Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BPwbl2E3hmx2EUpWuWYORyxN8yE.roa
File: BPwbl2E3hmx2EUpWuWYORyxN8yE.roa (raw, json)
Hash identifier: 6kfzV7CI3M37fO5MxZgdrdcrrDV+M3SBHaoJoDh6lsA=
Subject key identifier: 04:FC:1B:97:61:37:86:6C:76:11:4A:56:B9:66:0E:47:2C:4D:F3:21
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3143
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BPwbl2E3hmx2EUpWuWYORyxN8yE.roa
Signing time: Sat 03 Feb 2024 02:49:41 +0000
ROA not before: Sat 03 Feb 2024 02:49:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.32.0/20 maxlen: 20
103.35.32.0/20 maxlen: 20
110.44.144.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12611 (0x3143)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Feb 3 02:49:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=04FC1B976137866C76114A56B9660E472C4DF321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:da:46:e8:4f:ea:34:fa:9f:e5:b7:dd:8a:c7:
06:e9:92:21:f3:aa:9f:d6:4d:a9:08:e4:91:0f:1d:
8c:70:de:fc:b7:a5:6d:c6:23:0d:73:f8:1b:f4:a3:
8f:ad:17:8d:af:27:86:ef:58:34:4e:8e:50:ab:b7:
1a:5c:bd:4a:a6:7a:a7:9a:63:f3:61:ca:b9:4b:92:
fd:eb:65:f1:bf:b8:2b:75:f0:84:48:31:21:4a:54:
88:97:2f:cc:8a:51:32:b2:ec:5f:fe:ed:fb:b0:19:
a6:04:b8:73:d5:98:1c:4d:4e:fd:da:33:a0:c0:86:
d4:af:9d:e3:57:56:09:0a:2b:fb:a6:c1:1f:6b:24:
52:2a:80:1f:f0:92:8b:a0:86:bb:f6:d1:2d:4b:14:
73:56:ee:94:b0:b1:ce:f1:c3:57:81:c9:5a:f9:95:
3c:6a:0d:21:e2:a6:18:11:88:e1:3a:b9:1c:d6:bf:
75:ff:96:23:89:70:7d:da:66:ca:07:24:e0:53:26:
b3:22:81:ee:aa:be:36:2f:eb:84:38:bb:c5:b8:72:
c3:6c:82:eb:50:88:ba:dc:2f:8b:42:fe:8d:8c:5e:
8f:8a:31:37:92:81:7e:97:cc:55:0e:39:14:1c:b1:
34:e9:cf:ef:cd:4f:45:bf:23:34:2d:a0:de:a6:c9:
7b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:FC:1B:97:61:37:86:6C:76:11:4A:56:B9:66:0E:47:2C:4D:F3:21
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BPwbl2E3hmx2EUpWuWYORyxN8yE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.32.0/20
103.35.32.0/20
110.44.144.0/20
Signature Algorithm: sha256WithRSAEncryption
6d:01:b9:e6:b0:64:22:15:50:cf:d4:72:6a:31:19:08:00:f7:
e5:28:cb:33:bf:3e:99:80:a1:6e:11:b3:41:07:a3:55:d1:5b:
9e:15:df:39:dc:11:6b:d2:54:a5:1c:ba:4a:78:3e:36:2f:c4:
41:19:8c:d8:eb:64:30:ee:99:7b:2b:54:f5:d1:17:31:8d:58:
58:1b:4f:f7:b7:fd:2b:28:bd:7f:ec:48:2e:78:e8:4d:f2:f7:
6b:70:fb:cf:82:4b:53:73:07:9f:33:8f:13:98:12:a8:d3:ad:
2a:c6:69:66:27:51:fe:7f:28:97:9d:f4:05:38:af:2f:75:0a:
9e:61:a8:5d:ac:8d:0d:a7:a4:4e:3a:25:1c:d6:5e:0b:1b:ed:
d9:70:d3:e0:17:90:51:2c:fd:06:8f:c9:8d:14:17:3d:ce:e1:
16:65:64:5a:38:8e:7f:8e:9c:73:a8:d1:5a:d4:60:7d:cf:6e:
08:69:c6:59:c3:03:05:ef:f8:56:da:47:e8:15:1b:d6:9c:5e:
6b:7c:ba:23:87:bc:3c:ca:7a:95:eb:98:e7:f8:d8:08:53:4d:
86:e9:58:c5:77:20:8e:83:bb:cf:92:d1:07:ed:13:1b:0b:a4:
4d:59:9e:41:0e:13:8e:e6:a0:3c:33:82:ee:14:05:5c:d8:59:
c9:b3:f5:47
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICMUMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAyMDMw
MjQ5NDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA0RkMxQjk3NjEzNzg2
NkM3NjExNEE1NkI5NjYwRTQ3MkM0REYzMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDM2kboT+o0+p/lt92KxwbpkiHzqp/WTakI5JEPHYxw3vy3pW3G
Iw1z+Bv0o4+tF42vJ4bvWDROjlCrtxpcvUqmeqeaY/NhyrlLkv3rZfG/uCt18IRI
MSFKVIiXL8yKUTKy7F/+7fuwGaYEuHPVmBxNTv3aM6DAhtSvneNXVgkKK/umwR9r
JFIqgB/wkoughrv20S1LFHNW7pSwsc7xw1eByVr5lTxqDSHiphgRiOE6uRzWv3X/
liOJcH3aZsoHJOBTJrMige6qvjYv64Q4u8W4csNsgutQiLrcL4tC/o2MXo+KMTeS
gX6XzFUOORQcsTTpz+/NT0W/IzQtoN6myXudAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUBPwbl2E3hmx2EUpWuWYORyxN8yEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JQd2JsMkUzaG14MkVV
cFd1V1lPUnl4Tjh5RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAQr7yADBARnIyADBARuLJAwDQYJKoZIhvcNAQELBQADggEBAG0BueawZCIVUM/U
cmoxGQgA9+UoyzO/PpmAoW4Rs0EHo1XRW54V3zncEWvSVKUcukp4PjYvxEEZjNjr
ZDDumXsrVPXRFzGNWFgbT/e3/SsovX/sSC546E3y92tw+8+CS1NzB58zjxOYEqjT
rSrGaWYnUf5/KJed9AU4ry91Cp5hqF2sjQ2npE46JRzWXgsb7dlw0+AXkFEs/QaP
yY0UFz3O4RZlZFo4jn+OnHOo0VrUYH3PbghpxlnDAwXv+FbaR+gVG9acXmt8uiOH
vDzKepXrmOf42AhTTYbpWMV3II6Du8+S0QftExsLpE1ZnkEOE47moDwzgu4UBVzY
Wcmz9Uc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:49 2025 by rpki-client