Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/AIRtg5YZN5uBsnfBwMFITehW8GM.roa
File: AIRtg5YZN5uBsnfBwMFITehW8GM.roa (raw, json)
Hash identifier: LOZaOx2YLAMWfHDty+M3SVJctX6U47kg9iWLyhrkTzs=
Subject key identifier: 00:84:6D:83:96:19:37:9B:81:B2:77:C1:C0:C1:48:4D:E8:56:F0:63
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1488
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/AIRtg5YZN5uBsnfBwMFITehW8GM.roa
Signing time: Wed 11 Sep 2024 02:23:26 +0000
ROA not before: Wed 11 Sep 2024 02:23:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 59083
IP address blocks: 103.10.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5256 (0x1488)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=00846D839619379B81B277C1C0C1484DE856F063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:cf:82:9a:ba:a8:f6:8d:c8:d2:40:ee:86:3c:
eb:5c:8c:9e:19:5a:41:e7:6d:6a:a9:fe:79:cc:ec:
17:63:c2:f5:42:95:e9:04:ee:eb:bf:15:ea:9f:7c:
79:54:ff:ad:45:9d:52:93:c7:06:db:cd:90:ce:72:
8d:4d:18:d8:e3:f1:73:bb:8b:6c:db:bb:a8:bd:5d:
8e:33:81:10:54:b6:2c:9b:32:d1:c7:5d:93:8e:f6:
ce:9b:9b:7c:ac:ff:e3:41:78:c9:ae:23:a7:4b:42:
fd:48:02:18:1d:65:6e:a8:5e:d1:1e:9c:21:7b:d3:
ed:57:61:cc:7c:eb:09:4c:c3:05:a6:78:44:3b:20:
72:ea:f8:e8:1e:23:bc:86:92:0a:c9:1f:07:4f:b1:
a2:3b:53:0a:31:05:74:ed:96:b8:01:2f:31:dd:30:
ee:0f:53:04:d2:aa:f6:31:e5:e3:87:c8:90:e8:1a:
ee:a1:c7:98:1e:8b:6f:1d:80:d4:d8:2d:df:fe:7d:
e1:a2:21:93:6f:2f:c7:14:dd:19:44:fd:fc:d3:5e:
c2:3b:20:11:b1:e3:51:1e:72:9f:ea:48:8e:e7:b9:
d9:74:40:df:3d:a6:07:f8:ef:a4:9f:f8:b2:fc:4d:
5e:98:ce:f5:08:b6:09:68:d6:f6:e3:6e:5e:d7:2b:
cd:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:84:6D:83:96:19:37:9B:81:B2:77:C1:C0:C1:48:4D:E8:56:F0:63
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/AIRtg5YZN5uBsnfBwMFITehW8GM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.10.1.0/24
Signature Algorithm: sha256WithRSAEncryption
13:e8:7a:ad:53:94:5e:79:c3:34:97:c6:3a:f1:77:1f:e3:bc:
fe:0e:e4:f9:53:34:f5:01:7d:f6:a5:b5:21:78:ad:a2:12:73:
b2:f2:51:38:ca:18:f4:0a:1d:17:e7:34:c7:61:b9:7a:e8:a5:
2d:c0:17:c8:66:b1:87:35:18:cf:94:dd:eb:17:35:de:9e:af:
ad:b6:7e:3d:a6:1e:72:af:64:f3:ee:00:26:da:4e:1c:ca:e0:
64:20:2a:b4:c4:b2:42:8d:bc:6f:d2:d7:d4:b9:a7:ba:33:76:
4b:50:fc:5e:18:11:0b:02:e3:88:14:de:f6:99:f0:b5:45:21:
5b:95:00:fd:26:af:98:ed:42:1f:24:bf:a7:38:7d:43:d1:7e:
65:81:4c:bf:6d:1c:10:b6:60:c9:20:56:ba:49:9b:8b:23:39:
fa:65:2e:ec:56:80:e8:69:de:9f:f1:01:54:4f:33:c3:bc:e0:
92:88:bf:6d:3a:40:9d:d5:ea:c8:c3:5d:b4:8b:3b:e7:6d:8c:
0b:e5:ec:20:64:ab:ab:cb:7b:af:97:aa:31:68:b4:e9:e3:a6:
3d:f0:a0:5d:ce:f0:95:9b:65:b2:12:84:1f:f5:a1:5c:d6:f9:
1e:fb:c5:4e:42:8e:1b:a0:3e:d9:d8:7e:97:ee:0f:dc:2d:48:
9c:9d:32:1f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFIgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAwODQ2RDgzOTYxOTM3
OUI4MUIyNzdDMUMwQzE0ODRERTg1NkYwNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlz4Kauqj2jcjSQO6GPOtcjJ4ZWkHnbWqp/nnM7BdjwvVClekE
7uu/FeqffHlU/61FnVKTxwbbzZDOco1NGNjj8XO7i2zbu6i9XY4zgRBUtiybMtHH
XZOO9s6bm3ys/+NBeMmuI6dLQv1IAhgdZW6oXtEenCF70+1XYcx86wlMwwWmeEQ7
IHLq+OgeI7yGkgrJHwdPsaI7UwoxBXTtlrgBLzHdMO4PUwTSqvYx5eOHyJDoGu6h
x5gei28dgNTYLd/+feGiIZNvL8cU3RlE/fzTXsI7IBGx41Eecp/qSI7nudl0QN89
pgf476Sf+LL8TV6YzvUItglo1vbjbl7XK80DAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUAIRtg5YZN5uBsnfBwMFITehW8GMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0FJUnRnNVlaTjV1QnNu
ZkJ3TUZJVGVoVzhHTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABnCgEwDQYJKoZIhvcNAQELBQADggEBABPoeq1TlF55wzSXxjrxdx/jvP4O5PlT
NPUBffaltSF4raISc7LyUTjKGPQKHRfnNMdhuXropS3AF8hmsYc1GM+U3esXNd6e
r622fj2mHnKvZPPuACbaThzK4GQgKrTEskKNvG/S19S5p7ozdktQ/F4YEQsC44gU
3vaZ8LVFIVuVAP0mr5jtQh8kv6c4fUPRfmWBTL9tHBC2YMkgVrpJm4sjOfplLuxW
gOhp3p/xAVRPM8O84JKIv206QJ3V6sjDXbSLO+dtjAvl7CBkq6vLe6+XqjFotOnj
pj3woF3O8JWbZbIShB/1oVzW+R77xU5CjhugPtnYfpfuD9wtSJydMh8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:37:47 2025 by rpki-client