Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2785/QRHfC8dI7L9JwZ9w4DCWFioPgGw.roa
File: QRHfC8dI7L9JwZ9w4DCWFioPgGw.roa (raw, json)
Hash identifier: 2bWymcBgJVX9rqoYdT9IwQyo30HBkJA6vp+Bcr0FCm8=
Subject key identifier: 41:11:DF:0B:C7:48:EC:BF:49:C1:9F:70:E0:30:96:16:2A:0F:80:6C
Certificate issuer: /CN=DEE08F5287F669313CE6990F117401B179848AE1
Certificate serial: 15C3
Authority key identifier: DE:E0:8F:52:87:F6:69:31:3C:E6:99:0F:11:74:01:B1:79:84:8A:E1
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3uCPUof2aTE85pkPEXQBsXmEiuE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2785/QRHfC8dI7L9JwZ9w4DCWFioPgGw.roa
Signing time: Wed 13 Mar 2024 01:23:50 +0000
ROA not before: Wed 13 Mar 2024 01:23:50 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 137720
IP address blocks: 103.120.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 00:21:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5571 (0x15c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DEE08F5287F669313CE6990F117401B179848AE1
Validity
Not Before: Mar 13 01:23:50 2024 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=4111DF0BC748ECBF49C19F70E03096162A0F806C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d9:4f:59:0b:3f:79:11:8e:44:df:0e:5d:bd:
a6:5b:06:d1:27:11:db:a9:b6:b6:6a:e7:79:d0:2a:
e1:4d:d1:a3:46:87:c7:7f:44:f3:db:9b:52:42:4d:
2b:08:21:27:ad:9c:2a:09:65:5d:6f:c3:96:db:91:
8a:2e:da:75:4a:2b:cd:f9:eb:1c:c0:9f:7c:b0:dc:
13:b6:d6:85:12:77:f2:ac:34:1c:d2:d6:07:8d:3a:
59:35:d7:51:55:aa:53:32:c8:8e:b8:e6:c6:0d:68:
f0:37:d3:e1:44:7e:7a:c9:42:ba:03:41:1b:06:3b:
80:89:98:d1:9b:19:62:99:10:d6:a4:84:2b:c6:14:
11:a3:f6:a5:28:69:56:87:86:c8:b9:5a:e6:f7:63:
98:3c:4f:36:e0:ba:46:45:5f:d2:95:02:80:99:08:
63:62:44:87:cd:7b:3f:cb:fc:86:6e:e2:0a:35:df:
c1:e3:23:98:c4:1f:54:6c:d7:eb:b2:91:c9:24:c1:
3c:d0:b8:b7:7e:c2:dc:56:9f:81:02:b9:21:fe:b0:
81:1c:3a:90:18:40:c7:6d:64:9a:a4:0a:47:32:7f:
b1:1e:5b:95:83:71:7b:15:b5:d7:92:4f:78:2e:ee:
e7:ac:2f:99:cc:d6:a4:5e:ba:45:4f:61:bb:01:05:
6e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:11:DF:0B:C7:48:EC:BF:49:C1:9F:70:E0:30:96:16:2A:0F:80:6C
X509v3 Authority Key Identifier:
keyid:DE:E0:8F:52:87:F6:69:31:3C:E6:99:0F:11:74:01:B1:79:84:8A:E1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2785/3uCPUof2aTE85pkPEXQBsXmEiuE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3uCPUof2aTE85pkPEXQBsXmEiuE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2785/QRHfC8dI7L9JwZ9w4DCWFioPgGw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.96.0/24
