Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/v2MTFGh-BgRcFvFnNWFtB4JwV4w.roa
File: v2MTFGh-BgRcFvFnNWFtB4JwV4w.roa (raw, json)
Hash identifier: HZ+xmeuh+nyp7R7anObneDJTgcG1mBqHZSUyoiiW+Rg=
Subject key identifier: BF:63:13:14:68:7E:06:04:5C:16:F1:67:35:61:6D:07:82:70:57:8C
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 12E5
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/v2MTFGh-BgRcFvFnNWFtB4JwV4w.roa
Signing time: Mon 14 Aug 2023 04:34:18 +0000
ROA not before: Mon 14 Aug 2023 04:34:18 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 4811
IP address blocks: 103.237.28.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 27 Jul 2024 07:45:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4837 (0x12e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Aug 14 04:34:18 2023 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=BF631314687E06045C16F16735616D078270578C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:82:f9:38:f6:e3:f9:39:a4:68:71:dd:b8:ad:
2f:74:d8:56:7e:a8:ec:a8:d0:a5:2a:58:74:19:99:
f7:ab:08:8b:ff:41:ae:61:b2:d3:2b:76:38:d2:b0:
67:8d:94:ab:e7:68:0e:c7:3d:fd:7d:a0:89:16:32:
cb:1f:cd:4c:70:42:fd:5a:9e:2f:0e:60:7f:22:12:
45:85:c8:e1:28:41:65:09:b4:b4:1d:00:1a:be:21:
83:06:e3:00:56:05:57:34:88:5e:f5:8a:3d:b1:ec:
6c:1d:96:b4:01:8c:5b:de:a7:3b:99:9c:48:10:2c:
37:6b:e6:70:c8:f7:42:1e:57:b3:22:ca:ee:d9:c8:
a7:2c:3e:28:c9:80:d3:99:39:06:ab:0f:2c:e9:96:
b4:9e:7d:74:76:28:2d:3e:c5:44:2f:f1:ff:5e:8c:
fd:9b:8a:9c:69:4d:32:3e:8e:91:cb:9c:24:c1:55:
ee:ea:36:e9:26:f1:32:7d:1d:96:f0:14:cc:f0:c4:
19:56:29:3a:a0:8c:c1:5d:e5:ae:8e:19:2e:1e:0d:
31:50:4a:88:7d:c0:bf:74:d3:5e:2b:eb:01:f6:77:
31:aa:aa:ac:18:c2:f1:e8:ac:96:bf:56:a1:1e:1d:
31:26:b9:28:55:83:fe:0c:33:74:57:b4:70:3b:18:
e7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:63:13:14:68:7E:06:04:5C:16:F1:67:35:61:6D:07:82:70:57:8C
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/v2MTFGh-BgRcFvFnNWFtB4JwV4w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.237.28.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:1d:1c:cb:47:29:19:e7:76:69:d8:de:36:b4:47:32:8d:3e:
ea:da:aa:c6:fa:8f:c0:c1:f1:51:00:81:fe:d0:02:90:ff:98:
86:c3:bf:ab:5f:c5:33:12:49:d5:6c:ee:05:a2:3c:5c:3b:68:
6c:80:00:a5:3f:c3:66:b1:46:ee:e1:6f:59:f8:73:71:4a:19:
b3:54:f9:54:2e:7f:72:0e:40:3a:34:ce:c9:25:94:fe:58:98:
82:b5:be:1b:aa:43:10:cd:70:50:92:d3:14:6a:f0:f0:01:9d:
7f:a5:36:28:f9:3a:1f:2e:57:c8:4f:94:43:25:23:0a:3d:a4:
08:16:02:a8:ed:f6:fc:0a:4c:47:4d:38:49:db:bf:90:a7:5a:
1e:73:65:07:47:6f:13:04:00:c2:9f:e6:8f:95:82:e4:ae:31:
4b:71:a5:e0:04:c6:75:28:98:c9:06:e5:75:69:1b:44:8f:8f:
b1:9b:d6:1f:fa:15:84:85:79:25:2a:83:04:69:7c:db:6e:3f:
a8:44:37:2a:22:33:ba:26:d8:1e:43:f5:b9:47:6b:4f:ec:93:
ff:eb:67:96:90:84:1d:dc:7b:f0:58:ff:0f:99:20:80:6e:4d:
68:d4:ab:56:48:dd:8a:d2:8e:5d:d5:84:9d:49:39:5c:86:0a:
be:41:51:62
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICEuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yMzA4MTQw
NDM0MThaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKEJGNjMxMzE0Njg3RTA2
MDQ1QzE2RjE2NzM1NjE2RDA3ODI3MDU3OEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5gvk49uP5OaRocd24rS902FZ+qOyo0KUqWHQZmferCIv/Qa5h
stMrdjjSsGeNlKvnaA7HPf19oIkWMssfzUxwQv1ani8OYH8iEkWFyOEoQWUJtLQd
ABq+IYMG4wBWBVc0iF71ij2x7GwdlrQBjFvepzuZnEgQLDdr5nDI90IeV7Miyu7Z
yKcsPijJgNOZOQarDyzplrSefXR2KC0+xUQv8f9ejP2bipxpTTI+jpHLnCTBVe7q
Nukm8TJ9HZbwFMzwxBlWKTqgjMFd5a6OGS4eDTFQSoh9wL90014r6wH2dzGqqqwY
wvHorJa/VqEeHTEmuShVg/4MM3RXtHA7GOfNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUv2MTFGh+BgRcFvFnNWFtB4JwV4wwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3YyTVRGR2gtQmdSY0Z2
Rm5OV0Z0QjRKd1Y0dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFn7RwwDQYJKoZIhvcNAQELBQADggEBAJ0dHMtHKRnndmnY3ja0RzKNPuraqsb6
j8DB8VEAgf7QApD/mIbDv6tfxTMSSdVs7gWiPFw7aGyAAKU/w2axRu7hb1n4c3FK
GbNU+VQuf3IOQDo0zskllP5YmIK1vhuqQxDNcFCS0xRq8PABnX+lNij5Oh8uV8hP
lEMlIwo9pAgWAqjt9vwKTEdNOEnbv5CnWh5zZQdHbxMEAMKf5o+VguSuMUtxpeAE
xnUomMkG5XVpG0SPj7Gb1h/6FYSFeSUqgwRpfNtuP6hENyoiM7om2B5D9blHa0/s
k//rZ5aQhB3ce/BY/w+ZIIBuTWjUq1ZI3YrSjl3VhJ1JOVyGCr5BUWI=
-----END CERTIFICATE-----
Generated at Sat Jul 27 10:01:18 2024 by rpki-client on console-ams.rpki-client.org