Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/bU3XQkja_ix2S7C9tW4ZU5vCJiY.roa
File: bU3XQkja_ix2S7C9tW4ZU5vCJiY.roa (raw, json)
Hash identifier: cqFo6ZVNEZhfPa5ZEufRQPMlb+Q6QAsSchs75bIuQVA=
Subject key identifier: 6D:4D:D7:42:48:DA:FE:2C:76:4B:B0:BD:B5:6E:19:53:9B:C2:26:26
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 0F69
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/bU3XQkja_ix2S7C9tW4ZU5vCJiY.roa
Signing time: Mon 18 Nov 2024 08:37:17 +0000
ROA not before: Mon 18 Nov 2024 08:37:17 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 55990
IP address blocks: 113.47.250.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3945 (0xf69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Nov 18 08:37:17 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=6D4DD74248DAFE2C764BB0BDB56E19539BC22626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1c:94:58:e5:d5:b9:15:89:83:02:50:fb:63:
76:27:c1:f0:f6:17:06:ff:ab:1f:a2:9d:f1:dd:e5:
7e:13:01:0e:18:5f:9d:90:31:57:31:1c:48:3b:ac:
d8:8b:e9:9b:b0:92:d3:99:f8:21:a4:1c:de:10:ee:
58:83:f9:f3:7b:b5:6a:ff:8c:55:13:7b:b4:e3:37:
14:9b:08:fd:dc:9a:02:a1:75:5f:9d:0f:41:59:84:
72:88:26:b9:62:f5:1c:ff:30:71:aa:78:dc:8b:8f:
38:f6:2f:a9:9f:6d:65:93:90:5f:04:7b:7e:91:4a:
48:eb:c3:3f:72:4a:5f:f4:90:c4:a6:33:7a:ee:b8:
d9:51:46:2c:3b:ea:c4:e7:36:6f:df:6a:54:8c:07:
ab:93:45:f7:17:ec:22:e0:9d:af:55:c8:81:39:a6:
b1:b8:2f:0a:80:6c:26:7a:13:c5:37:c7:d4:f3:8a:
00:1b:c7:4b:6b:ed:86:5d:97:ba:59:0b:9d:cc:28:
08:25:1e:d1:19:8a:28:83:a7:e1:ed:c8:2c:3e:81:
e3:e3:a3:66:12:dc:fc:39:54:ed:b2:eb:aa:27:19:
b8:08:17:ae:e0:c7:6e:d3:27:f4:5e:e1:ff:1f:6a:
2a:8f:47:68:e6:2c:97:01:ca:87:a5:e2:96:99:0b:
7d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:4D:D7:42:48:DA:FE:2C:76:4B:B0:BD:B5:6E:19:53:9B:C2:26:26
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/bU3XQkja_ix2S7C9tW4ZU5vCJiY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.47.250.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:85:4b:06:f8:27:e6:f0:66:f2:63:86:93:5b:9e:9f:53:0a:
b7:5d:5c:3e:90:3f:f6:f9:a1:66:68:fd:eb:0c:47:8d:be:73:
06:cb:fd:eb:a7:6f:b4:81:4d:4d:6b:ec:18:4e:9f:64:f4:ec:
d8:30:92:33:97:c6:0d:12:8e:e8:da:6d:5d:98:47:07:a0:80:
84:da:e1:51:9b:55:69:d4:ae:4c:a4:85:9d:15:40:b2:0b:f6:
6c:f4:b1:2f:65:67:f5:db:75:17:f3:c5:b5:28:a6:11:37:9f:
d1:47:82:aa:2b:12:22:f9:80:d2:0f:5c:07:a7:58:87:2c:84:
ea:1e:8b:94:6e:41:f0:6b:8e:c5:86:76:85:92:4e:74:76:cd:
2a:ad:dc:ed:b0:b0:d1:a2:02:45:bf:2e:8e:84:02:58:cd:0a:
5f:2c:dd:7d:a2:b9:7f:11:bb:77:41:58:0e:26:84:c0:4b:fd:
da:10:87:d6:99:c0:06:87:bc:53:0f:57:b9:26:c7:f4:7b:92:
e7:4d:99:e3:20:eb:23:62:60:60:f7:94:c1:1a:56:9c:c8:28:
90:e1:6e:6d:c3:2a:bc:ef:e7:d3:e5:03:82:93:0b:0e:00:d3:
5d:d0:2b:6f:78:c4:f2:55:b6:69:78:a7:c0:80:36:65:0b:01:
b2:4a:46:32
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICD2kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDExMTgw
ODM3MTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDZENERENzQyNDhEQUZF
MkM3NjRCQjBCREI1NkUxOTUzOUJDMjI2MjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/HJRY5dW5FYmDAlD7Y3YnwfD2Fwb/qx+infHd5X4TAQ4YX52Q
MVcxHEg7rNiL6ZuwktOZ+CGkHN4Q7liD+fN7tWr/jFUTe7TjNxSbCP3cmgKhdV+d
D0FZhHKIJrli9Rz/MHGqeNyLjzj2L6mfbWWTkF8Ee36RSkjrwz9ySl/0kMSmM3ru
uNlRRiw76sTnNm/falSMB6uTRfcX7CLgna9VyIE5prG4LwqAbCZ6E8U3x9TzigAb
x0tr7YZdl7pZC53MKAglHtEZiiiDp+HtyCw+gePjo2YS3Pw5VO2y66onGbgIF67g
x27TJ/Re4f8faiqPR2jmLJcByoel4paZC335AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUbU3XQkja/ix2S7C9tW4ZU5vCJiYwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvYlUzWFFramFfaXgy
UzdDOXRXNFpVNXZDSmlZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAXEv+jANBgkqhkiG9w0BAQsFAAOCAQEAeoVLBvgn5vBm8mOGk1uen1MKt11c
PpA/9vmhZmj96wxHjb5zBsv966dvtIFNTWvsGE6fZPTs2DCSM5fGDRKO6NptXZhH
B6CAhNrhUZtVadSuTKSFnRVAsgv2bPSxL2Vn9dt1F/PFtSimETef0UeCqisSIvmA
0g9cB6dYhyyE6h6LlG5B8GuOxYZ2hZJOdHbNKq3c7bCw0aICRb8ujoQCWM0KXyzd
faK5fxG7d0FYDiaEwEv92hCH1pnABoe8Uw9XuSbH9HuS502Z4yDrI2JgYPeUwRpW
nMgokOFubcMqvO/n0+UDgpMLDgDTXdArb3jE8lW2aXinwIA2ZQsBskpGMg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:41:08 2025 by rpki-client