Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/AolRVv85EFkDTmzgm3lL_oYrCGc.roa
File: AolRVv85EFkDTmzgm3lL_oYrCGc.roa (raw, json)
Hash identifier: Fah2YDamI2FvAA3gMqyQQHJxtYNp8470LrhxEAMEqzQ=
Subject key identifier: 02:89:51:56:FF:39:10:59:03:4E:6C:E0:9B:79:4B:FE:86:2B:08:67
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 19EE
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/AolRVv85EFkDTmzgm3lL_oYrCGc.roa
Signing time: Wed 13 Mar 2024 01:21:11 +0000
ROA not before: Wed 13 Mar 2024 01:21:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139648
IP address blocks: 103.244.116.0/22 maxlen: 24
103.244.118.0/24 maxlen: 24
103.244.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 11:20:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6638 (0x19ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: Mar 13 01:21:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=02895156FF391059034E6CE09B794BFE862B0867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:67:da:da:11:dc:d8:09:e3:1e:cc:b6:3d:72:
dd:34:8e:11:d4:6f:9e:59:66:d0:1f:7f:1d:fe:e0:
45:cc:ee:52:63:78:8b:c1:0c:ea:e2:32:e8:1f:28:
fa:1e:2b:ab:01:2a:e9:83:d2:4d:9d:a0:50:d5:be:
37:f6:48:d5:34:ae:a4:90:08:b6:fe:a7:e3:9f:d1:
64:1d:9a:11:d0:98:7d:c8:33:7b:ab:7d:a9:fe:f7:
8a:a6:e3:15:d4:cd:1e:19:4d:99:2d:25:70:ef:54:
47:6b:98:c4:85:b2:79:84:b5:a3:7f:85:49:23:44:
6f:cb:f4:79:75:98:f7:f9:5f:00:ee:62:51:f5:4b:
6e:45:15:51:9d:64:97:d3:a3:fd:4c:bb:49:fa:14:
bd:ed:d4:1c:d1:75:89:34:d9:99:a8:e9:18:78:a7:
6b:5d:45:6a:27:48:d3:22:db:22:48:a5:64:3b:ac:
6a:0f:fc:b5:2a:c0:be:ac:5f:c4:ae:72:6f:a5:14:
7e:ae:a6:9b:05:60:77:c4:4b:a6:08:ee:e7:57:fb:
95:cd:36:a0:4c:da:ef:b9:44:54:18:34:e9:f0:14:
10:81:a4:cf:c5:da:61:7d:47:4f:3b:af:94:71:78:
a1:1a:ce:16:b1:d9:ef:b3:c5:1c:ad:1c:cd:4f:ea:
ed:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:89:51:56:FF:39:10:59:03:4E:6C:E0:9B:79:4B:FE:86:2B:08:67
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/AolRVv85EFkDTmzgm3lL_oYrCGc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.244.116.0/22
Signature Algorithm: sha256WithRSAEncryption
59:88:fc:01:54:3d:65:e6:b9:51:3c:c0:b0:fe:27:ac:ad:38:
0f:2a:9a:07:1c:4d:e9:c2:73:69:a1:05:ef:c9:e3:b0:3f:ad:
ff:bd:b7:e1:c3:8d:43:45:69:68:d4:2f:30:39:3b:bc:05:08:
af:16:fe:6c:7d:35:26:11:a4:76:19:94:46:5b:58:4c:ae:95:
11:a7:58:53:43:e8:e4:85:31:0b:df:15:ed:be:3d:9a:8d:4c:
0d:f8:63:15:f3:03:78:ba:01:70:35:8f:4b:b3:31:ff:59:7b:
9b:cb:7d:e0:01:4d:67:70:ac:f7:59:eb:1b:62:3c:d3:2c:c3:
69:ee:18:c7:56:13:8b:be:af:f2:a5:c9:be:31:fb:b5:5b:83:
60:47:49:12:05:6f:7f:86:93:5b:7c:43:9c:9c:2c:50:51:b9:
32:f6:a3:40:36:a4:eb:43:72:c3:a3:57:b2:f6:dd:e6:50:d8:
9a:71:54:2a:ef:a0:d6:6e:d4:aa:65:ec:05:39:5f:5c:de:8a:
bf:46:6a:0c:b7:4f:6b:68:59:0d:bd:a7:de:21:d5:07:4c:10:
07:8b:2b:8c:6b:26:fe:09:85:b6:61:fc:60:89:2c:80:c1:36:
ae:b6:8b:2a:ec:f9:a9:7a:91:ef:9b:66:d7:d2:21:a9:32:7f:
2d:00:5c:dd
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICGe4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDAzMTMw
MTIxMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAyODk1MTU2RkYzOTEw
NTkwMzRFNkNFMDlCNzk0QkZFODYyQjA4NjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBZ9raEdzYCeMezLY9ct00jhHUb55ZZtAffx3+4EXM7lJjeIvB
DOriMugfKPoeK6sBKumD0k2doFDVvjf2SNU0rqSQCLb+p+Of0WQdmhHQmH3IM3ur
fan+94qm4xXUzR4ZTZktJXDvVEdrmMSFsnmEtaN/hUkjRG/L9Hl1mPf5XwDuYlH1
S25FFVGdZJfTo/1Mu0n6FL3t1BzRdYk02Zmo6Rh4p2tdRWonSNMi2yJIpWQ7rGoP
/LUqwL6sX8Sucm+lFH6uppsFYHfES6YI7udX+5XNNqBM2u+5RFQYNOnwFBCBpM/F
2mF9R087r5RxeKEazhax2e+zxRytHM1P6u0dAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUAolRVv85EFkDTmzgm3lL/oYrCGcwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvQW9sUlZ2ODVFRmtE
VG16Z20zbExfb1lyQ0djLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmf0dDANBgkqhkiG9w0BAQsFAAOCAQEAWYj8AVQ9Zea5UTzAsP4nrK04Dyqa
BxxN6cJzaaEF78njsD+t/7234cONQ0VpaNQvMDk7vAUIrxb+bH01JhGkdhmURltY
TK6VEadYU0Po5IUxC98V7b49mo1MDfhjFfMDeLoBcDWPS7Mx/1l7m8t94AFNZ3Cs
91nrG2I80yzDae4Yx1YTi76v8qXJvjH7tVuDYEdJEgVvf4aTW3xDnJwsUFG5Mvaj
QDak60Nyw6NXsvbd5lDYmnFUKu+g1m7UqmXsBTlfXN6Kv0ZqDLdPa2hZDb2n3iHV
B0wQB4srjGsm/gmFtmH8YIksgME2rraLKuz5qXqR75tm19IhqTJ/LQBc3Q==
-----END CERTIFICATE-----
Generated at Thu Sep 12 12:52:45 2024 by rpki-client on console-fra.rpki-client.org