Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/510/4ezBZFusVRvnil020ynWWi85Ijk.roa
File: 4ezBZFusVRvnil020ynWWi85Ijk.roa (raw, json)
Hash identifier: auXGuplVBGLUrGbnn/lKsEEV8BWtzvh/WdXuKBYDBPU=
Subject key identifier: E1:EC:C1:64:5B:AC:55:1B:E7:8A:5D:36:D3:29:D6:5A:2F:39:22:39
Certificate issuer: /CN=AEF9D15D55160431D4F709E8AA3A3AD5BCCCD6E5
Certificate serial: 10F9
Authority key identifier: AE:F9:D1:5D:55:16:04:31:D4:F7:09:E8:AA:3A:3A:D5:BC:CC:D6:E5
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rvnRXVUWBDHU9wnoqjo61bzM1uU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/510/4ezBZFusVRvnil020ynWWi85Ijk.roa
Signing time: Tue 22 Oct 2024 06:46:14 +0000
ROA not before: Tue 22 Oct 2024 06:46:14 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 9584
IP address blocks: 103.20.128.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 28 Oct 2024 07:54:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4345 (0x10f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=AEF9D15D55160431D4F709E8AA3A3AD5BCCCD6E5
Validity
Not Before: Oct 22 06:46:14 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=E1ECC1645BAC551BE78A5D36D329D65A2F392239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5c:a3:8a:44:35:d9:7e:bc:7b:9e:71:bf:a3:
56:53:64:ed:5a:ae:e4:24:cb:ae:bd:5b:bf:ce:b5:
2a:2c:24:c5:39:fe:0e:67:f5:a3:92:2b:a7:34:cd:
28:48:af:c1:f7:60:58:d2:8f:09:85:e8:12:d5:8e:
b7:d4:bf:3f:28:14:0c:af:3c:4c:ad:b9:92:3c:c5:
4a:85:83:50:bb:e9:24:76:c0:23:cb:e7:28:66:82:
c1:63:1c:28:4a:b7:8b:0d:ca:f0:e0:7d:1a:91:ac:
cb:0c:74:d3:72:c7:1b:47:54:92:6e:27:ef:da:a4:
79:84:49:c2:e6:88:f4:a6:4e:94:71:cc:7f:3c:5e:
4b:46:a1:ec:c5:5d:de:77:c9:db:8e:08:d5:4d:c0:
ce:49:32:01:9f:4d:ae:93:b4:11:4b:37:ae:22:f1:
af:6b:d7:ef:8a:b9:0c:75:6d:72:e0:17:fe:cd:43:
86:5d:87:eb:ab:fb:52:59:80:ff:2f:64:40:98:be:
26:d0:14:e3:6b:b9:73:03:35:be:56:5b:e6:36:d7:
ee:7e:63:16:3a:be:58:12:83:ce:0b:d2:0b:9f:b4:
c6:ea:2f:84:f9:cf:bb:25:5b:80:3d:d3:1b:c9:b4:
2f:96:cb:8a:57:c6:aa:fc:a6:cb:f9:7c:1e:05:99:
35:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:EC:C1:64:5B:AC:55:1B:E7:8A:5D:36:D3:29:D6:5A:2F:39:22:39
X509v3 Authority Key Identifier:
keyid:AE:F9:D1:5D:55:16:04:31:D4:F7:09:E8:AA:3A:3A:D5:BC:CC:D6:E5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/510/rvnRXVUWBDHU9wnoqjo61bzM1uU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rvnRXVUWBDHU9wnoqjo61bzM1uU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/510/4ezBZFusVRvnil020ynWWi85Ijk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.128.0/22
