Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/yNBDGOVkiYsAwisAWCDVmLNs1gQ.roa
File: yNBDGOVkiYsAwisAWCDVmLNs1gQ.roa (raw, json)
Hash identifier: emMlJZXjdR4Q6ai98sFQXdo2DR2/iit0LIujArCR5u8=
Subject key identifier: C8:D0:43:18:E5:64:89:8B:00:C2:2B:00:58:20:D5:98:B3:6C:D6:04
Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708
Certificate serial: 16D6
Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/yNBDGOVkiYsAwisAWCDVmLNs1gQ.roa
Signing time: Wed 13 Mar 2024 01:23:51 +0000
ROA not before: Wed 13 Mar 2024 01:23:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 137718
IP address blocks: 2406:d440::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5846 (0x16d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708
Validity
Not Before: Mar 13 01:23:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C8D04318E564898B00C22B005820D598B36CD604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:34:08:6a:c0:00:58:4c:12:df:33:1f:5e:3b:
55:3d:53:47:af:67:97:7d:69:78:6f:07:49:a0:0f:
c4:86:14:1f:ea:3a:6a:11:ab:64:2a:9d:a2:2c:3a:
c7:43:03:18:48:c5:77:ec:54:3e:a0:92:bc:76:09:
76:7a:b5:2d:4e:f5:ae:6f:78:db:ab:1a:1a:8b:d5:
54:5b:9f:5a:ae:6d:8e:68:f0:a9:c0:5e:51:cf:e3:
73:40:8d:d6:ed:49:e9:45:f4:f1:ce:ed:7a:29:1b:
23:84:28:1c:c1:ba:b8:2c:cd:2e:a5:1d:ee:b1:26:
c8:4c:f3:74:5a:8a:10:cd:d2:fe:bd:67:c6:8f:84:
a9:08:1a:20:3b:de:9a:a6:b6:2e:1e:7a:2f:b9:3d:
10:2f:dd:26:ef:bf:3a:96:7c:ce:57:3a:25:27:23:
7d:6d:ed:1e:56:ec:04:3d:d1:fc:25:87:60:e8:2f:
7a:3a:9b:4e:46:68:d1:64:d4:e2:53:02:19:d6:8c:
b8:22:16:cd:74:4e:ae:a5:32:20:f6:d8:84:76:7e:
1e:89:0e:1d:97:10:fa:7f:dd:e5:f0:d5:76:13:e8:
7e:05:48:7a:af:cd:a4:d5:96:6b:f9:11:1d:91:56:
e3:85:d3:73:16:76:0d:7c:a6:b7:9f:1f:64:ef:f6:
26:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D0:43:18:E5:64:89:8B:00:C2:2B:00:58:20:D5:98:B3:6C:D6:04
X509v3 Authority Key Identifier:
keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/yNBDGOVkiYsAwisAWCDVmLNs1gQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:d440::/32
Signature Algorithm: sha256WithRSAEncryption
be:ff:91:40:9b:1e:92:8b:4b:24:1d:da:9e:fc:bb:81:be:cc:
a2:6b:76:3e:67:71:fd:63:e2:5a:70:33:b4:90:1d:00:76:6d:
eb:90:e2:b9:54:62:ab:04:49:75:ed:99:80:9e:3f:6c:93:8f:
80:ec:0c:bd:cf:37:20:a7:63:4b:7f:9c:c5:bd:d6:34:ca:b8:
38:76:e7:e9:f8:a0:d1:75:be:ee:b3:d8:39:79:a2:82:a2:04:
2a:9a:45:6a:fa:d2:f4:68:6b:04:78:d7:a4:db:6d:e2:2d:70:
99:b7:40:4b:99:b1:c8:2d:33:8e:12:7d:65:3b:88:8c:4e:7f:
75:22:e4:66:bc:fa:b4:d3:d7:98:44:4f:8a:4c:1c:3f:2f:07:
a5:09:6f:43:9d:03:33:26:be:b9:51:28:4f:c8:dd:06:f8:b1:
81:73:a6:6b:d1:16:f0:70:c7:72:ee:92:71:40:9e:d2:53:4d:
80:db:a3:14:ef:5a:a1:db:55:0d:ed:dd:28:1a:88:49:56:4e:
34:26:60:7c:a3:87:1f:f2:7d:b5:12:b9:5c:14:ab:42:31:f1:
49:d6:8c:7a:a3:12:a5:03:32:49:2c:0c:aa:69:15:4f:97:e2:
18:7d:87:3f:81:e8:be:cc:63:ee:4a:1a:9c:7b:5f:da:cc:c0:
2c:7c:f8:9b
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICFtYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4
QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNDAzMTMw
MTIzNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM4RDA0MzE4RTU2NDg5
OEIwMEMyMkIwMDU4MjBENTk4QjM2Q0Q2MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZNAhqwABYTBLfMx9eO1U9U0evZ5d9aXhvB0mgD8SGFB/qOmoR
q2QqnaIsOsdDAxhIxXfsVD6gkrx2CXZ6tS1O9a5veNurGhqL1VRbn1qubY5o8KnA
XlHP43NAjdbtSelF9PHO7XopGyOEKBzBurgszS6lHe6xJshM83RaihDN0v69Z8aP
hKkIGiA73pqmti4eei+5PRAv3SbvvzqWfM5XOiUnI31t7R5W7AQ90fwlh2DoL3o6
m05GaNFk1OJTAhnWjLgiFs10Tq6lMiD22IR2fh6JDh2XEPp/3eXw1XYT6H4FSHqv
zaTVlmv5ER2RVuOF03MWdg18prefH2Tv9iZrAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUyNBDGOVkiYsAwisAWCDVmLNs1gQwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw
dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0
NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQveU5CREdPVmtpWXNB
d2lzQVdDRFZtTE5zMWdRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQG1EAwDQYJKoZIhvcNAQELBQADggEBAL7/kUCbHpKLSyQd2p78u4G+zKJr
dj5ncf1j4lpwM7SQHQB2beuQ4rlUYqsESXXtmYCeP2yTj4DsDL3PNyCnY0t/nMW9
1jTKuDh25+n4oNF1vu6z2Dl5ooKiBCqaRWr60vRoawR416TbbeItcJm3QEuZscgt
M44SfWU7iIxOf3Ui5Ga8+rTT15hET4pMHD8vB6UJb0OdAzMmvrlRKE/I3Qb4sYFz
pmvRFvBwx3LuknFAntJTTYDboxTvWqHbVQ3t3SgaiElWTjQmYHyjhx/yfbUSuVwU
q0Ix8UnWjHqjEqUDMkksDKppFU+X4hh9hz+B6L7MY+5KGpx7X9rMwCx8+Js=
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:26:26 2025 by rpki-client