzM1NDM2NUU4N0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYzSnQ3EVtH2ZLqzJtjdekXdCr79mfe0l+v11PjACbv8gTdESu
YfmwcLRC7WRd8TVwyjrGSQNWNO6Yv61QyXixEXeV3BMwjppjdfKGnpi8YLR1nr7z
6lhtgJnJWHLvHQT0fGxoi9EmPTJscQwkePrlmulSyNQcDfssfhX6/+Uz/9TcoE8m
7isgK8ULnftpODbltWjE4/Lr06/gfqlaxaZCK0YPRTNn5g/5QXK07hrwVbj1TxbV
fPCiAV1NxbrrNiIgSPrxY8rPAGS6CDl1I6lCRMq7GsUOSymioThlZs7OsSeo5Loc
2ITDKSQBqkoJbbhIc4IjJ6iuL5WFZQKRc4grAgMBAAGjggH/MIIB+zAdBgNVHQ4E
FgQUmjw9ELTVh9an8X9oaqIDNUNl6HowHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L21qdzlFTFRWaDlhbjhY
OW9hcUlETlVObDZIby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQw
DAMEByrwgAMEBCrwoAMEBmpLgDANBgkqhkiG9w0BAQsFAAOCAQEAJZc4TQh9zHJT
V0pWmgD9uujPvBW5ODZm2eQNYLRSyfhEgXIE2KPjE8Kx0A3psRSxAWh9Xgu0L4uR
8tHgD597fhoTok0EzvVNcYMbzevMVMc22t1P9IweN19VakCNMSQUnbnOUHTumPhk
BJJ/rS9zmasaSz7phOim4FYu/dsHedOWXvh3Pm6Ahl+sKpmus1g/n9m6puxRvwXD
oEZiXDy9vf1LrfpRfF79dQ2mR2FVx2BASQgwnOKIXbH7sIfcLq8qZy4KgEtHdoi+
pEtb45YO0bFCj7mp6FEcS260QxJ2JHQ3P6EUl2+m7pnPoSq+JkFjZCOdIJwXCTpq
5F6qZiXo9w==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org