Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/A9TUrVS0yyWsFiXRXoUjZMwCuE8.roa
File: A9TUrVS0yyWsFiXRXoUjZMwCuE8.roa (raw, json)
Hash identifier: EFKz7Qp1KC/9PcB/sJjZQGIz1kMrAX+BBN9PMH0no/g=
Subject key identifier: 03:D4:D4:AD:54:B4:CB:25:AC:16:25:D1:5E:85:23:64:CC:02:B8:4F
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 1D94
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/A9TUrVS0yyWsFiXRXoUjZMwCuE8.roa
Signing time: Thu 12 Sep 2024 11:20:06 +0000
ROA not before: Thu 12 Sep 2024 11:20:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 212237
IP address blocks: 2403:6380:20::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7572 (0x1d94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: Sep 12 11:20:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=03D4D4AD54B4CB25AC1625D15E852364CC02B84F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:a5:1b:7f:71:2a:60:cf:9a:85:01:94:a2:b3:
3d:65:c9:25:29:72:62:5c:fb:96:0e:ff:f6:d6:df:
7f:38:12:51:23:91:52:84:aa:c3:c9:80:43:44:51:
c6:30:d4:7d:0f:43:e3:89:84:61:b7:3d:7f:bb:43:
66:91:76:1e:7f:ed:51:ba:27:42:b7:8f:8a:40:2f:
e3:84:43:3d:3c:b4:47:f6:fc:31:ea:a1:9e:fc:6b:
a6:fa:8c:7a:2e:c4:05:67:ca:ab:47:52:09:44:93:
03:59:27:72:0d:c4:cb:2d:db:5f:ab:6d:b8:29:bc:
65:aa:dc:11:9a:3c:88:14:9a:bc:47:1b:78:46:72:
72:55:7f:e4:88:eb:7c:5c:ca:3e:29:47:e2:66:28:
3a:bc:95:a4:a1:14:7f:eb:6d:f1:ad:35:41:3c:97:
f9:68:40:25:51:0c:89:a9:1e:48:ab:9b:46:2a:dc:
6c:d9:f8:9b:75:59:c8:c8:5e:f5:90:89:6b:c1:a8:
14:ce:63:35:ce:84:3f:49:4f:24:58:f1:31:2d:1d:
45:7e:35:00:cf:36:19:06:b1:2f:f2:7b:00:4a:b3:
f9:e0:02:47:83:74:33:1c:c2:46:2f:99:9d:b5:2b:
e0:0b:4d:cb:a0:5e:80:dc:4e:0d:03:29:63:84:d4:
51:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D4:D4:AD:54:B4:CB:25:AC:16:25:D1:5E:85:23:64:CC:02:B8:4F
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/A9TUrVS0yyWsFiXRXoUjZMwCuE8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:6380:20::/44
Signature Algorithm: sha256WithRSAEncryption
91:30:32:45:d8:5c:ef:b2:03:b9:d2:93:06:8c:90:d4:30:13:
70:7e:47:82:e5:e8:f5:62:fa:d7:c1:a1:a6:48:74:e2:c7:01:
b8:57:01:18:61:5c:ba:d7:85:0c:12:f0:4d:92:22:60:a0:61:
e8:69:c6:b1:4f:ab:10:e5:eb:cf:e7:f4:d9:de:93:14:65:72:
92:ce:95:88:a9:41:38:fe:7f:bb:f7:de:79:a4:53:9f:b8:02:
37:f5:d0:18:a0:ff:09:4f:71:94:21:5d:48:95:e2:45:b7:35:
28:5f:44:11:d9:40:69:17:fd:4b:6e:bf:27:d0:44:0c:01:51:
7e:42:ed:f8:c4:a6:4b:ab:da:17:99:d7:67:5a:c5:c6:9d:b4:
13:37:b1:b4:a5:fc:6f:8f:30:2c:69:a5:7e:34:f7:c5:5c:21:
18:35:27:66:68:e3:87:94:47:67:ea:ab:a1:3f:b0:64:7f:a9:
ad:1c:8a:bf:e0:77:06:aa:15:20:ae:5d:9b:f1:25:7e:21:3e:
e4:4e:58:2e:64:8a:f7:9e:d9:e4:bc:ab:32:d2:c5:0d:49:f0:
f6:11:26:b0:f7:a5:6f:6f:a6:ac:81:e8:4f:a5:17:e1:70:b4:
32:63:4c:c7:bb:56:6a:eb:c7:4b:63:97:8a:91:b6:14:e0:99:
4a:34:c2:75
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICHZQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx
MTIwMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAzRDRENEFENTRCNENC
MjVBQzE2MjVEMTVFODUyMzY0Q0MwMkI4NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxpRt/cSpgz5qFAZSisz1lySUpcmJc+5YO//bW3384ElEjkVKE
qsPJgENEUcYw1H0PQ+OJhGG3PX+7Q2aRdh5/7VG6J0K3j4pAL+OEQz08tEf2/DHq
oZ78a6b6jHouxAVnyqtHUglEkwNZJ3INxMst21+rbbgpvGWq3BGaPIgUmrxHG3hG
cnJVf+SI63xcyj4pR+JmKDq8laShFH/rbfGtNUE8l/loQCVRDImpHkirm0Yq3GzZ
+Jt1WcjIXvWQiWvBqBTOYzXOhD9JTyRY8TEtHUV+NQDPNhkGsS/yewBKs/ngAkeD
dDMcwkYvmZ21K+ALTcugXoDcTg0DKWOE1FGbAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUA9TUrVS0yyWsFiXRXoUjZMwCuE8wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvQTlUVXJWUzB5eVdz
RmlYUlhvVWpaTXdDdUU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHBCQDY4AAIDANBgkqhkiG9w0BAQsFAAOCAQEAkTAyRdhc77IDudKTBoyQ1DAT
cH5HguXo9WL618Ghpkh04scBuFcBGGFcuteFDBLwTZIiYKBh6GnGsU+rEOXrz+f0
2d6TFGVyks6ViKlBOP5/u/feeaRTn7gCN/XQGKD/CU9xlCFdSJXiRbc1KF9EEdlA
aRf9S26/J9BEDAFRfkLt+MSmS6vaF5nXZ1rFxp20EzextKX8b48wLGmlfjT3xVwh
GDUnZmjjh5RHZ+qroT+wZH+prRyKv+B3BqoVIK5dm/ElfiE+5E5YLmSK957Z5Lyr
MtLFDUnw9hEmsPelb2+mrIHoT6UX4XC0MmNMx7tWauvHS2OXipG2FOCZSjTCdQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:01 2025 by rpki-client