Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3051/OSi-i3xSKX2UarBh7wXuyu7gwRU.roa
File: OSi-i3xSKX2UarBh7wXuyu7gwRU.roa (raw, json)
Hash identifier: dIWZKhjbirWV52qPasBc607gwnD/E8xFksQL1hy1AT4=
Subject key identifier: 39:28:BE:8B:7C:52:29:7D:94:6A:B0:61:EF:05:EE:CA:EE:E0:C1:15
Certificate issuer: /CN=FC03F2F966F62BFDC66B041562E9BA40032DA09E
Certificate serial: 1733
Authority key identifier: FC:03:F2:F9:66:F6:2B:FD:C6:6B:04:15:62:E9:BA:40:03:2D:A0:9E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_APy-Wb2K_3GawQVYum6QAMtoJ4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3051/OSi-i3xSKX2UarBh7wXuyu7gwRU.roa
Signing time: Wed 13 Mar 2024 01:22:22 +0000
ROA not before: Wed 13 Mar 2024 01:22:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24409
IP address blocks: 111.223.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5939 (0x1733)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FC03F2F966F62BFDC66B041562E9BA40032DA09E
Validity
Not Before: Mar 13 01:22:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3928BE8B7C52297D946AB061EF05EECAEEE0C115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:d5:91:c8:85:3b:34:0a:d1:d6:29:24:a4:8f:
fd:0e:71:49:d1:14:33:41:33:7c:6b:b1:bf:90:9a:
f5:68:52:0c:3f:42:31:b9:a3:04:d3:20:f9:08:ef:
66:79:9d:c2:4f:9d:a7:9a:68:7f:4b:22:b6:1c:67:
bd:70:99:11:5c:cc:32:4e:11:82:38:dc:b8:bf:26:
61:52:1a:1f:aa:d5:d7:b0:c7:3b:b5:54:c3:9b:7a:
4c:d2:e3:3d:d3:90:e2:31:1f:46:7e:99:cb:5d:e1:
fa:85:d0:51:85:7b:de:22:e1:65:88:db:0b:c1:2d:
a8:6f:57:50:47:b3:46:b7:98:91:25:b1:81:5f:ca:
9d:5f:05:b1:84:f2:ca:4d:c2:3b:17:6f:d8:14:5c:
22:89:f0:11:78:e0:b3:53:40:08:d7:22:66:8f:e4:
5a:08:e9:a2:37:5b:70:60:3e:d8:32:d4:ce:97:3c:
ba:42:e1:98:fe:1c:cd:1c:0b:ba:fb:4c:82:e3:1f:
89:ad:62:98:e3:0f:61:07:d0:f7:e3:61:76:b2:4e:
33:9b:d1:df:c5:9c:e3:b1:f5:11:40:62:f9:0a:68:
6b:2a:8b:6b:90:e8:1c:64:27:0f:c0:d7:e5:fb:f9:
40:ef:b1:04:87:25:28:af:b7:32:3b:1d:51:0a:ca:
37:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:28:BE:8B:7C:52:29:7D:94:6A:B0:61:EF:05:EE:CA:EE:E0:C1:15
X509v3 Authority Key Identifier:
keyid:FC:03:F2:F9:66:F6:2B:FD:C6:6B:04:15:62:E9:BA:40:03:2D:A0:9E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3051/_APy-Wb2K_3GawQVYum6QAMtoJ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_APy-Wb2K_3GawQVYum6QAMtoJ4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3051/OSi-i3xSKX2UarBh7wXuyu7gwRU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
