Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/eoONAzEs9rVQjLU7Emu5ATqtcJ4.roa
File: eoONAzEs9rVQjLU7Emu5ATqtcJ4.roa (raw, json)
Hash identifier: KcHec75o0lw8eYxOWv1aYsdvyBdV4hHWMIpQH7Cu1Jw=
Subject key identifier: 7A:83:8D:03:31:2C:F6:B5:50:8C:B5:3B:12:6B:B9:01:3A:AD:70:9E
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 0700
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/eoONAzEs9rVQjLU7Emu5ATqtcJ4.roa
Signing time: Fri 30 Dec 2022 05:43:14 +0000
ROA not before: Fri 30 Dec 2022 05:43:14 +0000
ROA not after: Mon 28 Aug 2023 04:15:34 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1792 (0x700)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Dec 30 05:43:14 2022 GMT
Not After : Aug 28 04:15:34 2023 GMT
Subject: CN=7A838D03312CF6B5508CB53B126BB9013AAD709E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f7:d5:18:b7:46:4a:78:51:65:ec:97:0c:38:
98:2b:e1:55:d7:b8:15:86:bf:ae:2e:0a:bf:f8:58:
f6:ea:ab:66:69:14:b5:d3:17:56:76:6c:5b:70:4e:
26:b0:a1:0d:f4:05:ea:a8:c6:35:26:b3:62:06:cc:
75:24:bc:78:4e:04:5c:e0:13:2b:81:51:4c:4d:de:
02:72:87:5f:d2:ba:9c:e8:c3:09:af:73:24:eb:ea:
3f:bc:60:3e:91:54:21:54:e1:e7:d0:58:f5:62:e6:
6d:a7:56:6c:df:f1:f6:f4:e7:8d:d4:d9:ba:71:c4:
ff:f9:80:86:c4:02:8d:de:0a:15:dc:c8:ab:b0:07:
63:50:2c:e3:bc:49:56:82:d9:1b:48:92:33:74:c6:
fe:b9:af:a1:29:fc:b7:be:f6:d5:9d:f8:5f:2c:70:
7f:eb:eb:43:27:f4:73:7a:10:e7:62:29:4a:d3:05:
ea:1b:33:c0:eb:de:82:65:2f:c8:b3:50:fc:1d:f3:
10:b1:3e:2e:c0:24:9e:62:c0:1b:15:e3:b1:8a:48:
43:65:ab:b9:67:28:74:41:f7:72:91:52:af:4f:f5:
cf:5b:b5:1f:1e:92:78:1e:85:c6:b7:ac:14:a0:73:
a9:df:4b:65:4b:0f:40:37:ce:fd:20:93:32:ff:58:
ec:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:83:8D:03:31:2C:F6:B5:50:8C:B5:3B:12:6B:B9:01:3A:AD:70:9E
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/eoONAzEs9rVQjLU7Emu5ATqtcJ4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
29:8c:6f:2a:8e:c6:7f:90:28:b3:e4:a3:e5:af:82:50:1a:dc:
22:11:b9:e6:2e:4e:67:19:02:7b:fa:c2:7b:5c:f7:79:07:c7:
5a:f0:9e:4f:7a:6a:03:e8:da:33:dd:c8:da:95:17:ee:1d:b2:
e9:97:94:dd:0b:e2:58:62:71:fc:76:21:ba:bf:c5:e5:cd:52:
eb:69:37:47:4f:15:73:74:74:57:54:a1:49:40:91:95:a0:65:
85:95:62:35:f7:e0:b5:9d:9c:75:1a:32:46:b6:a5:0e:5c:82:
b7:52:61:1c:37:a9:4b:f8:31:ce:35:fd:94:46:fd:de:81:2d:
fb:5d:19:4a:c0:1b:db:9f:d0:63:dc:8a:8c:aa:5d:5e:af:5a:
53:19:8d:1a:a1:63:bd:99:91:48:c2:b1:8f:68:b0:b9:23:db:
6a:86:57:b0:66:73:25:65:23:69:c4:4e:56:84:16:d8:bc:8a:
50:06:1d:75:9e:44:9e:84:9c:12:53:42:1e:36:03:fe:68:a5:
cd:6c:5c:58:8b:28:d3:f3:cc:22:d2:75:2f:ff:71:db:c3:c9:
61:4f:a4:82:b7:9f:c9:94:41:54:4c:3e:33:c8:b8:ae:6f:fc:
fb:14:87:e7:36:4c:e9:6d:02:5a:d6:44:87:26:66:6e:e7:8f:
38:ea:c7:3d
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICBwAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yMjEyMzAw
NTQzMTRaFw0yMzA4MjgwNDE1MzRaMDMxMTAvBgNVBAMTKDdBODM4RDAzMzEyQ0Y2
QjU1MDhDQjUzQjEyNkJCOTAxM0FBRDcwOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDh99UYt0ZKeFFl7JcMOJgr4VXXuBWGv64uCr/4WPbqq2ZpFLXT
F1Z2bFtwTiawoQ30BeqoxjUms2IGzHUkvHhOBFzgEyuBUUxN3gJyh1/Supzowwmv
cyTr6j+8YD6RVCFU4efQWPVi5m2nVmzf8fb0543U2bpxxP/5gIbEAo3eChXcyKuw
B2NQLOO8SVaC2RtIkjN0xv65r6Ep/Le+9tWd+F8scH/r60Mn9HN6EOdiKUrTBeob
M8Dr3oJlL8izUPwd8xCxPi7AJJ5iwBsV47GKSENlq7lnKHRB93KRUq9P9c9btR8e
kngehca3rBSgc6nfS2VLD0A3zv0gkzL/WOwJAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUeoONAzEs9rVQjLU7Emu5ATqtcJ4wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvZW9PTkF6RXM5clZR
akxVN0VtdTVBVHF0Y0o0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBACmMbyqOxn+QKLPko+WvglAa3CIR
ueYuTmcZAnv6wntc93kHx1rwnk96agPo2jPdyNqVF+4dsumXlN0L4lhicfx2Ibq/
xeXNUutpN0dPFXN0dFdUoUlAkZWgZYWVYjX34LWdnHUaMka2pQ5cgrdSYRw3qUv4
Mc41/ZRG/d6BLftdGUrAG9uf0GPcioyqXV6vWlMZjRqhY72ZkUjCsY9osLkj22qG
V7BmcyVlI2nETlaEFti8ilAGHXWeRJ6EnBJTQh42A/5opc1sXFiLKNPzzCLSdS//
cdvDyWFPpIK3n8mUQVRMPjPIuK5v/PsUh+c2TOltAlrWRIcmZm7njzjqxz0=
-----END CERTIFICATE-----
Generated at Wed Sep 20 00:54:22 2023 by rpki-client on console-fra.rpki-client.org