Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/3fToAs3q5_5GX4vzsnWh4xMnDrY.roa
File: 3fToAs3q5_5GX4vzsnWh4xMnDrY.roa (raw, json)
Hash identifier: iBVb7dWRchtiz3nAw4oBX4icYidRJThdG0Ex9ZtwSmE=
Subject key identifier: DD:F4:E8:02:CD:EA:E7:FE:46:5F:8B:F3:B2:75:A1:E3:13:27:0E:B6
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 14AA
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/3fToAs3q5_5GX4vzsnWh4xMnDrY.roa
Signing time: Wed 11 Sep 2024 02:23:37 +0000
ROA not before: Wed 11 Sep 2024 02:23:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 138527
IP address blocks: 45.252.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5290 (0x14aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DDF4E802CDEAE7FE465F8BF3B275A1E313270EB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:db:9d:6c:8c:eb:95:47:ff:6b:fe:5d:ed:dd:
1f:58:8f:b0:a1:ca:40:b4:23:84:00:e8:13:30:a7:
db:a2:df:67:41:af:a0:5c:38:5d:0e:ba:83:a4:f2:
02:d5:35:91:d6:a0:f5:7b:9b:75:7a:85:99:a4:11:
08:f0:e4:c7:3d:76:f5:45:71:16:85:42:78:54:db:
f3:8c:9b:39:c1:67:86:e5:7d:5e:a9:cb:21:49:ee:
c2:84:1f:72:df:12:a7:48:95:16:73:f4:e7:d7:12:
32:f7:e5:fb:5a:19:85:32:ee:4e:01:08:a2:dc:15:
be:ff:03:e1:e9:5a:8a:8c:c9:7e:68:8d:25:0c:e5:
6b:82:6b:a3:33:2a:0e:96:34:4c:ef:c2:73:d5:ce:
ac:30:7a:bd:f9:38:8b:8a:4e:6d:cd:93:f4:74:3b:
03:4f:8c:5d:b6:08:29:e6:49:ab:d3:b9:bf:50:62:
e8:80:7e:1b:c7:3a:0a:aa:d7:27:d8:96:9c:d0:d3:
e8:c8:43:31:78:6a:36:84:71:74:74:99:26:d5:c8:
b3:50:7d:f6:f2:69:4a:a3:ef:25:30:2b:33:71:2b:
c1:4b:fe:14:6d:ee:dc:e7:fa:97:78:1e:09:9b:d7:
32:68:82:b0:02:37:9b:41:70:d3:76:cc:db:92:77:
e2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F4:E8:02:CD:EA:E7:FE:46:5F:8B:F3:B2:75:A1:E3:13:27:0E:B6
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/3fToAs3q5_5GX4vzsnWh4xMnDrY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.40.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:fc:2d:c0:6c:20:d0:47:30:86:88:45:44:31:12:1d:2d:e6:
3b:da:93:7e:94:0e:71:05:f5:fe:03:1e:02:0f:16:e6:a7:51:
2b:68:cf:a1:52:21:d4:93:09:ac:82:d0:c4:2d:a8:5a:b9:eb:
1a:fb:ad:be:98:44:7c:ca:1e:ea:99:d8:23:c9:c1:a1:4a:e9:
1b:31:a7:d2:2a:9e:37:08:af:79:d6:15:b6:a5:d8:18:3c:a0:
cb:4c:53:07:8c:2b:7e:1e:f5:20:24:41:b8:e0:d3:13:d3:94:
34:6e:8a:a5:85:37:c6:d4:07:54:26:62:18:5f:26:c6:29:98:
23:56:7b:f7:5a:d5:7b:5a:48:02:ad:52:61:29:72:94:ef:87:
1e:32:3a:0f:87:11:5d:ab:68:66:76:92:cc:c0:d7:ae:d9:11:
b2:20:22:e4:71:3e:61:f7:13:29:cc:43:5b:d4:69:7c:9a:1e:
e3:d1:31:25:70:5f:44:92:84:8c:e1:26:75:fb:6e:e1:af:37:
f1:ee:a7:32:69:d6:c6:f1:a0:ba:f3:13:d8:eb:09:66:ba:ec:
e4:d7:5a:46:77:ca:06:8b:88:c3:cc:54:4a:30:6d:ab:65:f2:
b3:c8:c6:36:0d:8e:2b:48:d1:c4:1b:37:6f:31:03:1a:3b:0d:
4f:1c:0c:b8
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERERjRFODAyQ0RFQUU3
RkU0NjVGOEJGM0IyNzVBMUUzMTMyNzBFQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD2251sjOuVR/9r/l3t3R9Yj7ChykC0I4QA6BMwp9ui32dBr6Bc
OF0OuoOk8gLVNZHWoPV7m3V6hZmkEQjw5Mc9dvVFcRaFQnhU2/OMmznBZ4blfV6p
yyFJ7sKEH3LfEqdIlRZz9OfXEjL35ftaGYUy7k4BCKLcFb7/A+HpWoqMyX5ojSUM
5WuCa6MzKg6WNEzvwnPVzqwwer35OIuKTm3Nk/R0OwNPjF22CCnmSavTub9QYuiA
fhvHOgqq1yfYlpzQ0+jIQzF4ajaEcXR0mSbVyLNQffbyaUqj7yUwKzNxK8FL/hRt
7tzn+pd4Hgmb1zJogrACN5tBcNN2zNuSd+KRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU3fToAs3q5/5GX4vzsnWh4xMnDrYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzNmVG9BczNxNV81R1g0
dnpzbldoNHhNbkRyWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/CgwDQYJKoZIhvcNAQELBQADggEBAFz8LcBsINBHMIaIRUQxEh0t5jvak36U
DnEF9f4DHgIPFuanUStoz6FSIdSTCayC0MQtqFq56xr7rb6YRHzKHuqZ2CPJwaFK
6Rsxp9IqnjcIr3nWFbal2Bg8oMtMUweMK34e9SAkQbjg0xPTlDRuiqWFN8bUB1Qm
YhhfJsYpmCNWe/da1XtaSAKtUmEpcpTvhx4yOg+HEV2raGZ2kszA167ZEbIgIuRx
PmH3EynMQ1vUaXyaHuPRMSVwX0SShIzhJnX7buGvN/HupzJp1sbxoLrzE9jrCWa6
7OTXWkZ3ygaLiMPMVEowbatl8rPIxjYNjitI0cQbN28xAxo7DU8cDLg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:44 2025 by rpki-client