Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/il48wMOcWKJXqTM6mlGip4hQEQc.roa
File: il48wMOcWKJXqTM6mlGip4hQEQc.roa (raw, json)
Hash identifier: 8mI3F84+eS+u1HAS3j2dxh5M8SUD2ckwDfpE5xnbNYE=
Subject key identifier: 8A:5E:3C:C0:C3:9C:58:A2:57:A9:33:3A:9A:51:A2:A7:88:50:11:07
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 1D96
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/il48wMOcWKJXqTM6mlGip4hQEQc.roa
Signing time: Thu 12 Sep 2024 11:20:07 +0000
ROA not before: Thu 12 Sep 2024 11:20:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 61317
IP address blocks: 103.244.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7574 (0x1d96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: Sep 12 11:20:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8A5E3CC0C39C58A257A9333A9A51A2A788501107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:79:ae:1a:40:f5:4e:54:f2:64:4d:69:0c:1a:
3c:ab:0b:b9:3f:98:a1:f0:b3:fd:ab:14:6c:c1:8f:
b9:43:61:0b:36:a3:40:d2:05:24:83:03:85:82:26:
78:f6:a5:4b:ae:72:96:c7:a5:e7:61:17:ad:a4:b2:
b2:b9:d9:7f:17:4f:bb:12:6e:91:99:d3:11:69:b2:
ea:cb:1c:09:a9:8d:d9:e6:59:4e:70:04:2e:b8:07:
5a:26:41:90:70:5b:7c:57:1a:33:0c:13:4e:2d:7b:
d5:77:bd:3e:cf:f2:42:10:a6:91:b1:8d:43:71:44:
86:71:2e:c1:6b:62:c4:e1:67:0f:b8:f8:33:6d:71:
3f:e9:bf:15:c4:5e:19:b8:77:53:2a:76:16:04:93:
9b:ab:f7:53:07:8b:bb:c7:5d:ab:72:94:6e:f0:92:
ea:2b:f7:97:c8:aa:df:11:6c:86:bb:b8:fc:06:c5:
88:4c:8a:3a:70:29:51:06:38:7e:67:eb:18:c5:ca:
d1:14:f3:a3:81:28:33:de:6a:6d:4c:7d:69:78:b4:
d3:06:70:42:52:cb:c1:76:11:57:b3:7f:19:15:d6:
49:88:79:c2:9e:42:87:1c:1d:1a:5d:60:b0:86:b5:
5f:0a:e3:cb:4c:59:d1:1b:1c:83:de:54:ee:02:91:
c4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:5E:3C:C0:C3:9C:58:A2:57:A9:33:3A:9A:51:A2:A7:88:50:11:07
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/il48wMOcWKJXqTM6mlGip4hQEQc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.244.116.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:19:8d:da:3e:52:ea:dd:b0:54:77:20:0a:01:de:22:4f:eb:
df:27:8b:7d:2d:34:70:08:35:79:e8:53:72:64:00:d3:fc:3e:
b2:21:8d:2b:1e:9c:8f:73:a8:91:5c:26:53:2f:14:10:6e:ec:
a6:0f:16:2c:a6:41:85:d3:82:5a:ac:92:f2:6c:48:36:16:d1:
4a:19:17:17:ab:f7:88:a0:6a:d8:28:7c:63:1e:c4:0a:50:24:
a9:21:74:76:e8:28:59:a1:31:f3:25:a9:21:ae:33:74:bf:5e:
a2:59:f5:5c:b0:6e:09:a4:90:db:83:9c:83:15:35:f0:ac:d1:
49:18:76:92:99:42:c9:5f:9b:2d:f0:a9:76:a9:3f:db:c2:58:
18:a7:53:13:6d:ea:92:01:c2:91:92:a7:3d:d3:8e:49:69:10:
a4:e7:7b:74:cb:c5:0a:21:5c:9a:6d:4b:f2:f0:32:8b:df:8f:
f0:39:09:54:37:77:1c:89:ba:70:38:ed:15:5b:5d:53:5c:1c:
7b:10:c5:7d:8b:31:d3:72:3c:b6:d0:1e:33:77:f7:28:1c:e3:
c6:26:a7:a5:11:ea:6c:98:5e:67:05:b8:d9:df:cb:6a:f7:05:
69:66:33:3f:fb:75:cb:cd:c2:96:39:f6:7a:ca:01:06:32:0f:
18:82:f5:16
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx
MTIwMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhBNUUzQ0MwQzM5QzU4
QTI1N0E5MzMzQTlBNTFBMkE3ODg1MDExMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2ea4aQPVOVPJkTWkMGjyrC7k/mKHws/2rFGzBj7lDYQs2o0DS
BSSDA4WCJnj2pUuucpbHpedhF62ksrK52X8XT7sSbpGZ0xFpsurLHAmpjdnmWU5w
BC64B1omQZBwW3xXGjMME04te9V3vT7P8kIQppGxjUNxRIZxLsFrYsThZw+4+DNt
cT/pvxXEXhm4d1MqdhYEk5ur91MHi7vHXatylG7wkuor95fIqt8RbIa7uPwGxYhM
ijpwKVEGOH5n6xjFytEU86OBKDPeam1MfWl4tNMGcEJSy8F2EVezfxkV1kmIecKe
QoccHRpdYLCGtV8K48tMWdEbHIPeVO4CkcS/AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUil48wMOcWKJXqTM6mlGip4hQEQcwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvaWw0OHdNT2NXS0pY
cVRNNm1sR2lwNGhRRVFjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmf0dDANBgkqhkiG9w0BAQsFAAOCAQEAnxmN2j5S6t2wVHcgCgHeIk/r3yeL
fS00cAg1eehTcmQA0/w+siGNKx6cj3OokVwmUy8UEG7spg8WLKZBhdOCWqyS8mxI
NhbRShkXF6v3iKBq2Ch8Yx7EClAkqSF0dugoWaEx8yWpIa4zdL9eoln1XLBuCaSQ
24OcgxU18KzRSRh2kplCyV+bLfCpdqk/28JYGKdTE23qkgHCkZKnPdOOSWkQpOd7
dMvFCiFcmm1L8vAyi9+P8DkJVDd3HIm6cDjtFVtdU1wcexDFfYsx03I8ttAeM3f3
KBzjxianpRHqbJheZwW42d/LavcFaWYzP/t1y83Cljn2esoBBjIPGIL1Fg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:41 2025 by rpki-client