Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/eoNudcKihcw66-GAiM1aoWrqBWA.roa
File: eoNudcKihcw66-GAiM1aoWrqBWA.roa (raw, json)
Hash identifier: WWZnrixrj58hYAW5Wrj7Uv4jvsLFYOIEBRYBv0bWWGs=
Subject key identifier: 7A:83:6E:75:C2:A2:85:CC:3A:EB:E1:80:88:CD:5A:A1:6A:EA:05:60
Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB
Certificate serial: 161A
Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/eoNudcKihcw66-GAiM1aoWrqBWA.roa
Signing time: Fri 19 May 2023 05:54:54 +0000
ROA not before: Fri 19 May 2023 05:54:54 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 139139
IP address blocks: 103.152.186.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:23:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5658 (0x161a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB
Validity
Not Before: May 19 05:54:54 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=7A836E75C2A285CC3AEBE18088CD5AA16AEA0560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:20:8d:01:21:39:77:21:bc:c3:04:a7:af:a5:
0c:d4:f1:35:d1:cf:05:6c:43:67:e4:a8:40:ff:de:
1c:6a:83:a3:b9:c2:d1:06:75:63:f0:f5:6e:e0:02:
7a:f7:9a:5c:db:97:b3:01:d1:e8:2f:cf:93:40:5e:
92:c7:46:0a:05:61:4d:47:7b:e2:e5:48:ce:37:89:
a7:f0:40:67:44:3a:46:86:99:49:a0:34:79:22:90:
27:98:6e:d9:39:06:b1:8c:d1:88:0b:0b:7c:bf:ec:
8b:38:00:12:b5:22:bc:27:2c:4e:fd:eb:40:65:be:
1a:82:e3:79:39:fb:37:dd:4e:36:54:c9:06:ca:cc:
96:0a:de:b8:0d:ff:e9:c0:4f:e4:be:33:40:05:5d:
27:77:5c:12:b2:64:58:51:b6:70:ae:c3:e5:84:79:
09:3c:5c:bc:98:c7:d0:d7:0f:47:fc:9b:b6:0e:e7:
ed:ea:6d:98:fb:9f:d1:cd:f9:38:69:b9:b3:85:47:
e1:39:eb:91:7f:fb:71:84:f9:a4:23:11:3a:18:4f:
92:42:50:b5:ad:d8:9f:93:ee:d2:d2:47:44:c9:99:
62:4e:e4:59:15:25:db:e7:88:ef:9d:39:e6:98:41:
a4:26:06:97:5f:bd:a2:84:cc:1b:53:74:fa:30:bc:
17:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:83:6E:75:C2:A2:85:CC:3A:EB:E1:80:88:CD:5A:A1:6A:EA:05:60
X509v3 Authority Key Identifier:
keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/eoNudcKihcw66-GAiM1aoWrqBWA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.186.0/23
Signature Algorithm: sha256WithRSAEncryption
54:bc:2e:c1:68:0b:98:6b:dd:3a:76:61:b7:98:e7:bb:a2:18:
93:8e:9d:46:ff:a8:ce:74:55:e5:5b:66:a4:2a:1d:cd:d9:76:
b5:99:a3:07:2b:66:ec:bf:52:03:68:32:f4:43:7b:94:5e:f2:
96:1c:e6:45:5e:57:33:6c:7c:89:29:c7:d0:ff:c3:8d:6c:e9:
56:a9:a2:8e:3d:55:50:a1:2f:05:d6:88:b5:17:ea:e2:cd:1f:
73:34:c7:8e:8a:57:7f:67:c4:53:d4:a6:54:d7:4c:a5:44:87:
5b:87:4b:53:20:37:01:3e:7b:2e:b4:75:71:46:60:b0:4d:2d:
97:7a:8a:b1:d0:8e:d9:3b:59:d1:5d:06:72:b8:99:c7:b9:18:
b1:5a:50:12:d9:17:16:9a:b0:b5:f2:5c:d0:db:7f:a0:7a:67:
21:36:8a:e6:a7:ca:b6:5b:b9:f1:07:50:da:d2:6d:5a:01:a7:
2e:ad:9f:83:96:c5:b8:bd:66:9e:75:31:37:b3:97:48:2a:33:
59:7a:95:e1:d4:88:03:75:8a:90:74:07:d2:6d:16:41:de:4f:
2c:fa:29:9c:0f:f3:85:07:af:96:e0:63:84:36:ef:94:83:cd:
66:24:c2:98:de:49:44:cb:da:50:7d:6b:c6:2f:4a:32:48:21:
d5:5a:f8:9e
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFhowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy
RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yMzA1MTkw
NTU0NTRaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDdBODM2RTc1QzJBMjg1
Q0MzQUVCRTE4MDg4Q0Q1QUExNkFFQTA1NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4II0BITl3IbzDBKevpQzU8TXRzwVsQ2fkqED/3hxqg6O5wtEG
dWPw9W7gAnr3mlzbl7MB0egvz5NAXpLHRgoFYU1He+LlSM43iafwQGdEOkaGmUmg
NHkikCeYbtk5BrGM0YgLC3y/7Is4ABK1IrwnLE7960BlvhqC43k5+zfdTjZUyQbK
zJYK3rgN/+nAT+S+M0AFXSd3XBKyZFhRtnCuw+WEeQk8XLyYx9DXD0f8m7YO5+3q
bZj7n9HN+ThpubOFR+E565F/+3GE+aQjEToYT5JCULWt2J+T7tLSR0TJmWJO5FkV
JdvniO+dOeaYQaQmBpdfvaKEzBtTdPowvBcNAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUeoNudcKihcw66+GAiM1aoWrqBWAwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J
D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4
OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvZW9OdWRjS2loY3c2
Ni1HQWlNMWFvV3JxQldBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWeYujANBgkqhkiG9w0BAQsFAAOCAQEAVLwuwWgLmGvdOnZht5jnu6IYk46d
Rv+oznRV5VtmpCodzdl2tZmjBytm7L9SA2gy9EN7lF7ylhzmRV5XM2x8iSnH0P/D
jWzpVqmijj1VUKEvBdaItRfq4s0fczTHjopXf2fEU9SmVNdMpUSHW4dLUyA3AT57
LrR1cUZgsE0tl3qKsdCO2TtZ0V0GcriZx7kYsVpQEtkXFpqwtfJc0Nt/oHpnITaK
5qfKtlu58QdQ2tJtWgGnLq2fg5bFuL1mnnUxN7OXSCozWXqV4dSIA3WKkHQH0m0W
Qd5PLPopnA/zhQevluBjhDbvlIPNZiTCmN5JRMvaUH1rxi9KMkgh1Vr4ng==
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org