Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/OAFriMUOCW7h0w4MBjVUCjzgh7o.roa
File: OAFriMUOCW7h0w4MBjVUCjzgh7o.roa (raw, json)
Hash identifier: 6hz6kWePu4P6PalgMzsSe6anJRYG354osj5c0L3363U=
Subject key identifier: 38:01:6B:88:C5:0E:09:6E:E1:D3:0E:0C:06:35:54:0A:3C:E0:87:BA
Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Certificate serial: 0636
Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/OAFriMUOCW7h0w4MBjVUCjzgh7o.roa
Signing time: Fri 23 Aug 2024 14:39:16 +0000
ROA not before: Fri 23 Aug 2024 14:39:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4766
IP address blocks: 58.66.176.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1590 (0x636)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0
Validity
Not Before: Aug 23 14:39:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=38016B88C50E096EE1D30E0C0635540A3CE087BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c9:56:17:00:ad:89:af:f3:77:d0:75:3d:49:
33:e0:b8:59:1d:90:06:29:62:07:79:e7:65:2b:db:
eb:1c:8f:96:df:48:a1:27:94:b0:3c:b2:84:09:8b:
4b:10:0b:3c:4f:8b:c9:b2:17:35:61:bf:4c:08:5e:
cd:81:29:de:fb:3f:fc:9d:8b:51:62:1f:7d:7d:9f:
52:44:db:8b:f6:91:80:ae:23:6c:78:0a:51:a0:5c:
6b:c3:18:a2:31:93:2b:b6:21:03:19:74:17:ef:3e:
7f:27:81:52:c3:66:af:65:28:05:64:d5:5e:f0:08:
a6:e4:cc:f3:26:59:b3:00:5f:b0:6a:96:e2:04:9a:
13:7e:56:dc:f1:11:b0:b4:b1:dc:d6:3b:fb:06:f0:
e6:2f:1a:eb:a9:76:5f:62:8f:81:aa:ad:b5:fa:c5:
ef:0d:f8:4d:de:e0:d4:cc:0a:5b:71:89:4b:8f:be:
b7:8b:c5:01:82:c5:04:6d:8a:5d:a7:29:2c:03:fe:
bd:6e:a8:c7:30:3e:17:7a:e5:48:02:77:b4:58:66:
ec:94:c3:82:ad:6f:04:0f:ec:a6:95:87:b1:cb:57:
00:4e:c8:1c:a2:73:e7:3a:0e:52:48:cf:07:d4:23:
4e:05:2a:fe:41:cd:55:3e:da:5f:26:b7:ff:5e:fb:
00:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:01:6B:88:C5:0E:09:6E:E1:D3:0E:0C:06:35:54:0A:3C:E0:87:BA
X509v3 Authority Key Identifier:
keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/OAFriMUOCW7h0w4MBjVUCjzgh7o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.66.176.0/21
Signature Algorithm: sha256WithRSAEncryption
44:f7:dd:89:da:f4:1d:72:e7:04:f0:4a:5d:73:90:0d:8b:b9:
48:96:80:2e:1f:3c:c3:20:77:e6:6e:35:af:ff:b9:c3:bf:67:
a1:16:c2:10:72:6b:2f:1a:30:34:8a:ee:58:b4:01:9a:94:38:
bb:9c:1e:30:1d:dc:a7:e0:59:8e:21:c8:75:27:73:0e:1c:ad:
28:90:bb:bd:09:47:23:3d:a9:8e:c5:8e:ba:40:ac:e9:f6:b8:
3d:d0:e9:0b:0c:f5:23:3c:e1:c9:23:23:32:71:11:cb:ca:9f:
1c:9c:38:90:f4:f5:34:8a:4a:01:ff:13:b8:f2:e7:67:87:9f:
af:06:06:e1:d3:24:e1:a7:6f:bb:77:c3:c5:f0:eb:52:2b:ef:
50:d2:ac:c7:14:18:4e:43:e0:a5:64:d0:be:3c:a1:29:3e:48:
2e:e6:76:79:3c:e4:73:5c:81:20:21:ce:7b:20:37:c0:ae:12:
49:8c:41:bb:85:d1:f2:22:c6:7c:37:78:1a:1a:a5:ce:6b:de:
c8:6b:b6:2f:45:e3:13:6b:10:2f:57:4d:26:49:dd:d2:ef:6a:
5e:a4:8b:b0:70:00:a7:e9:4c:01:cc:8c:5f:a7:ca:51:4d:5f:
51:b4:74:b0:ff:6f:b7:a3:75:91:53:c6:d7:53:6e:4c:4e:9e:
7d:2e:cd:98
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICBjYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4
MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNDA4MjMx
NDM5MTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM4MDE2Qjg4QzUwRTA5
NkVFMUQzMEUwQzA2MzU1NDBBM0NFMDg3QkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfyVYXAK2Jr/N30HU9STPguFkdkAYpYgd552Ur2+scj5bfSKEn
lLA8soQJi0sQCzxPi8myFzVhv0wIXs2BKd77P/ydi1FiH319n1JE24v2kYCuI2x4
ClGgXGvDGKIxkyu2IQMZdBfvPn8ngVLDZq9lKAVk1V7wCKbkzPMmWbMAX7BqluIE
mhN+VtzxEbC0sdzWO/sG8OYvGuupdl9ij4GqrbX6xe8N+E3e4NTMCltxiUuPvreL
xQGCxQRtil2nKSwD/r1uqMcwPhd65UgCd7RYZuyUw4KtbwQP7KaVh7HLVwBOyByi
c+c6DlJIzwfUI04FKv5BzVU+2l8mt/9e+wC1AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUOAFriMUOCW7h0w4MBjVUCjzgh7owHwYDVR0jBBgwFoAUlIG05AkBXY630D82
A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s
SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT
BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw
MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp
LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvT0FGcmlNVU9DVzdoMHc0TUJq
VlVDanpnaDdvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzpC
sDANBgkqhkiG9w0BAQsFAAOCAQEARPfdidr0HXLnBPBKXXOQDYu5SJaALh88wyB3
5m41r/+5w79noRbCEHJrLxowNIruWLQBmpQ4u5weMB3cp+BZjiHIdSdzDhytKJC7
vQlHIz2pjsWOukCs6fa4PdDpCwz1IzzhySMjMnERy8qfHJw4kPT1NIpKAf8TuPLn
Z4efrwYG4dMk4advu3fDxfDrUivvUNKsxxQYTkPgpWTQvjyhKT5ILuZ2eTzkc1yB
ICHOeyA3wK4SSYxBu4XR8iLGfDd4GhqlzmveyGu2L0XjE2sQL1dNJknd0u9qXqSL
sHAAp+lMAcyMX6fKUU1fUbR0sP9vt6N1kVPG11NuTE6efS7NmA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:10:14 2025 by rpki-client