Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/qKVEJVfnw8gyBjGM98vZSoLRpv0.roa
File: qKVEJVfnw8gyBjGM98vZSoLRpv0.roa (raw, json)
Hash identifier: T6r81Wt5ZgeYdxno5PWOqavrUNWRfwZJGU71jQxQtTY=
Subject key identifier: A8:A5:44:25:57:E7:C3:C8:32:06:31:8C:F7:CB:D9:4A:82:D1:A6:FD
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 1D9A
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/qKVEJVfnw8gyBjGM98vZSoLRpv0.roa
Signing time: Thu 12 Sep 2024 11:20:08 +0000
ROA not before: Thu 12 Sep 2024 11:20:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 212237
IP address blocks: 2403:6380:12::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7578 (0x1d9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: Sep 12 11:20:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A8A5442557E7C3C83206318CF7CBD94A82D1A6FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:3c:fa:86:0a:b8:19:b4:e2:c8:54:d1:dc:9b:
95:2c:f5:4f:f4:a7:d1:0f:0d:0c:b9:19:ca:f7:5d:
34:df:d7:e5:bd:2b:87:66:73:0e:c8:c9:9c:dd:f5:
85:7b:98:55:71:87:a4:e1:c2:a3:a3:95:32:4a:ca:
3c:0c:65:c8:17:13:bf:08:bf:53:af:55:00:37:de:
3d:e2:cc:47:d2:ac:72:ce:c4:bd:64:5b:bd:1c:da:
f8:7c:29:4a:d1:9e:b3:d2:ac:59:fc:69:c0:4e:4b:
b9:1e:5d:e2:d3:45:57:49:53:42:6e:19:62:32:cb:
74:fa:02:0e:4f:0e:75:58:08:64:6c:8e:72:e6:a4:
81:8c:4d:aa:6f:c7:64:fa:93:0c:05:02:f6:97:52:
a0:cb:cd:d1:eb:5c:08:48:a1:7b:76:a3:f6:6b:5b:
44:10:56:13:7e:10:05:b1:54:51:92:eb:1a:78:d6:
75:24:f3:e5:cb:45:9a:02:fc:bc:50:c9:41:e5:ad:
95:a7:dc:b9:2b:d3:30:99:2b:b2:69:fc:a2:6a:d3:
76:c5:61:98:c4:2f:f2:09:d0:2d:4a:84:da:ad:df:
d2:b9:6f:ee:c6:00:89:5a:09:48:cb:02:8f:43:5b:
3f:19:31:e9:72:af:db:4f:09:cb:f1:7d:12:11:96:
d6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A5:44:25:57:E7:C3:C8:32:06:31:8C:F7:CB:D9:4A:82:D1:A6:FD
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/qKVEJVfnw8gyBjGM98vZSoLRpv0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:6380:12::/48
Signature Algorithm: sha256WithRSAEncryption
d0:43:e6:b1:97:5a:3e:b3:5a:64:6c:26:08:2f:fc:3f:55:7a:
57:5b:6a:3c:c9:fc:0b:ac:39:8f:6e:34:ec:ed:16:f4:19:f3:
b4:a6:b4:0d:34:4f:82:63:0f:9a:5a:e3:54:ae:82:eb:fc:a8:
79:c8:d0:6d:13:53:8f:70:82:ac:0e:59:09:a3:8c:db:99:84:
62:12:b3:35:ea:ec:69:b1:91:0f:bf:5f:03:5a:57:8b:9b:99:
de:44:25:4f:a2:06:c2:ec:50:82:ac:3a:e6:4f:9a:94:f0:d6:
7d:01:48:e7:11:09:69:6a:81:b7:59:f3:98:a9:32:2c:4b:fd:
1c:1a:79:ec:ce:57:35:9a:cc:86:49:3b:aa:cb:53:05:2b:d5:
48:f6:52:a2:db:f7:23:47:7e:cd:ad:8e:63:23:8e:36:4f:cc:
48:cf:8b:26:c8:7b:7e:bb:67:d5:17:25:51:ca:fa:75:07:26:
df:8e:9e:3c:24:09:01:59:38:01:bf:bf:bd:94:09:0c:c3:53:
fb:0b:bf:d8:86:d4:b0:90:2d:14:c7:fd:bc:90:da:14:ed:78:
dd:88:42:95:e3:b5:0c:59:d9:26:56:19:74:e0:c0:95:e5:e7:
ab:1e:04:24:df:e1:8b:0a:50:a2:2b:00:4c:6d:ab:77:c6:77:
28:c7:d6:1e
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICHZowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx
MTIwMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE4QTU0NDI1NTdFN0Mz
QzgzMjA2MzE4Q0Y3Q0JEOTRBODJEMUE2RkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkPPqGCrgZtOLIVNHcm5Us9U/0p9EPDQy5Gcr3XTTf1+W9K4dm
cw7IyZzd9YV7mFVxh6ThwqOjlTJKyjwMZcgXE78Iv1OvVQA33j3izEfSrHLOxL1k
W70c2vh8KUrRnrPSrFn8acBOS7keXeLTRVdJU0JuGWIyy3T6Ag5PDnVYCGRsjnLm
pIGMTapvx2T6kwwFAvaXUqDLzdHrXAhIoXt2o/ZrW0QQVhN+EAWxVFGS6xp41nUk
8+XLRZoC/LxQyUHlrZWn3Lkr0zCZK7Jp/KJq03bFYZjEL/IJ0C1KhNqt39K5b+7G
AIlaCUjLAo9DWz8ZMelyr9tPCcvxfRIRltYBAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUqKVEJVfnw8gyBjGM98vZSoLRpv0wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvcUtWRUpWZm53OGd5
QmpHTTk4dlpTb0xScHYwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACQDY4AAEjANBgkqhkiG9w0BAQsFAAOCAQEA0EPmsZdaPrNaZGwmCC/8P1V6
V1tqPMn8C6w5j2407O0W9BnztKa0DTRPgmMPmlrjVK6C6/yoecjQbRNTj3CCrA5Z
CaOM25mEYhKzNersabGRD79fA1pXi5uZ3kQlT6IGwuxQgqw65k+alPDWfQFI5xEJ
aWqBt1nzmKkyLEv9HBp57M5XNZrMhkk7qstTBSvVSPZSotv3I0d+za2OYyOONk/M
SM+LJsh7frtn1RclUcr6dQcm346ePCQJAVk4Ab+/vZQJDMNT+wu/2IbUsJAtFMf9
vJDaFO143YhCleO1DFnZJlYZdODAleXnqx4EJN/hiwpQoisATG2rd8Z3KMfWHg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 00:39:07 2025 by rpki-client