Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3181/Rft6LrhHFWBywPLZ0rg4zLaSbPY.roa
File: Rft6LrhHFWBywPLZ0rg4zLaSbPY.roa (raw, json)
Hash identifier: Pd2KwS/nLmLibNqUoPbC9XCrRPwULz07N859032shAs=
Subject key identifier: 45:FB:7A:2E:B8:47:15:60:72:C0:F2:D9:D2:B8:38:CC:B6:92:6C:F6
Certificate issuer: /CN=136A39C7630A3C7491050D3E9DBD5B6F7906FD75
Certificate serial: 04
Authority key identifier: 13:6A:39:C7:63:0A:3C:74:91:05:0D:3E:9D:BD:5B:6F:79:06:FD:75
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/Rft6LrhHFWBywPLZ0rg4zLaSbPY.roa
Signing time: Wed 13 Sep 2023 03:34:26 +0000
ROA not before: Wed 13 Sep 2023 03:34:26 +0000
ROA not after: Thu 12 Sep 2024 03:29:52 +0000
asID: 38378
IP address blocks: 103.29.24.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 03:46:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=136A39C7630A3C7491050D3E9DBD5B6F7906FD75
Validity
Not Before: Sep 13 03:34:26 2023 GMT
Not After : Sep 12 03:29:52 2024 GMT
Subject: CN=45FB7A2EB847156072C0F2D9D2B838CCB6926CF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:29:58:56:49:76:e8:17:9e:cc:a4:19:fb:b4:
0e:d9:d1:b4:38:9a:2f:6e:7f:e7:39:a4:aa:67:79:
2c:4e:44:b2:32:d4:5f:75:99:52:93:11:4a:6a:0d:
67:41:e8:a6:3a:c9:34:6d:83:41:4a:04:c4:4f:c2:
64:1a:03:01:09:f4:04:cf:3e:8a:d4:05:55:d2:8f:
43:75:0a:4e:48:b4:a4:4b:a7:e1:4d:7d:ef:d0:76:
6b:39:74:8d:d2:cc:c2:1c:b4:39:6d:85:be:e0:ec:
6d:c1:34:69:62:e0:84:b0:90:1b:0e:ec:23:37:bb:
8d:ee:6b:13:1e:05:3e:70:98:f6:a5:b4:28:3d:8b:
25:84:f1:d8:de:e1:1f:72:47:fa:3d:17:e8:ca:95:
b3:16:11:f7:9d:40:00:14:92:8e:ac:b3:37:49:ae:
d3:ef:00:8c:17:0f:4a:89:93:e8:6a:f2:ce:70:93:
2b:d3:2f:23:e4:7c:ad:7b:81:2e:25:2d:20:cb:7c:
5f:e0:50:58:bf:a9:d5:f9:43:43:24:41:43:66:e4:
ed:3e:2c:29:e3:d6:ff:64:46:cf:34:f4:0b:52:d3:
43:55:45:98:69:b0:e5:45:43:30:df:4e:4a:5c:e3:
30:22:b3:30:ca:ba:6a:7d:87:47:5d:e2:4b:83:2c:
9f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:FB:7A:2E:B8:47:15:60:72:C0:F2:D9:D2:B8:38:CC:B6:92:6C:F6
X509v3 Authority Key Identifier:
keyid:13:6A:39:C7:63:0A:3C:74:91:05:0D:3E:9D:BD:5B:6F:79:06:FD:75
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/Rft6LrhHFWBywPLZ0rg4zLaSbPY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.29.24.0/23
Signature Algorithm: sha256WithRSAEncryption
91:14:e1:44:8d:fa:92:b3:65:3d:8a:9e:8e:44:f9:a6:ea:4b:
