Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/rpesLR9kx-cKms_j4ci7XDYvLnM.roa
File: rpesLR9kx-cKms_j4ci7XDYvLnM.roa (raw, json)
Hash identifier: 91G060A6GZG3c6dN8TMG8PttzaqoRlUBM9kQe+hyKwk=
Subject key identifier: AE:97:AC:2D:1F:64:C7:E7:0A:9A:CF:E3:E1:C8:BB:5C:36:2F:2E:73
Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708
Certificate serial: 1459
Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/rpesLR9kx-cKms_j4ci7XDYvLnM.roa
Signing time: Tue 14 Nov 2023 13:27:11 +0000
ROA not before: Tue 14 Nov 2023 13:27:11 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 137718
IP address blocks: 103.159.142.0/23 maxlen: 24
118.145.128.0/17 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5209 (0x1459)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708
Validity
Not Before: Nov 14 13:27:11 2023 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=AE97AC2D1F64C7E70A9ACFE3E1C8BB5C362F2E73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:61:0d:e0:b3:54:71:ad:1f:83:89:fb:66:30:
e6:be:22:17:9a:05:1d:11:0f:d0:ac:51:a9:a9:44:
76:ff:03:9d:12:6b:bf:43:6c:fb:65:14:d1:dc:58:
06:75:8b:7c:8b:91:bc:55:71:bc:fc:b6:2b:cf:93:
0f:93:dc:ab:e4:14:f3:04:fd:2f:df:6c:19:7d:3e:
c2:79:e3:e8:75:f8:e0:78:d9:33:51:a2:90:a1:b7:
5d:a7:40:f8:ad:21:fb:08:a2:37:8d:3d:f1:9a:ed:
65:8f:33:2c:20:f1:30:b5:0f:b6:8e:f4:05:ff:ae:
65:3b:eb:c7:4f:96:f4:0a:ef:94:66:42:f6:9a:92:
ae:4c:f8:96:70:e3:1c:83:6e:a4:73:67:32:a0:7d:
f7:77:87:f9:fa:bb:0b:8b:6e:84:1a:7a:87:7f:29:
c7:6e:bf:ff:10:1c:15:0b:b4:2d:84:f3:4b:22:55:
19:33:0f:3e:95:28:85:11:38:8f:cf:51:2a:f8:8b:
e3:4f:8d:d0:88:72:3b:63:c9:f9:c5:66:8f:a4:f8:
a9:63:95:43:12:6c:df:fe:d2:4e:a6:12:c2:03:f9:
f4:61:b2:f5:f6:4c:1e:65:18:28:43:55:c0:c4:4d:
6e:f1:8b:10:9c:d7:6f:cd:3b:68:52:3f:4e:b9:7a:
1f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:97:AC:2D:1F:64:C7:E7:0A:9A:CF:E3:E1:C8:BB:5C:36:2F:2E:73
X509v3 Authority Key Identifier:
keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/rpesLR9kx-cKms_j4ci7XDYvLnM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.142.0/23
118.145.128.0/17
Signature Algorithm: sha256WithRSAEncryption
5d:4d:f2:92:55:b3:12:eb:52:ae:8a:d7:59:b8:fe:06:39:52:
c8:6b:97:70:54:cf:20:d0:26:3b:45:66:22:86:6f:41:5c:fe:
57:79:95:cf:48:f6:a4:a2:11:7f:89:dc:b5:21:b8:31:1e:6a:
56:30:c8:7f:97:96:5e:01:b4:76:e2:e2:f0:57:9e:48:9a:86:
b3:63:f5:d1:fb:a9:c7:2c:e1:63:2e:33:5c:13:e6:13:35:ca:
dd:ab:80:5b:2a:1e:58:24:20:9b:4c:e5:d6:87:2a:a9:9a:76:
4e:d2:fc:7e:04:6f:9b:ac:21:1b:20:11:fb:f2:f5:cd:c3:bd:
18:4c:80:49:85:24:b9:5f:4f:e0:94:2b:65:91:a7:e1:2c:e7:
d8:01:32:2a:fc:bf:aa:5a:7f:1e:98:87:31:5e:78:b7:8f:e5:
a8:d4:d3:56:59:cf:62:67:8e:f7:4f:72:86:f3:5b:f3:7f:32:
54:ee:2a:65:c4:e8:45:04:10:19:9e:9d:3c:20:dc:e6:e4:fb:
a2:66:da:57:3b:17:64:7e:30:6f:3d:06:ec:05:2c:0b:32:06:
1e:1f:c7:f4:da:1f:82:41:43:7f:32:77:c7:b4:7a:dd:42:1f:
8a:05:e5:eb:77:5c:a2:80:49:7d:a1:fd:3b:fc:2d:01:1a:eb:
66:a5:72:5e
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICFFkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4
QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yMzExMTQx
MzI3MTFaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKEFFOTdBQzJEMUY2NEM3
RTcwQTlBQ0ZFM0UxQzhCQjVDMzYyRjJFNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKYQ3gs1RxrR+DiftmMOa+IheaBR0RD9CsUampRHb/A50Sa79D
bPtlFNHcWAZ1i3yLkbxVcbz8tivPkw+T3KvkFPME/S/fbBl9PsJ54+h1+OB42TNR
opCht12nQPitIfsIojeNPfGa7WWPMywg8TC1D7aO9AX/rmU768dPlvQK75RmQvaa
kq5M+JZw4xyDbqRzZzKgffd3h/n6uwuLboQaeod/Kcduv/8QHBULtC2E80siVRkz
Dz6VKIUROI/PUSr4i+NPjdCIcjtjyfnFZo+k+KljlUMSbN/+0k6mEsID+fRhsvX2
TB5lGChDVcDETW7xixCc12/NO2hSP065eh/NAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUrpesLR9kx+cKms/j4ci7XDYvLnMwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw
dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvcnBlc0xSOWt4LWNL
bXNfajRjaTdYRFl2TG5NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAWefjgMEB3aRgDANBgkqhkiG9w0BAQsFAAOCAQEAXU3yklWzEutSrorXWbj+
BjlSyGuXcFTPINAmO0VmIoZvQVz+V3mVz0j2pKIRf4nctSG4MR5qVjDIf5eWXgG0
duLi8FeeSJqGs2P10fupxyzhYy4zXBPmEzXK3auAWyoeWCQgm0zl1ocqqZp2TtL8
fgRvm6whGyAR+/L1zcO9GEyASYUkuV9P4JQrZZGn4Szn2AEyKvy/qlp/HpiHMV54
t4/lqNTTVlnPYmeO909yhvNb838yVO4qZcToRQQQGZ6dPCDc5uT7ombaVzsXZH4w
bz0G7AUsCzIGHh/H9NofgkFDfzJ3x7R63UIfigXl63dcooBJfaH9O/wtARrrZqVy
Xg==
-----END CERTIFICATE-----
Generated at Tue Nov 14 14:39:27 2023 by rpki-client on console-fra.rpki-client.org