Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/479/YhfguG2ongrNwT7Av75WeJ4YSJo.roa
File: YhfguG2ongrNwT7Av75WeJ4YSJo.roa (raw, json)
Hash identifier: C5/5G4t2c66TjFYQDoHH4NEIqcQjisrhZax4gdANzbA=
Subject key identifier: 62:17:E0:B8:6D:A8:9E:0A:CD:C1:3E:C0:BF:BE:56:78:9E:18:48:9A
Certificate issuer: /CN=025E2D794E6FFAE295BACE491100E3D18B9C7141
Certificate serial: 0CA0
Authority key identifier: 02:5E:2D:79:4E:6F:FA:E2:95:BA:CE:49:11:00:E3:D1:8B:9C:71:41
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Al4teU5v-uKVus5JEQDj0YuccUE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/YhfguG2ongrNwT7Av75WeJ4YSJo.roa
Signing time: Wed 13 Mar 2024 01:23:46 +0000
ROA not before: Wed 13 Mar 2024 01:23:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 38283
IP address blocks: 60.247.128.0/17 maxlen: 24
211.149.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3232 (0xca0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=025E2D794E6FFAE295BACE491100E3D18B9C7141
Validity
Not Before: Mar 13 01:23:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6217E0B86DA89E0ACDC13EC0BFBE56789E18489A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c2:37:4b:3c:fe:02:48:c6:09:0d:37:c7:e0:
a1:3f:ac:28:23:2d:02:b3:c9:2a:13:ee:df:02:cf:
fc:8a:36:8c:3c:f3:12:36:8b:f4:12:0d:d4:99:19:
f3:2f:92:a5:9b:18:1c:f6:d0:0c:31:fa:eb:b2:72:
8e:7e:ec:7e:5d:1f:e4:a8:56:55:2d:ee:41:96:5c:
22:b1:46:be:7f:ab:6a:9d:45:8f:98:08:7a:99:82:
37:0c:7c:67:8e:fd:e3:38:77:31:a5:fd:6d:d5:6d:
2a:9a:08:c5:25:48:a1:86:8f:82:04:21:ce:98:ba:
3f:d6:b3:3c:5d:fd:f6:8e:4d:1a:a1:5b:99:b9:96:
cb:cf:9f:2c:54:19:d2:70:ac:f9:8b:7e:82:83:99:
4c:f5:7b:8b:3a:d5:c2:4c:f0:f1:2a:66:63:36:a5:
6c:87:fd:89:ff:fb:a4:b4:99:79:f1:d4:ac:d8:27:
db:15:80:15:4c:7f:60:62:e5:25:50:78:00:cf:a9:
01:fb:05:50:92:ef:66:5b:81:0a:b4:5e:b5:bd:b4:
4e:a0:e7:06:45:a4:d3:c1:bb:57:97:78:68:74:8f:
4d:43:18:94:37:fe:41:2d:a5:4c:f3:85:1d:de:2f:
0d:ae:01:1c:56:3e:ec:94:18:12:d4:2e:7c:4b:ed:
61:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:17:E0:B8:6D:A8:9E:0A:CD:C1:3E:C0:BF:BE:56:78:9E:18:48:9A
X509v3 Authority Key Identifier:
keyid:02:5E:2D:79:4E:6F:FA:E2:95:BA:CE:49:11:00:E3:D1:8B:9C:71:41
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Al4teU5v-uKVus5JEQDj0YuccUE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/YhfguG2ongrNwT7Av75WeJ4YSJo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.247.128.0/17
211.149.128.0/17
Signature Algorithm: sha256WithRSAEncryption
