Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/pWcd6cvy-6xMIGznHDcg4O9eQwQ.roa
File: pWcd6cvy-6xMIGznHDcg4O9eQwQ.roa (raw, json)
Hash identifier: PiBKBOSwPaB5uQr41/dtONYIqrCNOY3AnSzEpYOItEk=
Subject key identifier: A5:67:1D:E9:CB:F2:FB:AC:4C:20:6C:E7:1C:37:20:E0:EF:5E:43:04
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 0DED
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/pWcd6cvy-6xMIGznHDcg4O9eQwQ.roa
Signing time: Mon 09 Sep 2024 02:58:35 +0000
ROA not before: Mon 09 Sep 2024 02:58:35 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 136907
IP address blocks: 124.71.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3565 (0xded)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Sep 9 02:58:35 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A5671DE9CBF2FBAC4C206CE71C3720E0EF5E4304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1e:1c:cc:61:55:8d:67:75:98:c3:d9:93:b4:
f2:2d:f7:62:94:76:17:1e:4e:d1:5a:70:c0:6e:e2:
73:f5:9c:d1:da:97:27:be:10:83:cf:da:b1:96:87:
01:0f:50:42:94:78:03:e2:b7:f9:c0:29:e5:01:1a:
be:66:87:cd:c6:f9:54:43:22:1c:e1:c4:cf:38:31:
82:f9:2f:74:9e:1a:2d:05:ee:25:79:24:08:1d:2f:
36:74:34:0f:61:b7:c5:86:4c:30:57:e0:0a:5d:75:
2e:ef:87:47:cb:86:9c:ab:ff:bd:6f:95:62:ec:9a:
a5:ee:13:5d:d5:36:69:81:bb:7d:17:d2:c1:c8:6c:
cb:71:55:b5:2d:aa:be:4c:35:3c:e3:2a:df:83:49:
cb:0a:a0:ec:91:ad:78:e4:e6:24:5f:7c:f7:ef:08:
c1:d3:a1:35:81:66:c3:7b:7c:4b:95:e7:f0:a8:0e:
95:59:85:b7:b7:e0:3a:7a:50:93:84:5a:20:63:d3:
c6:b9:d9:45:f4:76:56:94:18:7c:ea:58:d8:e4:a9:
f8:e8:b6:07:20:d5:44:82:44:e1:81:ca:c5:34:6a:
6b:da:09:bc:99:b3:3a:11:1e:60:fa:d6:91:ff:2e:
d0:92:2f:32:4d:1f:17:30:18:5b:fb:74:0c:4a:a8:
4b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:67:1D:E9:CB:F2:FB:AC:4C:20:6C:E7:1C:37:20:E0:EF:5E:43:04
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/pWcd6cvy-6xMIGznHDcg4O9eQwQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.71.251.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:17:65:d1:4c:29:f9:54:b0:5a:fb:8a:c3:53:b9:82:11:46:
19:49:a4:04:7d:31:98:3a:27:69:c2:3b:a9:b2:c6:73:17:48:
f7:c4:2b:94:6d:8a:77:42:fa:f8:89:20:5c:dc:07:ef:6a:eb:
2e:51:89:a9:0d:19:35:d9:d6:31:c9:be:a3:17:b9:5e:81:55:
a3:74:f0:db:ff:73:9f:2d:91:94:7c:a0:cc:25:75:0e:d7:04:
52:4c:bb:b0:c6:90:aa:ac:6d:27:24:d7:4a:cc:2f:c1:5e:d2:
a8:f0:9f:72:c3:38:6e:62:47:ac:f4:5e:6e:1f:aa:c6:28:11:
30:f8:7b:2f:c0:29:88:fd:e6:be:84:dc:58:ea:77:4b:a6:f0:
ac:12:a0:d2:f7:b7:7a:6f:17:49:f4:cf:c0:53:29:a8:7d:96:
91:56:e4:97:2f:ba:20:09:ca:02:c4:93:13:b8:47:35:ff:20:
2b:b2:56:c9:65:9a:b7:0e:19:1d:ab:5a:b8:d8:bc:67:77:8d:
0d:a3:d8:c8:50:44:25:4d:68:12:72:e1:9b:12:3c:1b:bc:9c:
65:00:b8:95:f7:d2:4b:4c:d4:d1:b8:59:26:79:82:f1:df:84:
3b:e5:b3:dd:cb:cb:54:65:f5:4c:c2:d6:81:f2:42:ff:a9:aa:
39:49:f8:a8
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICDe0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDA5MDkw
MjU4MzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE1NjcxREU5Q0JGMkZC
QUM0QzIwNkNFNzFDMzcyMEUwRUY1RTQzMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtHhzMYVWNZ3WYw9mTtPIt92KUdhceTtFacMBu4nP1nNHalye+
EIPP2rGWhwEPUEKUeAPit/nAKeUBGr5mh83G+VRDIhzhxM84MYL5L3SeGi0F7iV5
JAgdLzZ0NA9ht8WGTDBX4ApddS7vh0fLhpyr/71vlWLsmqXuE13VNmmBu30X0sHI
bMtxVbUtqr5MNTzjKt+DScsKoOyRrXjk5iRffPfvCMHToTWBZsN7fEuV5/CoDpVZ
hbe34Dp6UJOEWiBj08a52UX0dlaUGHzqWNjkqfjotgcg1USCROGBysU0amvaCbyZ
szoRHmD61pH/LtCSLzJNHxcwGFv7dAxKqEsjAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUpWcd6cvy+6xMIGznHDcg4O9eQwQwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvcFdjZDZjdnktNnhN
SUd6bkhEY2c0TzllUXdRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAHxH+zANBgkqhkiG9w0BAQsFAAOCAQEAphdl0Uwp+VSwWvuKw1O5ghFGGUmk
BH0xmDonacI7qbLGcxdI98QrlG2Kd0L6+IkgXNwH72rrLlGJqQ0ZNdnWMcm+oxe5
XoFVo3Tw2/9zny2RlHygzCV1DtcEUky7sMaQqqxtJyTXSswvwV7SqPCfcsM4bmJH
rPRebh+qxigRMPh7L8ApiP3mvoTcWOp3S6bwrBKg0ve3em8XSfTPwFMpqH2WkVbk
ly+6IAnKAsSTE7hHNf8gK7JWyWWatw4ZHatauNi8Z3eNDaPYyFBEJU1oEnLhmxI8
G7ycZQC4lffSS0zU0bhZJnmC8d+EO+Wz3cvLVGX1TMLWgfJC/6mqOUn4qA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:23 2025 by rpki-client