Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2671/_gw9-BJWYO5_u44i7yNIJgm_XkQ.roa
File: _gw9-BJWYO5_u44i7yNIJgm_XkQ.roa (raw, json)
Hash identifier: XC5zIr49HsEOCkffO/vbkMh8alipCyTDk3WXVV5X0Zw=
Subject key identifier: FE:0C:3D:F8:12:56:60:EE:7F:BB:8E:22:EF:23:48:26:09:BF:5E:44
Certificate issuer: /CN=DD58B8DEE77B8AFE6E291A5B8205B1313169784F
Certificate serial: 13DC
Authority key identifier: DD:58:B8:DE:E7:7B:8A:FE:6E:29:1A:5B:82:05:B1:31:31:69:78:4F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3Vi43ud7iv5uKRpbggWxMTFpeE8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/_gw9-BJWYO5_u44i7yNIJgm_XkQ.roa
Signing time: Wed 20 Sep 2023 15:34:24 +0000
ROA not before: Wed 20 Sep 2023 15:34:24 +0000
ROA not after: Tue 17 Sep 2024 08:06:57 +0000
asID: 62387
IP address blocks: 103.108.164.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Sep 2024 08:19:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5084 (0x13dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DD58B8DEE77B8AFE6E291A5B8205B1313169784F
Validity
Not Before: Sep 20 15:34:24 2023 GMT
Not After : Sep 17 08:06:57 2024 GMT
Subject: CN=FE0C3DF8125660EE7FBB8E22EF23482609BF5E44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4a:9e:3b:6f:9c:7e:97:2c:2b:b8:e3:b3:5b:
ee:80:e0:b0:68:3b:9c:a4:78:0d:4d:30:83:59:46:
81:dd:fb:7b:b9:fb:74:81:e0:55:24:2a:ad:cc:14:
5b:a2:54:e5:90:0d:db:ba:f4:03:ae:f3:17:6e:00:
aa:b9:31:f4:8e:a4:1d:7d:39:25:ac:49:09:15:65:
cf:b5:4f:1e:3d:58:fa:2b:8c:54:25:84:7c:16:30:
7e:59:b8:ea:eb:27:79:bc:7b:82:37:30:0c:70:4b:
66:c3:20:4a:e8:1a:eb:0a:c1:3f:17:72:16:f2:c5:
a8:24:6f:d8:7b:99:ee:3d:46:e4:da:4b:e0:db:dd:
78:71:48:33:e1:00:f8:a8:80:a7:57:21:74:3a:ba:
92:47:bb:13:99:f3:3f:a7:fe:4c:74:7e:52:53:78:
0b:70:b3:4b:c9:96:d2:07:22:34:f8:30:2e:86:4c:
83:6e:54:99:db:fa:88:fb:f8:95:ad:cf:d4:dc:02:
7a:5a:c6:41:70:30:ef:a5:26:fc:eb:65:d4:73:3e:
3e:b8:54:dc:a0:eb:32:b9:aa:f1:b7:7d:5f:24:11:
32:e1:12:a5:31:6a:24:89:ba:8f:96:36:4f:28:12:
ec:5b:a9:6d:9c:26:13:f6:2e:e7:76:cd:3f:ef:86:
db:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:0C:3D:F8:12:56:60:EE:7F:BB:8E:22:EF:23:48:26:09:BF:5E:44
X509v3 Authority Key Identifier:
keyid:DD:58:B8:DE:E7:7B:8A:FE:6E:29:1A:5B:82:05:B1:31:31:69:78:4F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/3Vi43ud7iv5uKRpbggWxMTFpeE8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3Vi43ud7iv5uKRpbggWxMTFpeE8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/_gw9-BJWYO5_u44i7yNIJgm_XkQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.108.164.0/22