Signature Algorithm: sha256WithRSAEncryption
22:27:1a:13:01:16:a9:51:00:a9:93:18:59:78:b2:9a:54:ab:
38:44:b2:e5:25:df:1d:e9:eb:c8:bc:8c:f9:54:4e:77:6f:fa:
19:83:7a:57:98:f3:cb:2e:93:fe:48:d9:81:21:50:b2:36:fc:
c1:91:8a:52:f4:c0:1c:6b:e8:c9:59:65:e2:c2:9c:4f:a0:e3:
a6:d3:1e:73:fa:a4:4c:35:24:d5:9f:ea:3b:44:9c:6c:7b:0c:
14:d1:da:4a:e2:3d:84:0e:00:12:08:31:4c:31:cd:00:9c:0f:
5b:86:75:6c:b5:e5:ac:a3:cb:10:7b:3e:68:13:4c:c7:33:7f:
eb:2f:aa:9f:22:01:af:66:8b:d3:73:34:81:25:b6:ec:9d:a4:
47:b2:9f:fa:18:5b:16:de:2b:23:ba:cd:98:6e:48:f4:98:b5:
6f:99:46:8f:cf:d4:e8:80:fd:3b:fe:c6:b4:c5:96:83:b4:be:
ef:9d:ab:45:c2:2c:10:9e:86:a5:22:a5:52:17:66:b0:5a:b6:
c4:98:0d:cf:87:2b:6e:ba:53:56:e3:57:31:d3:f0:fa:3b:be:
4f:5b:68:be:93:81:b7:d5:7e:04:40:9d:b2:9b:ce:2d:41:fa:
98:2e:db:ae:41:b3:33:d9:90:9c:05:e9:6a:d0:21:1c:74:67:
79:04:5a:cb
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICEPkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUVG
OUQxNUQ1NTE2MDQzMUQ0RjcwOUU4QUEzQTNBRDVCQ0NDRDZFNTAeFw0yNDEwMjIw
NjQ2MTRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEUxRUNDMTY0NUJBQzU1
MUJFNzhBNUQzNkQzMjlENjVBMkYzOTIyMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyXKOKRDXZfrx7nnG/o1ZTZO1aruQky669W7/OtSosJMU5/g5n
9aOSK6c0zShIr8H3YFjSjwmF6BLVjrfUvz8oFAyvPEytuZI8xUqFg1C76SR2wCPL
5yhmgsFjHChKt4sNyvDgfRqRrMsMdNNyxxtHVJJuJ+/apHmEScLmiPSmTpRxzH88
XktGoezFXd53yduOCNVNwM5JMgGfTa6TtBFLN64i8a9r1++KuQx1bXLgF/7NQ4Zd
h+ur+1JZgP8vZECYvibQFONruXMDNb5WW+Y21+5+YxY6vlgSg84L0guftMbqL4T5
z7slW4A90xvJtC+Wy4pXxqr8psv5fB4FmTWNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU4ezBZFusVRvnil020ynWWi85IjkwHwYDVR0jBBgwFoAUrvnRXVUWBDHU9wno
qjo61bzM1uUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEw
L3J2blJYVlVXQkRIVTl3bm9xam82MWJ6TTF1VS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvcnZuUlhWVVdCREhVOXdub3FqbzYxYnpNMXVVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEwLzRlekJaRnVzVlJ2bmls
MDIweW5XV2k4NUlqay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJnFIAwDQYJKoZIhvcNAQELBQADggEBACInGhMBFqlRAKmTGFl4sppUqzhEsuUl
3x3p68i8jPlUTndv+hmDeleY88suk/5I2YEhULI2/MGRilL0wBxr6MlZZeLCnE+g
46bTHnP6pEw1JNWf6jtEnGx7DBTR2kriPYQOABIIMUwxzQCcD1uGdWy15ayjyxB7
PmgTTMczf+svqp8iAa9mi9NzNIEltuydpEeyn/oYWxbeKyO6zZhuSPSYtW+ZRo/P
1OiA/Tv+xrTFloO0vu+dq0XCLBCehqUipVIXZrBatsSYDc+HK266U1bjVzHT8Po7
vk9baL6TgbfVfgRAnbKbzi1B+pgu265BszPZkJwF6WrQIRx0Z3kEWss=
-----END CERTIFICATE-----
Generated at Mon Oct 28 10:34:09 2024 by rpki-client on console-fra.rpki-client.org