Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/gve-peAKsnEc4a0C8YGI15DHmA8.roa
File: gve-peAKsnEc4a0C8YGI15DHmA8.roa (raw, json)
Hash identifier: pxTHzT6NxEYAVf4prCPacHdJeOj7a7zoc6dd2nLcdc0=
Subject key identifier: 82:F7:BE:A5:E0:0A:B2:71:1C:E1:AD:02:F1:81:88:D7:90:C7:98:0F
Certificate issuer: /CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA
Certificate serial: 123C
Authority key identifier: B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/gve-peAKsnEc4a0C8YGI15DHmA8.roa
Signing time: Thu 12 Sep 2024 15:06:58 +0000
ROA not before: Thu 12 Sep 2024 15:06:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 37963
IP address blocks: 112.125.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4668 (0x123c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA
Validity
Not Before: Sep 12 15:06:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=82F7BEA5E00AB2711CE1AD02F18188D790C7980F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:61:dd:ef:1d:72:79:80:16:e4:f8:80:cd:93:
00:a6:3d:35:64:45:a7:b8:3a:8b:d4:d0:ae:eb:76:
0a:ca:c3:3f:86:b2:9f:ce:31:82:8c:32:15:9a:74:
94:0c:23:51:f4:eb:34:6c:70:18:b7:a7:47:bf:8a:
70:4e:c5:b7:db:69:27:8b:04:ef:61:ea:21:67:88:
a6:f8:40:c0:cc:49:b9:8e:0b:a7:a8:da:c9:ff:16:
b3:20:c7:1c:74:f7:65:4d:a8:41:d8:0f:8c:e7:10:
f3:29:2f:07:1a:1b:6f:b7:c2:ba:ea:78:ab:3a:64:
02:35:9f:86:06:c1:59:aa:2b:29:4d:ee:c0:00:f8:
18:b3:a1:15:d6:93:a4:11:03:f5:e6:6d:d7:5e:50:
3b:2e:51:f3:fd:96:40:37:cf:10:7b:70:2a:80:5c:
3f:39:95:79:43:53:96:00:09:4e:73:1b:0e:78:e8:
8c:f7:33:7a:4a:b5:8f:d2:ec:0f:8e:a2:9c:60:7d:
10:89:17:2c:55:95:55:dc:ea:0f:bc:22:9e:f0:e5:
c0:6c:2f:26:4c:42:af:ac:a7:c5:c9:e3:80:9a:db:
91:de:83:2f:1f:a6:be:85:c3:7c:ae:ee:cf:49:3d:
3b:5a:92:fc:4b:32:61:36:91:88:36:27:78:c7:65:
83:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:F7:BE:A5:E0:0A:B2:71:1C:E1:AD:02:F1:81:88:D7:90:C7:98:0F
X509v3 Authority Key Identifier:
keyid:B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/gve-peAKsnEc4a0C8YGI15DHmA8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:48:7f:d3:32:19:d0:cd:0b:bf:dd:13:a4:cf:28:a0:9a:96:
68:68:ef:ba:a1:0a:52:20:82:7b:22:5f:86:df:9d:78:c7:9d:
e3:0c:7b:87:b3:db:09:0b:74:c0:7d:37:16:44:f2:d7:4e:0b:
2e:51:f9:2e:22:90:f7:cd:05:08:00:f4:b0:be:29:2a:cb:03:
62:06:5c:6a:66:ca:fe:d2:b9:38:96:af:1c:90:d8:76:d3:3d:
e4:61:d8:4f:4c:14:28:eb:ee:b9:09:fe:cc:2b:6c:3f:71:a1:
70:d3:a5:f6:85:09:4d:f5:55:6f:e3:f6:50:33:95:31:9e:3a:
30:91:4e:41:62:d3:ad:d3:d9:c0:a7:e3:ce:ba:62:36:25:6d:
95:0f:47:72:0a:c8:6c:7b:0c:17:42:56:04:f2:2f:3c:a5:0a:
76:f2:0e:59:b2:8f:60:57:d8:70:0d:0f:3b:5b:64:17:09:8d:
c0:49:b7:20:61:1b:6f:c3:33:f9:d4:a9:0d:5b:20:d1:d5:8e:
49:2c:3a:5c:bb:1e:23:61:f7:ab:10:38:2d:e9:5f:4a:dc:eb:
c8:61:c5:25:5a:79:c7:a7:2d:06:41:28:e3:54:a7:d4:47:19:
58:74:3d:9d:a3:b1:b9:e2:91:5f:dc:b8:33:cf:20:85:83:a3:
11:f7:16:f4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEjwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjNC
QTZBRUYzQjhGQTJFNUQ5QjVFNDM0MzhFMDAyMEQ0MjZBMUVDQTAeFw0yNDA5MTIx
NTA2NThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgyRjdCRUE1RTAwQUIy
NzExQ0UxQUQwMkYxODE4OEQ3OTBDNzk4MEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2Yd3vHXJ5gBbk+IDNkwCmPTVkRae4OovU0K7rdgrKwz+Gsp/O
MYKMMhWadJQMI1H06zRscBi3p0e/inBOxbfbaSeLBO9h6iFniKb4QMDMSbmOC6eo
2sn/FrMgxxx092VNqEHYD4znEPMpLwcaG2+3wrrqeKs6ZAI1n4YGwVmqKylN7sAA
+BizoRXWk6QRA/XmbddeUDsuUfP9lkA3zxB7cCqAXD85lXlDU5YACU5zGw546Iz3
M3pKtY/S7A+OopxgfRCJFyxVlVXc6g+8Ip7w5cBsLyZMQq+sp8XJ44Ca25Hegy8f
pr6Fw3yu7s9JPTtakvxLMmE2kYg2J3jHZYO7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUgve+peAKsnEc4a0C8YGI15DHmA8wHwYDVR0jBBgwFoAUs7pq7zuPouXZteQ0
OOACDUJqHsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3
L3M3cHE3enVQb3VYWnRlUTBPT0FDRFVKcUhzby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvczdwcTd6dVBvdVhadGVRME9PQUNEVUpxSHNvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L2d2ZS1wZUFLc25FYzRh
MEM4WUdJMTVESG1BOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwfTANBgkqhkiG9w0BAQsFAAOCAQEAH0h/0zIZ0M0Lv90TpM8ooJqWaGjvuqEK
UiCCeyJfht+deMed4wx7h7PbCQt0wH03FkTy104LLlH5LiKQ980FCAD0sL4pKssD
YgZcambK/tK5OJavHJDYdtM95GHYT0wUKOvuuQn+zCtsP3GhcNOl9oUJTfVVb+P2
UDOVMZ46MJFOQWLTrdPZwKfjzrpiNiVtlQ9HcgrIbHsMF0JWBPIvPKUKdvIOWbKP
YFfYcA0PO1tkFwmNwEm3IGEbb8Mz+dSpDVsg0dWOSSw6XLseI2H3qxA4LelfStzr
yGHFJVp5x6ctBkEo41Sn1EcZWHQ9naOxueKRX9y4M88ghYOjEfcW9A==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:43 2025 by rpki-client