Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1584/u7nZCyCLgaN8oiKDkzBadF-7Qu8.roa
File: u7nZCyCLgaN8oiKDkzBadF-7Qu8.roa (raw, json)
Hash identifier: NY1uTpEP8r7nATgDZeAvhBJR4IwlIkJdcRsNUaiAuA0=
Subject key identifier: BB:B9:D9:0B:20:8B:81:A3:7C:A2:22:83:93:30:5A:74:5F:BB:42:EF
Certificate issuer: /CN=F76C9E43361DEA446077AD7029057380AFFF3266
Certificate serial: 19D3
Authority key identifier: F7:6C:9E:43:36:1D:EA:44:60:77:AD:70:29:05:73:80:AF:FF:32:66
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/92yeQzYd6kRgd61wKQVzgK__MmY.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1584/u7nZCyCLgaN8oiKDkzBadF-7Qu8.roa
Signing time: Wed 13 Mar 2024 01:23:44 +0000
ROA not before: Wed 13 Mar 2024 01:23:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24424
IP address blocks: 2404:280::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6611 (0x19d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F76C9E43361DEA446077AD7029057380AFFF3266
Validity
Not Before: Mar 13 01:23:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BBB9D90B208B81A37CA2228393305A745FBB42EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:83:66:59:74:3a:28:71:fb:69:90:ae:ae:02:
e6:50:32:2a:d0:5d:dd:2d:22:50:8e:56:41:81:16:
b9:f9:1f:55:48:dd:da:6f:f3:33:6c:0c:73:48:07:
29:3e:cd:e4:0a:4c:27:09:33:93:19:bf:0f:81:d1:
33:95:2e:9a:61:58:05:8d:22:fc:25:16:49:7a:86:
95:92:58:a5:3e:59:58:2c:85:4e:14:f5:23:42:ed:
17:39:e2:09:46:e3:a3:ca:ea:f8:7d:5d:74:4f:e3:
ff:fc:cf:d1:40:72:8f:d4:f3:2c:27:69:de:12:99:
2b:c0:b4:f0:3e:3a:59:e9:e5:59:44:a6:6d:67:77:
90:dd:7d:06:ce:31:a0:af:92:96:35:b6:f7:d3:38:
3a:16:e4:52:c4:6c:cf:2c:a0:2c:4c:ce:0d:2b:2e:
06:17:e2:a8:73:a5:92:bc:0a:3e:5a:4a:55:20:bd:
6e:8f:19:d9:05:bd:0f:50:77:7d:37:eb:dd:fb:d9:
0c:aa:76:97:1d:56:4b:da:59:4e:df:c7:00:f7:12:
aa:16:16:d5:6e:94:60:23:17:9f:d7:0c:32:1b:e2:
aa:71:e8:49:b7:cd:62:33:7e:a4:04:28:fa:25:c4:
c9:f8:53:11:07:e7:8c:ae:e4:6b:a6:e5:ea:ce:39:
e9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B9:D9:0B:20:8B:81:A3:7C:A2:22:83:93:30:5A:74:5F:BB:42:EF
X509v3 Authority Key Identifier:
keyid:F7:6C:9E:43:36:1D:EA:44:60:77:AD:70:29:05:73:80:AF:FF:32:66
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1584/92yeQzYd6kRgd61wKQVzgK__MmY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/92yeQzYd6kRgd61wKQVzgK__MmY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1584/u7nZCyCLgaN8oiKDkzBadF-7Qu8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:280::/32
