Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3040/kXAI0-D5XImYVzcJIQccZpfDB88.roa
File: kXAI0-D5XImYVzcJIQccZpfDB88.roa (raw, json)
Hash identifier: iAt4O1S/Ii87MpeQfcZPzEONIcnhFLLWhbYJiffjYms=
Subject key identifier: 91:70:08:D3:E0:F9:5C:89:98:57:37:09:21:07:1C:66:97:C3:07:CF
Certificate issuer: /CN=03F075D9C6F18DC09BDA62B7087EA80DC5B711C5
Certificate serial: 197A
Authority key identifier: 03:F0:75:D9:C6:F1:8D:C0:9B:DA:62:B7:08:7E:A8:0D:C5:B7:11:C5
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/kXAI0-D5XImYVzcJIQccZpfDB88.roa
Signing time: Wed 13 Mar 2024 01:23:42 +0000
ROA not before: Wed 13 Mar 2024 01:23:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 49544
IP address blocks: 103.159.122.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6522 (0x197a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03F075D9C6F18DC09BDA62B7087EA80DC5B711C5
Validity
Not Before: Mar 13 01:23:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=917008D3E0F95C899857370921071C6697C307CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:38:89:a4:9a:53:6d:6a:a8:0e:8f:d6:e6:d1:
cd:f1:b7:3a:43:68:56:35:d2:bd:10:a2:0b:40:95:
b9:2d:ca:ef:3e:40:84:0f:89:1c:75:23:80:bc:88:
47:34:1e:97:4c:89:3a:15:f0:5a:1d:0f:4a:00:cc:
93:10:2d:06:10:88:bc:ce:37:d6:53:27:ca:96:9b:
e7:00:b1:60:39:23:6b:8a:1e:d1:e5:27:bc:ba:6e:
2e:42:76:d7:9e:5b:a4:3a:b5:f6:37:23:63:63:ff:
72:ea:c8:6f:1c:e2:ee:eb:89:56:f8:98:f3:22:08:
a9:be:ff:4c:12:ec:65:0b:e1:1c:69:cf:e7:44:e3:
00:0d:5e:e5:c3:57:bb:92:2f:a6:85:58:8c:08:63:
fc:53:f2:12:90:f3:3b:9e:ad:d4:11:94:a9:f6:15:
b8:e3:17:2c:d3:a0:db:26:d5:97:f1:ba:3f:13:0e:
4a:6b:8c:19:e4:b9:6e:2c:b2:ed:00:84:0a:fa:52:
cd:50:40:c5:fb:b6:1b:f4:31:12:89:f8:5e:f6:48:
3b:23:2c:fe:8c:f3:3a:3b:a7:18:28:ab:67:38:8e:
bb:b0:80:65:52:7c:f3:8c:bf:b6:8f:8e:43:58:3c:
52:0f:fb:7a:13:0b:37:21:5e:ec:ea:53:c6:2f:43:
ff:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:70:08:D3:E0:F9:5C:89:98:57:37:09:21:07:1C:66:97:C3:07:CF
X509v3 Authority Key Identifier:
keyid:03:F0:75:D9:C6:F1:8D:C0:9B:DA:62:B7:08:7E:A8:0D:C5:B7:11:C5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/A_B12cbxjcCb2mK3CH6oDcW3EcU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/kXAI0-D5XImYVzcJIQccZpfDB88.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.122.0/23
Signature Algorithm: sha256WithRSAEncryption
65:7b:4d:31:2f:85:20:9d:e5:b4:20:a5:56:f8:84:53:27:77:
9f:dc:8a:be:23:5d:61:cf:56:95:11:98:20:7b:2b:22:84:a9:
bb:30:5b:57:51:18:26:d0:1d:5d:74:67:59:5c:c4:2f:8f:8f:
c0:01:64:73:06:be:3e:57:ec:50:96:d5:3f:8e:64:72:a0:95:
5c:ec:1f:97:78:96:c1:1c:9a:36:21:29:7a:ce:60:cd:16:d5:
13:34:85:c5:ba:45:8b:29:a8:72:49:c3:bc:08:fd:26:79:1b:
97:e1:28:4a:75:24:d5:32:82:40:4f:31:fb:47:e6:e8:f8:3d:
99:c0:d6:2b:51:63:6c:ca:2e:97:6e:90:ee:72:81:40:84:19:
a9:be:cc:80:db:1d:15:be:32:7d:55:18:72:14:89:60:13:9d:
85:b6:a4:50:ed:60:1a:04:25:6e:98:3a:cd:11:35:9a:3d:40:
01:b5:f1:f0:a0:0f:ca:ec:bf:f9:fa:60:56:09:81:5e:31:2e:
d6:6a:96:4e:49:84:78:4e:34:b5:24:8a:46:40:d3:86:be:07:
98:bf:48:61:47:49:f2:25:0b:b4:b6:e3:1d:ca:48:43:88:e6:
8d:be:fd:bb:8d:32:ea:d6:7d:20:7f:65:57:31:2a:cc:fe:b3:
6e:3f:78:27
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICGXowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDNG
MDc1RDlDNkYxOERDMDlCREE2MkI3MDg3RUE4MERDNUI3MTFDNTAeFw0yNDAzMTMw
MTIzNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkxNzAwOEQzRTBGOTVD
ODk5ODU3MzcwOTIxMDcxQzY2OTdDMzA3Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeOImkmlNtaqgOj9bm0c3xtzpDaFY10r0QogtAlbktyu8+QIQP
iRx1I4C8iEc0HpdMiToV8FodD0oAzJMQLQYQiLzON9ZTJ8qWm+cAsWA5I2uKHtHl
J7y6bi5CdteeW6Q6tfY3I2Nj/3LqyG8c4u7riVb4mPMiCKm+/0wS7GUL4Rxpz+dE
4wANXuXDV7uSL6aFWIwIY/xT8hKQ8zuerdQRlKn2FbjjFyzToNsm1Zfxuj8TDkpr
jBnkuW4ssu0AhAr6Us1QQMX7thv0MRKJ+F72SDsjLP6M8zo7pxgoq2c4jruwgGVS
fPOMv7aPjkNYPFIP+3oTCzchXuzqU8YvQ//xAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUkXAI0+D5XImYVzcJIQccZpfDB88wHwYDVR0jBBgwFoAUA/B12cbxjcCb2mK3
CH6oDcW3EcUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
MC9BX0IxMmNieGpjQ2IybUszQ0g2b0RjVzNFY1UuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0FfQjEyY2J4amNDYjJtSzNDSDZvRGNXM0VjVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDAva1hBSTAtRDVYSW1Z
VnpjSklRY2NacGZEQjg4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWefejANBgkqhkiG9w0BAQsFAAOCAQEAZXtNMS+FIJ3ltCClVviEUyd3n9yK
viNdYc9WlRGYIHsrIoSpuzBbV1EYJtAdXXRnWVzEL4+PwAFkcwa+PlfsUJbVP45k
cqCVXOwfl3iWwRyaNiEpes5gzRbVEzSFxbpFiymocknDvAj9Jnkbl+EoSnUk1TKC
QE8x+0fm6Pg9mcDWK1FjbMoul26Q7nKBQIQZqb7MgNsdFb4yfVUYchSJYBOdhbak
UO1gGgQlbpg6zRE1mj1AAbXx8KAPyuy/+fpgVgmBXjEu1mqWTkmEeE40tSSKRkDT
hr4HmL9IYUdJ8iULtLbjHcpIQ4jmjb79u40y6tZ9IH9lVzEqzP6zbj94Jw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:05 2025 by rpki-client