Signature Algorithm: sha256WithRSAEncryption
e5:ba:f1:05:f3:61:50:60:f5:69:ee:d0:36:18:c3:d0:9a:cd:
f2:c3:16:e3:95:29:43:5d:4a:3c:32:05:01:43:c9:a4:fa:01:
2a:3d:92:f4:1d:82:c2:84:df:19:2f:e1:a2:8e:38:d0:3f:26:
57:fb:a1:2b:9b:5b:e5:b8:75:5d:cf:83:33:23:74:91:25:b3:
14:06:5a:d5:a9:95:ba:31:17:78:d3:3f:1f:ab:e9:56:2a:d4:
bd:ce:24:23:bd:bc:a4:36:9e:20:b7:4c:aa:8d:4b:8c:4c:6e:
7c:fc:e6:65:74:d4:2c:f8:93:f2:f0:f0:33:34:fe:15:1b:8c:
84:d8:e0:56:9b:ad:f7:9c:2d:ad:c9:76:ed:58:93:cb:0a:56:
db:0e:78:46:7c:e0:a3:a5:b8:de:40:7e:d3:09:d2:cd:aa:66:
ab:a7:67:4b:29:ae:6f:f4:f8:b0:28:80:3a:23:81:c1:9f:99:
57:bd:51:18:2e:73:de:c3:e1:e6:5f:5d:08:9d:cd:75:c5:c3:
1e:1d:3c:06:12:68:ae:4f:5f:f3:52:32:51:77:ac:9d:36:71:
6b:cb:dd:ce:a7:ad:9a:9e:23:1c:1d:a9:7f:82:86:84:b9:c4:
02:93:a3:93:11:83:30:4a:56:60:46:dd:47:0f:65:1d:d0:98:
f8:72:50:0f
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFcMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVF
MDhGNTI4N0Y2NjkzMTNDRTY5OTBGMTE3NDAxQjE3OTg0OEFFMTAeFw0yNDAzMTMw
MTIzNTBaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDQxMTFERjBCQzc0OEVD
QkY0OUMxOUY3MEUwMzA5NjE2MkEwRjgwNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC92U9ZCz95EY5E3w5dvaZbBtEnEduptrZq53nQKuFN0aNGh8d/
RPPbm1JCTSsIISetnCoJZV1vw5bbkYou2nVKK8356xzAn3yw3BO21oUSd/KsNBzS
1geNOlk111FVqlMyyI645sYNaPA30+FEfnrJQroDQRsGO4CJmNGbGWKZENakhCvG
FBGj9qUoaVaHhsi5Wub3Y5g8TzbgukZFX9KVAoCZCGNiRIfNez/L/IZu4go138Hj
I5jEH1Rs1+uykckkwTzQuLd+wtxWn4ECuSH+sIEcOpAYQMdtZJqkCkcyf7EeW5WD
cXsVtdeST3gu7uesL5nM1qReukVPYbsBBW53AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUQRHfC8dI7L9JwZ9w4DCWFioPgGwwHwYDVR0jBBgwFoAU3uCPUof2aTE85pkP
EXQBsXmEiuEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc4
NS8zdUNQVW9mMmFURTg1cGtQRVhRQnNYbUVpdUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzN1Q1BVb2YyYVRFODVwa1BFWFFCc1htRWl1RS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3ODUvUVJIZkM4ZEk3TDlK
d1o5dzREQ1dGaW9QZ0d3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGd4YDANBgkqhkiG9w0BAQsFAAOCAQEA5brxBfNhUGD1ae7QNhjD0JrN8sMW
45UpQ11KPDIFAUPJpPoBKj2S9B2CwoTfGS/hoo440D8mV/uhK5tb5bh1Xc+DMyN0
kSWzFAZa1amVujEXeNM/H6vpVirUvc4kI728pDaeILdMqo1LjExufPzmZXTULPiT
8vDwMzT+FRuMhNjgVput95wtrcl27ViTywpW2w54Rnzgo6W43kB+0wnSzapmq6dn
Symub/T4sCiAOiOBwZ+ZV71RGC5z3sPh5l9dCJ3NdcXDHh08BhJork9f81IyUXes
nTZxa8vdzqetmp4jHB2pf4KGhLnEApOjkxGDMEpWYEbdRw9lHdCY+HJQDw==
-----END CERTIFICATE-----
Generated at Tue Sep 24 01:46:28 2024 by rpki-client on console-fra.rpki-client.org