Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/xDuk2zOMh4lZZhdITQW1SQiq0cw.roa
File: xDuk2zOMh4lZZhdITQW1SQiq0cw.roa (raw, json)
Hash identifier: ow4Lr/42GgRh/OedjQFVtduqpq5NO04Tmgf5d69oZ/g=
Subject key identifier: C4:3B:A4:DB:33:8C:87:89:59:66:17:48:4D:05:B5:49:08:AA:D1:CC
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 0E21
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/xDuk2zOMh4lZZhdITQW1SQiq0cw.roa
Signing time: Wed 18 Sep 2024 07:51:21 +0000
ROA not before: Wed 18 Sep 2024 07:51:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55990
IP address blocks: 124.71.250.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3617 (0xe21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Sep 18 07:51:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C43BA4DB338C8789596617484D05B54908AAD1CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:cf:91:fe:49:46:31:99:da:12:72:85:82:38:
d7:91:06:7e:9e:dd:0d:88:d1:79:33:56:cc:fc:67:
cc:4b:67:81:d5:db:b3:bc:b7:ad:64:c3:f0:e8:d1:
d1:6d:1f:a7:60:64:44:2b:87:08:1c:7c:c2:7e:00:
8b:35:53:b3:ad:fa:a4:4e:08:99:b8:22:1d:ae:9d:
95:06:4f:03:08:42:d0:0e:0a:b0:e5:c3:ef:cb:26:
fe:4d:83:d7:94:da:4e:89:ea:0e:cb:16:85:93:fb:
51:38:5b:8e:88:37:83:db:58:33:b9:c5:fa:22:9d:
92:8f:02:2c:4b:d2:44:a0:74:8f:10:01:7c:db:b3:
a5:05:41:8c:d7:f5:ef:12:28:c0:fd:31:ed:82:2c:
e6:e1:e3:0d:d5:eb:19:87:0f:03:d1:3c:f0:5c:10:
09:d6:47:2a:4a:fa:d6:ef:46:1f:be:4a:ab:8c:d8:
90:de:08:95:b5:4e:3e:27:7e:0e:c6:d9:39:a1:b3:
2f:50:04:2e:2a:7e:07:85:3a:4b:0b:2f:9e:d8:66:
96:97:6b:5a:ff:1d:81:d3:c2:70:30:dd:9f:42:3b:
ce:53:1a:4a:dd:eb:1b:c1:7d:1b:87:4f:5b:e3:6f:
43:cd:7b:39:96:92:93:0b:9e:8e:ab:2a:b4:b1:46:
06:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:3B:A4:DB:33:8C:87:89:59:66:17:48:4D:05:B5:49:08:AA:D1:CC
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/xDuk2zOMh4lZZhdITQW1SQiq0cw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.71.250.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:2f:4d:8d:99:11:9f:44:08:7f:19:71:5d:f6:50:e7:37:02:
c5:19:df:51:c4:20:77:43:e4:58:e4:54:2b:3c:76:4b:b9:60:
79:b9:e4:94:e6:16:5d:80:d6:25:af:c8:f4:d5:ae:5b:67:de:
5f:da:26:49:e6:64:af:02:d8:db:91:03:51:c6:32:ff:f2:33:
19:22:56:3d:02:62:3a:29:52:ee:d5:d6:ab:34:06:b8:a5:8f:
63:31:44:06:ad:0a:99:e5:e6:cd:a2:93:8c:68:97:34:72:d4:
66:39:04:73:93:78:87:0c:9d:89:d4:22:18:87:29:52:0c:98:
6b:74:79:29:17:0f:61:c4:57:7e:fe:5e:4f:40:06:f7:8b:b9:
55:ba:f6:c1:bf:3b:02:7b:d0:23:0d:05:eb:22:52:b6:c0:26:
85:fa:58:59:2c:16:aa:d0:23:2d:9c:f9:52:29:70:0b:cd:9b:
39:a9:db:80:8e:8e:f9:57:a9:e8:d6:af:15:cc:d4:ec:64:4b:
55:e8:74:24:40:9b:55:c3:c2:4b:29:33:e9:5d:91:fa:88:88:
f3:68:7c:08:c4:68:84:12:3d:e3:6c:2a:24:5d:53:0b:e9:e2:
72:3d:d3:72:ff:d1:77:10:65:39:9e:50:8d:16:7e:40:2e:08:
c9:9a:1c:f6
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICDiEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDA5MTgw
NzUxMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM0M0JBNERCMzM4Qzg3
ODk1OTY2MTc0ODREMDVCNTQ5MDhBQUQxQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIz5H+SUYxmdoScoWCONeRBn6e3Q2I0XkzVsz8Z8xLZ4HV27O8
t61kw/Do0dFtH6dgZEQrhwgcfMJ+AIs1U7Ot+qROCJm4Ih2unZUGTwMIQtAOCrDl
w+/LJv5Ng9eU2k6J6g7LFoWT+1E4W46IN4PbWDO5xfoinZKPAixL0kSgdI8QAXzb
s6UFQYzX9e8SKMD9Me2CLObh4w3V6xmHDwPRPPBcEAnWRypK+tbvRh++SquM2JDe
CJW1Tj4nfg7G2Tmhsy9QBC4qfgeFOksLL57YZpaXa1r/HYHTwnAw3Z9CO85TGkrd
6xvBfRuHT1vjb0PNezmWkpMLno6rKrSxRgbpAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUxDuk2zOMh4lZZhdITQW1SQiq0cwwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQveER1azJ6T01oNGxa
WmhkSVRRVzFTUWlxMGN3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAHxH+jANBgkqhkiG9w0BAQsFAAOCAQEApS9NjZkRn0QIfxlxXfZQ5zcCxRnf
UcQgd0PkWORUKzx2S7lgebnklOYWXYDWJa/I9NWuW2feX9omSeZkrwLY25EDUcYy
//IzGSJWPQJiOilS7tXWqzQGuKWPYzFEBq0KmeXmzaKTjGiXNHLUZjkEc5N4hwyd
idQiGIcpUgyYa3R5KRcPYcRXfv5eT0AG94u5Vbr2wb87AnvQIw0F6yJStsAmhfpY
WSwWqtAjLZz5UilwC82bOanbgI6O+Vep6NavFczU7GRLVeh0JECbVcPCSykz6V2R
+oiI82h8CMRohBI942wqJF1TC+nicj3Tcv/RdxBlOZ5QjRZ+QC4IyZoc9g==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:53:10 2025 by rpki-client