Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/316/piOqkWXbALpGppQnQm5Y-BUOXng.roa
File: piOqkWXbALpGppQnQm5Y-BUOXng.roa (raw, json)
Hash identifier: yJZTVp6BzBLVAV9JtWKdDmqS5NCOwcsyDJtnewhU8RA=
Subject key identifier: A6:23:AA:91:65:DB:00:BA:46:A6:94:27:42:6E:58:F8:15:0E:5E:78
Certificate issuer: /CN=4BC6A9B58BBEEAD50DDD48F844782C8294A18B39
Certificate serial: 0AAE
Authority key identifier: 4B:C6:A9:B5:8B:BE:EA:D5:0D:DD:48:F8:44:78:2C:82:94:A1:8B:39
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/S8aptYu-6tUN3Uj4RHgsgpShizk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/316/piOqkWXbALpGppQnQm5Y-BUOXng.roa
Signing time: Mon 14 Aug 2023 04:33:48 +0000
ROA not before: Mon 14 Aug 2023 04:33:48 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 38378
IP address blocks: 103.92.88.0/22 maxlen: 24
119.40.64.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jul 2024 07:45:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2734 (0xaae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4BC6A9B58BBEEAD50DDD48F844782C8294A18B39
Validity
Not Before: Aug 14 04:33:48 2023 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=A623AA9165DB00BA46A69427426E58F8150E5E78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e6:49:17:d7:45:5d:a4:2a:84:39:99:55:55:
46:15:33:1a:5c:99:86:25:4e:45:88:52:d4:b7:30:
d7:30:2a:8b:b5:c7:44:6b:8f:ed:dd:2b:65:ab:d8:
85:b6:35:ce:e9:4a:0c:85:86:62:c3:1e:8e:bb:a7:
a3:0a:3b:af:61:a3:8a:b0:56:f0:fa:61:bd:94:22:
42:f1:8d:e2:92:82:ea:2f:d9:d8:96:08:89:c8:f0:
91:ae:00:6b:b0:7b:eb:d3:31:cf:51:05:41:9d:57:
14:fa:3a:50:09:27:a1:5e:db:8d:f0:18:f2:f2:dc:
fd:48:46:62:c6:3c:ef:5c:de:2c:ba:11:00:65:64:
b0:93:3a:56:4f:06:aa:eb:7a:2a:43:c1:74:ad:5c:
cd:49:c3:17:07:59:a2:d0:f6:28:2d:a3:b3:72:ea:
d3:34:3f:f2:a7:ad:f8:bb:ee:23:ad:61:80:aa:09:
c6:a0:96:9d:0f:b7:31:b0:35:91:20:7c:d4:1a:76:
56:43:fe:43:2a:cb:b0:ee:6f:5c:44:42:b8:61:8d:
5a:36:6c:56:5d:ce:d5:e2:53:37:b6:50:7f:0a:7b:
34:62:34:02:5d:4f:4f:b5:28:4d:03:86:3b:11:71:
1b:b7:d7:cc:e2:70:d4:87:c0:2a:17:4e:03:0d:04:
1c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:23:AA:91:65:DB:00:BA:46:A6:94:27:42:6E:58:F8:15:0E:5E:78
X509v3 Authority Key Identifier:
keyid:4B:C6:A9:B5:8B:BE:EA:D5:0D:DD:48:F8:44:78:2C:82:94:A1:8B:39
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/316/S8aptYu-6tUN3Uj4RHgsgpShizk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/S8aptYu-6tUN3Uj4RHgsgpShizk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/316/piOqkWXbALpGppQnQm5Y-BUOXng.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.92.88.0/22
