Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/332/9T0IF7icIXDuSgvZefih8jYyOyM.roa
File: 9T0IF7icIXDuSgvZefih8jYyOyM.roa (raw, json)
Hash identifier: 8bqqIGGnPgEwZnjLWgIOsds+Au6iNQdRYY0N3IsR6rE=
Subject key identifier: F5:3D:08:17:B8:9C:21:70:EE:4A:0B:D9:79:F8:A1:F2:36:32:3B:23
Certificate issuer: /CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Certificate serial: 1B17
Authority key identifier: 86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/9T0IF7icIXDuSgvZefih8jYyOyM.roa
Signing time: Fri 24 May 2024 02:26:48 +0000
ROA not before: Fri 24 May 2024 02:26:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24424
IP address blocks: 203.208.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6935 (0x1b17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Validity
Not Before: May 24 02:26:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F53D0817B89C2170EE4A0BD979F8A1F236323B23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ff:db:66:5e:2c:71:07:dc:51:88:3b:44:31:
1a:bf:01:6a:bf:9a:45:d4:eb:17:1f:2e:7c:b6:4d:
fc:67:a8:26:ed:40:a7:6b:31:14:ec:74:d0:17:29:
9a:4b:de:4a:38:ad:24:7e:8a:6e:96:07:12:85:75:
64:b1:e8:07:50:3d:77:28:ac:fd:af:80:fc:21:05:
dc:88:0e:06:ef:93:07:f8:45:c8:0f:b6:67:cd:0d:
30:13:fa:79:94:cc:b5:c5:1c:16:cc:4b:84:cd:dd:
b3:ac:fd:e8:a4:f8:0c:1d:d8:1d:81:a2:d3:d6:4f:
c3:ca:01:ec:4e:3a:cb:0a:0c:a7:64:bc:fd:42:fb:
a8:bd:21:82:b0:e8:ab:bd:b3:15:5e:07:0c:b1:95:
43:b5:36:e1:f2:bf:30:92:59:d1:05:71:1d:00:98:
6d:75:8d:71:ad:73:7b:09:ee:f0:dd:4d:50:91:02:
d3:73:8f:04:15:d6:3d:fa:2d:17:c2:00:42:4c:0a:
cd:70:00:fb:82:55:dc:0b:9d:e5:6f:f0:8d:ca:89:
60:c1:39:e0:55:1e:2f:57:93:2c:6a:20:71:1b:6f:
cb:08:41:fa:e6:64:d2:72:72:d7:b6:12:ff:92:24:
ac:3e:ff:5f:33:88:ea:33:5d:3c:3e:dd:f7:86:58:
b3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:3D:08:17:B8:9C:21:70:EE:4A:0B:D9:79:F8:A1:F2:36:32:3B:23
X509v3 Authority Key Identifier:
keyid:86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/hkbqdDVucErt0WPsqU5aRCMI33g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/9T0IF7icIXDuSgvZefih8jYyOyM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.208.32.0/19
Signature Algorithm: sha256WithRSAEncryption
95:41:71:a2:3c:f8:79:f3:78:b6:5e:5b:0e:8e:cf:8a:0f:06:
8b:22:3a:c4:5e:f3:d2:a9:9b:65:7e:59:8c:4a:fe:05:e7:b8:
d5:42:7b:2d:c4:b3:1c:16:82:0f:19:8f:21:55:16:23:0c:0a:
4a:d2:a7:10:75:7f:f6:8b:bf:bb:5f:20:2e:49:21:74:0c:7e:
09:6b:11:2e:11:e6:bd:30:71:6c:40:32:27:fa:0a:2a:aa:d8:
6b:1d:ed:1f:dc:e6:4e:88:d2:7a:11:da:b1:1d:6e:31:f1:e4:
1f:86:38:23:2e:1a:a4:28:7a:b7:1b:3f:89:4f:85:1f:1d:80:
8d:cc:04:23:22:e5:7d:7c:ae:6e:e8:df:4d:4f:62:fc:33:53:
47:a4:9c:d5:7a:82:c8:9d:cd:91:2e:64:40:70:b9:26:98:bb:
f9:6f:a6:d5:5a:95:ef:11:a7:06:36:7d:cd:68:e7:5b:00:48:
26:7d:bb:ef:46:bd:3c:bc:e8:e8:0b:c6:27:13:2f:9e:43:fe:
03:25:3b:11:8c:3a:53:8e:ea:13:81:b0:76:96:6f:a1:11:98:
2f:6a:d6:2d:17:ee:59:5f:36:f4:1d:03:3c:34:0e:44:86:8a:
d5:e2:8d:38:9a:75:0f:e1:70:47:a2:6e:ab:d8:54:7e:37:e1:
5f:5c:ca:a0
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGxcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODY0
NkVBNzQzNTZFNzA0QUVERDE2M0VDQTk0RTVBNDQyMzA4REY3ODAeFw0yNDA1MjQw
MjI2NDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY1M0QwODE3Qjg5QzIx
NzBFRTRBMEJEOTc5RjhBMUYyMzYzMjNCMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy/9tmXixxB9xRiDtEMRq/AWq/mkXU6xcfLny2TfxnqCbtQKdr
MRTsdNAXKZpL3ko4rSR+im6WBxKFdWSx6AdQPXcorP2vgPwhBdyIDgbvkwf4RcgP
tmfNDTAT+nmUzLXFHBbMS4TN3bOs/eik+Awd2B2BotPWT8PKAexOOssKDKdkvP1C
+6i9IYKw6Ku9sxVeBwyxlUO1NuHyvzCSWdEFcR0AmG11jXGtc3sJ7vDdTVCRAtNz
jwQV1j36LRfCAEJMCs1wAPuCVdwLneVv8I3KiWDBOeBVHi9XkyxqIHEbb8sIQfrm
ZNJycte2Ev+SJKw+/18ziOozXTw+3feGWLMZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU9T0IF7icIXDuSgvZefih8jYyOyMwHwYDVR0jBBgwFoAUhkbqdDVucErt0WPs
qU5aRCMI33gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy
L2hrYnFkRFZ1Y0VydDBXUHNxVTVhUkNNSTMzZy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvaGticWREVnVjRXJ0MFdQc3FVNWFSQ01JMzNnLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMyLzlUMElGN2ljSVhEdVNn
dlplZmloOGpZeU95TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAXL0CAwDQYJKoZIhvcNAQELBQADggEBAJVBcaI8+HnzeLZeWw6Oz4oPBosiOsRe
89Kpm2V+WYxK/gXnuNVCey3EsxwWgg8ZjyFVFiMMCkrSpxB1f/aLv7tfIC5JIXQM
fglrES4R5r0wcWxAMif6Ciqq2Gsd7R/c5k6I0noR2rEdbjHx5B+GOCMuGqQoercb
P4lPhR8dgI3MBCMi5X18rm7o301PYvwzU0eknNV6gsidzZEuZEBwuSaYu/lvptVa
le8RpwY2fc1o51sASCZ9u+9GvTy86OgLxicTL55D/gMlOxGMOlOO6hOBsHaWb6ER
mC9q1i0X7llfNvQdAzw0DkSGitXijTiadQ/hcEeibqvYVH434V9cyqA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:40 2025 by rpki-client