Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/399/bAG6AC_0PSNypyED9pnxQNQCVtI.roa
File: bAG6AC_0PSNypyED9pnxQNQCVtI.roa (raw, json)
Hash identifier: jhr//Z463D+Ajq8/4ypJEc6xjeG98EpU4T3CiJmconk=
Subject key identifier: 6C:01:BA:00:2F:F4:3D:23:72:A7:21:03:F6:99:F1:40:D4:02:56:D2
Certificate issuer: /CN=51C4C1D52D2E3FE6BF3D9BF1B3D6924B49C5D4E5
Certificate serial: 43A6
Authority key identifier: 51:C4:C1:D5:2D:2E:3F:E6:BF:3D:9B:F1:B3:D6:92:4B:49:C5:D4:E5
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UcTB1S0uP-a_PZvxs9aSS0nF1OU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/bAG6AC_0PSNypyED9pnxQNQCVtI.roa
Signing time: Fri 24 May 2024 02:26:46 +0000
ROA not before: Fri 24 May 2024 02:26:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 132203
IP address blocks: 203.205.136.0/24 maxlen: 24
203.205.137.0/24 maxlen: 24
203.205.155.0/24 maxlen: 24
203.205.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17318 (0x43a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51C4C1D52D2E3FE6BF3D9BF1B3D6924B49C5D4E5
Validity
Not Before: May 24 02:26:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6C01BA002FF43D2372A72103F699F140D40256D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:af:de:f9:f1:b6:45:f2:fb:18:6f:d9:b5:bb:
40:29:83:57:9d:75:c0:fe:a4:a3:32:54:ac:97:d9:
b1:06:db:bd:ce:49:2f:6a:c5:8e:95:71:75:de:15:
b2:9c:e0:4d:1a:ed:73:c7:c5:25:c6:05:2f:30:cc:
c4:2b:10:81:39:1d:6a:33:04:00:4e:1a:12:ac:4c:
bb:03:88:06:af:00:18:9d:0e:21:07:84:1d:6e:bc:
4c:43:60:e5:07:aa:25:bd:f7:73:34:b7:1c:01:13:
b8:31:2c:50:99:82:3f:24:a8:c4:2d:07:db:a2:bf:
19:3e:8a:9c:cd:b0:24:7f:df:43:db:9b:9a:6a:e7:
ee:9d:83:df:a8:89:9d:0e:82:df:1f:8b:84:27:4b:
bd:ca:8a:7e:d1:4f:3e:4c:24:23:83:21:ec:0d:aa:
2b:6b:68:70:94:3a:91:47:ff:1b:74:47:bb:4e:6f:
5c:5c:28:68:6c:1d:66:90:28:c9:8d:93:5e:54:e0:
e4:63:d0:de:c4:5d:5b:b0:02:0f:9f:68:21:21:1a:
c6:00:c2:20:a6:86:ed:5b:0a:13:7b:d0:1b:48:6d:
9e:bf:8d:77:89:ed:cd:5f:44:12:74:52:4a:c3:02:
03:94:56:5e:5a:e1:f1:de:70:4f:5c:1c:75:90:bf:
ab:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:01:BA:00:2F:F4:3D:23:72:A7:21:03:F6:99:F1:40:D4:02:56:D2
X509v3 Authority Key Identifier:
keyid:51:C4:C1:D5:2D:2E:3F:E6:BF:3D:9B:F1:B3:D6:92:4B:49:C5:D4:E5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/UcTB1S0uP-a_PZvxs9aSS0nF1OU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UcTB1S0uP-a_PZvxs9aSS0nF1OU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/399/bAG6AC_0PSNypyED9pnxQNQCVtI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.205.136.0/23
