Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/HrIke1dH95v-PzKE5iRnWp58ykY.roa
File: HrIke1dH95v-PzKE5iRnWp58ykY.roa (raw, json)
Hash identifier: NkNhxm1HlIeltU4Vy7IuDWQ1XhgTBBXbvH2X9z5e1Eg=
Subject key identifier: 1E:B2:24:7B:57:47:F7:9B:FE:3F:32:84:E6:24:67:5A:9E:7C:CA:46
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 062B
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/HrIke1dH95v-PzKE5iRnWp58ykY.roa
Signing time: Thu 22 Aug 2024 03:44:36 +0000
ROA not before: Thu 22 Aug 2024 03:44:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4766
IP address blocks: 58.66.128.0/18 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1579 (0x62b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Aug 22 03:44:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1EB2247B5747F79BFE3F3284E624675A9E7CCA46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:dc:de:90:a8:3c:ba:8d:8d:9a:d6:ac:c7:dc:
91:6d:dc:95:a6:79:a2:4d:d4:41:6b:e6:a4:f6:4c:
d7:9b:4b:36:18:86:23:67:2e:7a:66:0e:1e:b3:24:
fd:5c:9c:86:e0:95:1b:3b:9a:23:44:28:ff:e9:96:
8e:e1:00:09:c1:1f:18:2f:0e:7e:cf:e8:8f:5b:23:
8e:91:67:60:78:ae:fd:11:dc:cf:5e:64:e2:27:38:
07:fe:d3:bc:a1:41:3b:22:c4:b6:04:91:55:7d:7b:
7d:ab:bc:ad:b9:91:c2:65:fc:73:fa:be:76:6a:51:
ba:b4:32:b6:78:9d:22:d7:34:7f:ad:65:29:5f:34:
fa:5a:e9:0b:3b:ec:ae:e4:c5:29:57:38:3f:d6:c4:
05:45:97:ca:f5:94:51:1c:38:8e:77:b2:02:2e:4b:
d0:06:e9:60:ee:fc:aa:94:4b:88:9e:51:a7:94:91:
06:6a:a2:f5:42:9b:91:37:92:b2:4f:d0:dd:82:c9:
59:b6:c7:62:42:f2:f8:f3:07:a5:1e:d0:c8:25:5c:
22:f5:f6:ab:1f:0b:8b:7a:91:db:ca:d7:c4:78:55:
3c:05:4d:ce:d0:76:82:29:a4:7c:47:bb:09:d0:e2:
2d:ac:4f:a2:c2:02:a2:65:06:e5:df:00:1b:2d:84:
cd:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B2:24:7B:57:47:F7:9B:FE:3F:32:84:E6:24:67:5A:9E:7C:CA:46
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/HrIke1dH95v-PzKE5iRnWp58ykY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.128.0/18
Signature Algorithm: sha256WithRSAEncryption
5d:5b:7c:9e:65:1d:e0:35:11:18:c5:0f:4c:75:13:b6:72:cb:
be:06:a5:fd:cc:ba:c8:89:9a:43:68:30:b9:95:96:70:66:22:
58:2b:d1:af:f0:9b:ae:6a:af:10:a6:19:1d:b4:50:b4:2b:f3:
bc:4c:07:04:37:7f:bd:f6:ca:ce:e7:56:88:0f:4d:2b:c6:44:
d8:24:8f:b6:9e:e1:6f:79:9d:8f:ef:ec:7c:4d:cf:70:cd:65:
44:c4:e4:13:6b:14:52:36:79:4d:cd:9a:db:3e:51:05:de:dd:
eb:64:56:cd:e7:b8:6b:55:26:26:b5:7d:43:18:29:fb:77:4c:
24:57:41:f9:57:af:96:02:5b:09:b0:d6:45:6f:57:7a:70:4d:
92:b5:97:03:13:e6:b4:2b:43:30:bf:a3:62:f3:0f:10:22:ba:
41:d0:03:20:a7:d5:c8:43:e9:c9:d5:70:da:c7:27:2e:6c:1a:
f5:b4:7f:7a:f5:d5:10:d3:1b:14:46:05:66:64:20:8e:b1:55:
e0:38:db:f7:52:81:1f:a2:19:75:ef:7c:5f:ed:9b:be:a0:df:
41:fb:88:ec:04:16:62:e7:89:9e:27:ea:1f:09:5d:85:8b:40:
e0:ce:d1:21:65:30:d1:ac:f9:41:d0:98:04:dc:3d:6c:ed:94:
6c:fa:15:d7
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICBiswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNDA4MjIw
MzQ0MzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFFQjIyNDdCNTc0N0Y3
OUJGRTNGMzI4NEU2MjQ2NzVBOUU3Q0NBNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCj3N6QqDy6jY2a1qzH3JFt3JWmeaJN1EFr5qT2TNebSzYYhiNn
LnpmDh6zJP1cnIbglRs7miNEKP/plo7hAAnBHxgvDn7P6I9bI46RZ2B4rv0R3M9e
ZOInOAf+07yhQTsixLYEkVV9e32rvK25kcJl/HP6vnZqUbq0MrZ4nSLXNH+tZSlf
NPpa6Qs77K7kxSlXOD/WxAVFl8r1lFEcOI53sgIuS9AG6WDu/KqUS4ieUaeUkQZq
ovVCm5E3krJP0N2CyVm2x2JC8vjzB6Ue0MglXCL19qsfC4t6kdvK18R4VTwFTc7Q
doIppHxHuwnQ4i2sT6LCAqJlBuXfABsthM0tAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUHrIke1dH95v+PzKE5iRnWp58ykYwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvSHJJa2UxZEg5NXYtUHpLRTVp
Um5XcDU4eWtZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjpC
gDANBgkqhkiG9w0BAQsFAAOCAQEAXVt8nmUd4DURGMUPTHUTtnLLvgal/cy6yIma
Q2gwuZWWcGYiWCvRr/CbrmqvEKYZHbRQtCvzvEwHBDd/vfbKzudWiA9NK8ZE2CSP
tp7hb3mdj+/sfE3PcM1lRMTkE2sUUjZ5Tc2a2z5RBd7d62RWzee4a1UmJrV9Qxgp
+3dMJFdB+VevlgJbCbDWRW9XenBNkrWXAxPmtCtDML+jYvMPECK6QdADIKfVyEPp
ydVw2scnLmwa9bR/evXVENMbFEYFZmQgjrFV4Djb91KBH6IZde98X+2bvqDfQfuI
7AQWYueJnifqHwldhYtA4M7RIWUw0az5QdCYBNw9bO2UbPoV1w==
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:22:08 2024 by rpki-client on console-fra.rpki-client.org