Signature Algorithm: sha256WithRSAEncryption
90:15:93:c9:e2:a3:66:98:b7:09:31:83:be:7e:9c:0e:b3:73:
12:7d:61:85:0a:39:03:f3:e7:07:48:ea:f1:a4:a8:7b:1f:09:
7b:b1:7e:03:25:52:0a:b8:f9:9d:e1:e3:da:35:59:93:64:8e:
79:34:45:cd:83:a6:86:f0:97:1a:c8:51:c4:5d:78:f6:0f:6c:
f9:18:38:28:8f:51:95:f3:28:16:e8:78:90:7c:bd:12:00:0e:
f6:e7:26:31:e4:98:cc:4f:26:c3:3a:e6:df:50:b4:47:bc:e6:
36:2b:40:d0:a2:f0:82:25:9b:ca:86:32:d7:94:d5:67:96:93:
17:25:d7:48:f9:79:5e:38:b7:08:be:fb:5f:c9:c9:3d:8f:b5:
38:4a:76:df:b0:76:3a:13:d5:4c:f0:50:39:59:10:2c:ba:c9:
67:00:43:3d:0d:f6:ca:e8:52:04:64:25:a7:32:7c:75:04:87:
4e:75:b0:6e:81:32:f5:99:90:42:3d:b2:1e:71:78:cd:9c:85:
f9:91:14:c7:0c:99:2f:f3:fa:4d:61:e6:ec:a1:1b:fa:7f:13:
46:e3:5e:60:d5:3f:eb:84:4f:6d:be:f2:bf:30:2d:87:9c:eb:
0c:bd:6f:e9:5b:e5:0b:99:4a:b7:23:7e:6b:fd:d0:19:83:e6:
4d:aa:d8:1a
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICGdMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjc2
QzlFNDMzNjFERUE0NDYwNzdBRDcwMjkwNTczODBBRkZGMzI2NjAeFw0yNDAzMTMw
MTIzNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJCQjlEOTBCMjA4Qjgx
QTM3Q0EyMjI4MzkzMzA1QTc0NUZCQjQyRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxg2ZZdDoocftpkK6uAuZQMirQXd0tIlCOVkGBFrn5H1VI3dpv
8zNsDHNIByk+zeQKTCcJM5MZvw+B0TOVLpphWAWNIvwlFkl6hpWSWKU+WVgshU4U
9SNC7Rc54glG46PK6vh9XXRP4//8z9FAco/U8ywnad4SmSvAtPA+Olnp5VlEpm1n
d5DdfQbOMaCvkpY1tvfTODoW5FLEbM8soCxMzg0rLgYX4qhzpZK8Cj5aSlUgvW6P
GdkFvQ9Qd30369372QyqdpcdVkvaWU7fxwD3EqoWFtVulGAjF5/XDDIb4qpx6Em3
zWIzfqQEKPolxMn4UxEH54yu5Gum5erOOekDAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUu7nZCyCLgaN8oiKDkzBadF+7Qu8wHwYDVR0jBBgwFoAU92yeQzYd6kRgd61w
KQVzgK//MmYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4
NC85MnllUXpZZDZrUmdkNjF3S1FWemdLX19NbVkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzkyeWVRellkNmtSZ2Q2MXdLUVZ6Z0tfX01tWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODQvdTduWkN5Q0xnYU44
b2lLRGt6QmFkRi03UXU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQEAoAwDQYJKoZIhvcNAQELBQADggEBAJAVk8nio2aYtwkxg75+nA6zcxJ9
YYUKOQPz5wdI6vGkqHsfCXuxfgMlUgq4+Z3h49o1WZNkjnk0Rc2DpobwlxrIUcRd
ePYPbPkYOCiPUZXzKBboeJB8vRIADvbnJjHkmMxPJsM65t9QtEe85jYrQNCi8IIl
m8qGMteU1WeWkxcl10j5eV44twi++1/JyT2PtThKdt+wdjoT1UzwUDlZECy6yWcA
Qz0N9sroUgRkJacyfHUEh051sG6BMvWZkEI9sh5xeM2chfmRFMcMmS/z+k1h5uyh
G/p/E0bjXmDVP+uET22+8r8wLYec6wy9b+lb5QuZSrcjfmv90BmD5k2q2Bo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:32 2025 by rpki-client