Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/iK6BwrkrYS-t5Zhn3qP9rjXkWUw.roa
File: iK6BwrkrYS-t5Zhn3qP9rjXkWUw.roa (raw, json)
Hash identifier: lQeQSEEJknb4ZxW+ek8inIMrKeRJYNEYcLWZ8GEwEC0=
Subject key identifier: 88:AE:81:C2:B9:2B:61:2F:AD:E5:98:67:DE:A3:FD:AE:35:E4:59:4C
Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98
Certificate serial: 3B
Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/iK6BwrkrYS-t5Zhn3qP9rjXkWUw.roa
Signing time: Sun 08 Oct 2023 08:25:24 +0000
ROA not before: Sun 08 Oct 2023 08:25:24 +0000
ROA not after: Fri 27 Sep 2024 02:04:21 +0000
asID: 37968
IP address blocks: 103.2.164.0/22 maxlen: 24
103.168.98.0/23 maxlen: 24
202.46.224.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Jan 2024 09:08:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59 (0x3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98
Validity
Not Before: Oct 8 08:25:24 2023 GMT
Not After : Sep 27 02:04:21 2024 GMT
Subject: CN=88AE81C2B92B612FADE59867DEA3FDAE35E4594C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:1c:f0:0f:55:59:19:13:52:ba:ac:89:ff:0e:
c0:2d:fb:b0:56:67:e7:09:f4:17:90:e6:ea:bc:f4:
c2:ab:0a:97:a7:84:80:8f:d1:22:e4:cb:1b:f2:f6:
ce:1d:52:25:43:f3:d3:2d:29:b6:87:08:0b:42:d8:
d9:14:6b:be:94:e9:67:3c:fa:bf:da:9e:c2:69:05:
18:33:ca:f9:09:3c:45:3c:40:2b:ef:ac:ed:d1:95:
36:c8:75:1c:f7:11:a4:f2:ca:00:d8:cb:a2:17:51:
81:0d:e2:39:3a:f7:56:d3:87:cd:78:56:81:59:ed:
af:87:8e:80:25:9e:85:bf:98:80:e3:f7:d2:2a:10:
52:9d:75:36:38:ce:4d:75:ca:c8:9a:49:8b:37:bc:
db:5a:c6:7e:f2:d9:19:53:b2:96:77:ce:c1:04:dd:
e7:cb:1f:98:e6:29:08:96:ef:90:f0:40:22:7e:cd:
87:4b:16:b9:c8:4e:95:14:05:12:dd:ef:ae:26:85:
86:b2:9f:a2:5d:3f:69:a5:b2:81:db:b3:9d:a1:80:
68:0e:c9:4e:c0:c1:b3:0b:d5:c9:e4:95:13:7a:99:
0b:99:4d:c1:b2:5b:c1:50:91:b5:a1:a3:7c:2a:e9:
28:a8:5d:17:17:53:4c:fc:bd:1b:6a:98:8b:55:c8:
c1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:AE:81:C2:B9:2B:61:2F:AD:E5:98:67:DE:A3:FD:AE:35:E4:59:4C
X509v3 Authority Key Identifier:
keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/iK6BwrkrYS-t5Zhn3qP9rjXkWUw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.2.164.0/22
103.168.98.0/23
202.46.224.0/20
Signature Algorithm: sha256WithRSAEncryption
7e:36:cb:ac:85:c3:00:79:8c:7d:9c:0c:29:65:fe:8c:2a:e8:
fc:33:f9:5e:fd:ff:5c:1b:44:85:f9:e0:08:2b:f6:f2:18:c2:
74:4a:f9:c4:33:44:81:6e:cf:a7:8f:38:7a:1b:3d:1e:de:db:
88:35:27:24:71:0c:0c:91:6d:5c:df:5b:b8:4b:79:c8:02:74:
45:ec:53:de:a3:e9:7a:e5:0f:68:f4:41:30:06:96:91:8a:24:
ed:85:c0:e3:f9:7d:87:67:a0:51:95:41:96:6f:7e:5a:54:6a:
da:ed:37:e9:54:68:27:b4:83:3e:33:1d:95:87:8f:ad:ed:12:
41:ba:72:86:2f:11:96:ec:0e:26:46:2c:af:0c:bf:44:cb:ef:
7a:72:11:50:cd:e9:b5:8d:38:e1:0b:aa:b1:5e:7d:b9:1e:bb:
a5:01:70:72:4f:11:af:8a:aa:d0:7f:e6:22:10:e3:e8:49:6d:
9b:f8:7b:f5:c3:01:ff:e0:49:88:27:23:17:cb:45:18:dd:75:
3d:f4:69:b8:bb:10:c2:a6:72:38:95:24:e8:ed:a4:f9:66:40:
46:c1:8b:12:6b:1b:89:9a:c7:de:03:f9:d1:b1:77:1d:fe:2c:
22:71:29:00:7e:5d:a5:79:c0:cf:cd:43:cf:e3:24:fc:c7:d6:
28:4a:9d:4f
-----BEGIN CERTIFICATE-----
MIIE4jCCA8qgAwIBAgIBOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhDQjE2
NzA3RUFGMEJERkQxMzI2QUZEOUJERUM2QUZGQTZFNjNCQTk4MB4XDTIzMTAwODA4
MjUyNFoXDTI0MDkyNzAyMDQyMVowMzExMC8GA1UEAxMoODhBRTgxQzJCOTJCNjEy
RkFERTU5ODY3REVBM0ZEQUUzNUU0NTk0QzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANQc8A9VWRkTUrqsif8OwC37sFZn5wn0F5Dm6rz0wqsKl6eEgI/R
IuTLG/L2zh1SJUPz0y0ptocIC0LY2RRrvpTpZzz6v9qewmkFGDPK+Qk8RTxAK++s
7dGVNsh1HPcRpPLKANjLohdRgQ3iOTr3VtOHzXhWgVntr4eOgCWehb+YgOP30ioQ
Up11NjjOTXXKyJpJize821rGfvLZGVOylnfOwQTd58sfmOYpCJbvkPBAIn7Nh0sW
uchOlRQFEt3vriaFhrKfol0/aaWygduznaGAaA7JTsDBswvVyeSVE3qZC5lNwbJb
wVCRtaGjfCrpKKhdFxdTTPy9G2qYi1XIwSkCAwEAAaOCAf8wggH7MB0GA1UdDgQW
BBSIroHCuSthL63lmGfeo/2uNeRZTDAfBgNVHSMEGDAWgBTLFnB+rwvf0TJq/Zve
xq/6bmO6mDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMDk1
L3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveXhad2ZxOEwzOUV5YXYyYjNzYXYtbTVqdXBnLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5NS9pSzZCd3JrcllTLXQ1
WmhuM3FQOXJqWGtXVXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATAS
AwQCZwKkAwQBZ6hiAwQEyi7gMA0GCSqGSIb3DQEBCwUAA4IBAQB+NsushcMAeYx9
nAwpZf6MKuj8M/le/f9cG0SF+eAIK/byGMJ0SvnEM0SBbs+njzh6Gz0e3tuINSck
cQwMkW1c31u4S3nIAnRF7FPeo+l65Q9o9EEwBpaRiiTthcDj+X2HZ6BRlUGWb35a
VGra7TfpVGgntIM+Mx2Vh4+t7RJBunKGLxGW7A4mRiyvDL9Ey+96chFQzem1jTjh
C6qxXn25HrulAXByTxGviqrQf+YiEOPoSW2b+Hv1wwH/4EmIJyMXy0UY3XU99Gm4
uxDCpnI4lSTo7aT5ZkBGwYsSaxuJmsfeA/nRsXcd/iwicSkAfl2lecDPzUPP4yT8
x9YoSp1P
-----END CERTIFICATE-----
Generated at Sat Jan 13 12:08:30 2024 by rpki-client on console-fra.rpki-client.org