79:c1:a1:ec:68:1b:8a:77:3b:31:5e:86:43:96:9a:e6:51:ef:
d7:40:03:9f:7d:05:67:a0:61:2c:19:eb:5a:06:82:50:a4:40:
e6:e5:a9:94:1a:75:99:e6:e9:6c:ce:73:bc:4a:68:7d:7d:82:
59:d7:26:a4:98:d5:19:7b:76:bc:7c:69:19:4a:a5:3d:5b:64:
a2:2a:a3:7c:f4:4f:d0:8b:0a:92:ad:6e:4c:e9:e7:00:e5:cb:
1e:a7:4e:ac:50:c7:0a:96:c0:75:7e:53:14:d8:77:7f:b3:cb:
ff:31:d2:17:7d:ed:ca:f3:3c:d4:3f:70:ca:ca:76:f1:b1:b2:
42:98:c2:f5:03:a7:a8:39:e4:5d:10:ee:6e:f5:3b:86:42:2f:
98:20:b5:a5:40:07:fc:da:aa:c7:0f:22:99:0a:88:65:78:b3:
19:82:cf:d2:8b:91:18:04:cf:c5:2c:8d:a0:ff:46:47:99:d8:
3e:a3:92:d5:1b:33:02:b7:dc:67:7b:42:94:8e:cb:5f:ed:ac:
8d:87:c7:11:a7:5f:e4:29:78:d0:58:df:88:4c:d6:2b:2f:d6:
36:c6:9b:2d:15:12:ea:76:1a:96:50:21:48:c8:5d:ad:55:7b:
97:df:a3:34
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxMzZB
MzlDNzYzMEEzQzc0OTEwNTBEM0U5REJENUI2Rjc5MDZGRDc1MB4XDTIzMDkxMzAz
MzQyNloXDTI0MDkxMjAzMjk1MlowMzExMC8GA1UEAxMoNDVGQjdBMkVCODQ3MTU2
MDcyQzBGMkQ5RDJCODM4Q0NCNjkyNkNGNjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMopWFZJdugXnsykGfu0DtnRtDiaL25/5zmkqmd5LE5EsjLUX3WZ
UpMRSmoNZ0HopjrJNG2DQUoExE/CZBoDAQn0BM8+itQFVdKPQ3UKTki0pEun4U19
79B2azl0jdLMwhy0OW2FvuDsbcE0aWLghLCQGw7sIze7je5rEx4FPnCY9qW0KD2L
JYTx2N7hH3JH+j0X6MqVsxYR951AABSSjqyzN0mu0+8AjBcPSomT6GryznCTK9Mv
I+R8rXuBLiUtIMt8X+BQWL+p1flDQyRBQ2bk7T4sKePW/2RGzzT0C1LTQ1VFmGmw
5UVDMN9OSlzjMCKzMMq6an2HR13iS4Msn3UCAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBRF+3ouuEcVYHLA8tnSuDjMtpJs9jAfBgNVHSMEGDAWgBQTajnHYwo8dJEFDT6d
vVtveQb9dTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMTgx
L0UybzV4Mk1LUEhTUkJRMC1uYjFiYjNrR19YVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvRTJvNXgyTUtQSFNSQlEwLW5iMWJiM2tHX1hVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE4MS9SZnQ2THJoSEZXQnl3
UExaMHJnNHpMYVNiUFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBZx0YMA0GCSqGSIb3DQEBCwUAA4IBAQCRFOFEjfqSs2U9ip6ORPmm6kt5waHs
aBuKdzsxXoZDlprmUe/XQAOffQVnoGEsGetaBoJQpEDm5amUGnWZ5ulsznO8Smh9
fYJZ1yakmNUZe3a8fGkZSqU9W2SiKqN89E/QiwqSrW5M6ecA5csep06sUMcKlsB1
flMU2Hd/s8v/MdIXfe3K8zzUP3DKynbxsbJCmML1A6eoOeRdEO5u9TuGQi+YILWl
QAf82qrHDyKZCohleLMZgs/Si5EYBM/FLI2g/0ZHmdg+o5LVGzMCt9xne0KUjstf
7ayNh8cRp1/kKXjQWN+ITNYrL9Y2xpstFRLqdhqWUCFIyF2tVXuX36M0
-----END CERTIFICATE-----
Generated at Thu Aug 29 06:12:37 2024 by rpki-client on console-ams.rpki-client.org