9a:11:f3:44:94:7c:f1:c9:c6:a0:1a:16:da:2c:97:eb:16:1e:
e7:b8:dc:da:cb:5d:57:b7:d6:85:77:52:73:b7:a0:f5:73:2e:
38:bf:19:d4:63:73:2c:a3:80:25:c0:ac:87:63:63:7c:ad:6b:
1d:d6:f7:03:f4:43:5b:23:ff:19:43:c6:fe:59:61:42:a0:da:
10:98:33:d9:17:2f:1c:d6:03:51:a5:1e:03:a5:5e:b2:86:b2:
26:41:42:1c:f1:78:95:a9:1f:99:60:04:17:a7:29:b3:a2:d9:
e9:01:aa:dd:c5:0f:8e:9e:71:44:fa:f7:7d:9a:c5:2d:ef:35:
99:81:04:d0:8f:d8:78:07:35:71:bf:3c:e2:35:7a:87:ab:7d:
d2:b2:e4:db:1c:f0:fc:45:b2:6e:85:53:05:2b:85:c1:1f:40:
21:eb:1d:e0:60:7f:7b:2d:4f:c4:00:02:d2:da:67:06:11:ca:
b5:85:53:d6:5e:cf:5a:6e:43:95:ea:a0:00:0b:47:3d:59:00:
cb:72:8c:78:f4:44:a5:3a:5d:3b:66:c0:ed:80:69:7a:ad:e2:
9b:b4:cc:10:06:13:67:1e:32:a4:9f:b2:29:52:ef:f8:e5:65:
ba:e2:d9:25:34:ab:c7:e8:33:c9:32:4b:de:ce:27:e6:a9:28:
2b:02:79:2b
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICDKAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDI1
RTJENzk0RTZGRkFFMjk1QkFDRTQ5MTEwMEUzRDE4QjlDNzE0MTAeFw0yNDAzMTMw
MTIzNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYyMTdFMEI4NkRBODlF
MEFDREMxM0VDMEJGQkU1Njc4OUUxODQ4OUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAwjdLPP4CSMYJDTfH4KE/rCgjLQKzySoT7t8Cz/yKNow88xI2
i/QSDdSZGfMvkqWbGBz20Awx+uuyco5+7H5dH+SoVlUt7kGWXCKxRr5/q2qdRY+Y
CHqZgjcMfGeO/eM4dzGl/W3VbSqaCMUlSKGGj4IEIc6Yuj/Wszxd/faOTRqhW5m5
lsvPnyxUGdJwrPmLfoKDmUz1e4s61cJM8PEqZmM2pWyH/Yn/+6S0mXnx1KzYJ9sV
gBVMf2Bi5SVQeADPqQH7BVCS72ZbgQq0XrW9tE6g5wZFpNPBu1eXeGh0j01DGJQ3
/kEtpUzzhR3eLw2uARxWPuyUGBLULnxL7WFbAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUYhfguG2ongrNwT7Av75WeJ4YSJowHwYDVR0jBBgwFoAUAl4teU5v+uKVus5J
EQDj0YuccUEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDc5
L0FsNHRlVTV2LXVLVnVzNUpFUURqMFl1Y2NVRS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvQWw0dGVVNXYtdUtWdXM1SkVRRGowWXVjY1VFLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDc5L1loZmd1RzJvbmdyTndU
N0F2NzVXZUo0WVNKby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD
BAc894ADBAfTlYAwDQYJKoZIhvcNAQELBQADggEBAJoR80SUfPHJxqAaFtosl+sW
Hue43NrLXVe31oV3UnO3oPVzLji/GdRjcyyjgCXArIdjY3ytax3W9wP0Q1sj/xlD
xv5ZYUKg2hCYM9kXLxzWA1GlHgOlXrKGsiZBQhzxeJWpH5lgBBenKbOi2ekBqt3F
D46ecUT6932axS3vNZmBBNCP2HgHNXG/POI1eoerfdKy5Nsc8PxFsm6FUwUrhcEf
QCHrHeBgf3stT8QAAtLaZwYRyrWFU9Zez1puQ5XqoAALRz1ZAMtyjHj0RKU6XTtm
wO2AaXqt4pu0zBAGE2ceMqSfsilS7/jlZbri2SU0q8foM8kyS97OJ+apKCsCeSs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:06 2025 by rpki-client