Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/A2osGo6mgxYCs0gBRZZvC0a3X0w.roa
File: A2osGo6mgxYCs0gBRZZvC0a3X0w.roa (raw, json)
Hash identifier: 9iSlxShPns2B0osnfp20NVusXICzQk9yrihtbajPDRY=
Subject key identifier: 03:6A:2C:1A:8E:A6:83:16:02:B3:48:01:45:96:6F:0B:46:B7:5F:4C
Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094
Certificate serial: 0CDB
Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/A2osGo6mgxYCs0gBRZZvC0a3X0w.roa
Signing time: Fri 24 May 2024 02:24:42 +0000
ROA not before: Fri 24 May 2024 02:24:42 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 146806
IP address blocks: 103.79.228.0/24 maxlen: 24
103.79.229.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3291 (0xcdb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094
Validity
Not Before: May 24 02:24:42 2024 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=036A2C1A8EA6831602B3480145966F0B46B75F4C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1a:10:a6:70:b6:30:6b:ae:c6:1b:d2:e6:c3:
c2:14:13:90:0e:52:e7:83:86:22:22:10:39:1a:40:
c4:b1:31:19:21:d7:ba:fd:b7:d6:04:74:52:ef:85:
d6:b8:81:e4:26:14:7b:70:50:ca:c3:10:e5:8b:15:
a7:cb:38:71:ee:f7:ae:b4:a2:a4:f2:61:3e:c9:15:
27:62:5f:33:89:8b:16:e7:d2:d8:4f:26:a6:22:a0:
6a:47:e3:32:4f:f7:0e:18:5c:93:5d:e1:db:3d:e0:
88:44:0c:3a:f7:d8:27:d9:b2:af:d1:f5:52:4f:46:
ca:2d:dc:f1:2c:30:e1:2b:bb:0a:5e:88:8a:66:45:
e8:bd:b3:1e:66:15:5d:a1:db:6d:a4:7f:b1:12:b9:
6f:21:17:9b:3f:a7:db:ca:45:9f:b9:c5:01:06:d9:
5a:4c:56:85:d4:ac:43:a6:39:f5:50:87:36:f9:dc:
fe:b6:4f:21:3f:19:b1:a9:8d:a8:09:11:a9:9d:ce:
ed:d4:5a:30:3a:47:aa:b9:39:0e:93:99:31:10:5b:
27:ed:de:61:f7:ab:b0:3b:1b:a5:ef:9b:af:22:eb:
f4:1a:64:46:51:23:e4:7a:27:fe:6b:8a:24:ca:58:
a8:5b:5f:8e:31:3e:28:30:eb:85:04:f7:7f:d6:89:
73:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:6A:2C:1A:8E:A6:83:16:02:B3:48:01:45:96:6F:0B:46:B7:5F:4C
X509v3 Authority Key Identifier:
keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/A2osGo6mgxYCs0gBRZZvC0a3X0w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.228.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:06:c7:63:99:73:6b:35:12:56:47:ae:12:a1:a7:42:4c:8a:
46:1d:79:47:de:b5:5e:f4:5e:85:4f:29:88:10:24:bf:c4:e2:
69:60:a4:a7:56:b7:75:1a:46:b5:43:e1:c1:1b:d7:19:54:d1:
dc:e5:8c:5f:af:6f:ff:c8:07:7f:20:17:f9:8a:54:d8:05:46:
eb:81:ca:25:d6:c0:8d:27:de:cc:ee:ba:3d:57:41:72:00:4c:
f5:7d:22:ed:2f:20:45:eb:ac:f9:b6:1f:01:70:f1:3e:c6:e1:
0c:ee:3c:60:9e:9f:5e:71:e7:13:4a:2c:9c:d3:a5:5f:41:60:
3b:50:a1:0c:96:c3:80:50:a8:07:48:cf:67:54:00:1e:58:4b:
7a:60:70:18:58:b8:ea:53:e8:e9:90:01:75:1a:f7:89:77:cd:
2c:be:ff:de:32:09:e3:99:79:b7:81:c3:1d:e9:5e:04:e6:9a:
78:44:b3:31:28:5a:b2:00:8b:24:2a:a1:8c:7e:c7:80:84:15:
98:bd:06:d1:a0:05:c0:3f:d1:62:af:10:03:ee:8b:d6:96:2a:
44:c4:5d:d1:f7:a1:51:a9:48:3b:15:75:0b:95:c9:54:ce:7b:
3a:7e:1d:3c:98:da:35:91:9e:9f:1e:f4:dd:0d:73:0d:0b:97:
a6:70:a8:b6
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICDNswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw
OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNDA1MjQw
MjI0NDJaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKDAzNkEyQzFBOEVBNjgz
MTYwMkIzNDgwMTQ1OTY2RjBCNDZCNzVGNEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoGhCmcLYwa67GG9Lmw8IUE5AOUueDhiIiEDkaQMSxMRkh17r9
t9YEdFLvhda4geQmFHtwUMrDEOWLFafLOHHu9660oqTyYT7JFSdiXzOJixbn0thP
JqYioGpH4zJP9w4YXJNd4ds94IhEDDr32CfZsq/R9VJPRsot3PEsMOEruwpeiIpm
Rei9sx5mFV2h222kf7ESuW8hF5s/p9vKRZ+5xQEG2VpMVoXUrEOmOfVQhzb53P62
TyE/GbGpjagJEamdzu3UWjA6R6q5OQ6TmTEQWyft3mH3q7A7G6Xvm68i6/QaZEZR
I+R6J/5riiTKWKhbX44xPigw64UE93/WiXMzAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUA2osGo6mgxYCs0gBRZZvC0a3X0wwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R
7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2
OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvQTJvc0dvNm1neFlD
czBnQlJaWnZDMGEzWDB3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWdP5DANBgkqhkiG9w0BAQsFAAOCAQEAqwbHY5lzazUSVkeuEqGnQkyKRh15
R961XvRehU8piBAkv8TiaWCkp1a3dRpGtUPhwRvXGVTR3OWMX69v/8gHfyAX+YpU
2AVG64HKJdbAjSfezO66PVdBcgBM9X0i7S8gReus+bYfAXDxPsbhDO48YJ6fXnHn
E0osnNOlX0FgO1ChDJbDgFCoB0jPZ1QAHlhLemBwGFi46lPo6ZABdRr3iXfNLL7/
3jIJ45l5t4HDHeleBOaaeESzMShasgCLJCqhjH7HgIQVmL0G0aAFwD/RYq8QA+6L
1pYqRMRd0fehUalIOxV1C5XJVM57On4dPJjaNZGenx703Q1zDQuXpnCotg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:03 2025 by rpki-client