Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2841/XHiVrBBtvKouwQWJRoIbxxuO-iI.roa
File: XHiVrBBtvKouwQWJRoIbxxuO-iI.roa (raw, json)
Hash identifier: 6ypbiUgjbRc46vlLeQiNqaRoNX12peqqn4DY8OufpYM=
Subject key identifier: 5C:78:95:AC:10:6D:BC:AA:2E:C1:05:89:46:82:1B:C7:1B:8E:FA:22
Certificate issuer: /CN=51A5666D323BF842F6044CE71059773E2271B013
Certificate serial: 100C
Authority key identifier: 51:A5:66:6D:32:3B:F8:42:F6:04:4C:E7:10:59:77:3E:22:71:B0:13
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UaVmbTI7-EL2BEznEFl3PiJxsBM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/XHiVrBBtvKouwQWJRoIbxxuO-iI.roa
Signing time: Fri 19 May 2023 05:54:19 +0000
ROA not before: Fri 19 May 2023 05:54:19 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 54600
IP address blocks: 103.126.100.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:22:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4108 (0x100c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51A5666D323BF842F6044CE71059773E2271B013
Validity
Not Before: May 19 05:54:19 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=5C7895AC106DBCAA2EC1058946821BC71B8EFA22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:27:a9:9c:f0:4f:3a:9d:a2:d9:bd:7e:37:ba:
ff:98:1b:58:9b:06:5c:a8:de:3a:ba:99:6d:55:cd:
df:ef:b2:cd:36:7c:a6:d1:db:63:68:6f:ed:5a:07:
91:8f:27:6f:bd:f0:9a:d1:b4:3b:d5:b3:2e:06:88:
de:1b:73:0a:1c:33:df:d6:78:d9:aa:5a:0e:e5:e1:
c3:46:ec:16:99:65:2b:6a:8e:f5:5d:66:6d:61:b5:
75:ac:2c:02:4a:11:fd:ab:50:4c:ee:66:f2:6d:d0:
d2:8d:cc:88:89:c6:c7:95:5f:34:b9:54:bf:77:dd:
13:35:ea:38:54:24:ff:77:a4:0a:f0:cb:c3:e5:17:
de:3d:cb:ad:94:4c:00:9b:88:16:31:8b:6c:bb:c7:
85:d2:73:6b:5e:29:e6:2b:d6:d5:15:03:01:39:98:
01:3e:ea:8e:bd:33:be:6f:e3:aa:df:03:be:4c:21:
22:af:b4:0e:da:79:8c:4b:4a:a9:75:c5:79:7f:03:
30:fc:9e:e4:a1:a7:93:f6:5c:e6:da:47:81:d8:41:
59:9d:91:13:4c:61:c9:4c:cc:bb:c2:ea:ab:60:a5:
3f:35:d1:dd:53:bb:81:bb:15:ac:76:88:72:b0:ec:
07:52:49:77:11:57:9a:39:96:76:07:04:8c:12:8b:
bf:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:78:95:AC:10:6D:BC:AA:2E:C1:05:89:46:82:1B:C7:1B:8E:FA:22
X509v3 Authority Key Identifier:
keyid:51:A5:66:6D:32:3B:F8:42:F6:04:4C:E7:10:59:77:3E:22:71:B0:13
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/UaVmbTI7-EL2BEznEFl3PiJxsBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UaVmbTI7-EL2BEznEFl3PiJxsBM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/XHiVrBBtvKouwQWJRoIbxxuO-iI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.126.100.0/22
