Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/YanYJVvxvZZiobO8z7vhSUbLyqM.roa
File: YanYJVvxvZZiobO8z7vhSUbLyqM.roa (raw, json)
Hash identifier: eTWqOY6D21EZhqnCdkSOD+YHlRX7HTPGBhL3Fb5fM5k=
Subject key identifier: 61:A9:D8:25:5B:F1:BD:96:62:A1:B3:BC:CF:BB:E1:49:46:CB:CA:A3
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 16B6
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/YanYJVvxvZZiobO8z7vhSUbLyqM.roa
Signing time: Tue 03 Sep 2024 08:16:45 +0000
ROA not before: Tue 03 Sep 2024 08:16:45 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 146845
IP address blocks: 103.169.50.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5814 (0x16b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Sep 3 08:16:45 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=61A9D8255BF1BD9662A1B3BCCFBBE14946CBCAA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ab:c8:15:e5:e7:1d:2b:b2:92:7e:0b:c4:cc:
85:bf:45:96:1a:64:0b:cd:c8:2a:78:53:3b:c4:1f:
ed:f0:6f:5c:21:e2:54:06:d4:2e:95:52:51:e3:c5:
09:52:0e:b5:df:39:22:ff:46:19:db:bb:90:9b:42:
65:01:55:d3:1a:c5:06:69:f6:de:e0:14:ca:2d:a6:
9d:11:97:db:bc:4b:56:9f:9f:9c:da:ac:6b:75:a4:
a9:c2:9f:77:88:21:24:45:c7:3d:ae:45:7c:98:a3:
a8:11:9b:4a:16:0d:50:d1:02:f3:99:d1:89:06:e2:
bb:6c:c1:0d:40:1d:54:0e:b7:b8:e1:2b:10:f8:30:
64:cc:e3:6a:a2:98:a1:be:ec:c9:6a:96:83:65:c9:
c7:71:f3:44:59:50:24:20:dd:f7:72:7e:64:fb:f3:
31:01:7f:3a:f0:ff:4c:37:d7:17:26:00:c1:2e:df:
63:36:40:7e:0b:69:26:10:03:e0:51:b5:82:c0:37:
48:6f:82:9e:c4:86:13:6f:ac:38:08:e1:39:78:20:
39:23:ab:7e:8d:5b:29:6b:13:84:fc:55:a4:cb:77:
cb:2c:2a:0f:68:33:54:7d:84:e9:6b:32:5e:72:67:
ca:4b:df:cf:d0:0e:eb:7c:e0:f7:b0:5f:a0:d1:5d:
ff:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A9:D8:25:5B:F1:BD:96:62:A1:B3:BC:CF:BB:E1:49:46:CB:CA:A3
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/YanYJVvxvZZiobO8z7vhSUbLyqM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.169.50.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:9a:66:de:5d:b7:72:63:24:2b:d4:25:ae:ed:17:94:8a:16:
c3:7e:24:b8:4e:bf:db:47:58:b6:b8:1d:3d:88:7f:a8:41:95:
17:f6:59:9f:14:49:08:b3:d3:a3:a1:4f:bc:43:a6:ac:da:de:
ff:42:f0:12:4f:e1:89:41:86:3d:2a:56:58:64:66:10:92:99:
54:a6:be:d2:e4:13:79:fa:7d:21:fc:cd:6e:b9:17:c0:ff:10:
68:c6:2b:42:e0:b6:39:3d:79:f8:a3:7f:22:19:ef:7e:66:a4:
cc:70:fe:05:66:11:96:71:83:98:68:6a:38:66:66:b3:8c:d3:
c9:f1:c4:68:a2:91:94:9f:bc:a2:f8:08:8a:52:fd:04:ff:a7:
eb:93:af:d0:bc:08:7e:71:fc:3a:68:48:2b:ad:32:d2:6a:42:
17:84:f6:64:ef:6b:a3:f2:ef:d6:4b:ff:c3:6c:b4:c1:99:3a:
61:36:b3:7e:3e:5f:1a:f6:a3:57:98:18:a6:29:5f:b7:3a:0f:
9a:d3:62:bb:da:65:dc:42:31:21:ac:a0:26:f4:b7:8d:1b:51:
33:dd:4f:0c:6a:40:dc:a1:35:b5:9c:be:99:64:8d:1a:74:92:
3d:74:b6:82:ac:b9:02:f2:08:00:6b:cf:de:37:a8:0e:91:8c:
e9:c4:9d:d9
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFrYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNDA5MDMw
ODE2NDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxQTlEODI1NUJGMUJE
OTY2MkExQjNCQ0NGQkJFMTQ5NDZDQkNBQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwq8gV5ecdK7KSfgvEzIW/RZYaZAvNyCp4UzvEH+3wb1wh4lQG
1C6VUlHjxQlSDrXfOSL/Rhnbu5CbQmUBVdMaxQZp9t7gFMotpp0Rl9u8S1afn5za
rGt1pKnCn3eIISRFxz2uRXyYo6gRm0oWDVDRAvOZ0YkG4rtswQ1AHVQOt7jhKxD4
MGTM42qimKG+7MlqloNlycdx80RZUCQg3fdyfmT78zEBfzrw/0w31xcmAMEu32M2
QH4LaSYQA+BRtYLAN0hvgp7EhhNvrDgI4Tl4IDkjq36NWylrE4T8VaTLd8ssKg9o
M1R9hOlrMl5yZ8pL38/QDut84PewX6DRXf8nAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUYanYJVvxvZZiobO8z7vhSUbLyqMwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvWWFuWUpWdnh2Wlpp
b2JPOHo3dmhTVWJMeXFNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWepMjANBgkqhkiG9w0BAQsFAAOCAQEAjppm3l23cmMkK9Qlru0XlIoWw34k
uE6/20dYtrgdPYh/qEGVF/ZZnxRJCLPTo6FPvEOmrNre/0LwEk/hiUGGPSpWWGRm
EJKZVKa+0uQTefp9IfzNbrkXwP8QaMYrQuC2OT15+KN/IhnvfmakzHD+BWYRlnGD
mGhqOGZms4zTyfHEaKKRlJ+8ovgIilL9BP+n65Ov0LwIfnH8OmhIK60y0mpCF4T2
ZO9ro/Lv1kv/w2y0wZk6YTazfj5fGvajV5gYpilftzoPmtNiu9pl3EIxIaygJvS3
jRtRM91PDGpA3KE1tZy+mWSNGnSSPXS2gqy5AvIIAGvP3jeoDpGM6cSd2Q==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:48:39 2025 by rpki-client