Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/252NqQyIuZTkdeAgrMY0JX1pvpI.roa
File: 252NqQyIuZTkdeAgrMY0JX1pvpI.roa (raw, json)
Hash identifier: 9u6HU0qwGL3PUcNHaDjURsGPmj4QKeKnVpw/NzKa7Yo=
Subject key identifier: DB:9D:8D:A9:0C:88:B9:94:E4:75:E0:20:AC:C6:34:25:7D:69:BE:92
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 1245
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/252NqQyIuZTkdeAgrMY0JX1pvpI.roa
Signing time: Tue 20 Aug 2024 12:56:43 +0000
ROA not before: Tue 20 Aug 2024 12:56:43 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 7018
IP address blocks: 180.223.88.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4677 (0x1245)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Aug 20 12:56:43 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DB9D8DA90C88B994E475E020ACC634257D69BE92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:65:7b:2c:33:c9:29:ff:e6:4d:06:0f:9f:b3:
7c:65:f1:cc:a0:89:2e:f7:df:11:19:9e:be:31:ed:
2c:d5:38:a6:8c:1b:f8:b6:b1:8e:47:f5:e2:77:e2:
c8:89:c6:91:d7:94:2c:6b:43:58:20:a7:26:e3:c0:
6b:ae:5d:fe:e4:88:2f:ed:88:a3:81:ca:74:56:43:
4e:60:26:3f:ac:d7:79:74:69:2e:ac:4f:9e:63:bf:
02:50:20:db:23:8e:ab:e7:4e:5c:25:6c:b5:b0:dc:
88:0d:46:09:f3:17:ba:66:db:df:5e:b6:58:c0:a4:
03:2a:39:f9:e4:ae:c9:e2:2b:20:cb:b9:84:42:ee:
e9:bc:ca:09:7c:87:8d:75:0d:0a:65:7e:8c:ff:36:
40:6c:d4:e5:ef:55:8c:cb:96:50:4c:30:c1:d2:f5:
ff:26:7b:f5:89:70:bd:72:3e:22:c3:62:89:8f:c8:
0b:1d:13:e9:54:c2:32:47:b5:71:9e:6b:d8:1d:ed:
2a:ce:a3:ae:68:b3:68:8d:16:ab:46:0d:be:d3:75:
7c:fc:b8:ee:46:25:a2:9a:20:a6:13:03:88:10:65:
4f:4a:52:e3:d1:43:f7:07:4d:3d:27:55:96:16:e1:
c3:27:1a:03:88:68:c8:14:c3:58:94:5b:d3:f4:62:
69:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:9D:8D:A9:0C:88:B9:94:E4:75:E0:20:AC:C6:34:25:7D:69:BE:92
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/252NqQyIuZTkdeAgrMY0JX1pvpI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.88.0/21
Signature Algorithm: sha256WithRSAEncryption
d2:06:67:9f:d7:c0:a1:87:3c:8c:a2:53:94:38:8f:ff:a9:0c:
1a:8c:16:19:16:1a:84:df:6d:f3:ba:3e:fa:8d:77:27:6e:a7:
6c:b7:4b:90:6b:1a:3a:fc:c3:3e:5f:be:d7:a9:92:5e:59:ca:
a3:35:09:96:58:61:4a:22:43:0d:8b:b6:05:6c:9c:db:9a:12:
2f:f4:5a:3b:c9:b5:ec:2d:13:d0:f9:e9:ae:cd:8d:08:31:97:
2c:09:a7:f3:67:10:f2:8c:b3:dc:25:26:bd:5e:88:8a:83:91:
30:90:2b:e8:07:d7:38:d9:e7:27:4e:19:70:d8:21:a0:cf:8d:
61:3c:82:c5:9e:7f:bf:18:3c:a3:81:25:88:59:73:9a:f4:ab:
52:ed:19:05:e2:3c:a7:86:f1:f6:16:de:29:90:2a:d7:20:91:
c7:94:f6:aa:81:40:51:df:6e:a5:56:ec:a6:ff:80:38:40:7b:
d4:42:af:b2:54:5e:aa:f4:34:04:5a:f4:90:7a:87:88:9c:48:
81:e4:32:5b:be:66:3a:ed:fb:de:30:d5:fd:bb:a4:a1:df:a1:
60:c4:7d:e6:4c:de:91:e2:57:ce:07:7b:87:76:ff:51:d8:e7:
7e:7d:e3:06:f8:a0:7d:48:3e:8e:51:4f:c7:1b:e9:9d:0d:03:
a8:b8:1f:f5
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEkUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDA4MjAx
MjU2NDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERCOUQ4REE5MEM4OEI5
OTRFNDc1RTAyMEFDQzYzNDI1N0Q2OUJFOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwZXssM8kp/+ZNBg+fs3xl8cygiS733xEZnr4x7SzVOKaMG/i2
sY5H9eJ34siJxpHXlCxrQ1ggpybjwGuuXf7kiC/tiKOBynRWQ05gJj+s13l0aS6s
T55jvwJQINsjjqvnTlwlbLWw3IgNRgnzF7pm299etljApAMqOfnkrsniKyDLuYRC
7um8ygl8h411DQplfoz/NkBs1OXvVYzLllBMMMHS9f8me/WJcL1yPiLDYomPyAsd
E+lUwjJHtXGea9gd7SrOo65os2iNFqtGDb7TdXz8uO5GJaKaIKYTA4gQZU9KUuPR
Q/cHTT0nVZYW4cMnGgOIaMgUw1iUW9P0YmnRAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU252NqQyIuZTkdeAgrMY0JX1pvpIwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvMjUyTnFReUl1WlRr
ZGVBZ3JNWTBKWDFwdnBJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA7TfWDANBgkqhkiG9w0BAQsFAAOCAQEA0gZnn9fAoYc8jKJTlDiP/6kMGowW
GRYahN9t87o++o13J26nbLdLkGsaOvzDPl++16mSXlnKozUJllhhSiJDDYu2BWyc
25oSL/RaO8m17C0T0Pnprs2NCDGXLAmn82cQ8oyz3CUmvV6IioORMJAr6AfXONnn
J04ZcNghoM+NYTyCxZ5/vxg8o4EliFlzmvSrUu0ZBeI8p4bx9hbeKZAq1yCRx5T2
qoFAUd9upVbspv+AOEB71EKvslReqvQ0BFr0kHqHiJxIgeQyW75mOu373jDV/buk
od+hYMR95kzekeJXzgd7h3b/Udjnfn3jBvigfUg+jlFPxxvpnQ0DqLgf9Q==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:35:13 2025 by rpki-client