Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/3JSE5_wgz7n_jPDbzvvWkxekFRk.roa
File: 3JSE5_wgz7n_jPDbzvvWkxekFRk.roa (raw, json)
Hash identifier: ZmhGG8mSY0ZUTvIHB05KK0DVmYntzhSwMCl0MPH0k5A=
Subject key identifier: DC:94:84:E7:FC:20:CF:B9:FF:8C:F0:DB:CE:FB:D6:93:17:A4:15:19
Certificate issuer: /CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434
Certificate serial: 1242
Authority key identifier: CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/3JSE5_wgz7n_jPDbzvvWkxekFRk.roa
Signing time: Thu 12 Sep 2024 15:07:00 +0000
ROA not before: Thu 12 Sep 2024 15:07:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 37963
IP address blocks: 47.112.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4674 (0x1242)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434
Validity
Not Before: Sep 12 15:07:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DC9484E7FC20CFB9FF8CF0DBCEFBD69317A41519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:70:be:3c:09:87:af:ec:e9:30:83:9b:d4:cb:
b8:df:b3:b9:a3:23:62:81:7f:e3:e5:c4:1c:2d:62:
6f:45:95:32:4c:4c:c4:39:f9:8a:73:ef:35:f4:e0:
72:0b:1c:75:9b:f8:6f:a3:a3:f2:42:a5:c5:58:5b:
5f:20:18:e2:1d:fb:a2:40:a2:67:66:45:b3:3d:de:
f0:e7:b4:d2:f8:c2:1c:cf:66:6f:95:f1:eb:6f:56:
ba:5e:1d:2e:f5:92:09:4f:bf:2f:4a:6f:a9:5c:16:
a3:89:9d:68:7f:eb:4b:ac:b8:eb:5d:63:3f:85:64:
d8:b5:33:a3:69:0f:45:2a:69:05:67:e0:39:4d:c7:
dd:f8:ee:25:70:f6:c4:e0:ab:04:de:89:38:c9:21:
89:bd:fb:85:46:5d:ca:f0:aa:44:76:0f:6d:d8:3b:
c3:b2:ec:5e:5e:b9:b4:06:f6:8e:b5:4f:25:37:5f:
37:64:aa:56:2d:72:88:57:3d:32:73:34:c5:58:23:
ce:e9:11:80:5d:f8:6b:04:40:bf:cf:c0:67:f3:0b:
e0:8f:a0:b0:56:07:3a:c8:91:ad:eb:1d:93:12:46:
6e:8c:89:7f:b8:a4:51:4b:a9:8b:d7:ea:e2:d5:be:
50:d9:4a:2d:1c:a8:a8:f4:8f:4b:06:64:95:b6:d1:
40:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:94:84:E7:FC:20:CF:B9:FF:8C:F0:DB:CE:FB:D6:93:17:A4:15:19
X509v3 Authority Key Identifier:
keyid:CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/3JSE5_wgz7n_jPDbzvvWkxekFRk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
47.112.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:cd:cc:fb:c7:2b:a4:3d:c2:50:59:a3:bb:fe:1b:fb:35:69:
43:ac:b4:ce:a7:1b:56:90:70:94:39:db:99:b1:71:b3:e4:02:
90:c6:99:d9:7c:9e:7b:2f:5e:a6:c9:94:52:0e:81:39:05:52:
eb:ec:dd:ac:b8:89:e8:19:10:d7:43:10:2d:c0:68:67:79:9d:
16:09:e4:4e:9e:4a:b9:e7:a9:d8:16:6e:a9:2c:d9:00:e6:9d:
7c:36:d8:7b:1e:37:e9:5d:18:4e:2a:3a:f7:9b:75:99:10:98:
cd:bf:b4:5e:3b:be:81:14:04:a8:ce:99:f5:b0:cc:fc:e6:4f:
a5:a4:71:ac:e9:4f:a9:fa:66:00:97:f5:77:19:4a:df:1c:a7:
13:2c:aa:a2:60:c5:21:ee:87:0d:3b:d2:d0:65:5b:6e:d8:8d:
07:c2:8f:2a:1b:18:be:d3:5a:e0:81:9a:67:82:04:59:03:77:
e7:98:16:e4:bf:17:05:0f:f6:92:68:33:d5:b9:7e:18:94:38:
20:c9:f4:67:6c:40:48:6b:98:99:41:07:bb:6c:6a:b7:72:ea:
0e:58:b7:c0:9b:27:e6:ed:4c:27:45:1c:63:1c:53:5a:23:8a:
34:e8:53:e6:be:e2:b2:c2:86:56:1e:e3:62:89:d7:46:b1:ef:
e6:e1:b7:36
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEkIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Uw
QTlDQjAyOTM3QjU3RENFNjZBMTdGQjg0MjE2RDdBQkU3NjQzNDAeFw0yNDA5MTIx
NTA3MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERDOTQ4NEU3RkMyMENG
QjlGRjhDRjBEQkNFRkJENjkzMTdBNDE1MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCscL48CYev7Okwg5vUy7jfs7mjI2KBf+PlxBwtYm9FlTJMTMQ5
+Ypz7zX04HILHHWb+G+jo/JCpcVYW18gGOId+6JAomdmRbM93vDntNL4whzPZm+V
8etvVrpeHS71kglPvy9Kb6lcFqOJnWh/60usuOtdYz+FZNi1M6NpD0UqaQVn4DlN
x9347iVw9sTgqwTeiTjJIYm9+4VGXcrwqkR2D23YO8Oy7F5eubQG9o61TyU3Xzdk
qlYtcohXPTJzNMVYI87pEYBd+GsEQL/PwGfzC+CPoLBWBzrIka3rHZMSRm6MiX+4
pFFLqYvX6uLVvlDZSi0cqKj0j0sGZJW20UCBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU3JSE5/wgz7n/jPDbzvvWkxekFRkwHwYDVR0jBBgwFoAUzgqcsCk3tX3OZqF/
uEIW16vnZDQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3
L3pncWNzQ2szdFgzT1pxRl91RUlXMTZ2blpEUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvemdxY3NDazN0WDNPWnFGX3VFSVcxNnZuWkRRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3LzNKU0U1X3dnejduX2pQ
RGJ6dnZXa3hla0ZSay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAvcDANBgkqhkiG9w0BAQsFAAOCAQEAc83M+8crpD3CUFmju/4b+zVpQ6y0zqcb
VpBwlDnbmbFxs+QCkMaZ2Xyeey9epsmUUg6BOQVS6+zdrLiJ6BkQ10MQLcBoZ3md
FgnkTp5Kueep2BZuqSzZAOadfDbYex436V0YTio695t1mRCYzb+0Xju+gRQEqM6Z
9bDM/OZPpaRxrOlPqfpmAJf1dxlK3xynEyyqomDFIe6HDTvS0GVbbtiNB8KPKhsY
vtNa4IGaZ4IEWQN355gW5L8XBQ/2kmgz1bl+GJQ4IMn0Z2xASGuYmUEHu2xqt3Lq
Dli3wJsn5u1MJ0UcYxxTWiOKNOhT5r7issKGVh7jYonXRrHv5uG3Ng==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:11 2025 by rpki-client