Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3205/ql5aK_3HVWmrdA8f3CGpV8ENKbE.roa
File: ql5aK_3HVWmrdA8f3CGpV8ENKbE.roa (raw, json)
Hash identifier: D1RflnH9NRs+wnGCRhBg2cAzncUzLN1LNAFljKpukpI=
Subject key identifier: AA:5E:5A:2B:FD:C7:55:69:AB:74:0F:1F:DC:21:A9:57:C1:0D:29:B1
Certificate issuer: /CN=581041F42679F5E17F19C37E490A7794863B2BEB
Certificate serial: 06CB
Authority key identifier: 58:10:41:F4:26:79:F5:E1:7F:19:C3:7E:49:0A:77:94:86:3B:2B:EB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WBBB9CZ59eF_GcN-SQp3lIY7K-s.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/ql5aK_3HVWmrdA8f3CGpV8ENKbE.roa
Signing time: Tue 25 Jun 2024 09:55:48 +0000
ROA not before: Tue 25 Jun 2024 09:55:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4812
IP address blocks: 103.96.224.0/23 maxlen: 24
103.96.224.0/24 maxlen: 24
103.96.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1739 (0x6cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=581041F42679F5E17F19C37E490A7794863B2BEB
Validity
Not Before: Jun 25 09:55:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AA5E5A2BFDC75569AB740F1FDC21A957C10D29B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:49:39:1a:92:eb:11:a8:ff:93:d4:35:43:9f:
be:42:36:78:e3:9d:4f:1c:f9:33:5e:f1:b1:82:34:
92:f9:9a:bf:04:d2:55:8d:d2:87:3b:18:05:de:9b:
8d:6b:23:a8:bf:36:92:bb:b8:a9:68:27:ff:dc:96:
4a:ca:21:86:59:ee:ec:62:92:54:7b:ab:ad:18:74:
da:e2:39:14:92:ba:7b:8e:c2:8b:40:73:36:11:da:
c6:93:e6:64:ce:46:a6:4c:fa:26:1d:ff:d7:40:4c:
38:f2:18:ab:a2:73:5b:11:08:72:48:f2:c3:23:39:
c3:bf:a4:29:cd:6b:6f:99:43:e4:3a:c0:8b:dd:92:
49:eb:75:21:7e:a1:cd:32:4e:a0:b1:67:f6:b7:98:
1b:41:cf:ad:6c:49:92:23:6b:86:97:a9:6a:c5:26:
ef:21:da:d5:fd:b2:3c:47:16:bd:43:59:67:fe:e9:
55:5a:6b:92:55:4c:1a:74:5e:ff:41:82:1e:d1:32:
c6:17:5c:c1:13:b9:8e:95:f4:e6:04:3a:76:e3:f2:
a7:75:f2:09:f1:04:69:95:67:71:e9:05:9b:10:37:
94:ca:9d:39:69:c0:6e:be:e5:4a:e6:81:7c:78:af:
54:a2:ff:a2:60:3e:f5:ff:32:e2:e7:d4:d9:13:8a:
ad:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:5E:5A:2B:FD:C7:55:69:AB:74:0F:1F:DC:21:A9:57:C1:0D:29:B1
X509v3 Authority Key Identifier:
keyid:58:10:41:F4:26:79:F5:E1:7F:19:C3:7E:49:0A:77:94:86:3B:2B:EB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/WBBB9CZ59eF_GcN-SQp3lIY7K-s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WBBB9CZ59eF_GcN-SQp3lIY7K-s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/ql5aK_3HVWmrdA8f3CGpV8ENKbE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.96.224.0/23
