Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1672/1DfxolHWuMOeP4QPePPMX2FNN-I.roa
File: 1DfxolHWuMOeP4QPePPMX2FNN-I.roa (raw, json)
Hash identifier: +McqOid4Z2XY/bVIyPVahZrt0HkQMU206mvgv/mHM00=
Subject key identifier: D4:37:F1:A2:51:D6:B8:C3:9E:3F:84:0F:78:F3:CC:5F:61:4D:37:E2
Certificate issuer: /CN=E06F513D8B444E79A1F584F3C29396A2C26E5F39
Certificate serial: 06DE
Authority key identifier: E0:6F:51:3D:8B:44:4E:79:A1:F5:84:F3:C2:93:96:A2:C2:6E:5F:39
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/4G9RPYtETnmh9YTzwpOWosJuXzk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1672/1DfxolHWuMOeP4QPePPMX2FNN-I.roa
Signing time: Thu 18 May 2023 07:25:50 +0000
ROA not before: Thu 18 May 2023 07:25:50 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 135386
IP address blocks: 103.212.108.0/22 maxlen: 24
139.5.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jan 2024 02:55:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1758 (0x6de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E06F513D8B444E79A1F584F3C29396A2C26E5F39
Validity
Not Before: May 18 07:25:50 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=D437F1A251D6B8C39E3F840F78F3CC5F614D37E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7d:e3:07:e7:76:ac:3c:73:bc:95:d7:db:39:
2d:e3:6b:c9:7d:ae:50:16:db:0f:c3:f0:bb:86:ad:
a8:03:e2:e6:f6:8b:db:5b:8e:92:a0:55:39:65:63:
31:ff:98:a7:e3:cd:d4:3f:5a:51:5f:81:c2:79:d3:
95:0b:29:aa:87:70:47:1a:6b:1f:9d:cd:db:f0:ae:
1c:a2:e2:95:62:3c:5a:bd:44:9a:24:e7:0b:34:40:
6a:d0:ad:bd:ea:48:11:2b:80:14:e5:3e:d0:ee:ca:
31:3e:a9:e3:a3:0f:08:4a:2f:49:02:6b:a4:8a:b1:
64:12:bc:b3:d7:e1:48:33:f5:0d:8a:9a:4e:21:97:
76:ea:e4:39:05:ac:2c:a9:ed:2a:7b:76:bb:0f:e4:
73:81:f0:df:00:f3:3e:d8:6f:ba:58:a4:3d:e6:c9:
59:97:c7:be:37:46:e9:e3:ce:35:f1:c5:7f:f4:48:
0e:09:98:1c:24:fc:87:25:a4:14:5d:3f:95:01:12:
53:a0:1a:e4:8d:ec:4c:a5:fe:12:81:e5:85:dc:32:
9f:a0:35:cf:8b:50:1f:07:e0:56:a9:73:85:cc:ea:
a3:76:6f:2d:93:6b:29:73:8b:3e:80:44:33:8e:6d:
34:12:4e:9c:11:57:d1:07:a8:40:08:12:f3:67:ab:
73:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:37:F1:A2:51:D6:B8:C3:9E:3F:84:0F:78:F3:CC:5F:61:4D:37:E2
X509v3 Authority Key Identifier:
keyid:E0:6F:51:3D:8B:44:4E:79:A1:F5:84:F3:C2:93:96:A2:C2:6E:5F:39
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1672/4G9RPYtETnmh9YTzwpOWosJuXzk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/4G9RPYtETnmh9YTzwpOWosJuXzk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1672/1DfxolHWuMOeP4QPePPMX2FNN-I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.212.108.0/22