119.40.64.0/20
Signature Algorithm: sha256WithRSAEncryption
ac:15:01:26:e6:0d:cd:61:17:71:71:1d:8e:6d:c2:fb:df:65:
a8:11:8c:40:7e:cd:ce:2a:ca:f0:74:43:62:0a:91:88:32:ec:
5a:09:60:6b:fa:47:2d:a0:27:62:b6:5e:86:65:ec:c7:0f:88:
f6:25:f1:8d:d4:6c:03:4e:c9:26:26:a9:8b:17:19:63:f1:2c:
ff:1a:ae:7f:70:15:18:96:81:9d:e5:02:91:c1:a7:c2:d3:19:
60:fd:cc:a0:71:92:af:06:84:e7:3d:00:2e:23:84:19:79:7c:
d3:30:56:22:43:5a:f8:ad:d3:05:c1:50:75:0f:55:ad:c6:c4:
a7:fd:d3:d8:11:ff:8f:85:c8:a2:d2:5d:fc:ec:8d:8c:a8:26:
03:3a:eb:0f:3b:c2:26:fa:85:a7:75:53:f5:a6:2b:c8:68:46:
a6:ec:90:7e:ae:7e:75:ec:34:35:b3:2f:81:0c:5f:d8:d0:e3:
e6:ff:d5:ea:9e:a1:bd:47:06:9c:f9:e5:a5:95:27:d8:f6:3e:
ec:83:60:50:44:02:d6:e6:a0:f8:9e:e0:22:fe:8f:ce:12:e1:
ba:a7:a0:13:69:5a:62:47:a7:a8:55:d7:64:ac:2c:37:4b:1f:
20:ab:7c:f9:bb:d4:f0:a4:38:ed:4b:f9:b3:35:e8:e3:f7:1d:
83:49:fa:7a
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICCq4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEJD
NkE5QjU4QkJFRUFENTBEREQ0OEY4NDQ3ODJDODI5NEExOEIzOTAeFw0yMzA4MTQw
NDMzNDhaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKEE2MjNBQTkxNjVEQjAw
QkE0NkE2OTQyNzQyNkU1OEY4MTUwRTVFNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCl5kkX10VdpCqEOZlVVUYVMxpcmYYlTkWIUtS3MNcwKou1x0Rr
j+3dK2Wr2IW2Nc7pSgyFhmLDHo67p6MKO69ho4qwVvD6Yb2UIkLxjeKSguov2diW
CInI8JGuAGuwe+vTMc9RBUGdVxT6OlAJJ6Fe243wGPLy3P1IRmLGPO9c3iy6EQBl
ZLCTOlZPBqrreipDwXStXM1JwxcHWaLQ9igto7Ny6tM0P/Knrfi77iOtYYCqCcag
lp0PtzGwNZEgfNQadlZD/kMqy7Dub1xEQrhhjVo2bFZdztXiUze2UH8KezRiNAJd
T0+1KE0DhjsRcRu318zicNSHwCoXTgMNBBxNAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUpiOqkWXbALpGppQnQm5Y+BUOXngwHwYDVR0jBBgwFoAUS8aptYu+6tUN3Uj4
RHgsgpShizkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2
L1M4YXB0WXUtNnRVTjNVajRSSGdzZ3BTaGl6ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvUzhhcHRZdS02dFVOM1VqNFJIZ3NncFNoaXprLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2L3BpT3FrV1hiQUxwR3Bw
UW5RbTVZLUJVT1huZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BAJnXFgDBAR3KEAwDQYJKoZIhvcNAQELBQADggEBAKwVASbmDc1hF3FxHY5twvvf
ZagRjEB+zc4qyvB0Q2IKkYgy7FoJYGv6Ry2gJ2K2XoZl7McPiPYl8Y3UbANOySYm
qYsXGWPxLP8arn9wFRiWgZ3lApHBp8LTGWD9zKBxkq8GhOc9AC4jhBl5fNMwViJD
Wvit0wXBUHUPVa3GxKf909gR/4+FyKLSXfzsjYyoJgM66w87wib6had1U/WmK8ho
RqbskH6ufnXsNDWzL4EMX9jQ4+b/1eqeob1HBpz55aWVJ9j2PuyDYFBEAtbmoPie
4CL+j84S4bqnoBNpWmJHp6hV12SsLDdLHyCrfPm71PCkOO1L+bM16OP3HYNJ+no=
-----END CERTIFICATE-----
Generated at Sat Jul 27 10:01:18 2024 by rpki-client on console-ams.rpki-client.org