Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2739/ghrgp6XFPN301DpzrjlOC2OxV1g.roa
File: ghrgp6XFPN301DpzrjlOC2OxV1g.roa (raw, json)
Hash identifier: hVFIKtr8Th7ocL1laYGtcUJX+tVn/n3z+FoYzuK0GBE=
Subject key identifier: 82:1A:E0:A7:A5:C5:3C:DD:F4:D4:3A:73:AE:39:4E:0B:63:B1:57:58
Certificate issuer: /CN=65DA61BDCA2CC0F8CA95D24D3942BC087D8C92A6
Certificate serial: 0FEB
Authority key identifier: 65:DA:61:BD:CA:2C:C0:F8:CA:95:D2:4D:39:42:BC:08:7D:8C:92:A6
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZdphvcoswPjKldJNOUK8CH2MkqY.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/ghrgp6XFPN301DpzrjlOC2OxV1g.roa
Signing time: Wed 24 May 2023 03:53:57 +0000
ROA not before: Wed 24 May 2023 03:53:57 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 131482
IP address blocks: 103.116.120.0/22 maxlen: 24
103.116.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:22:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4075 (0xfeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65DA61BDCA2CC0F8CA95D24D3942BC087D8C92A6
Validity
Not Before: May 24 03:53:57 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=821AE0A7A5C53CDDF4D43A73AE394E0B63B15758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:df:67:b6:c0:61:35:fe:de:f9:3f:52:6a:18:
30:a1:b2:85:81:c9:ef:33:fb:c2:a2:da:8e:9b:f4:
b2:09:64:27:bf:ec:e0:38:4d:24:08:e0:9d:29:4a:
f2:f6:90:b2:06:65:1b:29:08:09:b4:8a:b1:7d:38:
77:42:88:a2:77:a4:f6:f6:c3:be:1f:44:75:f0:1d:
a0:d4:3d:7c:ef:c1:91:67:74:fb:b3:4e:7d:ac:d2:
40:09:c8:c2:8b:1d:2a:7c:c5:c7:c3:98:06:23:a4:
94:a5:aa:e5:01:33:ce:2b:7f:36:86:7f:9a:38:b8:
d3:04:d6:72:f8:58:57:f0:0d:25:35:13:54:d7:dc:
30:4a:2a:95:25:0b:5e:d4:49:02:dd:d7:d3:a9:b3:
16:5c:7c:33:d6:26:86:bd:62:11:63:ce:8f:34:6e:
63:a4:43:58:9f:eb:00:d8:42:0b:52:00:3b:23:34:
18:77:db:39:32:6d:72:a7:b9:80:f3:cc:ec:de:43:
10:b4:9d:f0:89:b9:a1:a1:fb:a2:e3:ac:bd:f0:e8:
01:34:82:1f:19:fc:c8:b5:27:07:19:12:56:3c:65:
14:b4:bd:0e:0f:71:15:49:20:69:16:a0:73:68:fd:
42:c9:6f:78:d8:67:64:21:da:45:53:03:f6:78:11:
9f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:1A:E0:A7:A5:C5:3C:DD:F4:D4:3A:73:AE:39:4E:0B:63:B1:57:58
X509v3 Authority Key Identifier:
keyid:65:DA:61:BD:CA:2C:C0:F8:CA:95:D2:4D:39:42:BC:08:7D:8C:92:A6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/ZdphvcoswPjKldJNOUK8CH2MkqY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZdphvcoswPjKldJNOUK8CH2MkqY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/ghrgp6XFPN301DpzrjlOC2OxV1g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.120.0/22
