Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/B0mqYqM-xpyBMrk6raJGPP01K7k.roa
File: B0mqYqM-xpyBMrk6raJGPP01K7k.roa (raw, json)
Hash identifier: 6rGpUzI0DJMLulGNS2ibwqjSqpErTg8QYL7b0rg2GsI=
Subject key identifier: 07:49:AA:62:A3:3E:C6:9C:81:32:B9:3A:AD:A2:46:3C:FD:35:2B:B9
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 146F
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/B0mqYqM-xpyBMrk6raJGPP01K7k.roa
Signing time: Wed 11 Sep 2024 02:23:18 +0000
ROA not before: Wed 11 Sep 2024 02:23:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 59083
IP address blocks: 43.254.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5231 (0x146f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0749AA62A33EC69C8132B93AADA2463CFD352BB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:04:fa:bf:fc:cf:27:6a:23:b4:e1:34:ba:db:
1b:6b:46:76:1a:cf:25:a9:1e:5c:1c:27:cf:0b:4c:
6d:18:8f:33:77:fe:84:22:41:03:50:4e:90:7e:50:
8f:16:7d:f2:e1:33:27:d6:c7:94:c1:bc:16:6b:09:
6d:de:fe:e7:43:65:86:f2:85:80:ca:d1:0b:91:e0:
dd:f9:2c:e6:7b:3a:63:8e:d4:19:8c:59:73:5b:3c:
a4:f0:e8:b4:3c:c4:9d:d1:94:d4:d6:b3:26:23:15:
24:7f:1e:34:1b:0f:a5:61:aa:a0:7d:3d:a6:b5:30:
3e:1b:5a:11:51:76:98:b2:c0:db:96:d8:9e:17:44:
71:2c:18:c6:30:43:53:30:74:74:1f:e6:52:73:2c:
2d:e2:fb:ea:14:c0:1b:b1:ed:2d:85:d1:86:bb:fb:
76:1b:ac:f7:3f:22:3c:ef:a9:d2:cd:a1:c3:f5:7c:
1c:ac:18:ab:22:eb:72:69:c0:b4:b6:83:68:b6:22:
cc:4a:b4:53:d2:31:24:1f:97:6c:8c:5a:1b:b6:a1:
eb:f7:ce:c6:38:d2:09:70:e2:17:d3:63:fd:46:87:
7f:15:ad:fc:c6:81:46:80:0e:b4:6f:bd:1a:80:0c:
95:5b:7b:58:54:3b:ab:d9:b1:db:c7:34:f5:65:2f:
ba:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:49:AA:62:A3:3E:C6:9C:81:32:B9:3A:AD:A2:46:3C:FD:35:2B:B9
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/B0mqYqM-xpyBMrk6raJGPP01K7k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.154.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:0f:63:45:ad:24:b8:3f:63:e0:12:a9:56:3a:60:99:e7:75:
2c:ab:01:15:48:7c:b1:15:86:12:da:cc:9a:20:5b:2a:a9:18:
c7:d4:f1:c3:d0:07:76:83:db:a1:4f:f9:1c:9c:bc:e3:39:2e:
62:bd:a8:01:4d:02:15:ad:a9:9a:3d:67:43:f1:7c:36:a0:c0:
c3:59:42:b3:c5:e1:0d:83:66:fc:49:7d:b0:24:46:65:c0:0f:
a2:9c:df:d8:64:1d:c0:79:80:72:9a:f8:c2:db:5d:f2:46:95:
88:1a:c0:60:14:a0:de:79:fd:a5:e3:d4:38:20:d9:ad:65:a9:
b4:d7:2b:c6:ec:cd:0a:de:a5:4f:b2:96:90:29:f5:4b:44:bb:
f7:52:17:01:1f:17:99:70:fc:f4:98:41:1c:7f:b6:76:71:9e:
92:32:3e:6c:c2:0e:b9:c1:4d:68:99:af:8d:23:c4:48:31:33:
bf:cb:5e:9c:91:67:d0:74:3a:6e:74:b3:a8:44:94:be:40:8f:
30:1b:ea:7a:7e:fd:d2:84:70:c2:63:15:75:aa:56:f3:9d:d3:
af:3d:d9:d4:15:50:59:db:15:11:ba:77:a5:c5:d1:d5:13:22:
f2:42:d3:71:cc:f9:ae:9c:7a:68:aa:53:92:89:64:45:7e:a3:
3b:c8:60:92
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFG8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA3NDlBQTYyQTMzRUM2
OUM4MTMyQjkzQUFEQTI0NjNDRkQzNTJCQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIBPq//M8naiO04TS62xtrRnYazyWpHlwcJ88LTG0YjzN3/oQi
QQNQTpB+UI8WffLhMyfWx5TBvBZrCW3e/udDZYbyhYDK0QuR4N35LOZ7OmOO1BmM
WXNbPKTw6LQ8xJ3RlNTWsyYjFSR/HjQbD6VhqqB9Paa1MD4bWhFRdpiywNuW2J4X
RHEsGMYwQ1MwdHQf5lJzLC3i++oUwBux7S2F0Ya7+3YbrPc/IjzvqdLNocP1fBys
GKsi63JpwLS2g2i2IsxKtFPSMSQfl2yMWhu2oev3zsY40glw4hfTY/1Gh38VrfzG
gUaADrRvvRqADJVbe1hUO6vZsdvHNPVlL7rhAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUB0mqYqM+xpyBMrk6raJGPP01K7kwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0IwbXFZcU0teHB5Qk1y
azZyYUpHUFAwMUs3ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAr/powDQYJKoZIhvcNAQELBQADggEBALQPY0WtJLg/Y+ASqVY6YJnndSyrARVI
fLEVhhLazJogWyqpGMfU8cPQB3aD26FP+RycvOM5LmK9qAFNAhWtqZo9Z0PxfDag
wMNZQrPF4Q2DZvxJfbAkRmXAD6Kc39hkHcB5gHKa+MLbXfJGlYgawGAUoN55/aXj
1Dgg2a1lqbTXK8bszQrepU+ylpAp9UtEu/dSFwEfF5lw/PSYQRx/tnZxnpIyPmzC
DrnBTWiZr40jxEgxM7/LXpyRZ9B0Om50s6hElL5AjzAb6np+/dKEcMJjFXWqVvOd
06892dQVUFnbFRG6d6XF0dUTIvJC03HM+a6cemiqU5KJZEV+ozvIYJI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 10:11:12 2025 by rpki-client