Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/-7Bov7fMIFkcipnWZsB3O22TEWw.roa
File: -7Bov7fMIFkcipnWZsB3O22TEWw.roa (raw, json)
Hash identifier: koEl5VLkZld4NYBr3igz+NBZF05lvXSc6V2XJjbBK84=
Subject key identifier: FB:B0:68:BF:B7:CC:20:59:1C:8A:99:D6:66:C0:77:3B:6D:93:11:6C
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1349
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/-7Bov7fMIFkcipnWZsB3O22TEWw.roa
Signing time: Mon 11 Mar 2024 06:45:00 +0000
ROA not before: Mon 11 Mar 2024 06:45:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4812
IP address blocks: 103.169.50.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4937 (0x1349)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Mar 11 06:45:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FBB068BFB7CC20591C8A99D666C0773B6D93116C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3b:dd:bf:01:dd:7c:c2:e3:b3:0b:b9:2c:c5:
25:58:69:db:91:0d:72:05:76:5c:3a:b2:57:d2:b9:
fd:ee:6c:b0:27:be:be:75:e3:c4:e0:ac:b7:68:70:
bb:01:dd:f2:2f:01:61:53:04:d6:80:47:e2:a3:8e:
e0:83:9e:2d:df:6a:1a:f4:ca:84:77:f2:56:d0:0c:
cc:11:9a:51:4b:8c:68:ff:40:67:f2:65:99:95:2a:
71:1b:08:8c:e8:4c:9c:bd:7f:f7:1b:c7:57:6b:25:
5a:c7:d6:bd:d6:36:69:a9:ac:4b:8c:23:ef:03:ad:
ea:f8:e4:5d:cb:6b:06:be:ee:94:ca:37:f9:54:fa:
4a:eb:27:d2:11:e5:4e:04:93:26:90:3c:85:c5:1e:
65:cf:3a:06:cb:0c:a9:c7:0c:61:db:5a:88:aa:02:
a7:25:95:8c:2e:65:58:9f:37:dc:6a:07:f5:02:f7:
a1:99:8f:bf:52:e3:21:b5:e6:cb:93:60:5e:18:dd:
fe:3f:84:f7:2f:69:9c:53:ef:43:8c:93:58:64:5d:
fb:58:3b:3c:74:f3:a6:02:80:11:65:dd:d3:91:f8:
e7:8e:68:58:d4:18:37:ba:ea:8b:b7:47:d1:5c:9f:
09:c8:31:53:fe:28:d3:27:fb:62:24:a6:1c:a2:a0:
d9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B0:68:BF:B7:CC:20:59:1C:8A:99:D6:66:C0:77:3B:6D:93:11:6C
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/-7Bov7fMIFkcipnWZsB3O22TEWw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.169.50.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:53:e7:97:f3:23:8b:e9:6e:55:7e:ac:18:b6:d8:89:29:07:
da:61:ac:ca:a4:75:1b:8d:67:ab:9a:6e:e1:8a:87:65:03:12:
55:41:81:20:ce:d6:98:9f:ae:6c:7d:7d:cd:19:bc:15:b5:75:
83:32:c0:72:39:46:ec:cd:4a:84:43:56:a6:47:28:97:9e:fe:
b8:61:39:81:ec:8e:f4:75:b8:b5:46:b1:38:a5:cb:69:81:c8:
11:6a:05:0f:4c:e4:e0:e0:ed:c2:29:1b:cb:cf:a7:5b:c1:2c:
4e:0c:40:16:e2:a3:c9:b5:25:17:cc:b1:74:4f:2a:fd:34:10:
20:85:08:65:30:17:9f:b9:2d:44:81:8c:d7:5a:fb:c7:f3:8f:
07:88:c6:68:1e:1c:6c:b3:ce:2b:e9:d6:54:3b:fe:0a:b7:84:
d1:99:4b:c8:f0:db:17:6f:40:14:94:1f:d4:56:5c:18:c3:b6:
46:9e:24:81:9d:90:50:77:a8:8f:5a:d8:95:0c:10:d4:65:a0:
52:b7:1a:7a:a4:6a:b4:45:69:69:ed:97:3b:c7:a8:d9:ce:ae:
f4:3a:d1:5d:d4:b7:18:81:66:7f:2e:d4:d1:ed:09:88:bf:f7:
5f:3f:45:b8:b4:24:19:56:d7:ec:12:44:e1:44:11:80:1a:18:
0e:ec:11:2a
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICE0kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNDAzMTEw
NjQ1MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZCQjA2OEJGQjdDQzIw
NTkxQzhBOTlENjY2QzA3NzNCNkQ5MzExNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyO92/Ad18wuOzC7ksxSVYaduRDXIFdlw6slfSuf3ubLAnvr51
48TgrLdocLsB3fIvAWFTBNaAR+KjjuCDni3fahr0yoR38lbQDMwRmlFLjGj/QGfy
ZZmVKnEbCIzoTJy9f/cbx1drJVrH1r3WNmmprEuMI+8Drer45F3Lawa+7pTKN/lU
+krrJ9IR5U4EkyaQPIXFHmXPOgbLDKnHDGHbWoiqAqcllYwuZVifN9xqB/UC96GZ
j79S4yG15suTYF4Y3f4/hPcvaZxT70OMk1hkXftYOzx086YCgBFl3dOR+OeOaFjU
GDe66ou3R9FcnwnIMVP+KNMn+2IkphyioNnNAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU+7Bov7fMIFkcipnWZsB3O22TEWwwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvLTdCb3Y3Zk1JRmtj
aXBuV1pzQjNPMjJURVd3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWepMjANBgkqhkiG9w0BAQsFAAOCAQEAW1Pnl/Mji+luVX6sGLbYiSkH2mGs
yqR1G41nq5pu4YqHZQMSVUGBIM7WmJ+ubH19zRm8FbV1gzLAcjlG7M1KhENWpkco
l57+uGE5geyO9HW4tUaxOKXLaYHIEWoFD0zk4ODtwikby8+nW8EsTgxAFuKjybUl
F8yxdE8q/TQQIIUIZTAXn7ktRIGM11r7x/OPB4jGaB4cbLPOK+nWVDv+CreE0ZlL
yPDbF29AFJQf1FZcGMO2Rp4kgZ2QUHeoj1rYlQwQ1GWgUrcaeqRqtEVpae2XO8eo
2c6u9DrRXdS3GIFmfy7U0e0JiL/3Xz9FuLQkGVbX7BJE4UQRgBoYDuwRKg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:45:40 2025 by rpki-client