Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/l7pq8USURZhbMz4dVzkliHTwzqc.roa
File: l7pq8USURZhbMz4dVzkliHTwzqc.roa (raw, json)
Hash identifier: FU4ykIIBjhclH3fHhZphmbq+W7cmGCCpYPTRAjwQDAc=
Subject key identifier: 97:BA:6A:F1:44:94:45:98:5B:33:3E:1D:57:39:25:88:74:F0:CE:A7
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: 1E74
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/l7pq8USURZhbMz4dVzkliHTwzqc.roa
Signing time: Wed 13 Mar 2024 01:21:35 +0000
ROA not before: Wed 13 Mar 2024 01:21:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 134762
IP address blocks: 43.226.64.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7796 (0x1e74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: Mar 13 01:21:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=97BA6AF1449445985B333E1D5739258874F0CEA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:41:d2:87:ec:26:18:35:17:98:ec:58:7f:b9:
48:fc:15:8d:3b:b9:4f:7c:99:80:6b:f8:a5:7e:67:
f4:f6:48:d9:69:36:61:3a:ef:31:48:54:f2:94:3b:
0b:21:9d:09:31:13:64:b5:04:55:26:70:a7:2a:f3:
cb:dc:a8:9e:9f:3a:e5:62:c0:42:91:02:e7:50:ad:
a2:9f:3c:68:e3:74:46:d4:4d:7f:fe:b8:24:2c:86:
30:a4:1b:11:51:2f:dc:63:a2:0c:d9:fe:f9:f5:2d:
2e:89:26:8f:e2:fa:44:4c:18:0b:b0:5e:b8:cf:e0:
a7:8d:4b:97:d9:01:1e:b8:02:33:f2:ed:0c:4c:47:
92:ab:4e:30:78:a0:87:97:ff:84:cb:0e:25:c2:f2:
de:ab:3f:c8:8d:8a:63:bd:91:20:9e:2d:46:15:4c:
06:07:46:1d:f6:b8:86:7a:0a:ec:2a:7b:e8:4e:66:
f6:a4:a7:da:b1:92:28:d4:7f:b8:df:0b:c3:90:7c:
46:a2:7d:8e:24:86:09:87:3f:7f:e3:af:37:11:60:
82:33:4c:4b:6a:66:80:2d:0c:d2:87:9b:b7:b8:97:
25:17:72:d0:b1:b7:c4:01:4c:73:dd:16:47:e5:12:
0e:67:de:f1:cd:44:18:ae:14:b4:28:1a:3a:1e:70:
cd:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:BA:6A:F1:44:94:45:98:5B:33:3E:1D:57:39:25:88:74:F0:CE:A7
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/l7pq8USURZhbMz4dVzkliHTwzqc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.64.0/21
Signature Algorithm: sha256WithRSAEncryption
38:a8:db:33:96:bc:71:0b:66:1a:f6:b9:aa:b0:d6:66:04:9b:
20:16:1a:9f:12:7f:0a:55:bc:4e:c3:12:2a:2a:55:33:f1:e0:
e6:53:3b:c4:42:b1:a0:eb:a4:75:be:1d:00:e6:5b:8c:ef:33:
44:e3:ae:e6:39:e5:9e:6d:d0:00:95:db:9c:eb:ba:7a:8d:27:
b2:a7:64:fd:a0:67:8a:b4:7b:ee:58:b7:74:94:aa:41:1c:7c:
e6:b8:f7:0b:05:c5:05:bc:1e:6d:9b:6f:76:d4:4f:f3:0b:a0:
19:4c:15:65:20:e7:ad:6e:55:8a:d4:94:2f:f4:f2:9d:6d:78:
02:dc:28:13:36:b0:40:3c:f8:6d:2d:31:78:5f:8c:be:c7:13:
00:7f:c7:33:cb:b6:3b:dc:f9:da:05:6c:95:dc:6d:5d:b0:bd:
f5:b8:03:df:05:05:99:87:3a:4b:49:3f:70:1c:d4:d8:64:d1:
64:8a:57:de:f6:99:aa:f0:41:27:32:58:45:39:7e:f2:d5:1c:
e6:20:21:7a:68:57:d9:35:74:9b:17:39:27:de:b1:b7:de:8b:
6a:88:f2:63:a5:56:c6:2c:b9:70:e3:82:b0:ab:39:3d:6f:8e:
98:fc:6a:8f:1f:eb:27:5d:f9:f3:30:e4:12:da:e7:7a:75:ae:
f1:52:d9:90
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICHnQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNDAzMTMw
MTIxMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3QkE2QUYxNDQ5NDQ1
OTg1QjMzM0UxRDU3MzkyNTg4NzRGMENFQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtQdKH7CYYNReY7Fh/uUj8FY07uU98mYBr+KV+Z/T2SNlpNmE6
7zFIVPKUOwshnQkxE2S1BFUmcKcq88vcqJ6fOuViwEKRAudQraKfPGjjdEbUTX/+
uCQshjCkGxFRL9xjogzZ/vn1LS6JJo/i+kRMGAuwXrjP4KeNS5fZAR64AjPy7QxM
R5KrTjB4oIeX/4TLDiXC8t6rP8iNimO9kSCeLUYVTAYHRh32uIZ6Cuwqe+hOZvak
p9qxkijUf7jfC8OQfEaifY4khgmHP3/jrzcRYIIzTEtqZoAtDNKHm7e4lyUXctCx
t8QBTHPdFkflEg5n3vHNRBiuFLQoGjoecM2bAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUl7pq8USURZhbMz4dVzkliHTwzqcwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvbDdwcThVU1VSWmhi
TXo0ZFZ6a2xpSFR3enFjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAyviQDANBgkqhkiG9w0BAQsFAAOCAQEAOKjbM5a8cQtmGva5qrDWZgSbIBYa
nxJ/ClW8TsMSKipVM/Hg5lM7xEKxoOukdb4dAOZbjO8zROOu5jnlnm3QAJXbnOu6
eo0nsqdk/aBnirR77li3dJSqQRx85rj3CwXFBbwebZtvdtRP8wugGUwVZSDnrW5V
itSUL/TynW14AtwoEzawQDz4bS0xeF+MvscTAH/HM8u2O9z52gVsldxtXbC99bgD
3wUFmYc6S0k/cBzU2GTRZIpX3vaZqvBBJzJYRTl+8tUc5iAhemhX2TV0mxc5J96x
t96LaojyY6VWxiy5cOOCsKs5PW+OmPxqjx/rJ1358zDkEtrnenWu8VLZkA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:06 2025 by rpki-client