Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2903/oONbK1ckYk56P5BnUZskVjKtRNs.roa
File: oONbK1ckYk56P5BnUZskVjKtRNs.roa (raw, json)
Hash identifier: Cdet8xUY+g85kItKPe6OFK4QF04QszSvLiN7n9MDHWA=
Subject key identifier: A0:E3:5B:2B:57:24:62:4E:7A:3F:90:67:51:9B:24:56:32:AD:44:DB
Certificate issuer: /CN=193519DD773C40D04F641CC44558D3461297B003
Certificate serial: 0FD4
Authority key identifier: 19:35:19:DD:77:3C:40:D0:4F:64:1C:C4:45:58:D3:46:12:97:B0:03
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/oONbK1ckYk56P5BnUZskVjKtRNs.roa
Signing time: Fri 19 May 2023 05:53:13 +0000
ROA not before: Fri 19 May 2023 05:53:13 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 131482
IP address blocks: 103.108.160.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:22:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4052 (0xfd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=193519DD773C40D04F641CC44558D3461297B003
Validity
Not Before: May 19 05:53:13 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=A0E35B2B5724624E7A3F9067519B245632AD44DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:54:e9:ef:21:04:20:65:78:82:02:ea:74:c4:
95:34:28:0d:43:98:5d:8a:7c:9f:61:53:53:7d:48:
6a:a1:d1:a0:dd:fa:99:80:6c:62:be:e7:2b:11:32:
a7:ae:84:56:f3:3d:ba:51:3a:af:3e:79:3b:59:24:
8c:db:78:aa:9d:bc:16:ee:f9:a6:55:fa:ac:3c:f8:
1c:21:92:47:d5:f9:9f:9b:d3:ff:04:04:f0:3e:fa:
aa:7b:d0:6d:ec:97:b3:1b:60:b1:63:3a:b5:e6:f3:
6b:6e:fd:94:be:0e:8c:28:a4:e3:52:fc:fe:3c:98:
78:9f:a6:33:8d:41:a8:d3:35:4c:d2:c2:9e:db:2c:
01:c4:5e:71:22:9a:89:71:db:38:b8:e1:39:21:b8:
0b:0f:f7:de:ea:6f:aa:92:cb:5b:33:96:35:a4:36:
b2:a3:8d:fd:79:a5:c3:e3:0e:3b:4a:9e:6e:c3:00:
7b:7e:c4:92:11:7f:f0:39:d9:60:50:61:73:f0:46:
62:37:80:1e:62:5d:21:1a:fc:70:1c:a8:de:6f:68:
05:4b:2a:92:e0:1a:a6:3d:91:b7:b8:e7:96:28:15:
4a:7e:a0:e2:12:5a:be:9b:56:3d:cf:55:a0:73:f2:
71:db:e8:c0:00:23:66:b7:0b:43:cb:3f:c5:fa:e5:
09:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:E3:5B:2B:57:24:62:4E:7A:3F:90:67:51:9B:24:56:32:AD:44:DB
X509v3 Authority Key Identifier:
keyid:19:35:19:DD:77:3C:40:D0:4F:64:1C:C4:45:58:D3:46:12:97:B0:03
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/oONbK1ckYk56P5BnUZskVjKtRNs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.108.160.0/22
Signature Algorithm: sha256WithRSAEncryption
19:cb:41:ec:e1:94:62:4e:a6:e0:fa:a6:24:11:f0:90:b0:1f:
9c:b3:8b:c7:9b:90:48:be:28:e7:89:19:6c:88:30:38:67:77:
ab:ef:07:8c:ac:95:bd:6d:db:ab:93:5a:cc:ce:cc:af:e4:59:
72:17:49:71:29:da:a4:a4:88:d7:d8:b1:5a:e9:19:eb:ea:a6:
70:cf:0a:40:c9:1e:10:05:35:8a:2e:bd:d4:66:c8:fa:b3:7d:
ba:5f:fa:fb:8d:b3:f9:dd:e8:48:2f:44:e1:f7:9c:54:a6:10:
5d:b6:37:7c:25:3a:18:54:ce:3c:e3:25:27:89:45:c2:2e:69:
f5:cf:82:37:7e:da:12:7c:06:7d:11:49:a1:00:04:6f:2e:44:
0d:93:82:cc:c7:04:e5:99:b5:83:4d:90:9a:a8:1f:7b:c8:f6:
6e:d8:3c:d5:a0:39:91:50:1e:58:45:5e:da:3d:2c:b6:96:5b:
f7:d4:9c:ef:ae:92:a7:cb:c7:83:36:95:f0:28:d4:01:d2:d5:
b7:54:51:b4:5f:8c:16:7d:c7:f0:53:67:fc:a3:34:c9:9d:67:
b3:0d:48:9c:0f:47:10:1f:69:bd:39:36:2a:26:e4:53:f4:5e:
b4:38:ad:f6:b1:63:15:21:bb:9e:dc:0f:11:3a:c8:ba:9a:84:
c9:cc:45:31
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICD9QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTkz
NTE5REQ3NzNDNDBEMDRGNjQxQ0M0NDU1OEQzNDYxMjk3QjAwMzAeFw0yMzA1MTkw
NTUzMTNaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKEEwRTM1QjJCNTcyNDYy
NEU3QTNGOTA2NzUxOUIyNDU2MzJBRDQ0REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzVOnvIQQgZXiCAup0xJU0KA1DmF2KfJ9hU1N9SGqh0aDd+pmA
bGK+5ysRMqeuhFbzPbpROq8+eTtZJIzbeKqdvBbu+aZV+qw8+BwhkkfV+Z+b0/8E
BPA++qp70G3sl7MbYLFjOrXm82tu/ZS+DowopONS/P48mHifpjONQajTNUzSwp7b
LAHEXnEimolx2zi44TkhuAsP997qb6qSy1szljWkNrKjjf15pcPjDjtKnm7DAHt+
xJIRf/A52WBQYXPwRmI3gB5iXSEa/HAcqN5vaAVLKpLgGqY9kbe455YoFUp+oOIS
Wr6bVj3PVaBz8nHb6MAAI2a3C0PLP8X65QnDAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUoONbK1ckYk56P5BnUZskVjKtRNswHwYDVR0jBBgwFoAUGTUZ3Xc8QNBPZBzE
RVjTRhKXsAMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjkw
My9HVFVaM1hjOFFOQlBaQnpFUlZqVFJoS1hzQU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0dUVVozWGM4UU5CUFpCekVSVmpUUmhLWHNBTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5MDMvb09OYksxY2tZazU2
UDVCblVac2tWakt0Uk5zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdsoDANBgkqhkiG9w0BAQsFAAOCAQEAGctB7OGUYk6m4PqmJBHwkLAfnLOL
x5uQSL4o54kZbIgwOGd3q+8HjKyVvW3bq5NazM7Mr+RZchdJcSnapKSI19ixWukZ
6+qmcM8KQMkeEAU1ii691GbI+rN9ul/6+42z+d3oSC9E4fecVKYQXbY3fCU6GFTO
POMlJ4lFwi5p9c+CN37aEnwGfRFJoQAEby5EDZOCzMcE5Zm1g02Qmqgfe8j2btg8
1aA5kVAeWEVe2j0stpZb99Sc766Sp8vHgzaV8CjUAdLVt1RRtF+MFn3H8FNn/KM0
yZ1nsw1InA9HEB9pvTk2KibkU/RetDit9rFjFSG7ntwPETrIupqEycxFMQ==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org