Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2776/06gDSseV8wAWGEVGn_p2033iziw.roa
File: 06gDSseV8wAWGEVGn_p2033iziw.roa (raw, json)
Hash identifier: JVaj0XXWfvj4elWCm6Rm9+0EL0Dr7IEjllHHwj6steg=
Subject key identifier: D3:A8:03:4A:C7:95:F3:00:16:18:45:46:9F:FA:76:D3:7D:E2:CE:2C
Certificate issuer: /CN=86DB0D88746FFC0814E589A139240F2F742D0C56
Certificate serial: 0E07
Authority key identifier: 86:DB:0D:88:74:6F:FC:08:14:E5:89:A1:39:24:0F:2F:74:2D:0C:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/06gDSseV8wAWGEVGn_p2033iziw.roa
Signing time: Fri 24 May 2024 02:26:40 +0000
ROA not before: Fri 24 May 2024 02:26:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 63566
IP address blocks: 103.252.248.0/24 maxlen: 24
118.194.59.0/24 maxlen: 24
122.11.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3591 (0xe07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86DB0D88746FFC0814E589A139240F2F742D0C56
Validity
Not Before: May 24 02:26:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D3A8034AC795F300161845469FFA76D37DE2CE2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2c:e3:79:59:e4:af:41:d0:e0:31:a3:3c:15:
e5:e2:28:ce:56:d1:94:a1:a8:1b:16:68:0b:91:e2:
6f:a9:fa:49:ac:9d:1c:8e:89:6e:96:f7:1f:8e:ab:
ef:76:ea:38:03:b7:ad:79:2f:a8:30:1e:d6:54:51:
71:5a:9b:bd:b4:d0:a8:97:9b:09:9f:17:e3:45:5e:
ba:74:d8:8d:0f:1e:c9:fb:4d:d7:f2:f6:36:f5:19:
d7:dc:b7:95:00:28:21:1f:ca:da:32:56:a6:8d:41:
d7:7a:88:46:51:49:25:99:2a:5f:5a:29:24:66:a5:
a5:07:05:19:51:0c:23:68:a7:f5:95:96:0a:70:cc:
89:3a:5a:59:c0:36:91:64:1c:ac:a8:f2:65:33:a4:
74:14:f1:c2:ef:8a:c2:39:9e:6f:dd:e4:b9:95:76:
91:1b:5d:b2:be:d7:fc:63:84:da:09:20:92:91:2b:
a0:05:7d:6c:e2:ff:bd:14:45:d2:88:07:6b:e5:06:
b4:6c:6c:82:ce:9a:a4:27:1e:73:ca:d7:26:78:a4:
44:5c:ef:fb:77:c8:bc:58:0c:ab:e1:61:4d:d8:72:
1b:96:d6:85:e2:31:24:60:5d:56:b4:c9:42:ed:36:
fe:f0:86:50:62:99:fe:20:28:9d:d8:df:5f:73:24:
6b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A8:03:4A:C7:95:F3:00:16:18:45:46:9F:FA:76:D3:7D:E2:CE:2C
X509v3 Authority Key Identifier:
keyid:86:DB:0D:88:74:6F:FC:08:14:E5:89:A1:39:24:0F:2F:74:2D:0C:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/htsNiHRv_AgU5YmhOSQPL3QtDFY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/htsNiHRv_AgU5YmhOSQPL3QtDFY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2776/06gDSseV8wAWGEVGn_p2033iziw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.252.248.0/24
118.194.59.0/24
122.11.0.0/24