Signature Algorithm: sha256WithRSAEncryption
45:6c:e0:6f:27:9b:b6:08:10:f7:4a:73:62:b6:ae:e1:84:12:
9b:5a:47:cb:d4:fc:63:76:a2:a0:91:9d:b1:f8:c5:c1:bb:2b:
f1:f1:03:32:2f:af:e9:10:7f:af:34:4a:04:49:a9:5a:88:1f:
a6:5a:6c:a6:76:f6:ac:27:9d:70:9e:43:d4:cd:81:9e:23:aa:
19:c0:4a:9f:b4:6f:cf:f2:1b:65:9f:d9:c8:1c:68:46:cc:03:
a4:00:ba:d8:de:67:3b:0f:12:b6:68:4d:ad:e3:3e:52:55:2f:
13:19:c4:f6:49:3e:71:08:b7:a5:93:fa:1a:c6:aa:fd:41:44:
1a:32:4d:a5:79:fe:6d:43:52:5b:ac:eb:99:28:5d:a9:b2:21:
38:ba:0e:70:29:5c:1b:9f:a2:22:07:0d:d1:ec:89:c7:4f:43:
e0:77:77:a3:ba:d2:7f:8d:cd:f2:fa:c7:6d:fa:41:6c:86:2a:
3e:ff:0c:0f:f2:1e:64:ad:ba:8d:07:f7:4d:ae:cd:d9:ac:ec:
b1:07:c8:d1:da:5e:4a:e9:35:c5:6b:64:b3:df:3c:07:b7:f9:
54:41:30:8f:c6:e4:f6:3c:af:05:70:33:3b:18:c1:2b:81:07:
f7:2b:29:43:59:49:36:10:72:17:4f:d5:16:b1:2d:58:ee:22:
a7:ab:b6:07
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEAwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTFB
NTY2NkQzMjNCRjg0MkY2MDQ0Q0U3MTA1OTc3M0UyMjcxQjAxMzAeFw0yMzA1MTkw
NTU0MTlaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDVDNzg5NUFDMTA2REJD
QUEyRUMxMDU4OTQ2ODIxQkM3MUI4RUZBMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsJ6mc8E86naLZvX43uv+YG1ibBlyo3jq6mW1Vzd/vss02fKbR
22Nob+1aB5GPJ2+98JrRtDvVsy4GiN4bcwocM9/WeNmqWg7l4cNG7BaZZStqjvVd
Zm1htXWsLAJKEf2rUEzuZvJt0NKNzIiJxseVXzS5VL933RM16jhUJP93pArwy8Pl
F949y62UTACbiBYxi2y7x4XSc2teKeYr1tUVAwE5mAE+6o69M75v46rfA75MISKv
tA7aeYxLSql1xXl/AzD8nuShp5P2XObaR4HYQVmdkRNMYclMzLvC6qtgpT810d1T
u4G7Fax2iHKw7AdSSXcRV5o5lnYHBIwSi797AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUXHiVrBBtvKouwQWJRoIbxxuO+iIwHwYDVR0jBBgwFoAUUaVmbTI7+EL2BEzn
EFl3PiJxsBMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg0
MS9VYVZtYlRJNy1FTDJCRXpuRUZsM1BpSnhzQk0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1VhVm1iVEk3LUVMMkJFem5FRmwzUGlKeHNCTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4NDEvWEhpVnJCQnR2S291
d1FXSlJvSWJ4eHVPLWlJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmd+ZDANBgkqhkiG9w0BAQsFAAOCAQEARWzgbyebtggQ90pzYrau4YQSm1pH
y9T8Y3aioJGdsfjFwbsr8fEDMi+v6RB/rzRKBEmpWogfplpspnb2rCedcJ5D1M2B
niOqGcBKn7Rvz/IbZZ/ZyBxoRswDpAC62N5nOw8StmhNreM+UlUvExnE9kk+cQi3
pZP6Gsaq/UFEGjJNpXn+bUNSW6zrmShdqbIhOLoOcClcG5+iIgcN0eyJx09D4Hd3
o7rSf43N8vrHbfpBbIYqPv8MD/IeZK26jQf3Ta7N2azssQfI0dpeSuk1xWtks988
B7f5VEEwj8bk9jyvBXAzOxjBK4EH9yspQ1lJNhByF0/VFrEtWO4ip6u2Bw==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:11:40 2024 by rpki-client on console-ams.rpki-client.org