Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/QhIlqgt4tosII-Wg5hTNcKay-zk.roa
File: QhIlqgt4tosII-Wg5hTNcKay-zk.roa (raw, json)
Hash identifier: c6CZZF2DMEzD5v67aa2qkPZam5quTP/YbsP5o6LEp5A=
Subject key identifier: 42:12:25:AA:0B:78:B6:8B:08:23:E5:A0:E6:14:CD:70:A6:B2:FB:39
Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB
Certificate serial: 1618
Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/QhIlqgt4tosII-Wg5hTNcKay-zk.roa
Signing time: Fri 19 May 2023 05:54:54 +0000
ROA not before: Fri 19 May 2023 05:54:54 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 139139
IP address blocks: 103.152.186.0/24 maxlen: 24
103.152.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:23:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5656 (0x1618)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB
Validity
Not Before: May 19 05:54:54 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=421225AA0B78B68B0823E5A0E614CD70A6B2FB39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8d:78:27:c0:22:e7:13:0d:4a:30:b9:2b:df:
50:32:7e:f5:ca:96:1b:f3:b8:74:fa:fd:7a:18:74:
e0:cf:4e:51:a5:1d:f4:15:f2:03:57:27:ca:c2:c3:
df:e8:21:98:2d:ed:50:f4:e6:16:96:16:65:9e:ec:
ff:1a:a0:f1:ee:96:3f:14:01:d8:34:eb:ed:cf:76:
96:c6:00:ad:26:28:5e:26:7d:0f:9d:44:be:3a:70:
0a:f3:34:46:98:fa:80:ac:91:e4:02:99:99:b6:6f:
16:18:11:71:a7:b7:19:9a:f7:e8:46:75:4e:90:d6:
5f:21:10:05:4d:27:70:e9:4b:09:c3:ba:75:71:26:
0f:39:20:aa:f2:35:b8:49:70:9f:98:50:90:c3:61:
1e:63:10:a6:45:bd:82:d0:52:a6:1a:b8:73:eb:4d:
a4:c4:e0:b5:14:3f:0d:2e:44:0f:29:65:02:6f:ae:
b9:cb:fa:88:2b:0c:54:56:12:e5:00:2e:6f:da:a9:
88:2f:45:79:4c:4c:33:2a:4b:e8:2a:b5:6a:55:23:
85:d6:53:5c:5a:b1:f7:e6:89:88:e7:ff:1b:62:7b:
54:81:9f:49:b1:f6:a0:60:e7:28:91:06:fc:68:d4:
2c:e9:12:8f:63:85:3c:f0:88:ca:60:f5:19:1b:9d:
85:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:12:25:AA:0B:78:B6:8B:08:23:E5:A0:E6:14:CD:70:A6:B2:FB:39
X509v3 Authority Key Identifier:
keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/QhIlqgt4tosII-Wg5hTNcKay-zk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.186.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:e4:e2:43:2e:b6:4a:d0:32:80:5d:f5:e4:db:5c:d0:47:88:
91:4a:af:ae:b4:f1:fe:71:e4:b2:2b:30:66:25:74:21:a4:fa:
4a:3f:75:52:76:72:3f:8f:29:ec:fc:a9:6d:a3:17:ad:68:5a:
ff:ee:92:cf:51:d7:56:45:a0:8e:96:79:9e:4c:56:c5:43:80:
3c:69:4e:18:e0:e6:da:7c:c0:69:17:e3:ca:68:5a:0c:5d:33:
07:85:c1:e2:41:b9:41:4c:f8:96:65:86:46:88:ab:3b:3f:17:
7c:b7:07:c2:24:86:b6:a0:2b:4b:b1:ae:d7:a4:38:96:35:0b:
09:50:d1:85:6d:d6:5c:c6:42:6f:a6:62:b1:dd:7e:78:87:64:
09:44:96:42:4b:9c:07:cb:50:26:bc:01:26:d6:5d:25:69:65:
b3:05:77:ba:08:de:11:9f:e1:9c:78:89:5a:85:c1:c6:5a:62:
53:10:65:20:1e:c3:d3:67:88:1e:ab:9a:e5:8c:31:06:47:7a:
1d:ba:da:b7:5a:55:5c:22:ce:c2:0f:19:88:6a:5b:b9:e5:bf:
df:fd:7b:15:86:be:55:32:0f:bb:6a:e0:c2:51:02:d7:3c:1f:
21:18:06:23:d8:77:30:b4:c1:07:19:37:d9:6f:34:1a:f7:f5:
1b:e7:d5:0b
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFhgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy
RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yMzA1MTkw
NTU0NTRaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDQyMTIyNUFBMEI3OEI2
OEIwODIzRTVBMEU2MTRDRDcwQTZCMkZCMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1jXgnwCLnEw1KMLkr31AyfvXKlhvzuHT6/XoYdODPTlGlHfQV
8gNXJ8rCw9/oIZgt7VD05haWFmWe7P8aoPHulj8UAdg06+3PdpbGAK0mKF4mfQ+d
RL46cArzNEaY+oCskeQCmZm2bxYYEXGntxma9+hGdU6Q1l8hEAVNJ3DpSwnDunVx
Jg85IKryNbhJcJ+YUJDDYR5jEKZFvYLQUqYauHPrTaTE4LUUPw0uRA8pZQJvrrnL
+ogrDFRWEuUALm/aqYgvRXlMTDMqS+gqtWpVI4XWU1xasffmiYjn/xtie1SBn0mx
9qBg5yiRBvxo1CzpEo9jhTzwiMpg9RkbnYWtAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUQhIlqgt4tosII+Wg5hTNcKay+zkwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J
D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4
OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvUWhJbHFndDR0b3NJ
SS1XZzVoVE5jS2F5LXprLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWeYujANBgkqhkiG9w0BAQsFAAOCAQEAbeTiQy62StAygF315Ntc0EeIkUqv
rrTx/nHksiswZiV0IaT6Sj91UnZyP48p7PypbaMXrWha/+6Sz1HXVkWgjpZ5nkxW
xUOAPGlOGODm2nzAaRfjymhaDF0zB4XB4kG5QUz4lmWGRoirOz8XfLcHwiSGtqAr
S7Gu16Q4ljULCVDRhW3WXMZCb6Zisd1+eIdkCUSWQkucB8tQJrwBJtZdJWllswV3
ugjeEZ/hnHiJWoXBxlpiUxBlIB7D02eIHqua5YwxBkd6Hbrat1pVXCLOwg8ZiGpb
ueW/3/17FYa+VTIPu2rgwlEC1zwfIRgGI9h3MLTBBxk32W80Gvf1G+fVCw==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org