Signature Algorithm: sha256WithRSAEncryption
23:98:7c:24:56:e7:32:40:f5:4c:11:8c:51:e1:8e:ca:6c:ff:
0a:82:1c:2e:92:4a:73:bd:63:10:c0:54:fe:cb:60:71:b6:27:
4e:39:db:2e:4c:ce:9d:5f:35:fe:92:98:95:04:66:6c:7c:58:
40:36:66:0e:35:e5:7d:85:79:a0:38:02:d8:82:47:e5:59:d7:
6c:9a:37:cf:86:11:dc:5d:72:30:93:47:12:a1:3d:22:22:ac:
18:57:c0:85:09:59:06:43:9f:7b:36:14:09:77:0e:1b:58:a8:
07:ee:55:65:74:20:c2:98:b5:67:e8:6a:83:95:51:68:8e:2c:
e1:e2:02:e8:3f:8d:0d:c2:41:46:6e:05:ce:60:d7:f2:ef:fe:
16:58:c8:2c:63:ad:72:90:8a:df:c8:45:7a:79:2d:fb:a7:7d:
1b:95:31:06:0f:49:c4:22:a5:5c:cc:b9:df:57:b5:ec:3d:76:
26:f9:25:22:8f:90:7b:f0:fc:13:22:f2:61:c7:47:1c:9b:62:
39:18:fc:3a:a7:26:8f:1e:10:34:23:4a:47:fa:4d:76:5d:b6:
64:c5:0d:fa:22:e9:dc:96:73:c9:5f:82:ae:47:f6:2e:4b:6c:
79:fe:1e:ca:ed:2d:6d:a1:f1:2a:2e:00:f0:de:01:0b:0d:39:
e3:16:1b:2e
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgICDgcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODZE
QjBEODg3NDZGRkMwODE0RTU4OUExMzkyNDBGMkY3NDJEMEM1NjAeFw0yNDA1MjQw
MjI2NDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQzQTgwMzRBQzc5NUYz
MDAxNjE4NDU0NjlGRkE3NkQzN0RFMkNFMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkLON5WeSvQdDgMaM8FeXiKM5W0ZShqBsWaAuR4m+p+kmsnRyO
iW6W9x+Oq+926jgDt615L6gwHtZUUXFam7200KiXmwmfF+NFXrp02I0PHsn7Tdfy
9jb1Gdfct5UAKCEfytoyVqaNQdd6iEZRSSWZKl9aKSRmpaUHBRlRDCNop/WVlgpw
zIk6WlnANpFkHKyo8mUzpHQU8cLvisI5nm/d5LmVdpEbXbK+1/xjhNoJIJKRK6AF
fWzi/70URdKIB2vlBrRsbILOmqQnHnPK1yZ4pERc7/t3yLxYDKvhYU3YchuW1oXi
MSRgXVa0yULtNv7whlBimf4gKJ3Y319zJGvXAgMBAAGjggH/MIIB+zAdBgNVHQ4E
FgQU06gDSseV8wAWGEVGn/p2033iziwwHwYDVR0jBBgwFoAUhtsNiHRv/AgU5Ymh
OSQPL3QtDFYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc3
Ni9odHNOaUhSdl9BZ1U1WW1oT1NRUEwzUXRERlkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2h0c05pSFJ2X0FnVTVZbWhPU1FQTDNRdERGWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NzYvMDZnRFNzZVY4d0FX
R0VWR25fcDIwMzNpeml3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEw
EgMEAGf8+AMEAHbCOwMEAHoLADANBgkqhkiG9w0BAQsFAAOCAQEAI5h8JFbnMkD1
TBGMUeGOymz/CoIcLpJKc71jEMBU/stgcbYnTjnbLkzOnV81/pKYlQRmbHxYQDZm
DjXlfYV5oDgC2IJH5VnXbJo3z4YR3F1yMJNHEqE9IiKsGFfAhQlZBkOfezYUCXcO
G1ioB+5VZXQgwpi1Z+hqg5VRaI4s4eIC6D+NDcJBRm4FzmDX8u/+FljILGOtcpCK
38hFenkt+6d9G5UxBg9JxCKlXMy531e17D12JvklIo+Qe/D8EyLyYcdHHJtiORj8
Oqcmjx4QNCNKR/pNdl22ZMUN+iLp3JZzyV+Crkf2Lktsef4eyu0tbaHxKi4A8N4B
Cw054xYbLg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:56 2025 by rpki-client