Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/Ip4wiMjQf7PPNiBUkcw-7E5cBM0.roa
File: Ip4wiMjQf7PPNiBUkcw-7E5cBM0.roa (raw, json)
Hash identifier: msr8Ocw28cNSQMRzLr1Lsc6EpxVgFXiyiQFHQUtLtc8=
Subject key identifier: 22:9E:30:88:C8:D0:7F:B3:CF:36:20:54:91:CC:3E:EC:4E:5C:04:CD
Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94
Certificate serial: 1B8F
Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/Ip4wiMjQf7PPNiBUkcw-7E5cBM0.roa
Signing time: Thu 21 Nov 2024 09:32:20 +0000
ROA not before: Thu 21 Nov 2024 09:32:20 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 398704
IP address blocks: 103.203.100.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 05:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7055 (0x1b8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94
Validity
Not Before: Nov 21 09:32:20 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=229E3088C8D07FB3CF36205491CC3EEC4E5C04CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:63:d3:40:94:ff:6a:c5:8c:10:0f:52:c9:fe:
4e:bb:93:a5:dc:9e:c9:ad:a1:19:3c:cd:1d:f7:08:
28:0c:7d:1f:d1:1b:4f:f6:5d:2a:84:ef:02:5d:36:
37:5b:b2:20:8a:8b:d5:88:38:89:c7:57:19:8a:bc:
15:c3:89:8b:7f:24:e0:80:2e:41:6c:7d:ca:5e:3d:
54:0b:69:06:da:bc:8d:fd:09:00:6c:74:2d:11:39:
ab:35:fc:46:84:90:c1:ee:88:7d:cd:30:ce:eb:e8:
34:d9:d1:e7:7d:42:7e:2b:1b:e8:14:ad:fa:9f:c9:
bd:c9:6f:72:e9:b8:4f:72:5f:15:91:b8:c9:05:3e:
36:03:08:b6:f1:a6:45:a5:09:e5:76:87:fb:e5:d8:
9d:88:e8:c0:b7:b9:48:73:0e:9a:1e:a2:57:32:13:
09:2d:b2:8b:2a:37:16:03:fd:7f:a7:8b:27:e2:af:
f5:86:aa:a6:84:e5:76:19:05:a4:34:96:46:36:b0:
76:98:e5:ef:9d:a8:d0:d4:5a:18:cb:ba:e9:65:ea:
c8:c8:4d:d4:1e:54:12:b8:a0:2c:37:8f:98:8b:ed:
fa:cd:1b:b9:86:01:59:cd:27:cf:bb:8f:ed:31:0b:
51:fd:98:e9:da:ee:b8:87:de:19:32:85:5e:7b:16:
68:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:9E:30:88:C8:D0:7F:B3:CF:36:20:54:91:CC:3E:EC:4E:5C:04:CD
X509v3 Authority Key Identifier:
keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/Ip4wiMjQf7PPNiBUkcw-7E5cBM0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.203.100.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:c8:64:b5:93:c0:2d:86:af:26:2b:b9:c9:df:2c:68:e8:e3:
a4:d1:a5:73:86:41:f8:f7:68:c5:be:fb:83:9c:b4:89:dd:e9:
e6:3c:ad:5b:7c:e5:da:fa:73:2c:18:98:56:35:9c:c0:ff:5b:
c9:b5:b3:de:5e:77:09:68:1a:4f:94:74:45:a2:79:1d:26:24:
72:38:1e:73:9a:23:53:45:56:bd:84:ff:98:c8:f1:4b:bf:bf:
55:98:2f:84:a4:bb:2f:18:50:a2:16:71:8f:b7:57:32:83:82:
73:1e:aa:27:cc:1c:8e:64:43:da:63:de:e8:a6:e3:a2:fe:ec:
ac:33:03:be:3e:35:c6:df:b1:99:61:75:a2:8d:54:19:9f:86:
37:71:03:38:0b:5d:5c:ab:8a:6d:f1:58:74:93:3e:7d:a6:5b:
92:0d:93:4d:a2:c7:37:c7:34:f2:b8:13:6d:9d:b2:83:8b:5d:
7d:1b:80:c3:46:49:02:25:09:3f:fd:3c:90:d4:10:4f:f2:d3:
80:84:53:fd:d2:3d:10:3c:9b:f6:3a:70:9b:dd:89:70:aa:f0:
82:b3:3d:49:d2:65:b8:15:b1:8e:43:90:66:bb:b6:a5:ba:eb:
6f:31:0b:38:49:54:7b:86:d8:66:c1:7a:6e:e2:2e:26:ab:38:
f3:28:84:20
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICG48wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4
M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjEw
OTMyMjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDIyOUUzMDg4QzhEMDdG
QjNDRjM2MjA1NDkxQ0MzRUVDNEU1QzA0Q0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCXY9NAlP9qxYwQD1LJ/k67k6XcnsmtoRk8zR33CCgMfR/RG0/2
XSqE7wJdNjdbsiCKi9WIOInHVxmKvBXDiYt/JOCALkFsfcpePVQLaQbavI39CQBs
dC0ROas1/EaEkMHuiH3NMM7r6DTZ0ed9Qn4rG+gUrfqfyb3Jb3LpuE9yXxWRuMkF
PjYDCLbxpkWlCeV2h/vl2J2I6MC3uUhzDpoeolcyEwktsosqNxYD/X+niyfir/WG
qqaE5XYZBaQ0lkY2sHaY5e+dqNDUWhjLuull6sjITdQeVBK4oCw3j5iL7frNG7mG
AVnNJ8+7j+0xC1H9mOna7riH3hkyhV57FmiNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUIp4wiMjQf7PPNiBUkcw+7E5cBM0wHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt
eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz
L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL0lwNHdpTWpRZjdQUE5p
QlVrY3ctN0U1Y0JNMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJny2QwDQYJKoZIhvcNAQELBQADggEBAG7IZLWTwC2GryYrucnfLGjo46TRpXOG
Qfj3aMW++4OctInd6eY8rVt85dr6cywYmFY1nMD/W8m1s95edwloGk+UdEWieR0m
JHI4HnOaI1NFVr2E/5jI8Uu/v1WYL4Skuy8YUKIWcY+3VzKDgnMeqifMHI5kQ9pj
3uim46L+7KwzA74+NcbfsZlhdaKNVBmfhjdxAzgLXVyrim3xWHSTPn2mW5INk02i
xzfHNPK4E22dsoOLXX0bgMNGSQIlCT/9PJDUEE/y04CEU/3SPRA8m/Y6cJvdiXCq
8IKzPUnSZbgVsY5DkGa7tqW6628xCzhJVHuG2GbBem7iLiarOPMohCA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:34 2025 by rpki-client