Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/VxpBL63XZ_e2iG_yt3OFJCzJDlg.roa
File: VxpBL63XZ_e2iG_yt3OFJCzJDlg.roa (raw, json)
Hash identifier: uqRsjxMLXecrPfYhOOWzzB3zX6eVYDFiccg9y1eEQN0=
Subject key identifier: 57:1A:41:2F:AD:D7:67:F7:B6:88:6F:F2:B7:73:85:24:2C:C9:0E:58
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 1D8B
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/VxpBL63XZ_e2iG_yt3OFJCzJDlg.roa
Signing time: Thu 12 Sep 2024 11:20:03 +0000
ROA not before: Thu 12 Sep 2024 11:20:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 61317
IP address blocks: 223.29.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7563 (0x1d8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: Sep 12 11:20:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=571A412FADD767F7B6886FF2B77385242CC90E58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0d:48:d1:f1:7f:26:05:19:3e:6f:42:20:3a:
b7:23:04:4f:32:5b:1c:65:2f:77:93:5d:86:49:46:
8a:28:01:d1:0d:e3:e6:e5:01:35:e9:8f:1e:a1:76:
5f:3b:91:3f:6f:f4:cf:90:1c:d1:26:37:f3:db:78:
e7:f5:c7:8f:d9:41:4f:0b:24:33:21:9b:da:b8:f7:
e4:14:fb:7a:ac:7e:da:4f:81:fc:bf:27:39:63:ff:
7f:4b:c3:86:b8:8d:3a:33:3d:82:33:69:7e:7f:1e:
f9:8a:15:16:c6:92:ea:24:f2:de:1a:82:ec:bb:21:
73:d3:ed:04:48:af:b3:c3:1e:55:d4:ff:f1:17:62:
ff:eb:be:09:dd:c6:ff:0a:5f:bb:ba:9f:9c:ff:b8:
88:f9:0d:59:f4:d1:fe:17:75:4d:81:12:f3:d7:9c:
89:9a:57:89:de:9e:53:0b:e1:00:4d:80:78:93:3d:
25:f7:45:a5:fc:c1:fc:3e:56:9a:67:06:01:a4:1c:
39:9a:ce:fa:9f:bd:b1:e5:8d:df:73:ca:a2:bf:e2:
dd:3c:f6:e5:f2:5e:21:dc:0a:26:25:09:1c:21:71:
aa:e1:2b:53:1d:b9:1f:29:5f:ca:5f:88:a6:d9:2f:
45:96:10:7a:68:a3:21:28:47:b6:36:fe:13:df:6c:
aa:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:1A:41:2F:AD:D7:67:F7:B6:88:6F:F2:B7:73:85:24:2C:C9:0E:58
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/VxpBL63XZ_e2iG_yt3OFJCzJDlg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.29.252.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:c6:35:7d:b1:f5:22:78:46:84:45:ac:15:c3:55:f7:89:86:
dd:a2:d5:61:8f:0a:56:a7:65:e0:c5:62:1d:ee:f7:5f:b3:34:
1f:c9:7d:7e:78:60:42:c3:ca:d5:90:08:cd:18:8b:a4:b0:31:
5c:1b:95:1d:2e:70:55:1b:03:d2:e5:8f:0e:f7:39:cd:0a:20:
4d:a0:4d:34:ed:d0:3a:74:e6:6a:2a:f4:39:36:69:76:ed:60:
4c:37:1a:ca:18:3a:88:bb:14:42:37:20:e4:15:14:69:0a:6b:
af:8b:f8:16:92:80:39:8c:fa:88:85:d3:78:56:93:8e:ad:6c:
55:de:17:b4:a4:e0:32:e7:70:b7:f7:cf:78:ca:5d:db:22:06:
9e:37:f0:03:dc:48:eb:a5:7c:bb:55:ce:27:57:6a:1b:6a:b8:
d4:48:92:35:17:f9:f3:0f:59:4c:08:0f:f2:72:c2:b3:8d:0b:
ae:50:71:81:f3:16:f4:24:29:4a:f6:c0:d1:12:15:97:01:47:
5f:0c:50:29:8b:8c:d2:c4:0b:19:f3:c0:83:3e:fa:8b:b2:31:
a1:5a:61:0e:8b:cc:43:d4:bd:b1:49:15:a3:b9:75:a5:fb:44:
33:1b:93:7f:14:d7:28:17:8a:f5:79:ba:c3:a2:6a:95:33:80:
df:9c:e8:9c
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHYswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx
MTIwMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU3MUE0MTJGQURENzY3
RjdCNjg4NkZGMkI3NzM4NTI0MkNDOTBFNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4DUjR8X8mBRk+b0IgOrcjBE8yWxxlL3eTXYZJRoooAdEN4+bl
ATXpjx6hdl87kT9v9M+QHNEmN/PbeOf1x4/ZQU8LJDMhm9q49+QU+3qsftpPgfy/
Jzlj/39Lw4a4jTozPYIzaX5/HvmKFRbGkuok8t4aguy7IXPT7QRIr7PDHlXU//EX
Yv/rvgndxv8KX7u6n5z/uIj5DVn00f4XdU2BEvPXnImaV4nenlML4QBNgHiTPSX3
RaX8wfw+VppnBgGkHDmazvqfvbHljd9zyqK/4t089uXyXiHcCiYlCRwhcarhK1Md
uR8pX8pfiKbZL0WWEHpooyEoR7Y2/hPfbKpZAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUVxpBL63XZ/e2iG/yt3OFJCzJDlgwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvVnhwQkw2M1haX2Uy
aUdfeXQzT0ZKQ3pKRGxnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAt8d/DANBgkqhkiG9w0BAQsFAAOCAQEArcY1fbH1InhGhEWsFcNV94mG3aLV
YY8KVqdl4MViHe73X7M0H8l9fnhgQsPK1ZAIzRiLpLAxXBuVHS5wVRsD0uWPDvc5
zQogTaBNNO3QOnTmair0OTZpdu1gTDcayhg6iLsUQjcg5BUUaQprr4v4FpKAOYz6
iIXTeFaTjq1sVd4XtKTgMudwt/fPeMpd2yIGnjfwA9xI66V8u1XOJ1dqG2q41EiS
NRf58w9ZTAgP8nLCs40LrlBxgfMW9CQpSvbA0RIVlwFHXwxQKYuM0sQLGfPAgz76
i7IxoVphDovMQ9S9sUkVo7l1pftEMxuTfxTXKBeK9Xm6w6JqlTOA35zonA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:06:53 2025 by rpki-client