Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/8KxjQgnHwKrfVdwyHoCsl1NcB24.roa
File: 8KxjQgnHwKrfVdwyHoCsl1NcB24.roa (raw, json)
Hash identifier: 8uBsfjuVmtDsmRdvBHskQ0V4q1Em9AVAFO2IdqzqyNo=
Subject key identifier: F0:AC:63:42:09:C7:C0:AA:DF:55:DC:32:1E:80:AC:97:53:5C:07:6E
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 0D5D
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/8KxjQgnHwKrfVdwyHoCsl1NcB24.roa
Signing time: Tue 13 Aug 2024 03:22:20 +0000
ROA not before: Tue 13 Aug 2024 03:22:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 136907
IP address blocks: 110.41.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3421 (0xd5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Aug 13 03:22:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F0AC634209C7C0AADF55DC321E80AC97535C076E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:43:32:18:af:aa:10:a4:00:db:1c:c7:c7:6e:
5e:78:a3:9e:5f:c2:9f:25:f0:ac:b2:56:bd:f0:d5:
29:09:01:06:17:af:8d:20:51:40:2c:bb:f1:8c:5c:
57:f2:c8:7f:a7:32:a7:5a:e2:4a:2c:a8:54:90:c8:
b5:b0:f1:61:1e:01:15:ad:52:d2:63:de:75:a2:d2:
2b:b9:cb:b5:51:c0:3c:5d:c3:45:e3:41:0c:5d:86:
bd:94:82:25:0e:ce:de:e5:78:fc:6d:65:bc:a6:3d:
7e:ca:63:94:f2:53:c3:44:42:ab:28:a9:3e:b6:d6:
7f:8c:34:c0:b2:22:e6:6c:c3:2c:f8:24:1a:a9:cf:
97:60:24:d4:52:58:ac:cd:79:55:f0:c8:6d:c7:20:
8f:ef:27:48:93:ac:26:0a:7d:86:6c:55:ae:b7:c3:
bb:f6:6f:ed:44:68:78:62:fb:51:35:da:e7:86:14:
ce:73:1a:98:9b:d2:6c:d9:e5:c0:9f:f9:6f:06:75:
62:20:a9:72:5e:84:91:7c:da:6b:c9:f3:f8:a3:73:
43:ef:b4:d2:ba:fa:8e:8f:60:07:10:a5:0f:1f:8f:
d1:52:de:3a:01:6c:51:17:50:82:f2:53:57:fe:40:
e8:a8:d1:a3:aa:f8:14:1f:65:43:d9:18:c0:e7:0e:
23:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:AC:63:42:09:C7:C0:AA:DF:55:DC:32:1E:80:AC:97:53:5C:07:6E
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/8KxjQgnHwKrfVdwyHoCsl1NcB24.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
110.41.90.0/24
Signature Algorithm: sha256WithRSAEncryption
17:df:fc:39:cb:37:bc:76:c7:3f:4e:4a:aa:83:f4:89:c9:99:
e3:0c:7a:37:13:28:51:7e:e8:60:ff:2c:9f:68:68:c5:d5:d2:
9c:23:cb:11:47:81:26:1b:e3:ac:e2:7b:34:a7:9a:0b:26:39:
42:3b:fd:65:28:23:77:a4:02:c1:31:d2:d9:d4:30:cd:f8:77:
d4:8c:fb:b9:fd:54:c3:ab:95:02:79:e5:12:16:9a:db:bd:8c:
80:61:9e:0d:8c:0d:7c:4b:1b:97:10:51:bd:1d:10:ca:d1:da:
36:7c:6d:1c:a6:3e:88:8a:e4:b7:94:88:31:00:5b:19:5a:8d:
31:88:5b:d9:84:e5:06:ef:5c:96:53:0b:d8:90:e8:b1:51:1b:
04:d4:c4:7d:1c:7b:49:8e:8b:cc:9b:26:47:ed:8a:80:ad:26:
53:c7:75:68:99:72:45:4c:ee:70:61:d1:63:ce:49:96:f2:ac:
2b:33:f5:f6:7c:94:70:8e:a4:59:d5:aa:8a:6d:8f:d9:4d:12:
ae:ae:1e:1b:1a:8a:c8:d6:5a:7d:96:5f:10:00:bc:22:ba:14:
95:c7:3c:ec:d2:42:4a:a0:90:ba:67:f3:87:41:ff:6b:08:32:
b9:64:59:af:40:7a:99:b1:b1:57:b1:13:57:23:0c:9f:ce:d2:
10:e1:3a:3d
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICDV0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDA4MTMw
MzIyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYwQUM2MzQyMDlDN0Mw
QUFERjU1REMzMjFFODBBQzk3NTM1QzA3NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3QzIYr6oQpADbHMfHbl54o55fwp8l8KyyVr3w1SkJAQYXr40g
UUAsu/GMXFfyyH+nMqda4kosqFSQyLWw8WEeARWtUtJj3nWi0iu5y7VRwDxdw0Xj
QQxdhr2UgiUOzt7lePxtZbymPX7KY5TyU8NEQqsoqT621n+MNMCyIuZswyz4JBqp
z5dgJNRSWKzNeVXwyG3HII/vJ0iTrCYKfYZsVa63w7v2b+1EaHhi+1E12ueGFM5z
Gpib0mzZ5cCf+W8GdWIgqXJehJF82mvJ8/ijc0PvtNK6+o6PYAcQpQ8fj9FS3joB
bFEXUILyU1f+QOio0aOq+BQfZUPZGMDnDiPFAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU8KxjQgnHwKrfVdwyHoCsl1NcB24wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvOEt4alFnbkh3S3Jm
VmR3eUhvQ3NsMU5jQjI0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAG4pWjANBgkqhkiG9w0BAQsFAAOCAQEAF9/8Ocs3vHbHP05KqoP0icmZ4wx6
NxMoUX7oYP8sn2hoxdXSnCPLEUeBJhvjrOJ7NKeaCyY5Qjv9ZSgjd6QCwTHS2dQw
zfh31Iz7uf1Uw6uVAnnlEhaa272MgGGeDYwNfEsblxBRvR0QytHaNnxtHKY+iIrk
t5SIMQBbGVqNMYhb2YTlBu9cllML2JDosVEbBNTEfRx7SY6LzJsmR+2KgK0mU8d1
aJlyRUzucGHRY85JlvKsKzP19nyUcI6kWdWqim2P2U0Srq4eGxqKyNZafZZfEAC8
IroUlcc87NJCSqCQumfzh0H/awgyuWRZr0B6mbGxV7ETVyMMn87SEOE6PQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:45:39 2025 by rpki-client