Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/K7TwFB_8dV26oOQGDR9oUB2byAg.roa
File: K7TwFB_8dV26oOQGDR9oUB2byAg.roa (raw, json)
Hash identifier: bem4aU24HvxdHRjzWULQ4yy5D+LPD08Q90krtlnw6Xc=
Subject key identifier: 2B:B4:F0:14:1F:FC:75:5D:BA:A0:E4:06:0D:1F:68:50:1D:9B:C8:08
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 0642
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/K7TwFB_8dV26oOQGDR9oUB2byAg.roa
Signing time: Fri 23 Aug 2024 14:39:19 +0000
ROA not before: Fri 23 Aug 2024 14:39:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4766
IP address blocks: 58.66.168.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1602 (0x642)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Aug 23 14:39:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2BB4F0141FFC755DBAA0E4060D1F68501D9BC808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e7:f7:14:2d:fc:92:27:7a:99:6e:57:cb:f3:
4e:81:d4:1f:1f:f0:25:7f:ae:0b:76:44:20:56:c9:
76:70:c0:91:0e:cb:02:cc:20:71:ff:50:f4:c5:16:
97:3d:cf:f8:3f:fd:f0:cb:91:0b:29:42:f8:03:5a:
95:07:3c:db:6d:be:d4:fb:10:69:8f:f1:b3:c3:00:
90:1b:3e:7a:33:08:65:51:a5:08:c3:ad:1d:8b:34:
10:8f:bc:04:20:e9:f3:cc:79:8c:25:49:b4:1d:9d:
3a:ed:00:e4:2d:63:8a:9f:00:74:3a:4e:63:ac:52:
69:37:0c:4d:9f:9a:c9:f6:cc:3d:35:2f:8c:fb:85:
37:20:47:72:21:3d:d8:14:d6:80:03:69:2d:0c:ed:
47:05:8e:b6:ad:70:32:af:35:df:78:37:0e:5a:f0:
f6:2e:94:b5:57:fa:63:6b:01:ba:78:dc:01:64:4d:
b0:52:67:15:94:19:9b:28:5c:ae:30:14:f1:86:44:
3a:15:87:7d:8c:b8:cd:8d:dc:d7:a9:6a:f6:61:bf:
77:e2:56:87:9f:7f:7f:9b:00:d8:b7:ff:cc:61:52:
a1:a9:c9:4e:82:a4:ba:d0:a1:13:6c:ae:21:1d:24:
18:95:38:69:4c:68:59:77:95:73:62:c0:70:d4:6c:
65:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B4:F0:14:1F:FC:75:5D:BA:A0:E4:06:0D:1F:68:50:1D:9B:C8:08
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/K7TwFB_8dV26oOQGDR9oUB2byAg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.168.0/21
Signature Algorithm: sha256WithRSAEncryption
27:8c:05:ce:62:7f:cc:d2:0e:a4:b2:04:67:7b:16:cb:95:fb:
67:c0:ac:93:cd:82:c5:b2:cc:56:fe:ec:e2:0e:50:02:1c:82:
0f:f9:a0:48:08:0a:55:d9:7a:b6:5f:f7:89:fb:8a:ec:94:eb:
3e:95:37:ff:bf:8e:8a:fb:f3:5c:da:a3:8f:82:31:84:f0:ac:
16:a0:9a:e4:27:18:30:22:68:e1:d6:80:11:4b:86:26:8c:a1:
81:41:c7:d1:b5:38:79:61:2e:82:6c:9d:87:6a:33:bd:6e:ad:
d9:1f:02:fe:0f:34:aa:e6:97:79:6b:9f:27:75:2c:e0:2f:6e:
4e:08:91:93:b7:73:75:24:45:71:4c:67:81:9c:7c:3c:74:76:
55:8a:0d:ac:0d:c1:b0:46:84:90:d2:36:78:f1:65:a6:b9:60:
b4:49:a7:1f:9b:51:9d:86:4f:03:e1:e5:c8:60:0b:99:69:1f:
44:25:62:00:6f:fa:7c:79:bb:c7:b9:59:f5:a7:a6:6e:3a:37:
12:a1:a4:ed:0f:03:2f:3a:4e:13:bc:7d:01:ac:28:e9:11:81:
8e:2e:ea:0e:7e:a7:44:7d:79:47:4f:15:08:dc:97:d3:1a:ba:
2b:1b:45:25:7c:01:cb:a0:6f:74:7b:32:f9:2b:51:49:a2:4e:
72:35:86:48
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICBkIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNDA4MjMx
NDM5MTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJCQjRGMDE0MUZGQzc1
NURCQUEwRTQwNjBEMUY2ODUwMUQ5QkM4MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC15/cULfySJ3qZblfL806B1B8f8CV/rgt2RCBWyXZwwJEOywLM
IHH/UPTFFpc9z/g//fDLkQspQvgDWpUHPNttvtT7EGmP8bPDAJAbPnozCGVRpQjD
rR2LNBCPvAQg6fPMeYwlSbQdnTrtAOQtY4qfAHQ6TmOsUmk3DE2fmsn2zD01L4z7
hTcgR3IhPdgU1oADaS0M7UcFjratcDKvNd94Nw5a8PYulLVX+mNrAbp43AFkTbBS
ZxWUGZsoXK4wFPGGRDoVh32MuM2N3NepavZhv3fiVoeff3+bANi3/8xhUqGpyU6C
pLrQoRNsriEdJBiVOGlMaFl3lXNiwHDUbGWnAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUK7TwFB/8dV26oOQGDR9oUB2byAgwHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvSzdUd0ZCXzhkVjI2b09RR0RS
OW9VQjJieUFnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzpC
qDANBgkqhkiG9w0BAQsFAAOCAQEAJ4wFzmJ/zNIOpLIEZ3sWy5X7Z8Csk82CxbLM
Vv7s4g5QAhyCD/mgSAgKVdl6tl/3ifuK7JTrPpU3/7+OivvzXNqjj4IxhPCsFqCa
5CcYMCJo4daAEUuGJoyhgUHH0bU4eWEugmydh2ozvW6t2R8C/g80quaXeWufJ3Us
4C9uTgiRk7dzdSRFcUxngZx8PHR2VYoNrA3BsEaEkNI2ePFlprlgtEmnH5tRnYZP
A+HlyGALmWkfRCViAG/6fHm7x7lZ9aembjo3EqGk7Q8DLzpOE7x9Aawo6RGBji7q
Dn6nRH15R08VCNyX0xq6KxtFJXwBy6BvdHsy+StRSaJOcjWGSA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:00:13 2025 by rpki-client