Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/du-dDxfSyK4reZMhq3z2XHPiU-g.roa
File: du-dDxfSyK4reZMhq3z2XHPiU-g.roa (raw, json)
Hash identifier: dlBoSJiJaVigcgig1nIhz7TO3a2F8BeMnRtsvgrqqZQ=
Subject key identifier: 76:EF:9D:0F:17:D2:C8:AE:2B:79:93:21:AB:7C:F6:5C:73:E2:53:E8
Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094
Certificate serial: 03
Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/du-dDxfSyK4reZMhq3z2XHPiU-g.roa
Signing time: Wed 03 Aug 2022 05:53:56 +0000
ROA not before: Wed 03 Aug 2022 05:53:56 +0000
ROA not after: Thu 03 Aug 2023 05:46:02 +0000
asID: 209242
IP address blocks: 103.79.228.0/24 maxlen: 24
103.79.229.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094
Validity
Not Before: Aug 3 05:53:56 2022 GMT
Not After : Aug 3 05:46:02 2023 GMT
Subject: CN=76EF9D0F17D2C8AE2B799321AB7CF65C73E253E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:20:ce:19:e0:30:3b:9b:d3:bd:d3:61:ad:5f:
94:c5:36:98:7b:80:a5:27:14:bf:2b:ab:b0:84:21:
92:87:cd:12:55:46:49:dc:55:b3:ac:ed:89:1e:fe:
f6:e6:13:9e:45:48:4b:c2:a2:b6:68:cd:72:ad:d2:
0a:c5:44:6e:02:89:98:41:e0:fb:b5:48:8c:38:ca:
09:0d:1f:b0:51:99:ae:b2:30:32:45:a8:6c:d2:83:
a8:a2:bb:95:5a:f7:5f:7d:12:a8:b7:7f:52:b2:0f:
a6:06:eb:38:24:c9:46:36:31:7c:fd:be:ce:1f:21:
11:61:be:86:9d:72:c5:06:7d:a0:4c:98:e4:07:ab:
ad:8e:27:b6:fb:42:7f:e7:83:cd:15:84:33:5d:20:
8c:e2:b6:a5:31:e5:d3:77:c4:aa:6c:7d:98:e3:f4:
9c:05:9d:f2:47:21:93:02:76:94:ec:18:05:57:4c:
31:a8:65:9a:f8:bf:f6:6f:bf:5d:56:75:8a:5d:b1:
2b:43:b0:ec:d8:8a:b1:e3:8a:b0:89:dd:6b:3d:11:
99:c0:e8:29:29:fe:31:b5:96:92:04:09:31:66:4a:
2f:db:cb:a1:3d:ef:2b:6f:bc:c0:4e:be:4a:5a:29:
c0:7d:41:21:50:6f:41:8c:3c:9f:b4:7f:b7:a7:25:
78:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EF:9D:0F:17:D2:C8:AE:2B:79:93:21:AB:7C:F6:5C:73:E2:53:E8
X509v3 Authority Key Identifier:
keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/du-dDxfSyK4reZMhq3z2XHPiU-g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.228.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:a9:ae:d8:cc:43:16:70:c6:19:7f:50:5d:a4:85:7e:e0:da:
00:f3:37:df:f2:e3:b7:0d:25:e6:c9:ba:bb:62:5e:37:c2:77:
e9:31:30:58:26:16:8b:92:f1:4c:f6:2f:b5:72:72:3a:9f:4b:
85:2a:de:50:d1:f5:18:d9:d7:cd:58:1c:44:ba:24:2b:03:1c:
88:ab:13:ed:30:40:f8:76:de:8e:58:90:55:95:02:38:cb:e6:
f4:27:f8:87:f8:46:45:99:46:cf:90:8a:e2:21:c4:c9:e0:6f:
33:cb:8a:15:df:46:fc:a8:8d:9f:1c:01:34:f5:df:ad:6b:38:
60:f4:ec:b8:b6:37:c0:c4:7e:6a:55:79:a3:0b:27:84:92:ce:
e7:9e:55:09:49:a6:8a:f7:22:6c:02:7b:43:72:1e:f3:52:00:
4f:ec:51:c8:16:37:9d:8e:fc:d1:82:a5:fb:b2:84:03:c8:3f:
44:1a:50:48:d7:53:f4:40:ab:a8:06:02:b5:2a:0b:4d:89:46:
72:75:12:c6:3d:f3:9e:6c:81:76:ba:6c:cb:24:15:0f:0e:98:
f8:49:b6:34:1e:66:39:2a:8e:78:7e:2b:2f:5b:62:62:66:69:
32:7c:8c:b6:c9:0d:50:60:95:10:5d:61:2a:42:3b:11:de:98:
4c:7e:e7:d0
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyNDA5
ODdGNDBBNjAzMENERkEzM0RFRDFFRUU3Q0Y0REM3QzMwMDk0MB4XDTIyMDgwMzA1
NTM1NloXDTIzMDgwMzA1NDYwMlowMzExMC8GA1UEAxMoNzZFRjlEMEYxN0QyQzhB
RTJCNzk5MzIxQUI3Q0Y2NUM3M0UyNTNFODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK4gzhngMDub073TYa1flMU2mHuApScUvyursIQhkofNElVGSdxV
s6ztiR7+9uYTnkVIS8KitmjNcq3SCsVEbgKJmEHg+7VIjDjKCQ0fsFGZrrIwMkWo
bNKDqKK7lVr3X30SqLd/UrIPpgbrOCTJRjYxfP2+zh8hEWG+hp1yxQZ9oEyY5Aer
rY4ntvtCf+eDzRWEM10gjOK2pTHl03fEqmx9mOP0nAWd8kchkwJ2lOwYBVdMMahl
mvi/9m+/XVZ1il2xK0Ow7NiKseOKsIndaz0RmcDoKSn+MbWWkgQJMWZKL9vLoT3v
K2+8wE6+SlopwH1BIVBvQYw8n7R/t6cleGsCAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBR2750PF9LIrit5kyGrfPZcc+JT6DAfBgNVHSMEGDAWgBQkCYf0CmAwzfoz3tHu
589Nx8MAlDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMTY4
L0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvSkFtSDlBcGdNTTM2TTk3Ujd1ZlBUY2ZEQUpRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2OC9kdS1kRHhmU3lLNHJl
Wk1ocTN6MlhIUGlVLWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBZ0/kMA0GCSqGSIb3DQEBCwUAA4IBAQC8qa7YzEMWcMYZf1BdpIV+4NoA8zff
8uO3DSXmybq7Yl43wnfpMTBYJhaLkvFM9i+1cnI6n0uFKt5Q0fUY2dfNWBxEuiQr
AxyIqxPtMED4dt6OWJBVlQI4y+b0J/iH+EZFmUbPkIriIcTJ4G8zy4oV30b8qI2f
HAE09d+tazhg9Oy4tjfAxH5qVXmjCyeEks7nnlUJSaaK9yJsAntDch7zUgBP7FHI
FjedjvzRgqX7soQDyD9EGlBI11P0QKuoBgK1KgtNiUZydRLGPfOebIF2umzLJBUP
Dpj4SbY0HmY5Ko54fisvW2JiZmkyfIy2yQ1QYJUQXWEqQjsR3phMfufQ
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:13 2025 by rpki-client