Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/oMd-ARwd63yqJfIdC-RXHknawt8.roa
File: oMd-ARwd63yqJfIdC-RXHknawt8.roa (raw, json)
Hash identifier: WGaS3zKFGN7+2nTHk4xwOzr9f0weq4hrbvl+6gUf878=
Subject key identifier: A0:C7:7E:01:1C:1D:EB:7C:AA:25:F2:1D:0B:E4:57:1E:49:DA:C2:DF
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 0FEC
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/oMd-ARwd63yqJfIdC-RXHknawt8.roa
Signing time: Wed 20 Sep 2023 06:31:00 +0000
ROA not before: Wed 20 Sep 2023 06:31:00 +0000
ROA not after: Tue 17 Sep 2024 08:06:57 +0000
asID: 146845
IP address blocks: 103.169.50.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Sep 2024 08:16:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4076 (0xfec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Sep 20 06:31:00 2023 GMT
Not After : Sep 17 08:06:57 2024 GMT
Subject: CN=A0C77E011C1DEB7CAA25F21D0BE4571E49DAC2DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:dc:3a:e6:66:c1:42:5a:2a:7f:8a:0d:12:41:
2b:e3:cc:28:67:04:b9:67:12:67:2d:86:03:9a:ac:
24:d8:65:b1:00:09:33:58:78:a9:64:aa:bc:a8:78:
23:da:8f:9a:f8:0f:7d:18:1e:70:3e:d5:2f:6c:db:
f9:74:1d:b6:c1:76:6b:86:f0:58:72:95:22:73:b8:
9b:a0:5d:7c:bc:61:3b:9d:1f:65:d3:05:84:88:ed:
c8:39:0c:92:7e:10:e4:88:ff:16:f3:c0:8d:ea:7b:
58:9a:ef:bd:ff:f5:e5:23:60:99:6d:d7:12:a6:f4:
4c:02:27:d2:51:9f:d9:a8:b6:61:61:3d:b4:90:d3:
39:d5:bf:c5:ab:6c:88:d2:9d:66:57:b2:3b:19:c7:
36:a8:9c:96:8c:c0:85:94:cc:87:2e:20:6d:c4:50:
d5:2f:d3:b7:d2:96:30:8e:92:6b:7d:66:7f:57:2c:
d9:10:7e:f2:fc:51:16:76:22:07:b4:da:2d:2a:eb:
a9:45:68:e8:29:13:7a:a4:b9:99:54:a4:1b:dc:16:
c8:68:6e:c1:30:4d:a4:56:74:57:fb:b8:c5:15:31:
2c:ab:94:d5:aa:e6:51:24:6b:3b:8b:9c:d7:a0:7d:
d7:0a:39:83:2b:42:da:66:d9:1c:9c:f2:dd:cf:ad:
23:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C7:7E:01:1C:1D:EB:7C:AA:25:F2:1D:0B:E4:57:1E:49:DA:C2:DF
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/oMd-ARwd63yqJfIdC-RXHknawt8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.169.50.0/23
Signature Algorithm: sha256WithRSAEncryption
51:a5:bd:eb:ef:97:4d:49:79:23:5c:71:f6:31:ce:a9:a1:39:
4a:0c:7a:ff:cf:01:e9:64:ad:88:36:3e:67:c5:2a:3c:71:13:
b7:4c:ea:6a:1a:de:44:56:86:aa:d1:94:aa:e0:ab:b9:e1:1f:
13:25:fd:36:58:7c:b9:e8:24:55:bc:63:cc:04:d6:ea:69:b1:
ca:34:82:36:24:d6:a1:e7:fa:c7:51:6f:8c:13:e1:14:26:a1:
2b:a2:f3:6e:0d:48:21:ba:23:51:fc:f7:5f:03:4f:c5:df:34:
44:d1:a1:d8:d3:ec:8c:a3:76:35:28:50:79:83:08:d0:1e:25:
33:92:76:f3:68:f8:8f:b6:6e:ab:00:d3:09:5b:94:d7:33:9f:
6d:46:01:67:e6:c9:79:23:88:af:09:e0:55:72:04:4f:95:cd:
d1:a4:45:0c:a8:10:a6:57:32:84:d3:03:70:78:d8:eb:63:e7:
97:80:a4:5f:c1:71:17:95:de:4b:fb:22:af:e2:5c:cf:8f:db:
47:1c:70:35:5f:3b:7e:c4:12:f1:9f:00:e0:6a:0a:85:ac:4d:
ed:a2:a3:02:ef:1d:b1:a9:82:2e:8f:1d:b6:e8:ac:d1:90:df:
41:5f:44:fe:2d:dc:ee:44:07:7d:3e:63:13:ba:ad:e3:70:0c:
b7:3a:33:61
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICD+wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yMzA5MjAw
NjMxMDBaFw0yNDA5MTcwODA2NTdaMDMxMTAvBgNVBAMTKEEwQzc3RTAxMUMxREVC
N0NBQTI1RjIxRDBCRTQ1NzFFNDlEQUMyREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC23DrmZsFCWip/ig0SQSvjzChnBLlnEmcthgOarCTYZbEACTNY
eKlkqryoeCPaj5r4D30YHnA+1S9s2/l0HbbBdmuG8FhylSJzuJugXXy8YTudH2XT
BYSI7cg5DJJ+EOSI/xbzwI3qe1ia773/9eUjYJlt1xKm9EwCJ9JRn9motmFhPbSQ
0znVv8WrbIjSnWZXsjsZxzaonJaMwIWUzIcuIG3EUNUv07fSljCOkmt9Zn9XLNkQ
fvL8URZ2Ige02i0q66lFaOgpE3qkuZlUpBvcFshobsEwTaRWdFf7uMUVMSyrlNWq
5lEkazuLnNegfdcKOYMrQtpm2Ryc8t3PrSPJAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUoMd+ARwd63yqJfIdC+RXHknawt8wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvb01kLUFSd2Q2M3lx
SmZJZEMtUlhIa25hd3Q4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWepMjANBgkqhkiG9w0BAQsFAAOCAQEAUaW96++XTUl5I1xx9jHOqaE5Sgx6
/88B6WStiDY+Z8UqPHETt0zqahreRFaGqtGUquCrueEfEyX9Nlh8uegkVbxjzATW
6mmxyjSCNiTWoef6x1FvjBPhFCahK6Lzbg1IIbojUfz3XwNPxd80RNGh2NPsjKN2
NShQeYMI0B4lM5J282j4j7ZuqwDTCVuU1zOfbUYBZ+bJeSOIrwngVXIET5XN0aRF
DKgQplcyhNMDcHjY62Pnl4CkX8FxF5XeS/sir+Jcz4/bRxxwNV87fsQS8Z8A4GoK
haxN7aKjAu8dsamCLo8dtuis0ZDfQV9E/i3c7kQHfT5jE7qt43AMtzozYQ==
-----END CERTIFICATE-----
Generated at Tue Sep 3 09:41:53 2024 by rpki-client on console-fra.rpki-client.org