Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/HQmKPLDbS6pbaDo1CBVdOHcUq68.roa
File: HQmKPLDbS6pbaDo1CBVdOHcUq68.roa (raw, json)
Hash identifier: gbl8wzk8UiPNkaK5d3hqpjFYL7BddpebjvCfT5NVh7g=
Subject key identifier: 1D:09:8A:3C:B0:DB:4B:AA:5B:68:3A:35:08:15:5D:38:77:14:AB:AF
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 0D57
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/HQmKPLDbS6pbaDo1CBVdOHcUq68.roa
Signing time: Thu 03 Nov 2022 09:34:31 +0000
ROA not before: Thu 03 Nov 2022 09:34:31 +0000
ROA not after: Mon 28 Aug 2023 04:15:34 +0000
asID: 4811
IP address blocks: 103.237.28.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3415 (0xd57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Nov 3 09:34:31 2022 GMT
Not After : Aug 28 04:15:34 2023 GMT
Subject: CN=1D098A3CB0DB4BAA5B683A3508155D387714ABAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:1e:55:c7:a5:02:ce:d4:27:15:4f:ad:28:d5:
28:7f:ce:64:fd:5c:0d:c9:ec:48:74:62:34:e8:46:
c0:0f:5f:8c:87:38:6d:bb:52:20:d2:93:8e:0f:9b:
4d:9e:39:2a:4e:ac:66:f7:fe:70:f3:77:4e:d2:7e:
43:0a:b1:4b:f4:d1:cb:da:70:ef:21:4d:2d:73:e8:
1f:d9:0d:cf:b8:05:8c:93:bd:f6:7a:60:0d:c4:9a:
e9:bd:1c:c9:6b:31:f4:cc:3f:a1:e1:a4:30:83:ee:
10:fd:7b:2b:ff:5e:ad:5d:91:c9:af:5e:f9:e8:e3:
1e:25:40:ea:bb:a3:2a:4c:2c:78:71:dc:50:c2:87:
d9:97:f5:42:0b:fc:81:fd:5e:2c:cb:ca:89:b4:26:
10:cd:23:98:a4:0b:ac:52:65:84:88:a6:ed:47:bc:
55:86:2e:c4:39:d8:36:ba:e2:ce:8f:f2:77:76:4a:
a6:f6:e4:74:94:19:ce:f3:44:99:65:f5:17:ab:4b:
e7:e2:65:76:88:03:94:b8:32:48:0c:9f:86:3e:a9:
75:33:d7:dd:29:c9:8a:10:e1:52:38:fe:e0:d5:1e:
56:f8:f1:ea:2f:7d:2f:1b:a2:9c:ee:fa:be:64:7d:
9d:f8:02:7b:02:5c:e1:68:27:bc:32:09:2d:17:bb:
9a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:09:8A:3C:B0:DB:4B:AA:5B:68:3A:35:08:15:5D:38:77:14:AB:AF
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/HQmKPLDbS6pbaDo1CBVdOHcUq68.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.237.28.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:0c:6b:c1:9e:b3:1d:78:4a:d5:26:ca:6a:99:5c:5e:de:82:
6d:8b:9e:1a:d9:fe:c0:b7:7a:6c:08:98:a9:0f:f8:4a:03:20:
d3:e5:85:6b:46:1a:67:33:c3:4e:09:29:af:16:97:eb:38:8a:
cb:5f:ee:6b:08:7d:2f:92:88:f4:f4:a8:a7:3c:20:09:25:35:
1b:91:1a:4b:ce:6a:b9:e5:d4:90:43:ed:f7:47:46:2c:b4:f4:
7a:a8:7d:65:66:a8:df:99:da:29:62:a2:8d:8f:13:93:44:77:
16:ca:8e:8f:5e:e9:69:cc:a3:50:4c:8a:3d:94:ef:a0:e9:d7:
81:45:5a:42:ad:04:fd:14:f7:dc:f3:4a:55:3a:27:5e:1a:eb:
e4:51:46:1a:e0:72:7f:25:63:88:da:dc:8a:71:26:5c:ea:ae:
a6:dd:19:59:5f:a9:45:d6:cb:84:5d:85:79:53:80:a8:dd:5f:
9c:0a:41:b4:40:7d:1d:70:19:c0:83:11:7f:76:fb:49:8e:7e:
17:9c:e3:8c:8f:56:ee:83:96:f0:3f:93:e0:ef:e4:37:39:05:
82:1c:64:b7:9d:13:a3:4e:31:f1:f8:0d:96:b2:99:18:5e:76:
de:f8:7c:07:a1:57:7e:d6:10:95:b1:4a:fa:a9:d3:85:fe:71:
3b:58:25:3f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDVcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yMjExMDMw
OTM0MzFaFw0yMzA4MjgwNDE1MzRaMDMxMTAvBgNVBAMTKDFEMDk4QTNDQjBEQjRC
QUE1QjY4M0EzNTA4MTU1RDM4NzcxNEFCQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqHlXHpQLO1CcVT60o1Sh/zmT9XA3J7Eh0YjToRsAPX4yHOG27
UiDSk44Pm02eOSpOrGb3/nDzd07SfkMKsUv00cvacO8hTS1z6B/ZDc+4BYyTvfZ6
YA3Emum9HMlrMfTMP6HhpDCD7hD9eyv/Xq1dkcmvXvno4x4lQOq7oypMLHhx3FDC
h9mX9UIL/IH9XizLyom0JhDNI5ikC6xSZYSIpu1HvFWGLsQ52Da64s6P8nd2Sqb2
5HSUGc7zRJll9RerS+fiZXaIA5S4MkgMn4Y+qXUz190pyYoQ4VI4/uDVHlb48eov
fS8bopzu+r5kfZ34AnsCXOFoJ7wyCS0Xu5rvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUHQmKPLDbS6pbaDo1CBVdOHcUq68wHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0hRbUtQTERiUzZwYmFE
bzFDQlZkT0hjVXE2OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFn7RwwDQYJKoZIhvcNAQELBQADggEBABoMa8Gesx14StUmymqZXF7egm2LnhrZ
/sC3emwImKkP+EoDINPlhWtGGmczw04JKa8Wl+s4istf7msIfS+SiPT0qKc8IAkl
NRuRGkvOarnl1JBD7fdHRiy09HqofWVmqN+Z2ilioo2PE5NEdxbKjo9e6WnMo1BM
ij2U76Dp14FFWkKtBP0U99zzSlU6J14a6+RRRhrgcn8lY4ja3IpxJlzqrqbdGVlf
qUXWy4RdhXlTgKjdX5wKQbRAfR1wGcCDEX92+0mOfhec44yPVu6DlvA/k+Dv5Dc5
BYIcZLedE6NOMfH4DZaymRhedt74fAehV37WEJWxSvqp04X+cTtYJT8=
-----END CERTIFICATE-----
Generated at Mon Aug 14 04:51:53 2023 by rpki-client on console-fra.rpki-client.org