Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1630/ffNioD3PfIXnkRsSHGrp0fap1Mg.roa
File: ffNioD3PfIXnkRsSHGrp0fap1Mg.roa (raw, json)
Hash identifier: XbpotjV6eQW7ygFfTKhPFoaHDssgLgM1NGbOnxjwNQ0=
Subject key identifier: 7D:F3:62:A0:3D:CF:7C:85:E7:91:1B:12:1C:6A:E9:D1:F6:A9:D4:C8
Certificate issuer: /CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A
Certificate serial: 15D2
Authority key identifier: 4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/ffNioD3PfIXnkRsSHGrp0fap1Mg.roa
Signing time: Wed 13 Mar 2024 01:22:16 +0000
ROA not before: Wed 13 Mar 2024 01:22:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 23650
IP address blocks: 27.0.204.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5586 (0x15d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A
Validity
Not Before: Mar 13 01:22:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7DF362A03DCF7C85E7911B121C6AE9D1F6A9D4C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:11:74:fb:f1:09:c1:78:9c:1d:58:8b:00:07:
d3:8c:61:bb:57:38:ae:3e:ac:07:88:a3:4c:d0:a1:
ec:34:13:7d:0c:55:0a:29:b6:f2:0c:eb:72:bf:77:
de:5d:3b:39:66:48:6d:2b:ab:00:df:da:b5:7f:af:
b1:b7:fc:4f:6d:fc:c9:5d:60:e9:7c:e8:06:29:63:
1d:94:ce:2f:c9:4f:67:f9:66:34:45:7d:06:1c:ce:
43:86:62:f9:2e:b8:64:18:59:3d:37:18:42:06:95:
af:c4:16:43:cd:63:dd:56:67:f6:17:f4:b4:17:1e:
95:4c:39:5f:d5:cf:0e:a9:e9:a9:3d:a1:51:50:7e:
05:44:61:92:de:9c:81:da:2d:97:5b:bb:26:2f:b8:
d0:87:be:a9:9c:45:f8:58:91:a1:02:f3:6c:5c:5b:
6f:b6:7f:74:1e:8c:fc:ab:5b:c4:71:4d:41:8c:52:
10:54:d5:f0:30:ad:cf:a5:0c:49:14:f9:12:7c:6d:
da:69:37:f8:5f:6a:54:1d:8a:f4:77:fb:31:b0:44:
b4:89:27:a5:7b:a0:98:a6:07:97:d0:8e:58:da:d2:
96:fd:57:38:5a:a9:a9:cf:0f:40:0a:b4:06:4b:37:
39:f5:38:c9:7a:09:d0:9c:89:a0:30:2e:89:bb:8b:
29:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F3:62:A0:3D:CF:7C:85:E7:91:1B:12:1C:6A:E9:D1:F6:A9:D4:C8
X509v3 Authority Key Identifier:
keyid:4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/ffNioD3PfIXnkRsSHGrp0fap1Mg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.0.204.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:68:95:d0:f4:af:cf:7d:73:2a:ae:d4:a2:c1:80:a5:12:4f:
af:b5:f7:86:b9:55:9e:3c:88:bd:6e:d9:80:53:fd:06:7c:69:
c7:be:c0:f1:d3:3e:d2:ca:c1:5d:13:d8:b8:d3:33:3f:30:46:
58:fd:1f:73:5a:a5:d9:49:80:e5:ef:f0:fb:9e:3b:71:1a:6f:
a0:77:93:6d:aa:1f:67:73:1a:11:c5:97:86:fb:7e:a8:77:f1:
26:43:65:5e:b4:bd:44:26:87:49:9a:fb:b3:16:5f:a3:cc:1e:
d3:e3:ba:96:ac:c9:bb:5b:81:ed:56:bb:99:2b:3d:40:56:3e:
57:d0:de:5e:11:85:f5:d9:37:7e:70:e0:76:eb:dc:32:fe:9f:
4b:b6:bb:0c:50:18:6b:50:50:f3:02:a5:33:5a:1b:64:5f:1b:
ed:e7:fe:5e:65:01:46:b8:c4:97:29:c8:52:21:31:07:da:19:
ec:06:d4:d7:a5:3f:15:0c:cd:d8:df:7b:c1:73:e3:a3:a0:2b:
a4:90:55:3b:8d:36:dc:d6:25:39:47:ff:20:33:39:b6:73:28:
66:6d:9b:31:5d:26:0b:5d:55:60:82:f4:08:20:97:ee:5c:42:
ca:d4:67:b2:df:b0:82:43:95:5b:e5:8d:49:74:92:d0:9f:bf:
05:75:33:fd
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFdIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEMx
RkI1NTNGRjIzMzEyQ0Q5QzI1REUxREE3MjA0OEYwNjQ4M0M1QTAeFw0yNDAzMTMw
MTIyMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdERjM2MkEwM0RDRjdD
ODVFNzkxMUIxMjFDNkFFOUQxRjZBOUQ0QzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsEXT78QnBeJwdWIsAB9OMYbtXOK4+rAeIo0zQoew0E30MVQop
tvIM63K/d95dOzlmSG0rqwDf2rV/r7G3/E9t/MldYOl86AYpYx2Uzi/JT2f5ZjRF
fQYczkOGYvkuuGQYWT03GEIGla/EFkPNY91WZ/YX9LQXHpVMOV/Vzw6p6ak9oVFQ
fgVEYZLenIHaLZdbuyYvuNCHvqmcRfhYkaEC82xcW2+2f3QejPyrW8RxTUGMUhBU
1fAwrc+lDEkU+RJ8bdppN/hfalQdivR3+zGwRLSJJ6V7oJimB5fQjlja0pb9Vzha
qanPD0AKtAZLNzn1OMl6CdCciaAwLom7iyklAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUffNioD3PfIXnkRsSHGrp0fap1MgwHwYDVR0jBBgwFoAUTB+1U/8jMSzZwl3h
2nIEjwZIPFowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTYz
MC9UQi0xVV84ak1Telp3bDNoMm5JRWp3WklQRm8uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1RCLTFVXzhqTVN6WndsM2gybklFandaSVBGby5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2MzAvZmZOaW9EM1BmSVhu
a1JzU0hHcnAwZmFwMU1nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAhsAzDANBgkqhkiG9w0BAQsFAAOCAQEAPmiV0PSvz31zKq7UosGApRJPr7X3
hrlVnjyIvW7ZgFP9Bnxpx77A8dM+0srBXRPYuNMzPzBGWP0fc1ql2UmA5e/w+547
cRpvoHeTbaofZ3MaEcWXhvt+qHfxJkNlXrS9RCaHSZr7sxZfo8we0+O6lqzJu1uB
7Va7mSs9QFY+V9DeXhGF9dk3fnDgduvcMv6fS7a7DFAYa1BQ8wKlM1obZF8b7ef+
XmUBRrjElynIUiExB9oZ7AbU16U/FQzN2N97wXPjo6ArpJBVO4023NYlOUf/IDM5
tnMoZm2bMV0mC11VYIL0CCCX7lxCytRnst+wgkOVW+WNSXSS0J+/BXUz/Q==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:47 2025 by rpki-client