Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/26OW4faFn-xEuJ-YxpBXounFOcU.roa
File: 26OW4faFn-xEuJ-YxpBXounFOcU.roa (raw, json)
Hash identifier: akzO2WS7yZdsyN79PLQnQ2LvUPuf7IIFIxcx8xVsB9Y=
Subject key identifier: DB:A3:96:E1:F6:85:9F:EC:44:B8:9F:98:C6:90:57:A2:E9:C5:39:C5
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 148A
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/26OW4faFn-xEuJ-YxpBXounFOcU.roa
Signing time: Wed 11 Sep 2024 02:23:27 +0000
ROA not before: Wed 11 Sep 2024 02:23:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 138527
IP address blocks: 103.221.0.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5258 (0x148a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DBA396E1F6859FEC44B89F98C69057A2E9C539C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:70:fa:31:23:f6:4f:c6:90:67:ff:f4:b8:b4:
2d:4b:ea:66:75:2b:81:e8:ab:7a:ba:8a:18:b5:bb:
c6:f7:ac:26:7e:09:56:7a:8b:cf:f2:cb:59:71:f5:
04:6f:5a:ac:64:08:b6:5d:4c:98:e9:49:75:df:99:
1c:34:3c:dc:8a:7b:6a:8b:15:a6:2f:7b:1b:91:0d:
31:6f:00:54:a4:e2:f5:7c:4e:af:c7:9f:4b:74:68:
68:4d:7c:f8:d7:1d:85:23:0f:74:c1:d2:ac:e9:62:
2c:31:b1:ce:53:51:fe:54:69:80:f8:04:08:ea:d5:
03:a7:7d:9c:ef:19:2d:1b:f0:a6:2e:e9:d9:4d:6c:
55:5f:03:46:fd:3f:12:f6:31:6a:66:2c:4f:3d:5d:
f5:1e:92:98:a4:04:76:8f:2b:28:3f:65:3d:a1:f9:
2b:27:45:63:d8:5b:b2:8f:27:15:89:de:34:b6:b2:
48:31:c0:ad:3d:13:3e:f4:47:db:10:3b:98:99:84:
d6:ab:bd:65:45:60:71:1a:bd:34:35:ad:46:22:fe:
0f:d4:ce:9c:1a:27:09:be:2c:06:b9:e0:1c:43:f6:
9f:28:28:15:5b:a8:18:9b:b9:40:63:76:5b:e5:42:
cc:21:76:b6:18:43:e3:06:cb:43:0b:ed:59:c6:9e:
86:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:A3:96:E1:F6:85:9F:EC:44:B8:9F:98:C6:90:57:A2:E9:C5:39:C5
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/26OW4faFn-xEuJ-YxpBXounFOcU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.0.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:c7:fd:87:1c:15:0f:6f:d1:66:37:c2:05:b6:2e:8a:75:f5:
de:5f:67:01:e2:1e:c9:64:62:19:4a:3f:44:ef:61:83:a5:f9:
e6:d9:d0:5d:bb:82:ab:c1:36:aa:83:30:e4:47:72:ce:b7:8c:
41:61:e1:4d:47:0b:0d:0c:5e:0d:e9:b9:b3:39:fb:be:1f:e5:
d9:b6:16:dd:d0:25:46:80:25:dd:09:fe:1e:f1:54:f7:3c:d2:
f0:15:9c:66:cd:29:71:9f:68:9b:18:d4:4a:43:45:01:17:bf:
73:f6:f2:22:11:73:55:3c:62:0c:da:2b:e5:6d:a2:b3:48:ea:
62:9d:42:f3:8b:44:39:1b:9e:96:4e:db:53:9a:60:e3:1d:73:
67:89:14:54:f9:fb:69:07:46:4e:41:f7:c4:64:70:ee:b8:c4:
77:31:1e:07:fe:d4:ba:47:2f:7a:79:99:05:90:47:6f:80:5f:
85:3a:0f:9b:ec:ec:4c:70:b1:6d:c1:c5:50:5d:80:de:f1:75:
cf:56:4d:95:59:09:26:31:81:00:38:34:8f:6f:2b:8d:37:12:
20:6b:94:d2:e3:3a:dd:db:88:a0:44:8f:fd:9a:3b:21:8a:45:
30:3d:42:f4:d5:80:84:05:2b:dc:fe:ab:53:43:eb:4c:01:6d:
b5:2a:a5:a6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFIowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERCQTM5NkUxRjY4NTlG
RUM0NEI4OUY5OEM2OTA1N0EyRTlDNTM5QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJcPoxI/ZPxpBn//S4tC1L6mZ1K4Hoq3q6ihi1u8b3rCZ+CVZ6
i8/yy1lx9QRvWqxkCLZdTJjpSXXfmRw0PNyKe2qLFaYvexuRDTFvAFSk4vV8Tq/H
n0t0aGhNfPjXHYUjD3TB0qzpYiwxsc5TUf5UaYD4BAjq1QOnfZzvGS0b8KYu6dlN
bFVfA0b9PxL2MWpmLE89XfUekpikBHaPKyg/ZT2h+SsnRWPYW7KPJxWJ3jS2skgx
wK09Ez70R9sQO5iZhNarvWVFYHEavTQ1rUYi/g/UzpwaJwm+LAa54BxD9p8oKBVb
qBibuUBjdlvlQswhdrYYQ+MGy0ML7VnGnoaNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU26OW4faFn+xEuJ+YxpBXounFOcUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzI2T1c0ZmFGbi14RXVK
LVl4cEJYb3VuRk9jVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3QAwDQYJKoZIhvcNAQELBQADggEBALvH/YccFQ9v0WY3wgW2Lop19d5fZwHi
HslkYhlKP0TvYYOl+ebZ0F27gqvBNqqDMORHcs63jEFh4U1HCw0MXg3pubM5+74f
5dm2Ft3QJUaAJd0J/h7xVPc80vAVnGbNKXGfaJsY1EpDRQEXv3P28iIRc1U8Ygza
K+VtorNI6mKdQvOLRDkbnpZO21OaYOMdc2eJFFT5+2kHRk5B98RkcO64xHcxHgf+
1LpHL3p5mQWQR2+AX4U6D5vs7ExwsW3BxVBdgN7xdc9WTZVZCSYxgQA4NI9vK403
EiBrlNLjOt3biKBEj/2aOyGKRTA9QvTVgIQFK9z+q1ND60wBbbUqpaY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:37:34 2025 by rpki-client