Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2526/9R9LQcn1Aso5fr3R5q56fr1z3Fo.roa
File: 9R9LQcn1Aso5fr3R5q56fr1z3Fo.roa (raw, json)
Hash identifier: 5iIjKAxUV9KrSeeYi+XekOHVYt8WlMf0qraYY5ZRxDs=
Subject key identifier: F5:1F:4B:41:C9:F5:02:CA:39:7E:BD:D1:E6:AE:7A:7E:BD:73:DC:5A
Certificate issuer: /CN=B1D844B1986E736466F5A18FF06B298EFCBBD6ED
Certificate serial: 056C
Authority key identifier: B1:D8:44:B1:98:6E:73:64:66:F5:A1:8F:F0:6B:29:8E:FC:BB:D6:ED
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sdhEsZhuc2Rm9aGP8Gspjvy71u0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2526/9R9LQcn1Aso5fr3R5q56fr1z3Fo.roa
Signing time: Sat 04 Mar 2023 03:04:56 +0000
ROA not before: Sat 04 Mar 2023 03:04:56 +0000
ROA not after: Sat 17 Feb 2024 02:46:59 +0000
asID: 140292
IP address blocks: 103.96.214.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1388 (0x56c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B1D844B1986E736466F5A18FF06B298EFCBBD6ED
Validity
Not Before: Mar 4 03:04:56 2023 GMT
Not After : Feb 17 02:46:59 2024 GMT
Subject: CN=F51F4B41C9F502CA397EBDD1E6AE7A7EBD73DC5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0f:ea:a3:09:80:3e:64:3e:e4:f9:e0:a6:84:
14:25:bf:f0:d5:14:89:b3:9e:f2:bc:9d:42:06:54:
5d:6f:40:c7:e0:ae:a8:9b:30:99:93:2c:ab:5c:21:
1b:58:75:00:5d:f6:b0:5f:f0:2c:4f:68:5d:9a:6b:
2d:8c:26:5e:9e:47:e5:da:a2:46:aa:c5:45:cc:79:
0d:b3:48:01:c6:3f:b7:34:41:af:35:82:33:a6:f9:
99:9a:70:39:63:71:3c:bf:ef:84:0e:d0:bd:e6:6c:
8a:4e:b5:9a:99:08:ef:5a:6c:6c:e5:17:52:2d:3a:
20:2c:90:0e:dd:35:a7:e6:54:58:65:26:89:6e:76:
09:8e:9d:64:43:47:b3:26:6b:d4:a7:0d:86:af:d8:
5e:75:27:73:ad:e3:0d:47:3e:2e:ee:7b:cc:3c:3f:
08:0b:76:87:62:27:4b:5e:7b:33:e0:a3:98:41:37:
d9:31:1d:9a:d5:b6:c1:bb:a3:34:c2:23:16:d7:1f:
8c:10:7c:91:53:f5:4c:57:f9:38:27:4f:0d:a7:83:
bc:be:1b:86:43:52:fe:21:26:d6:b2:3c:0a:f4:9a:
15:b2:b0:55:9c:22:0a:3c:90:d5:13:a7:c2:c8:d7:
7a:dc:6c:38:b9:85:5d:bb:51:f0:05:7c:bd:61:43:
9d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:1F:4B:41:C9:F5:02:CA:39:7E:BD:D1:E6:AE:7A:7E:BD:73:DC:5A
X509v3 Authority Key Identifier:
keyid:B1:D8:44:B1:98:6E:73:64:66:F5:A1:8F:F0:6B:29:8E:FC:BB:D6:ED
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2526/sdhEsZhuc2Rm9aGP8Gspjvy71u0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sdhEsZhuc2Rm9aGP8Gspjvy71u0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2526/9R9LQcn1Aso5fr3R5q56fr1z3Fo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.96.214.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:71:3e:fc:05:ed:b8:b0:39:d5:f9:3f:fb:4c:7d:74:51:fd:
06:a9:6a:1e:4b:56:2f:eb:75:cc:b5:88:2e:e0:7e:20:ed:bf:
26:16:50:62:d8:e2:96:e9:18:84:20:7c:f9:20:12:ae:d0:49:
bf:04:fe:29:5c:3f:24:a4:6c:65:47:5d:24:ce:37:e0:2d:5f:
e5:ff:33:ff:a9:e6:a1:a0:bd:50:a9:da:a1:a9:39:ab:cc:40:
55:60:b4:6e:a4:44:16:dd:32:ac:94:93:bb:f0:63:61:5e:81:
72:1b:ce:bf:f5:3f:e4:c9:75:ad:2d:61:d9:35:75:db:4b:ca:
7b:2d:e3:e6:a4:53:7a:e6:40:1a:cd:84:66:d8:d8:5e:8f:28:
b5:71:d8:89:28:1a:e0:0e:f0:32:f6:df:3c:d2:9b:22:c6:88:
91:cb:07:d2:44:3b:77:72:46:87:51:3a:4d:b5:a6:0b:f3:a4:
c6:c2:8d:e6:06:0c:2b:7a:e7:c0:e6:1a:2c:41:49:5b:2e:ef:
b8:91:53:4d:41:77:a1:e7:da:7c:72:8d:d0:b3:55:81:6d:0d:
bf:d1:b6:77:17:ca:bf:bf:8c:ac:02:c3:89:3b:93:05:97:66:
ba:33:c9:ad:d2:00:c3:f5:17:7d:08:85:90:c5:70:5f:23:70:
1a:78:b3:80
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICBWwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjFE
ODQ0QjE5ODZFNzM2NDY2RjVBMThGRjA2QjI5OEVGQ0JCRDZFRDAeFw0yMzAzMDQw
MzA0NTZaFw0yNDAyMTcwMjQ2NTlaMDMxMTAvBgNVBAMTKEY1MUY0QjQxQzlGNTAy
Q0EzOTdFQkREMUU2QUU3QTdFQkQ3M0RDNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6D+qjCYA+ZD7k+eCmhBQlv/DVFImznvK8nUIGVF1vQMfgrqib
MJmTLKtcIRtYdQBd9rBf8CxPaF2aay2MJl6eR+XaokaqxUXMeQ2zSAHGP7c0Qa81
gjOm+ZmacDljcTy/74QO0L3mbIpOtZqZCO9abGzlF1ItOiAskA7dNafmVFhlJolu
dgmOnWRDR7Mma9SnDYav2F51J3Ot4w1HPi7ue8w8PwgLdodiJ0teezPgo5hBN9kx
HZrVtsG7ozTCIxbXH4wQfJFT9UxX+TgnTw2ng7y+G4ZDUv4hJtayPAr0mhWysFWc
Igo8kNUTp8LI13rcbDi5hV27UfAFfL1hQ53zAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU9R9LQcn1Aso5fr3R5q56fr1z3FowHwYDVR0jBBgwFoAUsdhEsZhuc2Rm9aGP
8Gspjvy71u0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUy
Ni9zZGhFc1podWMyUm05YUdQOEdzcGp2eTcxdTAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3NkaEVzWmh1YzJSbTlhR1A4R3NwanZ5NzF1MC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MjYvOVI5TFFjbjFBc281
ZnIzUjVxNTZmcjF6M0ZvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGdg1jANBgkqhkiG9w0BAQsFAAOCAQEAG3E+/AXtuLA51fk/+0x9dFH9Bqlq
HktWL+t1zLWILuB+IO2/JhZQYtjilukYhCB8+SASrtBJvwT+KVw/JKRsZUddJM43
4C1f5f8z/6nmoaC9UKnaoak5q8xAVWC0bqREFt0yrJSTu/BjYV6BchvOv/U/5Ml1
rS1h2TV120vKey3j5qRTeuZAGs2EZtjYXo8otXHYiSga4A7wMvbfPNKbIsaIkcsH
0kQ7d3JGh1E6TbWmC/OkxsKN5gYMK3rnwOYaLEFJWy7vuJFTTUF3oefafHKN0LNV
gW0Nv9G2dxfKv7+MrALDiTuTBZdmujPJrdIAw/UXfQiFkMVwXyNwGnizgA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:35:35 2025 by rpki-client