Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/3BoKx4oewd7_OhFlY4q8woikqkU.roa
File: 3BoKx4oewd7_OhFlY4q8woikqkU.roa (raw, json)
Hash identifier: oLSFtO4n7v/qInqaam7cEehxeJbxXw4T/v11sCnP09c=
Subject key identifier: DC:1A:0A:C7:8A:1E:C1:DE:FF:3A:11:65:63:8A:BC:C2:88:A4:AA:45
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 14E5
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/3BoKx4oewd7_OhFlY4q8woikqkU.roa
Signing time: Wed 11 Sep 2024 02:23:58 +0000
ROA not before: Wed 11 Sep 2024 02:23:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139259
IP address blocks: 103.221.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5349 (0x14e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DC1A0AC78A1EC1DEFF3A1165638ABCC288A4AA45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c2:1f:07:47:68:f5:51:bb:67:db:a4:7b:d4:
6d:a3:a2:7d:27:12:10:cc:72:90:21:37:9d:ff:24:
7b:16:70:0f:25:7b:e0:19:9b:3a:00:e6:67:6f:1b:
e5:df:10:1c:f5:7f:d1:a8:f3:c6:6d:b9:c2:ac:0f:
15:85:d9:d9:68:7a:d9:8f:0c:d0:01:bd:50:85:5d:
ec:34:cb:e8:00:d8:9d:e3:0b:4f:14:e9:1d:ab:8e:
73:10:07:79:56:28:17:19:01:bf:e5:11:86:56:81:
ec:bf:57:d7:8d:e6:fa:07:c0:af:70:06:fc:14:b0:
0b:b9:6f:18:8b:ae:3e:51:74:ed:bd:b8:a4:10:4f:
e3:3f:09:d3:0b:5b:23:7f:82:b3:ea:25:da:cd:4c:
99:db:a6:c5:0b:1d:c6:48:8b:f1:a7:15:c3:77:9b:
2d:90:ce:97:03:03:83:a3:2e:db:32:07:45:81:cc:
fb:ed:e2:03:ac:71:12:6f:e3:fb:20:50:45:17:90:
3a:c8:aa:d1:3c:e0:9c:f1:8d:77:0a:40:cc:58:23:
7f:05:1a:73:9c:1d:4a:1c:44:b0:07:4a:eb:8a:8f:
83:1d:c0:b8:b2:a0:16:e8:85:3a:90:91:aa:55:f2:
95:dc:0f:58:93:78:f0:2f:1d:6b:44:7c:77:64:11:
5f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:1A:0A:C7:8A:1E:C1:DE:FF:3A:11:65:63:8A:BC:C2:88:A4:AA:45
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/3BoKx4oewd7_OhFlY4q8woikqkU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.32.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:4e:0c:e3:e2:2e:e5:d6:5e:1e:7d:26:da:b1:90:07:c6:e9:
de:b6:47:b1:42:93:39:af:d1:34:0b:9c:4c:c5:17:df:d6:b2:
a1:96:a2:f6:cd:7e:51:51:17:3c:cf:b5:7e:14:ab:12:7a:54:
82:0a:13:77:de:21:e5:f3:2c:c2:86:3a:de:ce:3f:d2:dc:1b:
c5:fe:6c:eb:34:88:ed:94:76:89:c4:25:59:7b:96:6d:9e:be:
8c:b5:96:45:2e:b3:87:64:68:db:7c:7a:8f:a6:65:26:8f:f2:
01:d7:4c:84:0b:c8:b6:9a:e3:44:18:84:e7:1c:68:5c:d2:fd:
ff:cd:f7:8e:2e:9e:b6:e8:87:06:c2:ed:56:62:12:d2:f6:31:
ff:bf:a9:c1:7f:a7:b8:6f:70:31:02:99:44:35:4f:79:cc:ff:
d6:77:2e:e4:e6:56:08:83:35:df:6b:d8:52:f6:61:1a:25:87:
6c:40:11:4d:2d:ec:ae:24:a2:9d:7a:31:34:6b:5b:4c:c8:4e:
79:08:ab:8a:8a:16:89:7c:ec:d9:22:2b:2c:6d:c1:a6:30:11:
87:62:e5:15:55:4a:d0:14:6c:59:1d:79:6a:20:43:b9:95:0b:
9b:bf:d3:c8:1f:aa:64:bb:66:c3:cf:6c:b0:ec:e4:fe:48:4a:
73:b0:e4:bf
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFOUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERDMUEwQUM3OEExRUMx
REVGRjNBMTE2NTYzOEFCQ0MyODhBNEFBNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTwh8HR2j1Ubtn26R71G2jon0nEhDMcpAhN53/JHsWcA8le+AZ
mzoA5mdvG+XfEBz1f9Go88ZtucKsDxWF2dloetmPDNABvVCFXew0y+gA2J3jC08U
6R2rjnMQB3lWKBcZAb/lEYZWgey/V9eN5voHwK9wBvwUsAu5bxiLrj5RdO29uKQQ
T+M/CdMLWyN/grPqJdrNTJnbpsULHcZIi/GnFcN3my2QzpcDA4OjLtsyB0WBzPvt
4gOscRJv4/sgUEUXkDrIqtE84JzxjXcKQMxYI38FGnOcHUocRLAHSuuKj4MdwLiy
oBbohTqQkapV8pXcD1iTePAvHWtEfHdkEV9VAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU3BoKx4oewd7/OhFlY4q8woikqkUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzNCb0t4NG9ld2Q3X09o
RmxZNHE4d29pa3FrVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3SAwDQYJKoZIhvcNAQELBQADggEBAMlODOPiLuXWXh59JtqxkAfG6d62R7FC
kzmv0TQLnEzFF9/WsqGWovbNflFRFzzPtX4UqxJ6VIIKE3feIeXzLMKGOt7OP9Lc
G8X+bOs0iO2UdonEJVl7lm2evoy1lkUus4dkaNt8eo+mZSaP8gHXTIQLyLaa40QY
hOccaFzS/f/N944unrbohwbC7VZiEtL2Mf+/qcF/p7hvcDECmUQ1T3nM/9Z3LuTm
VgiDNd9r2FL2YRolh2xAEU0t7K4kop16MTRrW0zITnkIq4qKFol87NkiKyxtwaYw
EYdi5RVVStAUbFkdeWogQ7mVC5u/08gfqmS7ZsPPbLDs5P5ISnOw5L8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:48:54 2025 by rpki-client