Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2890/M7Bl0QxXSfxKoWz1fhtFLHiPX7M.roa
File: M7Bl0QxXSfxKoWz1fhtFLHiPX7M.roa (raw, json)
Hash identifier: PdehPXdKPPgALmeadPI5WNvO4qwO5tGDjBTzf15lxdE=
Subject key identifier: 33:B0:65:D1:0C:57:49:FC:4A:A1:6C:F5:7E:1B:45:2C:78:8F:5F:B3
Certificate issuer: /CN=400353880B478D5B972A1204CF0651DE295F8ECA
Certificate serial: 0475
Authority key identifier: 40:03:53:88:0B:47:8D:5B:97:2A:12:04:CF:06:51:DE:29:5F:8E:CA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QANTiAtHjVuXKhIEzwZR3ilfjso.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/M7Bl0QxXSfxKoWz1fhtFLHiPX7M.roa
Signing time: Fri 13 Jan 2023 03:53:56 +0000
ROA not before: Fri 13 Jan 2023 03:53:56 +0000
ROA not after: Mon 28 Aug 2023 04:15:34 +0000
asID: 139021
IP address blocks: 103.139.2.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1141 (0x475)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=400353880B478D5B972A1204CF0651DE295F8ECA
Validity
Not Before: Jan 13 03:53:56 2023 GMT
Not After : Aug 28 04:15:34 2023 GMT
Subject: CN=33B065D10C5749FC4AA16CF57E1B452C788F5FB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d9:5c:f8:49:0d:15:3d:3c:d2:cf:72:63:0b:
77:f6:69:c1:94:02:39:68:72:36:7d:ad:e3:6b:98:
12:80:b5:92:42:36:2c:bf:09:b1:8d:b9:56:6f:0a:
81:56:67:55:aa:ed:d8:94:74:dd:e8:e4:fc:6f:79:
5d:c9:d6:56:4d:5f:4d:75:96:c6:5f:93:26:5b:73:
f0:82:f0:51:11:f0:fe:31:35:31:e2:18:a4:7a:e0:
aa:47:16:b7:28:4a:aa:ea:d4:89:67:33:8b:bb:5c:
fb:7f:15:0a:d0:a7:6e:ba:19:46:17:39:ad:ad:82:
dd:bf:a7:af:33:d0:42:10:32:b7:3a:05:6a:db:b8:
90:b7:a9:51:03:c4:8a:d2:da:de:17:12:13:21:e0:
81:60:12:2f:b3:59:e7:9d:b5:6b:c9:51:42:0d:69:
42:e8:86:98:68:ee:9a:9c:c9:4f:d0:af:68:70:e9:
f6:83:31:d9:fa:c3:de:8c:49:2c:63:1e:a2:f8:fb:
5a:d8:4f:3a:8b:cd:49:df:66:fa:56:c3:8a:95:78:
07:34:ef:aa:50:c8:2f:ef:2c:88:ef:2d:91:45:3a:
c7:d4:8a:cc:a5:8f:01:63:1e:23:03:b3:7f:44:82:
e0:9a:f7:56:2d:49:12:50:a6:89:31:d1:64:74:07:
73:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:B0:65:D1:0C:57:49:FC:4A:A1:6C:F5:7E:1B:45:2C:78:8F:5F:B3
X509v3 Authority Key Identifier:
keyid:40:03:53:88:0B:47:8D:5B:97:2A:12:04:CF:06:51:DE:29:5F:8E:CA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/QANTiAtHjVuXKhIEzwZR3ilfjso.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QANTiAtHjVuXKhIEzwZR3ilfjso.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/M7Bl0QxXSfxKoWz1fhtFLHiPX7M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.139.2.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:3e:9b:dd:a2:12:10:5b:7a:5f:8d:74:df:f3:2c:0d:4a:0a:
