Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/1mR6QbBraA9iDYZEKsjclQLhJyA.roa
File: 1mR6QbBraA9iDYZEKsjclQLhJyA.roa (raw, json)
Hash identifier: 3OMguiHHhG5oy55EfDlYfhzGjVU4pXmknJ23np9ZwLs=
Subject key identifier: D6:64:7A:41:B0:6B:68:0F:62:0D:86:44:2A:C8:DC:95:02:E1:27:20
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1491
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1mR6QbBraA9iDYZEKsjclQLhJyA.roa
Signing time: Wed 11 Sep 2024 02:23:30 +0000
ROA not before: Wed 11 Sep 2024 02:23:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24373
IP address blocks: 103.221.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5265 (0x1491)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D6647A41B06B680F620D86442AC8DC9502E12720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:88:a9:06:53:58:2b:8e:c6:8f:d2:c9:b8:df:
2d:8c:43:22:3e:fb:c0:76:cd:71:19:e8:51:a6:9f:
76:15:0d:bd:7e:37:47:16:36:08:29:f6:80:fd:da:
22:2b:45:5d:8f:26:73:a1:e2:26:5c:aa:5a:85:34:
e1:91:f5:fb:6b:8d:52:37:3f:66:08:60:16:c7:1f:
a0:24:44:e5:17:bb:fc:3c:21:2d:c1:6f:45:1b:12:
df:eb:ce:60:59:82:7f:a2:10:08:19:5a:d9:98:de:
78:84:60:7e:0d:71:4b:55:a7:9c:0b:6b:13:39:39:
79:11:bc:92:4e:ff:4a:e1:b5:e7:9c:56:5a:90:f5:
b4:15:6b:4e:ee:6a:82:0c:97:93:1e:8a:1c:76:90:
87:24:05:68:f3:2d:c6:18:88:cc:0e:fe:80:23:a3:
0e:24:0b:e7:e3:fd:7e:15:e6:57:ea:48:6f:02:12:
04:cb:22:98:4c:61:a5:37:50:1a:f2:c4:5c:80:f9:
2f:5b:a6:53:1b:5e:52:a8:1d:d5:62:f2:9d:de:1a:
0c:31:75:5b:04:ca:08:05:f3:f2:77:8c:1b:97:bf:
16:47:4e:88:a7:95:be:2f:8a:a0:0a:61:df:c7:62:
73:1e:37:7e:a4:7e:be:d2:6b:2f:e2:1a:ff:54:28:
d0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:64:7A:41:B0:6B:68:0F:62:0D:86:44:2A:C8:DC:95:02:E1:27:20
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1mR6QbBraA9iDYZEKsjclQLhJyA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.8.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:bf:7e:2c:d3:c4:23:99:6f:a1:ef:90:83:5e:f7:bf:e4:cd:
26:21:91:b5:8f:10:8f:2d:9b:1a:05:52:17:57:51:0b:f0:7c:
9e:ad:a9:d2:04:19:69:48:f9:9f:2b:a5:42:2c:1f:4f:6b:e6:
bc:6b:28:a2:9d:61:f8:84:bc:8e:8a:37:ea:90:8d:25:d9:9d:
62:a6:9a:13:e2:51:29:6a:35:ea:dc:a8:bd:ad:b4:54:fa:67:
59:26:8b:fb:c0:b4:60:75:48:3f:33:2b:3e:50:45:a5:bd:fa:
3b:7e:1b:b1:94:67:1d:d2:6a:ba:58:94:04:6d:45:d4:80:05:
dd:cd:86:41:b9:ec:ab:60:68:6f:c1:49:db:32:68:5b:c8:87:
31:6d:e3:78:52:f5:55:0f:e4:e9:e4:1c:3b:8d:ed:96:4f:af:
45:e9:60:d3:66:ce:f8:72:80:5d:05:0c:2f:b9:23:84:a0:82:
8c:0d:81:aa:1b:5d:ea:82:22:8c:e8:87:9d:6c:0a:90:0b:54:
e3:e5:10:53:76:e2:8f:ff:3d:2a:59:da:5c:fa:e0:89:28:88:
63:9b:47:ce:6b:02:cd:d1:8f:0e:fb:c4:b3:04:0d:31:5e:6c:
3a:4d:72:ee:b9:43:79:b7:84:81:80:f3:64:1c:67:a2:6d:1a:
dd:0d:0b:6c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFJEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ2NjQ3QTQxQjA2QjY4
MEY2MjBEODY0NDJBQzhEQzk1MDJFMTI3MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMiKkGU1grjsaP0sm43y2MQyI++8B2zXEZ6FGmn3YVDb1+N0cW
Nggp9oD92iIrRV2PJnOh4iZcqlqFNOGR9ftrjVI3P2YIYBbHH6AkROUXu/w8IS3B
b0UbEt/rzmBZgn+iEAgZWtmY3niEYH4NcUtVp5wLaxM5OXkRvJJO/0rhteecVlqQ
9bQVa07uaoIMl5Meihx2kIckBWjzLcYYiMwO/oAjow4kC+fj/X4V5lfqSG8CEgTL
IphMYaU3UBryxFyA+S9bplMbXlKoHdVi8p3eGgwxdVsEyggF8/J3jBuXvxZHToin
lb4viqAKYd/HYnMeN36kfr7Say/iGv9UKNBzAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU1mR6QbBraA9iDYZEKsjclQLhJyAwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzFtUjZRYkJyYUE5aURZ
WkVLc2pjbFFMaEp5QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3QgwDQYJKoZIhvcNAQELBQADggEBAFu/fizTxCOZb6HvkINe97/kzSYhkbWP
EI8tmxoFUhdXUQvwfJ6tqdIEGWlI+Z8rpUIsH09r5rxrKKKdYfiEvI6KN+qQjSXZ
nWKmmhPiUSlqNercqL2ttFT6Z1kmi/vAtGB1SD8zKz5QRaW9+jt+G7GUZx3SarpY
lARtRdSABd3NhkG57KtgaG/BSdsyaFvIhzFt43hS9VUP5OnkHDuN7ZZPr0XpYNNm
zvhygF0FDC+5I4SggowNgaobXeqCIozoh51sCpALVOPlEFN24o//PSpZ2lz64Iko
iGObR85rAs3Rjw77xLMEDTFebDpNcu65Q3m3hIGA82QcZ6JtGt0NC2w=
-----END CERTIFICATE-----
Generated at Mon Apr 14 22:32:09 2025 by rpki-client