Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/xWKmzqjxBDSg7j6LYjraztExK84.roa
File: xWKmzqjxBDSg7j6LYjraztExK84.roa (raw, json)
Hash identifier: A0cRvVs/RPbgoKRGm91xHEpKKAlX2vA+6RVE5AG5ENI=
Subject key identifier: C5:62:A6:CE:A8:F1:04:34:A0:EE:3E:8B:62:3A:DA:CE:D1:31:2B:CE
Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094
Certificate serial: 10
Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/xWKmzqjxBDSg7j6LYjraztExK84.roa
Signing time: Wed 03 Aug 2022 12:03:38 +0000
ROA not before: Wed 03 Aug 2022 12:03:38 +0000
ROA not after: Thu 03 Aug 2023 05:46:02 +0000
asID: 211392
IP address blocks: 103.79.228.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16 (0x10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094
Validity
Not Before: Aug 3 12:03:38 2022 GMT
Not After : Aug 3 05:46:02 2023 GMT
Subject: CN=C562A6CEA8F10434A0EE3E8B623ADACED1312BCE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a2:a6:97:28:4c:8d:4a:dc:7a:a5:1d:af:ad:
e3:59:d3:f6:4d:d9:79:d8:69:ec:95:4a:e7:64:c6:
b7:f4:4b:c3:2e:8a:bc:e8:8a:71:e1:75:53:0b:48:
87:8b:aa:c4:87:6b:7a:c1:80:86:10:d9:dc:6f:5d:
8d:4b:d4:c8:1f:f6:9c:cc:9d:7b:a1:ae:55:8a:cd:
0c:95:47:3b:02:60:f2:a5:56:70:3b:f3:80:9d:82:
7d:90:b5:c3:4a:e0:3a:66:52:df:08:42:59:0e:3e:
bc:20:c0:85:47:14:7a:d3:f9:a9:2f:bb:55:5d:f0:
ae:dd:44:63:e8:ec:e8:77:71:ed:bb:28:e8:72:51:
fb:03:61:f3:94:b3:d5:0a:8b:34:3d:51:98:32:23:
1b:12:fc:b1:7d:0b:e3:b1:bd:dc:52:48:24:03:92:
11:26:64:47:f8:43:af:e5:cb:3a:17:98:21:dd:ad:
ed:14:bb:55:9e:94:0b:75:97:52:5a:bc:e7:36:d5:
30:16:88:5c:5e:31:d2:6f:88:db:e3:14:87:19:8b:
ca:eb:7a:2f:07:a0:f5:b0:0a:80:b9:4d:fc:9e:bb:
ff:19:c6:18:7e:f7:b3:4e:87:b6:7d:49:15:26:77:
bb:51:40:65:35:de:ff:68:7f:7c:cd:36:8e:a8:14:
c6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:62:A6:CE:A8:F1:04:34:A0:EE:3E:8B:62:3A:DA:CE:D1:31:2B:CE
X509v3 Authority Key Identifier:
keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/xWKmzqjxBDSg7j6LYjraztExK84.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.228.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:11:56:ec:3e:71:90:08:6e:f4:da:20:3b:2d:a5:d2:52:44:
36:7b:f0:1b:1f:71:f5:e8:0a:7d:21:81:56:a3:0e:82:8e:5f:
00:a5:8a:df:cb:b2:74:48:a1:9e:7a:ce:82:be:37:08:b4:69:
f2:81:fd:fe:18:4d:66:ba:e1:22:5c:c1:80:0d:3b:53:8b:51:
7a:42:54:5d:ed:0c:73:6c:73:9f:30:6f:5e:01:26:8d:13:91:
f1:f2:0c:b3:12:c4:e2:28:2a:b3:b2:39:e4:93:05:f6:52:89:
66:53:4f:cf:ce:36:3d:1b:72:71:6f:ff:87:f7:07:bc:bd:a8:
ca:a7:eb:f3:12:e6:bf:44:f1:e1:17:09:4e:bc:5c:44:09:52:
48:8a:e3:67:06:f1:18:02:31:21:f2:0b:5e:ca:37:a7:e6:18:
9b:53:bb:13:c9:8e:c5:74:15:ce:72:3a:62:0c:37:31:47:2f:
58:7d:f7:49:31:2a:37:1a:0a:82:13:9b:c7:b3:24:ff:ac:85:
4b:4c:da:ea:b8:aa:ca:9d:26:b3:1d:01:f7:77:14:4b:a2:9f:
90:d0:fc:15:41:b6:34:68:a7:31:5e:03:b7:fc:56:56:8d:86:
31:13:50:40:b5:81:39:26:12:56:a5:97:58:a1:1a:e1:fa:76:
ac:f9:73:b5
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyNDA5
ODdGNDBBNjAzMENERkEzM0RFRDFFRUU3Q0Y0REM3QzMwMDk0MB4XDTIyMDgwMzEy
MDMzOFoXDTIzMDgwMzA1NDYwMlowMzExMC8GA1UEAxMoQzU2MkE2Q0VBOEYxMDQz
NEEwRUUzRThCNjIzQURBQ0VEMTMxMkJDRTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJWippcoTI1K3HqlHa+t41nT9k3Zedhp7JVK52TGt/RLwy6KvOiK
ceF1UwtIh4uqxIdresGAhhDZ3G9djUvUyB/2nMyde6GuVYrNDJVHOwJg8qVWcDvz
gJ2CfZC1w0rgOmZS3whCWQ4+vCDAhUcUetP5qS+7VV3wrt1EY+js6Hdx7bso6HJR
+wNh85Sz1QqLND1RmDIjGxL8sX0L47G93FJIJAOSESZkR/hDr+XLOheYId2t7RS7
VZ6UC3WXUlq85zbVMBaIXF4x0m+I2+MUhxmLyut6Lweg9bAKgLlN/J67/xnGGH73
s06Htn1JFSZ3u1FAZTXe/2h/fM02jqgUxg8CAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBTFYqbOqPEENKDuPotiOtrO0TErzjAfBgNVHSMEGDAWgBQkCYf0CmAwzfoz3tHu
589Nx8MAlDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMTY4
L0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvSkFtSDlBcGdNTTM2TTk3Ujd1ZlBUY2ZEQUpRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2OC94V0ttenFqeEJEU2c3
ajZMWWpyYXp0RXhLODQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBZ0/kMA0GCSqGSIb3DQEBCwUAA4IBAQAaEVbsPnGQCG702iA7LaXSUkQ2e/Ab
H3H16Ap9IYFWow6Cjl8ApYrfy7J0SKGees6CvjcItGnygf3+GE1muuEiXMGADTtT
i1F6QlRd7QxzbHOfMG9eASaNE5Hx8gyzEsTiKCqzsjnkkwX2UolmU0/PzjY9G3Jx
b/+H9we8vajKp+vzEua/RPHhFwlOvFxECVJIiuNnBvEYAjEh8gteyjen5hibU7sT
yY7FdBXOcjpiDDcxRy9YffdJMSo3GgqCE5vHsyT/rIVLTNrquKrKnSazHQH3dxRL
op+Q0PwVQbY0aKcxXgO3/FZWjYYxE1BAtYE5JhJWpZdYoRrh+nas+XO1
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:43 2025 by rpki-client