Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/2DtKUFYHbqYrajhdvRNj_6_8Cy8.roa
File: 2DtKUFYHbqYrajhdvRNj_6_8Cy8.roa (raw, json)
Hash identifier: dg8WzZD25j6iC9irsRS1D6/CaqLVOgaVea44hW3vz9s=
Subject key identifier: D8:3B:4A:50:56:07:6E:A6:2B:6A:38:5D:BD:13:63:FF:AF:FC:0B:2F
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 0E1F
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/2DtKUFYHbqYrajhdvRNj_6_8Cy8.roa
Signing time: Wed 18 Sep 2024 07:51:21 +0000
ROA not before: Wed 18 Sep 2024 07:51:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55990
IP address blocks: 124.71.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3615 (0xe1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Sep 18 07:51:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D83B4A5056076EA62B6A385DBD1363FFAFFC0B2F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:46:d5:f7:d8:e4:88:ef:59:ad:23:b5:7d:08:
8e:5a:23:86:3d:eb:6a:f0:8f:b9:62:3b:ec:52:9f:
7d:11:f6:4e:30:2b:7b:a1:0e:5d:9d:1c:48:45:2e:
6d:03:7e:be:07:58:a5:91:8b:f1:ac:ba:36:f6:73:
37:f2:d6:15:78:43:f9:ed:6d:0f:fa:90:bd:67:f7:
5a:24:06:8b:9e:e0:2b:f5:f5:94:9d:e8:2f:a8:80:
b1:61:a0:73:3c:7c:3e:84:cc:e2:d4:ce:76:65:15:
64:0e:27:6b:d6:3b:a7:51:c2:43:b0:3c:aa:20:8d:
ba:5d:53:3e:aa:8f:dd:80:ac:f0:93:f5:2e:0b:7b:
0e:14:66:ef:de:1b:a7:f4:e3:bc:39:4b:64:b4:6d:
ae:80:83:01:06:a9:d3:cf:a2:bc:28:c7:39:ca:a5:
06:e5:33:cd:93:fc:be:1b:89:79:34:a7:12:33:e0:
b4:e7:d0:ec:e4:0d:3d:7f:ef:a8:58:19:dd:e2:1c:
eb:b5:32:1a:b7:c0:78:ca:35:65:93:ce:eb:be:d3:
08:de:1c:21:1c:0b:ab:e6:c0:8f:be:4f:3c:be:e4:
88:2d:e7:29:d7:67:6c:42:fa:dc:64:88:c5:b3:92:
02:2d:1b:a1:01:5d:1b:d3:c7:e5:7d:3b:c1:b4:45:
8f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3B:4A:50:56:07:6E:A6:2B:6A:38:5D:BD:13:63:FF:AF:FC:0B:2F
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/2DtKUFYHbqYrajhdvRNj_6_8Cy8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.71.251.0/24
Signature Algorithm: sha256WithRSAEncryption
32:5d:48:3a:d0:d9:2a:f1:70:7b:33:7d:af:4a:ff:11:f3:ec:
2a:64:63:9d:d4:c8:be:d5:7d:73:b6:2e:b7:3f:9e:1b:fa:78:
cd:a4:b8:78:b0:a7:22:96:66:e6:d2:89:64:bd:49:18:85:cd:
21:ad:70:58:93:99:37:d8:ab:dd:dd:69:e5:38:25:0b:a1:b5:
ef:0b:69:1b:83:8f:d9:50:4a:88:5c:1f:b2:bb:18:f4:cf:23:
c6:6d:cc:e0:57:3b:0d:f5:99:95:a4:4a:84:02:9a:c8:0f:0b:
47:a8:e2:d4:c0:2b:44:84:93:d0:ed:99:53:35:44:04:bd:7c:
e0:34:df:a5:7c:24:9e:a3:52:41:75:73:4d:76:84:60:6c:b8:
0b:1d:9b:a7:4a:95:5b:6e:66:84:07:7b:3e:f8:43:f0:86:c7:
ab:d1:dd:62:2d:1c:84:cf:e1:91:62:9a:77:9b:c6:84:04:4f:
18:ed:c9:85:3d:4c:af:46:fe:14:86:d9:a3:55:e4:9b:f8:84:
27:36:26:b6:ca:07:ce:cf:50:ed:38:24:b0:4f:10:9a:16:e0:
1f:1d:9c:59:44:33:d0:93:ef:a5:ed:4f:22:d6:63:a5:71:87:
1b:af:4b:d4:03:71:55:c2:ff:93:3c:47:3f:6b:d2:27:88:65:
5a:a8:22:d5
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICDh8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDA5MTgw
NzUxMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ4M0I0QTUwNTYwNzZF
QTYyQjZBMzg1REJEMTM2M0ZGQUZGQzBCMkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPRtX32OSI71mtI7V9CI5aI4Y962rwj7liO+xSn30R9k4wK3uh
Dl2dHEhFLm0Dfr4HWKWRi/Gsujb2czfy1hV4Q/ntbQ/6kL1n91okBoue4Cv19ZSd
6C+ogLFhoHM8fD6EzOLUznZlFWQOJ2vWO6dRwkOwPKogjbpdUz6qj92ArPCT9S4L
ew4UZu/eG6f047w5S2S0ba6AgwEGqdPPorwoxznKpQblM82T/L4biXk0pxIz4LTn
0OzkDT1/76hYGd3iHOu1Mhq3wHjKNWWTzuu+0wjeHCEcC6vmwI++Tzy+5Igt5ynX
Z2xC+txkiMWzkgItG6EBXRvTx+V9O8G0RY9lAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU2DtKUFYHbqYrajhdvRNj/6/8Cy8wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvMkR0S1VGWUhicVly
YWpoZHZSTmpfNl84Q3k4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAHxH+zANBgkqhkiG9w0BAQsFAAOCAQEAMl1IOtDZKvFwezN9r0r/EfPsKmRj
ndTIvtV9c7Yutz+eG/p4zaS4eLCnIpZm5tKJZL1JGIXNIa1wWJOZN9ir3d1p5Tgl
C6G17wtpG4OP2VBKiFwfsrsY9M8jxm3M4Fc7DfWZlaRKhAKayA8LR6ji1MArRIST
0O2ZUzVEBL184DTfpXwknqNSQXVzTXaEYGy4Cx2bp0qVW25mhAd7PvhD8IbHq9Hd
Yi0chM/hkWKad5vGhARPGO3JhT1Mr0b+FIbZo1Xkm/iEJzYmtsoHzs9Q7TgksE8Q
mhbgHx2cWUQz0JPvpe1PItZjpXGHG69L1ANxVcL/kzxHP2vSJ4hlWqgi1Q==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:53:58 2025 by rpki-client