3f:20:3e:7c:13:1e:e8:69:17:c2:da:4a:1a:0b:b4:0e:cc:cc:
5a:53:6c:f8:ee:de:10:94:d4:e5:f5:18:bc:cf:c7:4d:85:a9:
65:7b:5b:4f:01:e5:ee:29:77:7b:0a:bf:0d:55:af:09:05:98:
03:1e:9c:5f:41:ce:c5:0e:b0:3f:41:30:93:e2:85:8b:b6:2b:
bb:8c:f8:5c:42:c6:a8:6d:5d:3a:50:a0:07:00:3e:35:14:4c:
6b:c6:98:27:61:0c:0a:ac:80:9e:a7:62:a7:aa:c2:54:1d:1f:
da:c0:ec:8d:0e:1b:d9:06:ca:85:c8:eb:05:b4:47:1b:b1:ce:
2e:3d:ea:2d:97:53:ca:45:a1:dc:f3:29:4e:f9:2b:37:ce:8a:
26:78:54:67:03:c5:a6:d1:a4:10:8f:cd:40:16:28:4d:fd:62:
6e:b6:09:10:0d:71:4f:17:57:0d:91:4b:84:d2:82:69:c1:d3:
96:bc:7b:cd:f8:b6:5b:df:64:0c:89:3e:45:02:e3:31:c4:d0:
74:a3:8b:65:32:46:85:86:49:c7:2e:17:58:08:57:c3:dc:5e:
01:8e:81:d0:d6:3c:d5:92:d7:94:20:c3:49:b0:85:a1:31:88:
94:ad:c6:44
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICBHUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDAw
MzUzODgwQjQ3OEQ1Qjk3MkExMjA0Q0YwNjUxREUyOTVGOEVDQTAeFw0yMzAxMTMw
MzUzNTZaFw0yMzA4MjgwNDE1MzRaMDMxMTAvBgNVBAMTKDMzQjA2NUQxMEM1NzQ5
RkM0QUExNkNGNTdFMUI0NTJDNzg4RjVGQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN2Vz4SQ0VPTzSz3JjC3f2acGUAjlocjZ9reNrmBKAtZJCNiy/
CbGNuVZvCoFWZ1Wq7diUdN3o5PxveV3J1lZNX011lsZfkyZbc/CC8FER8P4xNTHi
GKR64KpHFrcoSqrq1IlnM4u7XPt/FQrQp266GUYXOa2tgt2/p68z0EIQMrc6BWrb
uJC3qVEDxIrS2t4XEhMh4IFgEi+zWeedtWvJUUINaULohpho7pqcyU/Qr2hw6faD
Mdn6w96MSSxjHqL4+1rYTzqLzUnfZvpWw4qVeAc076pQyC/vLIjvLZFFOsfUisyl
jwFjHiMDs39EguCa91YtSRJQpokx0WR0B3OJAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUM7Bl0QxXSfxKoWz1fhtFLHiPX7MwHwYDVR0jBBgwFoAUQANTiAtHjVuXKhIE
zwZR3ilfjsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg5
MC9RQU5UaUF0SGpWdVhLaElFendaUjNpbGZqc28uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1FBTlRpQXRIalZ1WEtoSUV6d1pSM2lsZmpzby5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4OTAvTTdCbDBReFhTZnhL
b1d6MWZodEZMSGlQWDdNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWeLAjANBgkqhkiG9w0BAQsFAAOCAQEAjz6b3aISEFt6X4103/MsDUoKPyA+
fBMe6GkXwtpKGgu0DszMWlNs+O7eEJTU5fUYvM/HTYWpZXtbTwHl7il3ewq/DVWv
CQWYAx6cX0HOxQ6wP0Ewk+KFi7Yru4z4XELGqG1dOlCgBwA+NRRMa8aYJ2EMCqyA
nqdip6rCVB0f2sDsjQ4b2QbKhcjrBbRHG7HOLj3qLZdTykWh3PMpTvkrN86KJnhU
ZwPFptGkEI/NQBYoTf1ibrYJEA1xTxdXDZFLhNKCacHTlrx7zfi2W99kDIk+RQLj
McTQdKOLZTJGhYZJxy4XWAhXw9xeAY6B0NY81ZLXlCDDSbCFoTGIlK3GRA==
-----END CERTIFICATE-----
Generated at Mon Aug 14 04:51:52 2023 by rpki-client on console-fra.rpki-client.org