Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/_zXdsYUP3oXQf5iIZinNte-mOh4.roa
File: _zXdsYUP3oXQf5iIZinNte-mOh4.roa (raw, json)
Hash identifier: +Kq6xeA3RV25R0wsndB0Z9yfLMH1GDYePB5RRM2TvCo=
Subject key identifier: FF:35:DD:B1:85:0F:DE:85:D0:7F:98:88:66:29:CD:B5:EF:A6:3A:1E
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 0709
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/_zXdsYUP3oXQf5iIZinNte-mOh4.roa
Signing time: Thu 18 May 2023 07:24:17 +0000
ROA not before: Thu 18 May 2023 07:24:17 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 136897
IP address blocks: 103.198.240.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 01:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1801 (0x709)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: May 18 07:24:17 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=FF35DDB1850FDE85D07F98886629CDB5EFA63A1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c6:3c:e2:84:fb:1b:46:d0:ea:9d:98:66:0b:
6e:b7:9c:a5:e3:c7:9b:fd:5d:7a:d8:ef:2b:2b:73:
0d:2d:aa:98:9e:8c:52:16:6d:a8:24:cc:8f:e5:78:
c4:e2:14:de:15:ed:12:90:25:ee:2e:1c:5b:2b:7d:
c7:cf:6d:e5:4f:23:b8:64:78:16:8e:7e:32:ea:07:
85:46:3b:00:5b:fb:b9:34:5b:56:cb:ff:0f:29:17:
f5:c0:2b:9f:89:dd:ae:b3:f5:b4:61:d4:2d:d6:52:
56:63:05:6d:73:29:98:29:2d:33:79:a0:d6:f9:59:
8a:b2:bb:a0:a9:23:c0:be:da:f3:ab:2e:71:8a:cb:
74:91:a2:9b:ba:5b:66:10:45:cb:f9:57:cd:69:56:
2a:fa:59:f4:e6:6b:b7:18:9e:f2:35:71:9b:fb:35:
85:f9:d0:99:9d:e6:30:59:0e:94:20:06:79:ff:f5:
44:0b:4b:23:a7:64:23:61:52:86:c9:72:c5:de:b4:
be:cb:d7:99:bb:95:5f:d7:74:1a:8f:2e:7f:da:23:
2d:67:aa:60:5f:c6:b2:e5:26:10:86:6d:ec:00:11:
a1:67:fd:a1:d2:e0:13:e3:95:10:3b:63:a7:23:40:
ac:ec:82:0a:ef:18:71:9e:a6:a6:aa:ff:76:d4:9a:
96:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:35:DD:B1:85:0F:DE:85:D0:7F:98:88:66:29:CD:B5:EF:A6:3A:1E
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/_zXdsYUP3oXQf5iIZinNte-mOh4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.198.240.0/22
Signature Algorithm: sha256WithRSAEncryption
02:52:35:ad:e8:7d:55:59:48:6b:93:31:5d:ad:e6:69:b8:de:
ea:a6:b2:61:95:29:58:85:cd:87:dd:21:da:d5:fb:4a:b6:13:
cb:78:1b:57:c7:8b:b3:c0:08:24:80:2b:17:b0:96:77:82:6f:
eb:33:7e:33:bf:92:a7:37:49:69:79:d6:66:60:aa:74:a6:0a:
54:a7:cb:f4:87:a8:da:38:5d:ae:8c:5f:a6:06:b0:f2:95:e6:
49:6b:71:0e:fe:d0:f0:bb:66:c6:67:42:2b:a6:1e:be:ba:32:
71:78:e1:fb:03:46:70:d8:e8:cf:ac:0c:09:c7:aa:74:69:54:
ab:d7:04:bc:0c:50:b6:b8:7c:58:88:98:28:1e:4f:99:69:4a:
63:0f:8a:37:f1:9e:e0:3f:92:ca:ae:26:e9:58:dc:d2:41:52:
a3:50:59:55:f1:d0:27:2f:8e:dd:d8:5d:0a:5d:4f:66:12:d8:
40:05:73:3b:24:2b:dc:b8:a2:c7:6b:56:d8:a4:16:36:48:17:
4d:18:b0:ca:22:ef:82:e6:97:11:bb:7a:dd:62:94:72:41:a4:
8b:e4:80:e2:66:13:76:e8:97:72:a6:7e:05:4e:90:44:00:ae:
dd:36:99:dd:a9:52:ba:6b:0e:0b:60:aa:f3:27:5c:dd:e7:2f:
5c:5a:40:90
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICBwkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yMzA1MTgw
NzI0MTdaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKEZGMzVEREIxODUwRkRF
ODVEMDdGOTg4ODY2MjlDREI1RUZBNjNBMUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkxjzihPsbRtDqnZhmC263nKXjx5v9XXrY7ysrcw0tqpiejFIW
bagkzI/leMTiFN4V7RKQJe4uHFsrfcfPbeVPI7hkeBaOfjLqB4VGOwBb+7k0W1bL
/w8pF/XAK5+J3a6z9bRh1C3WUlZjBW1zKZgpLTN5oNb5WYqyu6CpI8C+2vOrLnGK
y3SRopu6W2YQRcv5V81pVir6WfTma7cYnvI1cZv7NYX50Jmd5jBZDpQgBnn/9UQL
SyOnZCNhUobJcsXetL7L15m7lV/XdBqPLn/aIy1nqmBfxrLlJhCGbewAEaFn/aHS
4BPjlRA7Y6cjQKzsggrvGHGepqaq/3bUmpbdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU/zXdsYUP3oXQf5iIZinNte+mOh4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L196WGRzWVVQM29YUWY1
aUlaaW5OdGUtbU9oNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJnxvAwDQYJKoZIhvcNAQELBQADggEBAAJSNa3ofVVZSGuTMV2t5mm43uqmsmGV
KViFzYfdIdrV+0q2E8t4G1fHi7PACCSAKxewlneCb+szfjO/kqc3SWl51mZgqnSm
ClSny/SHqNo4Xa6MX6YGsPKV5klrcQ7+0PC7ZsZnQiumHr66MnF44fsDRnDY6M+s
DAnHqnRpVKvXBLwMULa4fFiImCgeT5lpSmMPijfxnuA/ksquJulY3NJBUqNQWVXx
0Ccvjt3YXQpdT2YS2EAFczskK9y4osdrVtikFjZIF00YsMoi74LmlxG7et1ilHJB
pIvkgOJmE3bol3KmfgVOkEQArt02md2pUrprDgtgqvMnXN3nL1xaQJA=
-----END CERTIFICATE-----
Generated at Wed Mar 13 04:25:16 2024 by rpki-client on console-fra.rpki-client.org