Signature Algorithm: sha256WithRSAEncryption
63:c9:59:a5:54:18:19:12:ff:67:9e:92:57:b8:0f:57:fa:69:
15:09:67:97:59:b6:3a:47:80:92:be:0f:d7:26:be:36:47:d2:
46:64:4d:d0:10:e8:49:84:a9:fa:f5:14:16:18:77:c0:74:af:
61:15:9c:d9:41:dc:79:dd:81:67:55:73:b0:58:72:00:88:52:
3f:28:17:3b:ac:1c:cb:40:ff:a6:41:9c:3a:96:63:d0:f7:66:
81:48:c9:db:13:ad:dd:5a:de:b4:53:a7:53:a6:1c:05:9f:b4:
a7:f3:d3:97:84:76:a8:92:49:9b:52:ca:4b:23:0c:54:b8:9c:
79:b9:b7:fc:86:b2:48:9d:14:16:71:1f:8f:b5:82:38:01:6d:
3b:24:39:c9:db:8d:0a:65:6e:ad:0b:c3:f6:26:d1:3b:29:7a:
e0:80:be:52:53:c6:f8:c9:30:09:6d:69:8d:35:d7:1c:1c:da:
e5:9e:1a:b5:ee:f1:61:63:09:37:c0:8b:92:f4:fe:a3:4c:22:
41:af:06:24:41:c0:64:d3:e5:53:8a:b3:01:61:76:61:0f:a8:
ae:3f:98:27:72:00:37:97:0d:d2:cc:6d:1e:51:2e:dc:07:e4:
30:07:c9:2c:a2:c1:3b:8d:98:c4:72:6f:a7:5c:6e:b1:fa:c5:
9d:53:bb:69
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICE9wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREQ1
OEI4REVFNzdCOEFGRTZFMjkxQTVCODIwNUIxMzEzMTY5Nzg0RjAeFw0yMzA5MjAx
NTM0MjRaFw0yNDA5MTcwODA2NTdaMDMxMTAvBgNVBAMTKEZFMEMzREY4MTI1NjYw
RUU3RkJCOEUyMkVGMjM0ODI2MDlCRjVFNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTSp47b5x+lywruOOzW+6A4LBoO5ykeA1NMINZRoHd+3u5+3SB
4FUkKq3MFFuiVOWQDdu69AOu8xduAKq5MfSOpB19OSWsSQkVZc+1Tx49WPorjFQl
hHwWMH5ZuOrrJ3m8e4I3MAxwS2bDIEroGusKwT8Xchbyxagkb9h7me49RuTaS+Db
3XhxSDPhAPiogKdXIXQ6upJHuxOZ8z+n/kx0flJTeAtws0vJltIHIjT4MC6GTINu
VJnb+oj7+JWtz9TcAnpaxkFwMO+lJvzrZdRzPj64VNyg6zK5qvG3fV8kETLhEqUx
aiSJuo+WNk8oEuxbqW2cJhP2Lud2zT/vhtt5AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU/gw9+BJWYO5/u44i7yNIJgm/XkQwHwYDVR0jBBgwFoAU3Vi43ud7iv5uKRpb
ggWxMTFpeE8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3
MS8zVmk0M3VkN2l2NXVLUnBiZ2dXeE1URnBlRTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzNWaTQzdWQ3aXY1dUtScGJnZ1d4TVRGcGVFOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzEvX2d3OS1CSldZTzVf
dTQ0aTd5TklKZ21fWGtRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdspDANBgkqhkiG9w0BAQsFAAOCAQEAY8lZpVQYGRL/Z56SV7gPV/ppFQln
l1m2OkeAkr4P1ya+NkfSRmRN0BDoSYSp+vUUFhh3wHSvYRWc2UHced2BZ1VzsFhy
AIhSPygXO6wcy0D/pkGcOpZj0PdmgUjJ2xOt3VretFOnU6YcBZ+0p/PTl4R2qJJJ
m1LKSyMMVLicebm3/IaySJ0UFnEfj7WCOAFtOyQ5yduNCmVurQvD9ibROyl64IC+
UlPG+MkwCW1pjTXXHBza5Z4ate7xYWMJN8CLkvT+o0wiQa8GJEHAZNPlU4qzAWF2
YQ+orj+YJ3IAN5cN0sxtHlEu3AfkMAfJLKLBO42YxHJvp1xusfrFnVO7aQ==
-----END CERTIFICATE-----
Generated at Tue Sep 3 09:41:53 2024 by rpki-client on console-fra.rpki-client.org