Signature Algorithm: sha256WithRSAEncryption
46:bb:6b:91:8c:ef:09:5d:30:01:e2:58:1a:96:f5:cb:88:2c:
91:22:05:1a:42:a9:64:0b:ff:6e:ad:64:c4:e6:b9:cb:21:dc:
75:b9:55:d6:1c:c0:6b:c2:4a:0b:3e:65:c1:98:29:5a:67:ac:
e7:26:9a:e5:fa:4f:33:87:06:12:3e:53:8b:9e:25:3d:80:4e:
97:ce:bb:85:71:97:e6:e1:89:21:56:7f:ec:0d:8d:35:40:6d:
2d:91:4c:70:d8:10:8d:3a:69:e8:63:39:e3:c7:2f:dd:7b:f7:
7a:b3:42:6a:97:c9:d3:07:54:6d:d0:69:0c:c2:13:72:8f:c3:
26:03:71:57:65:d6:ce:43:d4:e5:70:87:30:05:23:43:b3:8f:
7c:14:2b:01:df:82:34:89:64:0a:ac:58:d4:26:a8:71:8c:3f:
4a:6d:a1:b4:57:30:95:07:0c:f2:5d:60:99:d7:e4:b5:2e:c6:
8c:f0:91:da:b1:86:7b:0e:36:26:32:26:dc:a1:0b:68:4f:e1:
1f:4a:a1:15:10:f2:d0:48:5a:ab:52:97:6b:5f:a3:63:22:cc:
c2:92:33:62:ef:b9:48:9e:1e:b4:90:ac:3e:93:db:10:d9:15:
b3:82:4b:59:d3:94:bf:0e:47:01:d8:ac:38:6b:e2:87:2c:ea:
d3:3d:3d:02
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICD+swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjVE
QTYxQkRDQTJDQzBGOENBOTVEMjREMzk0MkJDMDg3RDhDOTJBNjAeFw0yMzA1MjQw
MzUzNTdaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDgyMUFFMEE3QTVDNTND
RERGNEQ0M0E3M0FFMzk0RTBCNjNCMTU3NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDo32e2wGE1/t75P1JqGDChsoWBye8z+8Ki2o6b9LIJZCe/7OA4
TSQI4J0pSvL2kLIGZRspCAm0irF9OHdCiKJ3pPb2w74fRHXwHaDUPXzvwZFndPuz
Tn2s0kAJyMKLHSp8xcfDmAYjpJSlquUBM84rfzaGf5o4uNME1nL4WFfwDSU1E1TX
3DBKKpUlC17USQLd19OpsxZcfDPWJoa9YhFjzo80bmOkQ1if6wDYQgtSADsjNBh3
2zkybXKnuYDzzOzeQxC0nfCJuaGh+6LjrL3w6AE0gh8Z/Mi1JwcZElY8ZRS0vQ4P
cRVJIGkWoHNo/ULJb3jYZ2Qh2kVTA/Z4EZ+5AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUghrgp6XFPN301DpzrjlOC2OxV1gwHwYDVR0jBBgwFoAUZdphvcoswPjKldJN
OUK8CH2MkqYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcz
OS9aZHBodmNvc3dQaktsZEpOT1VLOENIMk1rcVkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1pkcGh2Y29zd1BqS2xkSk5PVUs4Q0gyTWtxWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MzkvZ2hyZ3A2WEZQTjMw
MURwenJqbE9DMk94VjFnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmd0eDANBgkqhkiG9w0BAQsFAAOCAQEARrtrkYzvCV0wAeJYGpb1y4gskSIF
GkKpZAv/bq1kxOa5yyHcdblV1hzAa8JKCz5lwZgpWmes5yaa5fpPM4cGEj5Ti54l
PYBOl867hXGX5uGJIVZ/7A2NNUBtLZFMcNgQjTpp6GM548cv3Xv3erNCapfJ0wdU
bdBpDMITco/DJgNxV2XWzkPU5XCHMAUjQ7OPfBQrAd+CNIlkCqxY1CaocYw/Sm2h
tFcwlQcM8l1gmdfktS7GjPCR2rGGew42JjIm3KELaE/hH0qhFRDy0Ehaq1KXa1+j
YyLMwpIzYu+5SJ4etJCsPpPbENkVs4JLWdOUvw5HAdisOGvihyzq0z09Ag==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org