Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/-qomYDhD0uARzNl7IMtCbkv_z-8.roa
File: -qomYDhD0uARzNl7IMtCbkv_z-8.roa (raw, json)
Hash identifier: HVTI3o0ST412GzAFuCu2A6keOwjJwEgdzQhcScuTkxg=
Subject key identifier: FA:AA:26:60:38:43:D2:E0:11:CC:D9:7B:20:CB:42:6E:4B:FF:CF:EF
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 14B2
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/-qomYDhD0uARzNl7IMtCbkv_z-8.roa
Signing time: Wed 11 Sep 2024 02:23:40 +0000
ROA not before: Wed 11 Sep 2024 02:23:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24373
IP address blocks: 45.252.100.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5298 (0x14b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FAAA26603843D2E011CCD97B20CB426E4BFFCFEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e2:23:ac:e4:19:b2:0c:c2:c9:1b:82:0c:d9:
26:94:98:63:89:41:9e:62:49:31:16:b9:bb:63:84:
13:0d:5e:ed:4b:49:46:51:80:93:d7:f5:30:8e:10:
24:08:b1:37:77:6b:01:ed:9e:62:50:7b:a3:ce:ac:
fb:79:73:2d:72:5f:60:1e:9b:cc:5c:84:67:20:e7:
a3:ea:39:1a:8c:6f:64:5d:d6:57:a4:95:11:88:f0:
e9:0e:02:22:21:60:eb:b8:cf:60:4a:cf:ae:f4:08:
be:b7:89:88:8c:eb:79:e4:c5:95:78:50:32:a5:2c:
7c:5b:15:c4:ba:06:b7:95:1c:df:29:34:58:97:68:
f6:2b:cc:04:96:b2:54:c4:ac:61:bb:85:2b:8a:28:
d1:2e:3f:e2:49:97:71:4d:17:6a:3c:ba:33:a8:46:
58:99:8e:72:90:32:f8:3f:90:44:4c:32:96:10:36:
e4:85:53:c2:d6:25:96:78:46:a4:69:2d:29:8d:70:
0e:9a:05:91:6b:16:0a:77:17:7e:94:c6:53:f9:34:
61:b4:fd:23:1f:f7:36:10:6c:8a:ae:16:09:32:8a:
7a:c8:60:c4:80:41:6d:17:c7:87:37:ae:07:f0:dc:
fe:85:2b:54:10:e2:9b:79:2b:60:b6:64:88:8d:d6:
a3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:AA:26:60:38:43:D2:E0:11:CC:D9:7B:20:CB:42:6E:4B:FF:CF:EF
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/-qomYDhD0uARzNl7IMtCbkv_z-8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.100.0/22
Signature Algorithm: sha256WithRSAEncryption
37:55:9a:29:6f:b8:6d:d8:51:39:ba:1c:fc:da:26:3d:f9:94:
30:ae:8c:ad:6a:8c:be:4d:f3:15:21:52:d6:68:87:38:2c:66:
13:f5:51:6b:5f:ba:82:d9:d3:b2:98:11:e6:50:49:8d:08:8b:
41:41:88:71:d7:7d:18:b5:9e:eb:eb:41:ee:d4:c8:bf:93:0c:
e7:3b:0a:e7:5e:b4:1d:11:7a:8d:50:5d:bb:26:7e:28:9f:55:
d6:33:c5:90:15:60:4c:24:bd:3b:f8:e7:a2:8b:d3:12:20:57:
09:47:88:76:02:18:80:19:44:5f:69:c8:4e:cc:19:4b:d0:5d:
08:5e:50:53:35:29:41:14:a6:ef:e7:eb:29:75:31:8a:ce:be:
e9:6a:bf:09:f4:7a:3b:e2:07:82:7a:46:b1:eb:4d:ec:93:53:
4e:f3:22:0c:cc:4a:fb:1d:e7:4e:bc:6c:91:40:1f:2f:73:f8:
dd:29:d7:e3:11:dd:ce:a9:25:1d:40:a7:19:c8:8d:be:7f:9a:
fa:30:aa:a2:1b:3a:22:e3:37:5b:a3:c0:3e:70:a7:1f:ea:5c:
a4:1a:5f:e2:b4:77:6f:6b:ce:c6:6c:6d:c9:03:84:0b:8d:37:
02:62:4a:4c:50:7c:71:8d:ab:5a:fe:a5:00:ae:3e:fd:e3:53:
fe:74:89:78
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFLIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZBQUEyNjYwMzg0M0Qy
RTAxMUNDRDk3QjIwQ0I0MjZFNEJGRkNGRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCo4iOs5BmyDMLJG4IM2SaUmGOJQZ5iSTEWubtjhBMNXu1LSUZR
gJPX9TCOECQIsTd3awHtnmJQe6POrPt5cy1yX2Aem8xchGcg56PqORqMb2Rd1lek
lRGI8OkOAiIhYOu4z2BKz670CL63iYiM63nkxZV4UDKlLHxbFcS6BreVHN8pNFiX
aPYrzASWslTErGG7hSuKKNEuP+JJl3FNF2o8ujOoRliZjnKQMvg/kERMMpYQNuSF
U8LWJZZ4RqRpLSmNcA6aBZFrFgp3F36UxlP5NGG0/SMf9zYQbIquFgkyinrIYMSA
QW0Xx4c3rgfw3P6FK1QQ4pt5K2C2ZIiN1qPpAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU+qomYDhD0uARzNl7IMtCbkv/z+8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3Ly1xb21ZRGhEMHVBUnpO
bDdJTXRDYmt2X3otOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/GQwDQYJKoZIhvcNAQELBQADggEBADdVmilvuG3YUTm6HPzaJj35lDCujK1q
jL5N8xUhUtZohzgsZhP1UWtfuoLZ07KYEeZQSY0Ii0FBiHHXfRi1nuvrQe7UyL+T
DOc7CudetB0Reo1QXbsmfiifVdYzxZAVYEwkvTv456KL0xIgVwlHiHYCGIAZRF9p
yE7MGUvQXQheUFM1KUEUpu/n6yl1MYrOvulqvwn0ejviB4J6RrHrTeyTU07zIgzM
Svsd5068bJFAHy9z+N0p1+MR3c6pJR1ApxnIjb5/mvowqqIbOiLjN1ujwD5wpx/q
XKQaX+K0d29rzsZsbckDhAuNNwJiSkxQfHGNq1r+pQCuPv3jU/50iXg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:23 2025 by rpki-client