Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/IdSYZ564NqGCV_ffZwk7Sqi0Dts.roa
File: IdSYZ564NqGCV_ffZwk7Sqi0Dts.roa (raw, json)
Hash identifier: rYtvN7f7juMpttQmpW2teaqmcKzbU26Ih/k3JPD9GZI=
Subject key identifier: 21:D4:98:67:9E:B8:36:A1:82:57:F7:DF:67:09:3B:4A:A8:B4:0E:DB
Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB
Certificate serial: 1BE0
Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/IdSYZ564NqGCV_ffZwk7Sqi0Dts.roa
Signing time: Wed 13 Mar 2024 01:23:28 +0000
ROA not before: Wed 13 Mar 2024 01:23:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139139
IP address blocks: 2406:3340::/36 maxlen: 36
2406:3340:1000::/36 maxlen: 36
2406:3340:2000::/36 maxlen: 36
2406:3340:3000::/36 maxlen: 36
2406:3340:4000::/36 maxlen: 36
2406:3340:5000::/36 maxlen: 36
2406:3340:6000::/36 maxlen: 36
2406:3340:7000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7136 (0x1be0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB
Validity
Not Before: Mar 13 01:23:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=21D498679EB836A18257F7DF67093B4AA8B40EDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a2:56:71:f4:26:64:3b:4b:01:26:b9:ec:96:
47:3a:5e:26:40:ef:b3:35:7c:60:f6:9f:96:09:96:
5a:0c:32:ea:11:e1:6a:e0:3d:cc:f9:04:5e:4f:76:
e6:61:38:4c:2f:a9:e0:00:d7:31:0b:5a:8c:53:6f:
b8:e5:e4:39:12:6c:ed:b3:ef:2d:8d:b4:a9:8d:cf:
c5:54:3b:45:ca:51:7e:83:55:5f:eb:01:68:67:6a:
c3:a4:cb:47:c5:e6:53:fa:7a:53:c0:6d:72:65:e6:
6c:48:d4:da:ce:2a:d4:a0:a1:fa:f6:f7:51:11:de:
1d:d2:25:63:72:52:a5:5b:69:3e:4b:99:76:10:41:
1d:24:2f:98:05:98:a6:a0:b7:41:bf:99:f3:3c:43:
21:6d:31:44:6f:da:8d:fb:79:f9:c3:b8:20:f8:58:
ef:e2:67:30:8f:d0:a8:97:09:16:36:f1:7e:3c:db:
5c:3f:6f:ac:d6:6f:b5:b2:0a:dd:b9:7a:28:fb:de:
a8:2d:49:b4:4b:e7:9b:47:97:a7:77:39:54:ac:de:
20:10:75:8b:33:d3:90:0b:ab:58:dd:82:08:97:70:
c4:83:e1:26:14:17:3d:78:17:55:1d:cb:fe:4b:bd:
91:79:5b:f4:d2:bd:75:d2:98:d3:42:49:b7:4b:a3:
e1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D4:98:67:9E:B8:36:A1:82:57:F7:DF:67:09:3B:4A:A8:B4:0E:DB
X509v3 Authority Key Identifier:
keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/IdSYZ564NqGCV_ffZwk7Sqi0Dts.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:3340::/33
Signature Algorithm: sha256WithRSAEncryption
00:05:ff:a3:4b:73:46:bc:a8:86:ae:eb:4a:09:9a:c2:89:8e:
4c:6b:2b:55:aa:6c:8c:d5:b6:5a:16:5f:c9:09:96:61:a5:e2:
cc:1d:c7:cb:2c:2e:ab:69:36:74:e4:b6:a4:63:3b:7f:87:8f:
1f:12:5e:b0:41:17:a2:85:89:be:d2:46:78:fb:06:42:c9:76:
91:82:6e:33:c5:08:0a:6a:87:c9:7d:c1:ed:c5:d3:ce:20:9d:
53:12:76:20:a1:e8:3a:6b:0a:15:8f:55:9c:23:bc:b7:13:cf:
16:d2:a2:b2:da:cd:45:d1:64:7f:60:5b:3e:26:d6:d7:64:7d:
6f:8e:02:43:55:ea:30:ab:dc:06:04:cd:a4:87:5b:5d:87:3b:
3c:84:4f:1f:0b:54:4c:c9:00:8b:98:3a:16:76:79:49:08:de:
28:16:f5:6c:1a:20:f6:0f:17:22:bb:80:b5:73:f9:72:24:d0:
ff:72:64:b0:2c:59:17:75:37:f5:d7:ac:40:97:2c:1d:8b:94:
49:ce:d7:0f:31:e2:a5:36:77:be:3a:49:47:32:62:a7:8c:a4:
e2:73:10:c1:88:8c:94:b3:1d:43:87:91:9b:1c:30:b2:f2:95:
03:c1:94:5a:26:8d:db:6c:98:f8:eb:d0:1a:9a:3e:1e:f8:2b:
af:8c:18:64
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgICG+AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy
RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNDAzMTMw
MTIzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIxRDQ5ODY3OUVCODM2
QTE4MjU3RjdERjY3MDkzQjRBQThCNDBFREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyolZx9CZkO0sBJrnslkc6XiZA77M1fGD2n5YJlloMMuoR4Wrg
Pcz5BF5PduZhOEwvqeAA1zELWoxTb7jl5DkSbO2z7y2NtKmNz8VUO0XKUX6DVV/r
AWhnasOky0fF5lP6elPAbXJl5mxI1NrOKtSgofr291ER3h3SJWNyUqVbaT5LmXYQ
QR0kL5gFmKagt0G/mfM8QyFtMURv2o37efnDuCD4WO/iZzCP0KiXCRY28X4821w/
b6zWb7WyCt25eij73qgtSbRL55tHl6d3OVSs3iAQdYsz05ALq1jdggiXcMSD4SYU
Fz14F1Udy/5LvZF5W/TSvXXSmNNCSbdLo+HzAgMBAAGjggH1MIIB8TAdBgNVHQ4E
FgQUIdSYZ564NqGCV/ffZwk7Sqi0DtswHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J
D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4
OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvSWRTWVo1NjROcUdD
Vl9mZlp3azdTcWkwRHRzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw
CAMGByQGM0AAMA0GCSqGSIb3DQEBCwUAA4IBAQAABf+jS3NGvKiGrutKCZrCiY5M
aytVqmyM1bZaFl/JCZZhpeLMHcfLLC6raTZ05LakYzt/h48fEl6wQReihYm+0kZ4
+wZCyXaRgm4zxQgKaofJfcHtxdPOIJ1TEnYgoeg6awoVj1WcI7y3E88W0qKy2s1F
0WR/YFs+JtbXZH1vjgJDVeowq9wGBM2kh1tdhzs8hE8fC1RMyQCLmDoWdnlJCN4o
FvVsGiD2Dxciu4C1c/lyJND/cmSwLFkXdTf116xAlywdi5RJztcPMeKlNne+OklH
MmKnjKTicxDBiIyUsx1Dh5GbHDCy8pUDwZRaJo3bbJj469Aamj4e+CuvjBhk
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:18:48 2025 by rpki-client