203.205.155.0/24
203.205.159.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:36:20:58:b3:eb:39:91:fc:51:a2:6d:b7:cb:03:c6:42:19:
6f:ec:eb:02:e6:39:36:48:fc:49:fb:ef:70:46:56:a6:e6:98:
78:8e:8f:8a:30:b3:a7:d2:6b:64:78:9f:3d:88:49:94:1c:fc:
c2:04:95:98:74:24:3f:2d:24:c3:61:9a:e3:3a:14:e1:41:ad:
4e:fc:1e:cc:8d:60:c2:82:7a:1f:8c:18:fa:5b:e6:9a:0d:90:
99:a4:0a:c7:02:80:c8:38:f4:c5:4d:52:31:f8:91:e8:7f:20:
56:0c:28:00:66:5c:87:19:68:f3:1f:ec:8f:ff:21:06:96:8a:
22:65:0c:82:19:f7:52:84:0b:89:98:d2:a2:b9:9e:34:04:1c:
b0:b3:b5:75:d4:98:f6:fb:22:66:48:bf:a5:44:db:17:7c:3d:
25:12:e5:29:49:f8:52:d6:d9:e7:b5:63:35:da:68:83:cc:34:
ff:f9:11:f6:3b:1f:0f:78:3a:8f:7a:91:d1:5c:15:8a:59:b3:
df:58:e1:18:d7:c6:cd:68:bd:5b:85:b3:ff:58:20:0b:ef:76:
44:f1:78:a6:b5:9b:8e:3d:46:ec:c6:03:a5:0c:41:7a:8b:de:
e0:02:ec:e5:6a:a0:20:1d:59:65:43:2a:2e:d2:79:fe:4d:5a:
2b:68:cb:4c
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICQ6YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTFD
NEMxRDUyRDJFM0ZFNkJGM0Q5QkYxQjNENjkyNEI0OUM1RDRFNTAeFw0yNDA1MjQw
MjI2NDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZDMDFCQTAwMkZGNDNE
MjM3MkE3MjEwM0Y2OTlGMTQwRDQwMjU2RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD2r9758bZF8vsYb9m1u0Apg1eddcD+pKMyVKyX2bEG273OSS9q
xY6VcXXeFbKc4E0a7XPHxSXGBS8wzMQrEIE5HWozBABOGhKsTLsDiAavABidDiEH
hB1uvExDYOUHqiW993M0txwBE7gxLFCZgj8kqMQtB9uivxk+ipzNsCR/30Pbm5pq
5+6dg9+oiZ0Ogt8fi4QnS73Kin7RTz5MJCODIewNqitraHCUOpFH/xt0R7tOb1xc
KGhsHWaQKMmNk15U4ORj0N7EXVuwAg+faCEhGsYAwiCmhu1bChN70BtIbZ6/jXeJ
7c1fRBJ0UkrDAgOUVl5a4fHecE9cHHWQv6ttAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUbAG6AC/0PSNypyED9pnxQNQCVtIwHwYDVR0jBBgwFoAUUcTB1S0uP+a/PZvx
s9aSS0nF1OUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzk5
L1VjVEIxUzB1UC1hX1BadnhzOWFTUzBuRjFPVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvVWNUQjFTMHVQLWFfUFp2eHM5YVNTMG5GMU9VLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzk5L2JBRzZBQ18wUFNOeXB5
RUQ5cG54UU5RQ1Z0SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAHLzYgDBADLzZsDBADLzZ8wDQYJKoZIhvcNAQELBQADggEBAKQ2IFiz6zmR/FGi
bbfLA8ZCGW/s6wLmOTZI/En773BGVqbmmHiOj4ows6fSa2R4nz2ISZQc/MIElZh0
JD8tJMNhmuM6FOFBrU78HsyNYMKCeh+MGPpb5poNkJmkCscCgMg49MVNUjH4keh/
IFYMKABmXIcZaPMf7I//IQaWiiJlDIIZ91KEC4mY0qK5njQEHLCztXXUmPb7ImZI
v6VE2xd8PSUS5SlJ+FLW2ee1YzXaaIPMNP/5EfY7Hw94Oo96kdFcFYpZs99Y4RjX
xs1ovVuFs/9YIAvvdkTxeKa1m449RuzGA6UMQXqL3uAC7OVqoCAdWWVDKi7Sef5N
Witoy0w=
-----END CERTIFICATE-----
Generated at Mon Apr 14 18:50:17 2025 by rpki-client