Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/UdWmazoOuWYKbcovE583Ef7yY78.roa
File: UdWmazoOuWYKbcovE583Ef7yY78.roa (raw, json)
Hash identifier: OzCpZCucpj7C6Ko0KcNw25FI/TpLE9Lu/UTrXtPqABY=
Subject key identifier: 51:D5:A6:6B:3A:0E:B9:66:0A:6D:CA:2F:13:9F:37:11:FE:F2:63:BF
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0C59
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/UdWmazoOuWYKbcovE583Ef7yY78.roa
Signing time: Wed 28 Aug 2024 08:53:59 +0000
ROA not before: Wed 28 Aug 2024 08:53:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 62387
IP address blocks: 119.59.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3161 (0xc59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Aug 28 08:53:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=51D5A66B3A0EB9660A6DCA2F139F3711FEF263BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1c:ea:42:be:6d:6c:77:f0:fc:a8:97:2b:26:
ff:5e:d5:7e:63:35:ec:a1:1c:39:37:a3:1d:d3:79:
5c:1f:d0:24:0b:de:c2:d4:33:b3:b2:84:99:13:a6:
7f:1a:7c:fc:f8:6c:00:bd:50:45:3c:a9:e4:5e:b0:
14:47:44:f6:40:18:98:32:74:8c:e5:f7:5b:49:18:
44:09:a6:9d:4f:70:53:83:1a:e2:25:7d:c0:fd:aa:
93:9b:17:e2:f2:86:6b:13:d6:58:44:cf:0c:3f:1e:
70:06:81:f8:00:a0:76:88:92:f2:61:56:4c:55:fd:
5a:9b:d7:8f:b7:a9:8b:f6:bd:66:00:dc:40:33:2e:
44:c4:7d:57:ff:54:b2:ab:08:fb:f0:60:e2:20:70:
a0:0f:d5:c2:e4:94:39:db:89:74:df:aa:59:e8:52:
18:73:f4:0d:f4:54:80:f3:a5:8c:20:86:f0:85:89:
96:8d:ce:31:be:58:16:97:2d:7b:07:c9:5d:31:3c:
63:8e:7a:53:de:b2:ca:41:ff:05:22:3e:2d:b2:db:
91:69:9c:bf:81:3e:da:a4:2b:b1:2e:3e:05:f4:da:
6a:a5:43:c8:16:9f:e3:65:fd:d1:15:dc:8a:2f:3d:
0b:ee:51:04:c1:07:3e:94:69:9f:60:ba:e5:96:62:
63:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:D5:A6:6B:3A:0E:B9:66:0A:6D:CA:2F:13:9F:37:11:FE:F2:63:BF
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/UdWmazoOuWYKbcovE583Ef7yY78.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.59.252.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:5c:b6:c1:61:a5:30:3e:bf:2e:a7:6c:d7:97:d2:c9:22:10:
8f:b9:b3:ab:5f:df:03:46:a0:75:35:42:9f:25:50:7d:96:b8:
f7:e5:6f:98:d2:fd:c6:84:9a:07:fd:33:b7:6f:92:7b:2f:ae:
02:30:e6:bc:b8:69:42:37:a5:ea:a4:90:02:eb:0d:0c:3e:17:
d6:33:8c:76:a0:ed:8f:5c:cc:98:45:96:38:f3:33:6d:76:ef:
ab:b2:16:d2:fb:b3:03:67:0f:d3:8b:24:31:56:55:3b:30:3a:
cd:10:43:94:d7:fa:d7:55:1b:e8:9c:93:b8:ad:ba:37:66:17:
20:29:12:03:6c:da:f7:a0:6e:69:65:2b:56:d4:60:14:d1:d6:
3d:df:6b:b2:ea:06:91:04:8b:01:b6:ce:77:da:8d:b4:fa:a3:
e5:8a:54:07:f9:72:e6:33:ae:e1:56:b2:7b:b3:0b:10:8a:9d:
9f:9f:ee:bf:6d:7c:29:77:66:14:4d:58:88:d1:eb:93:fb:b9:
e7:ce:25:ec:13:80:a8:83:56:21:83:99:52:3c:af:a6:39:13:
8f:94:7c:c1:01:c3:61:eb:e9:cb:31:f5:e7:ef:29:93:6d:33:
ed:8e:97:33:14:d3:38:37:1d:10:fb:ec:ad:2a:b6:32:cc:b0:
ad:5c:fb:8f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDFkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw
ODUzNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUxRDVBNjZCM0EwRUI5
NjYwQTZEQ0EyRjEzOUYzNzExRkVGMjYzQkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvHOpCvm1sd/D8qJcrJv9e1X5jNeyhHDk3ox3TeVwf0CQL3sLU
M7OyhJkTpn8afPz4bAC9UEU8qeResBRHRPZAGJgydIzl91tJGEQJpp1PcFODGuIl
fcD9qpObF+LyhmsT1lhEzww/HnAGgfgAoHaIkvJhVkxV/Vqb14+3qYv2vWYA3EAz
LkTEfVf/VLKrCPvwYOIgcKAP1cLklDnbiXTfqlnoUhhz9A30VIDzpYwghvCFiZaN
zjG+WBaXLXsHyV0xPGOOelPesspB/wUiPi2y25FpnL+BPtqkK7EuPgX02mqlQ8gW
n+Nl/dEV3IovPQvuUQTBBz6UaZ9guuWWYmPxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUUdWmazoOuWYKbcovE583Ef7yY78wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1VkV21hem9PdVdZS2Jj
b3ZFNTgzRWY3eVk3OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ3O/wwDQYJKoZIhvcNAQELBQADggEBAFtctsFhpTA+vy6nbNeX0skiEI+5s6tf
3wNGoHU1Qp8lUH2WuPflb5jS/caEmgf9M7dvknsvrgIw5ry4aUI3peqkkALrDQw+
F9YzjHag7Y9czJhFljjzM21276uyFtL7swNnD9OLJDFWVTswOs0QQ5TX+tdVG+ic
k7itujdmFyApEgNs2vegbmllK1bUYBTR1j3fa7LqBpEEiwG2znfajbT6o+WKVAf5
cuYzruFWsnuzCxCKnZ+f7r9tfCl3ZhRNWIjR65P7uefOJewTgKiDViGDmVI8r6Y5
E4+UfMEBw2Hr6csx9efvKZNtM+2OlzMU0zg3HRD77K0qtjLMsK1c+48=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:17 2025 by rpki-client