Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/5biqx2-EHu3EJty3Pfn3_eOCxig.roa
File: 5biqx2-EHu3EJty3Pfn3_eOCxig.roa (raw, json)
Hash identifier: pkY8Yfr4tuPpUBLG5/fgFN9p6h6SDIb67U9PcFexkp0=
Subject key identifier: E5:B8:AA:C7:6F:84:1E:ED:C4:26:DC:B7:3D:F9:F7:FD:E3:82:C6:28
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0C56
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/5biqx2-EHu3EJty3Pfn3_eOCxig.roa
Signing time: Wed 28 Aug 2024 08:53:58 +0000
ROA not before: Wed 28 Aug 2024 08:53:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 62387
IP address blocks: 123.98.92.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3158 (0xc56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Aug 28 08:53:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E5B8AAC76F841EEDC426DCB73DF9F7FDE382C628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d3:54:5f:82:f2:85:00:e7:0e:6a:db:e3:b2:
b6:46:ae:a2:08:e4:3e:77:cc:b9:19:c8:8a:22:86:
ef:f0:16:bd:f6:3f:23:ac:ee:e2:31:c6:26:6c:2f:
1c:7f:56:98:d5:3b:a7:8e:6d:6e:d6:00:b0:25:19:
6d:b2:94:ca:76:6a:76:4d:30:cf:eb:1f:29:a6:96:
2d:fc:c5:32:67:b7:c8:7b:b2:b8:68:ec:a5:45:b7:
69:ae:3b:0d:a4:35:16:80:55:49:76:1c:d5:d8:5c:
5a:43:4d:5e:dd:89:6c:68:8f:8b:cc:06:c9:cb:74:
ab:4b:12:5c:69:ef:72:6b:67:55:27:82:d8:6d:fa:
75:8c:a1:8d:af:c3:fa:94:20:53:93:05:d9:0e:6b:
07:42:c5:e9:2a:16:7b:ab:9f:b2:05:c4:13:1b:66:
0a:cc:55:c9:0b:74:7a:0b:6a:b6:8a:d2:e2:8b:dd:
a6:03:df:d2:15:1b:65:93:d1:d0:b7:50:95:c7:6f:
57:01:03:55:36:b3:c3:cf:b2:b3:c7:2a:97:8d:b5:
52:50:c2:e2:a3:f8:66:3f:a4:69:db:61:47:26:c7:
fd:37:67:1e:b0:dd:24:f1:82:1a:01:db:9a:be:40:
e0:ee:ce:ed:ba:bb:1d:9a:6f:bd:b0:6e:43:0c:69:
37:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:B8:AA:C7:6F:84:1E:ED:C4:26:DC:B7:3D:F9:F7:FD:E3:82:C6:28
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/5biqx2-EHu3EJty3Pfn3_eOCxig.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.92.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:53:a5:7d:f7:61:0c:bd:7f:fc:af:17:a4:3c:71:a0:09:6f:
63:ef:01:4d:d7:20:ea:b2:78:c3:43:e0:ed:d3:4b:fb:51:d2:
35:81:10:99:d2:fb:22:dd:f6:f7:2a:3f:fd:3c:7e:53:8f:a9:
38:9f:45:e1:16:95:93:8f:05:46:a5:53:ac:e1:6f:56:85:fa:
6f:6b:28:12:f1:36:9b:62:26:9b:c3:d3:7c:4a:bd:fb:14:7c:
ca:00:ef:a6:45:ab:79:dd:7d:f5:9b:9e:44:b6:5f:8d:0f:b9:
a2:05:8d:ca:6d:e5:62:ce:cc:90:88:d9:7f:89:01:ee:f1:c1:
fe:97:10:d2:6f:d7:1b:8e:26:97:7e:71:1d:39:a2:bf:17:e6:
cb:34:3f:51:3d:90:0c:e5:9f:69:c4:dc:33:1c:46:45:da:b5:
8d:14:ba:79:b2:0c:b7:0e:12:83:43:10:71:76:66:1a:60:6c:
c9:a6:ee:29:00:5f:41:76:7e:51:17:e4:f1:d6:24:4e:98:b8:
8f:63:3c:f6:76:0a:db:67:6b:19:fd:33:ce:d1:71:36:8d:88:
67:d6:64:2d:62:ac:58:8b:ef:b8:27:fa:16:34:12:a3:41:b9:
fa:38:04:61:6d:93:98:4b:e2:e3:bf:b3:87:4a:13:d8:1a:29:
83:19:77:e4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDFYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw
ODUzNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU1QjhBQUM3NkY4NDFF
RURDNDI2RENCNzNERjlGN0ZERTM4MkM2MjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB01RfgvKFAOcOatvjsrZGrqII5D53zLkZyIoihu/wFr32PyOs
7uIxxiZsLxx/VpjVO6eObW7WALAlGW2ylMp2anZNMM/rHymmli38xTJnt8h7srho
7KVFt2muOw2kNRaAVUl2HNXYXFpDTV7diWxoj4vMBsnLdKtLElxp73JrZ1Ungtht
+nWMoY2vw/qUIFOTBdkOawdCxekqFnurn7IFxBMbZgrMVckLdHoLaraK0uKL3aYD
39IVG2WT0dC3UJXHb1cBA1U2s8PPsrPHKpeNtVJQwuKj+GY/pGnbYUcmx/03Zx6w
3STxghoB25q+QODuzu26ux2ab72wbkMMaTedAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU5biqx2+EHu3EJty3Pfn3/eOCxigwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzViaXF4Mi1FSHUzRUp0
eTNQZm4zX2VPQ3hpZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ7YlwwDQYJKoZIhvcNAQELBQADggEBAItTpX33YQy9f/yvF6Q8caAJb2PvAU3X
IOqyeMND4O3TS/tR0jWBEJnS+yLd9vcqP/08flOPqTifReEWlZOPBUalU6zhb1aF
+m9rKBLxNptiJpvD03xKvfsUfMoA76ZFq3ndffWbnkS2X40PuaIFjcpt5WLOzJCI
2X+JAe7xwf6XENJv1xuOJpd+cR05or8X5ss0P1E9kAzln2nE3DMcRkXatY0Uunmy
DLcOEoNDEHF2ZhpgbMmm7ikAX0F2flEX5PHWJE6YuI9jPPZ2Cttnaxn9M87RcTaN
iGfWZC1irFiL77gn+hY0EqNBufo4BGFtk5hL4uO/s4dKE9gaKYMZd+Q=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:35 2025 by rpki-client