Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/lFIpyiqcL8UkVryaK3S0LvNynWE.roa
File: lFIpyiqcL8UkVryaK3S0LvNynWE.roa (raw, json)
Hash identifier: APnRh7E2GPZaAl7MMaAXj246BjEM42/y9g6uY9tCb6E=
Subject key identifier: 94:52:29:CA:2A:9C:2F:C5:24:56:BC:9A:2B:74:B4:2E:F3:72:9D:61
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0C49
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/lFIpyiqcL8UkVryaK3S0LvNynWE.roa
Signing time: Wed 28 Aug 2024 08:53:52 +0000
ROA not before: Wed 28 Aug 2024 08:53:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 62387
IP address blocks: 119.59.224.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3145 (0xc49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Aug 28 08:53:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=945229CA2A9C2FC52456BC9A2B74B42EF3729D61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ae:72:37:bc:ff:0f:33:81:71:73:cb:f9:58:
1c:ed:fe:76:f0:bb:19:21:b7:3e:eb:33:b7:3d:ab:
5c:e4:d2:88:db:0d:4e:1c:2f:51:9e:99:d8:61:b2:
8f:1d:0a:e4:a9:d1:48:15:5a:4c:b0:6c:c4:75:ba:
50:7a:24:60:45:c6:27:0b:49:14:d0:ad:ff:81:e4:
30:eb:8c:45:26:50:0b:90:a6:00:6f:21:73:df:45:
c4:23:83:08:4e:fa:a9:25:c5:54:93:f1:77:e1:33:
08:94:a8:29:ec:53:1c:43:92:42:2d:6b:65:a3:56:
7c:58:77:a4:92:c8:07:02:0f:3d:64:40:13:89:dc:
f2:b8:0f:85:b2:8d:cb:4d:91:fa:41:d1:93:35:03:
8d:c7:08:7b:30:04:49:09:8e:14:9a:ec:0c:fd:69:
0e:8e:0f:b2:73:b1:19:57:0c:1e:6a:3f:b9:de:67:
3f:a2:64:31:f6:42:41:80:2e:ca:34:e2:b6:f6:b2:
da:c9:55:72:b3:48:26:b0:c7:81:8e:f7:46:45:2a:
96:88:18:01:40:da:bf:39:89:ef:9a:83:55:dc:87:
c5:e1:ba:37:c9:de:07:f1:c5:9a:9c:ec:8c:d3:65:
1c:e8:f3:42:c2:e2:59:cf:b9:bb:96:23:ec:a6:04:
d0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:52:29:CA:2A:9C:2F:C5:24:56:BC:9A:2B:74:B4:2E:F3:72:9D:61
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/lFIpyiqcL8UkVryaK3S0LvNynWE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.59.224.0/22
Signature Algorithm: sha256WithRSAEncryption
11:41:66:a0:d6:a9:43:8f:0b:21:67:ef:4b:b0:bb:5d:b1:e1:
21:8e:b5:86:ff:5a:8d:8d:b1:2c:37:0f:eb:1d:44:22:51:09:
df:e0:6e:24:5d:fe:33:85:00:c2:1a:78:cc:95:a8:18:d9:3b:
ec:46:e1:b7:c6:40:16:7e:3e:3d:cd:0e:e2:96:27:e0:9c:3d:
68:41:ab:44:56:dd:d0:fb:2f:67:03:d1:42:fe:ab:c4:a2:e2:
51:95:01:32:a9:05:42:14:a0:55:55:fb:30:6a:b4:c6:9d:23:
45:f5:77:48:17:a0:75:14:04:54:d4:95:b8:52:16:f6:89:4e:
e1:9a:d5:3c:df:f4:8e:99:44:bf:54:82:44:5d:da:1a:4c:dd:
b1:90:75:dc:48:25:0e:9a:f9:56:07:5f:72:ff:56:2b:92:51:
20:30:bd:34:09:87:17:d1:65:81:6a:00:5d:73:77:8b:32:e1:
5f:a2:9e:e9:c3:bc:f5:a1:2e:65:6d:2b:da:84:5c:5a:86:44:
39:ed:dc:f9:69:93:cb:85:c3:a4:02:13:07:1c:bf:bd:fc:a2:
96:a4:22:86:d6:7a:db:ae:50:3f:89:2a:ab:95:a0:9d:c3:ca:
9b:3b:2d:d9:03:94:1b:18:5c:d7:82:a5:36:e1:3d:01:5c:b4:
bf:dd:44:fd
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDEkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw
ODUzNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk0NTIyOUNBMkE5QzJG
QzUyNDU2QkM5QTJCNzRCNDJFRjM3MjlENjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHrnI3vP8PM4Fxc8v5WBzt/nbwuxkhtz7rM7c9q1zk0ojbDU4c
L1Gemdhhso8dCuSp0UgVWkywbMR1ulB6JGBFxicLSRTQrf+B5DDrjEUmUAuQpgBv
IXPfRcQjgwhO+qklxVST8XfhMwiUqCnsUxxDkkIta2WjVnxYd6SSyAcCDz1kQBOJ
3PK4D4WyjctNkfpB0ZM1A43HCHswBEkJjhSa7Az9aQ6OD7JzsRlXDB5qP7neZz+i
ZDH2QkGALso04rb2strJVXKzSCawx4GO90ZFKpaIGAFA2r85ie+ag1Xch8XhujfJ
3gfxxZqc7IzTZRzo80LC4lnPubuWI+ymBNBvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUlFIpyiqcL8UkVryaK3S0LvNynWEwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2xGSXB5aXFjTDhVa1Zy
eWFLM1MwTHZOeW5XRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ3O+AwDQYJKoZIhvcNAQELBQADggEBABFBZqDWqUOPCyFn70uwu12x4SGOtYb/
Wo2NsSw3D+sdRCJRCd/gbiRd/jOFAMIaeMyVqBjZO+xG4bfGQBZ+Pj3NDuKWJ+Cc
PWhBq0RW3dD7L2cD0UL+q8Si4lGVATKpBUIUoFVV+zBqtMadI0X1d0gXoHUUBFTU
lbhSFvaJTuGa1Tzf9I6ZRL9UgkRd2hpM3bGQddxIJQ6a+VYHX3L/ViuSUSAwvTQJ
hxfRZYFqAF1zd4sy4V+inunDvPWhLmVtK9qEXFqGRDnt3Plpk8uFw6QCEwccv738
opakIobWetuuUD+JKquVoJ3Dyps7LdkDlBsYXNeCpTbhPQFctL/dRP0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:02 2025 by rpki-client