Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/0Xo4A_0KCyPGcvnh22K2Ym4OXzU.roa
File: 0Xo4A_0KCyPGcvnh22K2Ym4OXzU.roa (raw, json)
Hash identifier: cTz7KNVHKpr0sTgG1UXBtaqmTvp2GjtVi+r8w1icb3k=
Subject key identifier: D1:7A:38:03:FD:0A:0B:23:C6:72:F9:E1:DB:62:B6:62:6E:0E:5F:35
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: 18BD
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/0Xo4A_0KCyPGcvnh22K2Ym4OXzU.roa
Signing time: Wed 24 May 2023 03:54:03 +0000
ROA not before: Wed 24 May 2023 03:54:03 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 4816
IP address blocks: 103.39.208.0/20 maxlen: 20
103.40.240.0/20 maxlen: 20
103.44.240.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6333 (0x18bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: May 24 03:54:03 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=D17A3803FD0A0B23C672F9E1DB62B6626E0E5F35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0d:8e:58:99:96:62:69:9b:45:e3:ab:ee:a7:
af:fd:f7:36:b4:43:0e:df:67:a6:4a:5a:03:aa:20:
99:7a:7d:ec:df:38:81:bc:55:e4:cf:31:ac:9a:93:
0c:8a:36:df:02:d0:8f:25:a4:ea:3a:98:a7:a6:5d:
80:7c:40:92:74:33:93:eb:6f:ae:7c:75:ef:2e:b4:
25:0c:b0:5a:69:da:c3:6c:2a:97:c0:af:8c:d2:6f:
ec:e4:e6:cc:66:08:7f:a0:4f:fa:dd:dc:30:01:99:
27:82:0e:52:76:dc:ba:96:5d:79:31:a1:d9:d5:c0:
85:90:68:c7:2a:bb:59:cb:15:da:aa:fa:7a:20:38:
61:b2:2b:8b:80:fb:4c:20:7a:31:e2:4a:49:15:ac:
41:11:a7:35:7a:80:45:23:5e:cd:e4:f2:ef:e4:ab:
34:0b:0e:63:b7:1a:89:d6:ef:2f:f0:41:7a:ee:1e:
f3:a8:b6:93:9c:d0:56:e8:b3:55:3f:7e:ad:28:30:
72:ee:81:da:e5:dc:34:ee:64:38:6e:2e:8e:8d:5f:
fe:00:25:4a:36:46:02:a1:e4:d1:70:1f:ba:2c:d6:
a7:4c:0c:ed:23:4c:1d:d2:39:9f:08:9c:3f:2f:82:
08:15:57:cc:59:bf:d4:ad:1f:14:87:61:af:94:6f:
c6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:7A:38:03:FD:0A:0B:23:C6:72:F9:E1:DB:62:B6:62:6E:0E:5F:35
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/0Xo4A_0KCyPGcvnh22K2Ym4OXzU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.39.208.0/20
103.40.240.0/20
103.44.240.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:3f:d1:1d:1d:97:7f:d5:32:4f:66:3b:91:21:4b:83:1e:54:
7c:8e:cb:8b:48:ec:ac:54:da:d7:32:22:a1:f5:53:7a:42:d6:
3f:77:f6:00:91:72:1e:7b:08:75:93:08:a7:6e:6d:7d:48:10:
c6:e4:80:d0:31:9e:cc:e6:89:eb:8f:4a:a2:e9:71:f2:33:85:
37:cf:c7:e9:16:bf:25:f2:52:71:bb:b5:63:26:fd:87:06:58:
16:ea:14:23:ee:b5:6c:8b:4e:44:60:07:46:f4:e8:ad:cc:d6:
83:71:d4:01:7a:75:ea:49:75:d3:8f:0f:83:a5:b1:b3:f9:a3:
0e:38:a0:24:92:e6:19:d7:0c:64:df:c9:2d:f3:1f:ed:a7:2c:
17:f5:f0:7f:39:bc:19:3a:02:83:b9:ad:94:e6:2b:3f:37:70:
af:06:f2:cb:aa:f4:06:fe:ba:27:b5:65:46:f2:8b:16:d8:c7:
11:56:d5:b2:df:a8:c3:1d:f5:71:fb:cf:79:7c:15:b5:01:0d:
94:34:95:ae:85:4f:42:9c:ff:da:23:a8:97:f1:53:a9:b0:a6:
39:02:48:79:a8:9a:77:3f:67:de:5d:5d:03:dd:ed:ab:92:40:
bc:0d:cc:35:ee:89:2a:58:dc:e6:12:02:e1:38:6f:24:aa:9a:
00:ef:06:c0
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgICGL0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yMzA1MjQw
MzU0MDNaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKEQxN0EzODAzRkQwQTBC
MjNDNjcyRjlFMURCNjJCNjYyNkUwRTVGMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHDY5YmZZiaZtF46vup6/99za0Qw7fZ6ZKWgOqIJl6fezfOIG8
VeTPMayakwyKNt8C0I8lpOo6mKemXYB8QJJ0M5Prb658de8utCUMsFpp2sNsKpfA
r4zSb+zk5sxmCH+gT/rd3DABmSeCDlJ23LqWXXkxodnVwIWQaMcqu1nLFdqq+nog
OGGyK4uA+0wgejHiSkkVrEERpzV6gEUjXs3k8u/kqzQLDmO3GonW7y/wQXruHvOo
tpOc0Fbos1U/fq0oMHLugdrl3DTuZDhuLo6NX/4AJUo2RgKh5NFwH7os1qdMDO0j
TB3SOZ8InD8vgggVV8xZv9StHxSHYa+Ub8aVAgMBAAGjggH/MIIB+zAdBgNVHQ4E
FgQU0Xo4A/0KCyPGcvnh22K2Ym4OXzUwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvMFhvNEFfMEtDeVBH
Y3ZuaDIySzJZbTRPWHpVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEw
EgMEBGcn0AMEBGco8AMEBGcs8DANBgkqhkiG9w0BAQsFAAOCAQEAPj/RHR2Xf9Uy
T2Y7kSFLgx5UfI7Li0jsrFTa1zIiofVTekLWP3f2AJFyHnsIdZMIp25tfUgQxuSA
0DGezOaJ649Koulx8jOFN8/H6Ra/JfJScbu1Yyb9hwZYFuoUI+61bItORGAHRvTo
rczWg3HUAXp16kl1048Pg6Wxs/mjDjigJJLmGdcMZN/JLfMf7acsF/Xwfzm8GToC
g7mtlOYrPzdwrwbyy6r0Bv66J7VlRvKLFtjHEVbVst+owx31cfvPeXwVtQENlDSV
roVPQpz/2iOol/FTqbCmOQJIeaiadz9n3l1dA93tq5JAvA3MNe6JKljc5hIC4Thv
JKqaAO8GwA==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org