Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/XFsxRLXFzVI5A4ikER0ex_SxQVY.roa
File: XFsxRLXFzVI5A4ikER0ex_SxQVY.roa (raw, json)
Hash identifier: EwsPvF5SJIjKSA+aCHD4R6lzGFlM5ZlyJwOmdtmX5+I=
Subject key identifier: 5C:5B:31:44:B5:C5:CD:52:39:03:88:A4:11:1D:1E:C7:F4:B1:41:56
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0C4A
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/XFsxRLXFzVI5A4ikER0ex_SxQVY.roa
Signing time: Wed 28 Aug 2024 08:53:53 +0000
ROA not before: Wed 28 Aug 2024 08:53:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 62387
IP address blocks: 119.59.248.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3146 (0xc4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Aug 28 08:53:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5C5B3144B5C5CD52390388A4111D1EC7F4B14156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c6:69:b3:27:8e:1d:5e:dd:f9:3b:8b:b4:9e:
05:8a:a8:37:c0:0d:49:c1:0e:d3:d8:4a:b7:8f:1f:
cf:f5:55:57:70:ef:7b:2f:e8:95:b6:1e:7f:d2:62:
4b:5f:9f:0a:40:4e:3e:cf:f2:83:74:33:90:db:11:
ad:a4:b3:4f:6c:7c:7b:99:1b:f3:6c:1c:af:b3:e2:
b2:b3:2c:c1:b3:50:2c:91:11:78:5d:9a:56:92:a2:
d5:7e:48:08:36:da:45:8d:2d:7c:74:04:5f:f8:10:
4e:24:80:8e:d3:0a:22:d5:32:eb:26:a1:1b:5e:42:
2b:60:e3:50:2d:38:69:78:7d:1c:7a:7c:3f:c0:dc:
25:aa:35:25:c1:d4:f8:a5:e0:28:3a:51:c0:f1:3c:
df:4b:94:82:50:ea:06:1e:b9:0c:37:24:97:c2:6a:
ea:04:e7:f4:73:8f:6a:8a:1e:a4:c5:d8:c5:ea:a5:
7a:7e:22:dc:42:1a:d0:dd:87:8d:f8:49:1f:be:9d:
aa:fb:df:d1:61:a2:1e:93:c0:9b:96:00:2a:61:74:
16:28:ec:3f:5f:b2:e2:aa:79:b5:88:fe:c3:4e:c8:
bf:a1:0e:96:e5:bc:44:bc:05:5d:08:e7:98:06:5e:
cf:8a:91:ec:47:05:67:98:4f:50:cc:32:5a:d4:25:
07:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5B:31:44:B5:C5:CD:52:39:03:88:A4:11:1D:1E:C7:F4:B1:41:56
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/XFsxRLXFzVI5A4ikER0ex_SxQVY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.59.248.0/22
Signature Algorithm: sha256WithRSAEncryption
65:7f:e1:97:51:a0:c4:41:f7:88:16:72:a2:6c:6b:0c:30:d6:
34:24:b0:74:74:79:c2:ff:8b:ad:b1:21:a2:79:42:ab:2e:b6:
98:68:62:7c:c5:89:bd:0f:7d:5a:d1:75:7d:37:db:3d:b8:c4:
9f:c3:27:b0:49:df:4a:2f:4a:64:70:c5:16:ae:bf:a1:36:9d:
7b:86:7e:8a:25:b2:9f:ee:88:22:78:fe:25:e4:a3:c4:cf:55:
bf:d1:0d:7f:81:5b:2e:05:85:b3:2b:15:f4:3f:38:b4:0b:3e:
b5:a8:70:7f:52:ea:fc:bf:d9:b4:28:0c:0c:05:0e:b8:c3:94:
fb:8e:6d:c4:9b:f8:9f:57:94:55:42:14:85:d9:16:fa:03:a1:
c4:42:00:b1:1b:50:66:75:5c:c4:36:49:2f:32:bb:6b:59:b6:
c2:45:62:71:8a:64:6c:4b:a7:4e:4f:04:0a:97:f3:08:41:9e:
e1:f5:86:cd:a6:af:58:12:9f:f6:d7:9a:9e:b0:08:cd:0e:52:
c0:41:a7:d4:99:61:f6:da:a0:fc:a6:71:28:b0:03:bb:85:89:
ce:dd:ab:22:83:c6:d0:d3:00:62:95:c8:86:d6:12:7b:6a:75:
c2:33:71:a0:3b:41:9f:1c:86:ac:d8:35:04:76:cd:2c:98:37:
e0:1e:d0:44
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDEowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw
ODUzNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVDNUIzMTQ0QjVDNUNE
NTIzOTAzODhBNDExMUQxRUM3RjRCMTQxNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClxmmzJ44dXt35O4u0ngWKqDfADUnBDtPYSrePH8/1VVdw73sv
6JW2Hn/SYktfnwpATj7P8oN0M5DbEa2ks09sfHuZG/NsHK+z4rKzLMGzUCyREXhd
mlaSotV+SAg22kWNLXx0BF/4EE4kgI7TCiLVMusmoRteQitg41AtOGl4fRx6fD/A
3CWqNSXB1Pil4Cg6UcDxPN9LlIJQ6gYeuQw3JJfCauoE5/Rzj2qKHqTF2MXqpXp+
ItxCGtDdh434SR++nar739Fhoh6TwJuWACphdBYo7D9fsuKqebWI/sNOyL+hDpbl
vES8BV0I55gGXs+KkexHBWeYT1DMMlrUJQdbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUXFsxRLXFzVI5A4ikER0ex/SxQVYwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1hGc3hSTFhGelZJNUE0
aWtFUjBleF9TeFFWWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ3O/gwDQYJKoZIhvcNAQELBQADggEBAGV/4ZdRoMRB94gWcqJsawww1jQksHR0
ecL/i62xIaJ5QqsutphoYnzFib0PfVrRdX032z24xJ/DJ7BJ30ovSmRwxRauv6E2
nXuGfoolsp/uiCJ4/iXko8TPVb/RDX+BWy4FhbMrFfQ/OLQLPrWocH9S6vy/2bQo
DAwFDrjDlPuObcSb+J9XlFVCFIXZFvoDocRCALEbUGZ1XMQ2SS8yu2tZtsJFYnGK
ZGxLp05PBAqX8whBnuH1hs2mr1gSn/bXmp6wCM0OUsBBp9SZYfbaoPymcSiwA7uF
ic7dqyKDxtDTAGKVyIbWEntqdcIzcaA7QZ8chqzYNQR2zSyYN+Ae0EQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:48 2025 by rpki-client