139.5.212.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:4b:5f:5a:c6:01:47:71:aa:17:be:e3:d2:fc:e9:6d:69:25:
ae:54:58:82:72:df:c4:50:71:72:22:97:8a:56:5f:d0:99:a4:
71:94:41:97:27:b3:8a:b7:56:6b:45:59:0c:d9:da:31:65:e0:
9d:26:bb:83:b6:e9:e5:13:fb:50:83:09:64:63:68:ef:d5:7b:
0f:e5:bf:68:6b:2d:45:1e:c9:36:32:d8:65:3a:d0:13:85:98:
7c:e8:75:0d:95:d1:ba:67:1c:41:15:7d:ed:3e:bd:6e:19:61:
07:2b:75:89:b5:7b:fb:af:94:08:d0:fd:55:0c:ee:32:4d:a8:
f8:09:dc:ee:57:06:3d:05:f4:b6:c4:82:de:82:ed:52:10:15:
88:ae:d6:a8:52:bf:87:79:fa:31:57:20:6a:89:64:4f:37:e4:
a7:df:ec:0d:79:42:84:51:44:69:38:ff:3a:67:3a:72:9d:c0:
89:41:9a:d5:36:d9:15:c1:f1:ca:6a:7c:fc:e3:f1:d8:ba:38:
03:2c:67:27:b4:3a:94:ba:6c:3d:cd:00:30:2f:c1:b7:36:3b:
c4:6f:b7:b4:ea:75:c5:b8:16:69:04:e8:8c:45:83:fa:73:5d:
27:e7:37:46:98:c0:5f:c5:74:96:74:bd:12:3e:20:c7:ae:d5:
0e:81:9a:91
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICBt4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTA2
RjUxM0Q4QjQ0NEU3OUExRjU4NEYzQzI5Mzk2QTJDMjZFNUYzOTAeFw0yMzA1MTgw
NzI1NTBaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKEQ0MzdGMUEyNTFENkI4
QzM5RTNGODQwRjc4RjNDQzVGNjE0RDM3RTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxfeMH53asPHO8ldfbOS3ja8l9rlAW2w/D8LuGragD4ub2i9tb
jpKgVTllYzH/mKfjzdQ/WlFfgcJ505ULKaqHcEcaax+dzdvwrhyi4pViPFq9RJok
5ws0QGrQrb3qSBErgBTlPtDuyjE+qeOjDwhKL0kCa6SKsWQSvLPX4Ugz9Q2Kmk4h
l3bq5DkFrCyp7Sp7drsP5HOB8N8A8z7Yb7pYpD3myVmXx743RunjzjXxxX/0SA4J
mBwk/IclpBRdP5UBElOgGuSN7Eyl/hKB5YXcMp+gNc+LUB8H4Fapc4XM6qN2by2T
aylziz6ARDOObTQSTpwRV9EHqEAIEvNnq3NNAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQU1DfxolHWuMOeP4QPePPMX2FNN+IwHwYDVR0jBBgwFoAU4G9RPYtETnmh9YTz
wpOWosJuXzkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY3
Mi80RzlSUFl0RVRubWg5WVR6d3BPV29zSnVYemsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzRHOVJQWXRFVG5taDlZVHp3cE9Xb3NKdVh6ay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NzIvMURmeG9sSFd1TU9l
UDRRUGVQUE1YMkZOTi1JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAmfUbAMEAosF1DANBgkqhkiG9w0BAQsFAAOCAQEATUtfWsYBR3GqF77j0vzp
bWklrlRYgnLfxFBxciKXilZf0JmkcZRBlyezirdWa0VZDNnaMWXgnSa7g7bp5RP7
UIMJZGNo79V7D+W/aGstRR7JNjLYZTrQE4WYfOh1DZXRumccQRV97T69bhlhByt1
ibV7+6+UCND9VQzuMk2o+Anc7lcGPQX0tsSC3oLtUhAViK7WqFK/h3n6MVcgaolk
Tzfkp9/sDXlChFFEaTj/Omc6cp3AiUGa1TbZFcHxymp8/OPx2Lo4AyxnJ7Q6lLps
Pc0AMC/BtzY7xG+3tOp1xbgWaQTojEWD+nNdJ+c3RpjAX8V0lnS9Ej4gx67VDoGa
kQ==
-----END CERTIFICATE-----
Generated at Fri Jan 12 03:44:08 2024 by rpki-client on console-ams.rpki-client.org