111.223.8.0/22
Signature Algorithm: sha256WithRSAEncryption
11:04:53:18:bc:6c:70:19:ed:c5:61:b5:93:1e:fd:fc:12:3d:
11:6b:75:a8:1a:75:c0:c5:17:35:03:0c:e3:17:96:22:0f:b3:
9b:3f:70:9f:9b:e2:9f:17:d6:94:ac:2d:50:ba:d8:de:b3:fa:
ff:5e:65:61:d8:02:4f:c6:a3:78:af:18:5b:d8:7a:e8:65:1c:
db:b8:55:e2:58:67:df:84:2b:d3:09:f9:15:73:cd:48:f4:71:
69:71:74:8e:59:32:75:ea:78:e4:32:a2:d2:81:3e:72:3c:27:
42:0c:65:1d:18:73:ad:d7:85:1c:30:95:c4:40:fb:ad:6e:7f:
6e:f4:0d:c7:0e:17:1a:0a:f7:39:1e:6f:4e:4e:7f:c3:08:84:
7e:e9:0e:5a:48:69:cf:e7:15:da:6c:b4:2c:2e:15:c8:cd:70:
11:35:24:74:a9:84:94:c6:68:c1:00:99:bf:44:9b:9b:71:b9:
2f:51:ee:9e:21:dd:37:5a:aa:3e:30:e5:80:a7:18:7c:ee:5c:
8e:df:99:3f:87:24:ab:7c:3e:32:b3:07:34:2c:38:76:dd:db:
05:c7:5a:69:7a:44:61:e0:aa:84:d1:5d:9b:ee:af:b1:b7:fd:
82:d2:1a:a5:38:4d:76:8e:26:f2:a1:60:ba:3f:85:9e:2b:b8:
4d:31:1d:83
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFzMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkMw
M0YyRjk2NkY2MkJGREM2NkIwNDE1NjJFOUJBNDAwMzJEQTA5RTAeFw0yNDAzMTMw
MTIyMjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM5MjhCRThCN0M1MjI5
N0Q5NDZBQjA2MUVGMDVFRUNBRUVFMEMxMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD41ZHIhTs0CtHWKSSkj/0OcUnRFDNBM3xrsb+QmvVoUgw/QjG5
owTTIPkI72Z5ncJPnaeaaH9LIrYcZ71wmRFczDJOEYI43Li/JmFSGh+q1dewxzu1
VMObekzS4z3TkOIxH0Z+mctd4fqF0FGFe94i4WWI2wvBLahvV1BHs0a3mJElsYFf
yp1fBbGE8spNwjsXb9gUXCKJ8BF44LNTQAjXImaP5FoI6aI3W3BgPtgy1M6XPLpC
4Zj+HM0cC7r7TILjH4mtYpjjD2EH0PfjYXayTjOb0d/FnOOx9RFAYvkKaGsqi2uQ
6BxkJw/A1+X7+UDvsQSHJSivtzI7HVEKyjeXAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUOSi+i3xSKX2UarBh7wXuyu7gwRUwHwYDVR0jBBgwFoAU/APy+Wb2K/3GawQV
Yum6QAMtoJ4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA1
MS9fQVB5LVdiMktfM0dhd1FWWXVtNlFBTXRvSjQuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL19BUHktV2IyS18zR2F3UVZZdW02UUFNdG9KNC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNTEvT1NpLWkzeFNLWDJV
YXJCaDd3WHV5dTdnd1JVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAm/fCDANBgkqhkiG9w0BAQsFAAOCAQEAEQRTGLxscBntxWG1kx79/BI9EWt1
qBp1wMUXNQMM4xeWIg+zmz9wn5vinxfWlKwtULrY3rP6/15lYdgCT8ajeK8YW9h6
6GUc27hV4lhn34Qr0wn5FXPNSPRxaXF0jlkydep45DKi0oE+cjwnQgxlHRhzrdeF
HDCVxED7rW5/bvQNxw4XGgr3OR5vTk5/wwiEfukOWkhpz+cV2my0LC4VyM1wETUk
dKmElMZowQCZv0Sbm3G5L1HuniHdN1qqPjDlgKcYfO5cjt+ZP4ckq3w+MrMHNCw4
dt3bBcdaaXpEYeCqhNFdm+6vsbf9gtIapThNdo4m8qFguj+Fniu4TTEdgw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:48 2025 by rpki-client