Signature Algorithm: sha256WithRSAEncryption
b9:09:23:68:33:28:22:70:c7:29:4d:43:40:83:07:a6:19:71:
6a:4c:c7:61:d6:e4:27:39:55:e7:75:2e:ea:8c:82:b0:5d:18:
21:fb:2c:1a:9d:13:49:2c:8d:10:af:d5:23:13:ab:2a:04:31:
c7:3c:d9:ba:cd:05:5f:b3:9c:a2:27:4e:48:be:6a:cc:41:b1:
1d:d5:f5:04:7f:3c:a3:b3:13:c5:1a:02:c4:d0:d2:eb:31:a8:
dd:bf:cd:c8:c3:ce:9f:27:21:ae:d5:be:86:58:5b:95:84:a9:
35:88:9f:2b:16:5d:f1:79:09:d5:ef:3c:0f:b5:cb:4e:29:ed:
63:09:b5:98:f7:85:18:09:7f:63:36:fa:bf:1a:79:0d:df:bd:
cb:20:bf:ac:6e:5a:c9:45:ae:c9:78:34:dd:b9:49:32:15:46:
ae:03:45:4c:44:ed:de:04:9c:8b:bf:87:2a:fe:c3:a7:d0:8a:
7f:37:1b:77:b0:97:83:00:2f:c1:45:96:e1:6e:50:2f:1c:b8:
7d:0e:5d:0a:4c:3e:9d:30:3c:89:87:15:75:cd:17:4e:bd:d1:
fa:02:5c:01:ee:8a:57:62:4c:cc:74:c9:20:26:5c:d2:de:97:
a2:f3:d2:70:3c:02:21:50:0a:41:e1:7a:eb:11:c6:1a:11:f5:
9c:cc:52:61
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICBsswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTgx
MDQxRjQyNjc5RjVFMTdGMTlDMzdFNDkwQTc3OTQ4NjNCMkJFQjAeFw0yNDA2MjUw
OTU1NDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFBNUU1QTJCRkRDNzU1
NjlBQjc0MEYxRkRDMjFBOTU3QzEwRDI5QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD6STkakusRqP+T1DVDn75CNnjjnU8c+TNe8bGCNJL5mr8E0lWN
0oc7GAXem41rI6i/NpK7uKloJ//clkrKIYZZ7uxiklR7q60YdNriORSSunuOwotA
czYR2saT5mTORqZM+iYd/9dATDjyGKuic1sRCHJI8sMjOcO/pCnNa2+ZQ+Q6wIvd
kknrdSF+oc0yTqCxZ/a3mBtBz61sSZIja4aXqWrFJu8h2tX9sjxHFr1DWWf+6VVa
a5JVTBp0Xv9Bgh7RMsYXXMETuY6V9OYEOnbj8qd18gnxBGmVZ3HpBZsQN5TKnTlp
wG6+5UrmgXx4r1Si/6JgPvX/MuLn1NkTiq2DAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUql5aK/3HVWmrdA8f3CGpV8ENKbEwHwYDVR0jBBgwFoAUWBBB9CZ59eF/GcN+
SQp3lIY7K+swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzIw
NS9XQkJCOUNaNTllRl9HY04tU1FwM2xJWTdLLXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1dCQkI5Q1o1OWVGX0djTi1TUXAzbElZN0stcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyMDUvcWw1YUtfM0hWV21y
ZEE4ZjNDR3BWOEVOS2JFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAWdg4DANBgkqhkiG9w0BAQsFAAOCAQEAuQkjaDMoInDHKU1DQIMHphlxakzH
YdbkJzlV53Uu6oyCsF0YIfssGp0TSSyNEK/VIxOrKgQxxzzZus0FX7OcoidOSL5q
zEGxHdX1BH88o7MTxRoCxNDS6zGo3b/NyMPOnychrtW+hlhblYSpNYifKxZd8XkJ
1e88D7XLTintYwm1mPeFGAl/Yzb6vxp5Dd+9yyC/rG5ayUWuyXg03blJMhVGrgNF
TETt3gSci7+HKv7Dp9CKfzcbd7CXgwAvwUWW4W5QLxy4fQ5dCkw+nTA8iYcVdc0X
Tr3R+gJcAe6KV2JMzHTJICZc0t6XovPScDwCIVAKQeF66xHGGhH1nMxSYQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:49:50 2025 by rpki-client