Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/p5GAXjjmGykge0j13vuR-fiPXzc.roa
File: p5GAXjjmGykge0j13vuR-fiPXzc.roa (raw, json)
Hash identifier: 0xZ8lfzfM1iN4qmV9NjtVZ2u+E5xO+r0x0N8DaUfu7c=
Subject key identifier: A7:91:80:5E:38:E6:1B:29:20:7B:48:F5:DE:FB:91:F9:F8:8F:5F:37
Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Certificate serial: 1C5E
Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/p5GAXjjmGykge0j13vuR-fiPXzc.roa
Signing time: Wed 05 Feb 2025 02:41:08 +0000
ROA not before: Wed 05 Feb 2025 02:41:08 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 132168
IP address blocks: 103.204.72.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Apr 2025 08:53:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7262 (0x1c5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Validity
Not Before: Feb 5 02:41:08 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=A791805E38E61B29207B48F5DEFB91F9F88F5F37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:c8:ac:6a:fd:73:ba:ba:ef:c7:04:d6:19:29:
e5:bb:6a:9a:dd:ad:7a:9c:30:69:da:39:cc:c5:4d:
59:b7:93:eb:9a:51:f8:13:7b:74:43:4a:43:37:e0:
2f:9d:09:39:57:9a:c7:06:d6:40:ed:eb:7b:f2:6b:
13:bb:2f:9c:b5:bf:b5:f7:35:04:6b:87:0e:40:76:
a8:17:07:66:b5:c6:b0:7f:37:2b:d4:49:3c:a8:b7:
f9:02:1f:b5:a4:85:45:df:b3:ec:a6:32:9e:0a:84:
74:6d:28:2f:a7:af:1c:94:6c:86:b8:92:c6:00:ef:
96:50:37:0a:df:4c:82:cd:b1:29:30:21:30:f1:ed:
d6:3f:07:24:b3:38:84:2f:07:30:f5:f6:0a:c7:12:
bd:56:49:e5:03:84:d3:f4:7e:b4:82:71:04:39:76:
04:aa:cd:19:48:e2:85:81:03:c4:b0:66:d4:1c:e6:
5d:9a:4c:cc:21:ca:a4:76:82:2e:bf:61:4a:1a:9a:
fc:9c:32:d8:3f:7e:9f:66:f0:91:cb:17:63:a6:df:
33:27:de:72:a1:ee:b4:7f:e3:62:14:98:4b:d8:c3:
e2:53:dd:06:3c:7a:ed:c3:a6:a2:dd:75:3b:35:f6:
a0:c9:cf:a2:17:f8:ac:77:72:b4:8f:c6:94:1e:81:
eb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:91:80:5E:38:E6:1B:29:20:7B:48:F5:DE:FB:91:F9:F8:8F:5F:37
X509v3 Authority Key Identifier:
keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/p5GAXjjmGykge0j13vuR-fiPXzc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.204.72.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:9a:23:aa:09:5c:3d:20:96:78:d7:78:0c:02:5b:ad:c9:a4:
16:5d:f9:15:ed:4e:63:50:c8:1d:05:5f:c2:2c:c7:6a:59:46:
e6:da:1b:6a:b9:96:b7:20:2d:19:66:f3:d0:ad:07:26:8a:83:
4c:d5:78:2a:24:4d:d3:68:9b:f4:6d:02:51:63:c2:5e:5a:45:
00:24:80:64:79:db:5a:f3:97:5c:5c:eb:b6:71:79:54:cd:28:
e8:a4:e9:b5:dd:4a:8c:20:ab:87:31:e4:8c:49:6c:3a:bb:ea:
3a:fd:0c:75:48:2a:63:b8:69:e9:a0:4c:81:55:88:ea:c8:86:
69:9f:96:54:62:e0:ac:a0:1e:d6:af:dc:2f:ff:bb:e1:15:d5:
25:fc:a1:64:a0:12:bd:87:2c:25:9a:ea:00:31:30:36:f0:c9:
aa:d2:eb:ac:36:6e:4e:7b:72:5b:fe:a8:5c:31:3a:32:31:f7:
1b:e6:13:54:b0:61:44:e7:75:b9:ea:0b:5e:e8:96:b8:e2:2e:
35:97:08:00:4d:d9:7e:fc:ab:50:6c:71:30:d7:d6:eb:21:e4:
f5:99:d5:05:7e:25:74:8c:86:01:2a:de:77:98:04:f2:3a:3a:
f0:94:33:4c:cc:35:09:1d:b4:72:bd:c4:c4:5a:3a:81:39:e3:
cf:42:fc:5a
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF
MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNTAyMDUw
MjQxMDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEE3OTE4MDVFMzhFNjFC
MjkyMDdCNDhGNURFRkI5MUY5Rjg4RjVGMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD3yKxq/XO6uu/HBNYZKeW7aprdrXqcMGnaOczFTVm3k+uaUfgT
e3RDSkM34C+dCTlXmscG1kDt63vyaxO7L5y1v7X3NQRrhw5AdqgXB2a1xrB/NyvU
STyot/kCH7WkhUXfs+ymMp4KhHRtKC+nrxyUbIa4ksYA75ZQNwrfTILNsSkwITDx
7dY/BySzOIQvBzD19grHEr1WSeUDhNP0frSCcQQ5dgSqzRlI4oWBA8SwZtQc5l2a
TMwhyqR2gi6/YUoamvycMtg/fp9m8JHLF2Om3zMn3nKh7rR/42IUmEvYw+JT3QY8
eu3DpqLddTs19qDJz6IX+Kx3crSPxpQegevnAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUp5GAXjjmGykge0j13vuR+fiPXzcwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q
MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4
Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvcDVHQVhqam1HeWtn
ZTBqMTN2dVItZmlQWHpjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmfMSDANBgkqhkiG9w0BAQsFAAOCAQEAp5ojqglcPSCWeNd4DAJbrcmkFl35
Fe1OY1DIHQVfwizHallG5tobarmWtyAtGWbz0K0HJoqDTNV4KiRN02ib9G0CUWPC
XlpFACSAZHnbWvOXXFzrtnF5VM0o6KTptd1KjCCrhzHkjElsOrvqOv0MdUgqY7hp
6aBMgVWI6siGaZ+WVGLgrKAe1q/cL/+74RXVJfyhZKASvYcsJZrqADEwNvDJqtLr
rDZuTntyW/6oXDE6MjH3G+YTVLBhROd1ueoLXuiWuOIuNZcIAE3ZfvyrUGxxMNfW
6yHk9ZnVBX4ldIyGASred5gE8jo68JQzTMw1CR20cr3ExFo6gTnjz0L8Wg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:08 2025 by rpki-client