Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/DWyTNC9yHqeqVygRqKWk59otemo.roa
File: DWyTNC9yHqeqVygRqKWk59otemo.roa (raw, json)
Hash identifier: telRg5BDUn5NRnpVupS4WXxXwv0706ITCaoB8i39djk=
Subject key identifier: 0D:6C:93:34:2F:72:1E:A7:AA:57:28:11:A8:A5:A4:E7:DA:2D:7A:6A
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 14A0
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/DWyTNC9yHqeqVygRqKWk59otemo.roa
Signing time: Wed 11 Sep 2024 02:23:34 +0000
ROA not before: Wed 11 Sep 2024 02:23:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24373
IP address blocks: 103.221.28.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5280 (0x14a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0D6C93342F721EA7AA572811A8A5A4E7DA2D7A6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:fe:88:4e:74:9f:ea:b4:e3:e5:25:22:12:4f:
87:58:84:8e:36:1e:d6:0a:88:52:e0:8f:96:eb:a7:
fc:07:e5:e3:7c:db:d4:53:2d:c8:4b:33:9b:b6:90:
cf:7e:cd:a3:82:ce:49:09:43:a5:b1:76:26:28:b8:
0e:4a:59:a7:da:da:8c:6f:45:50:41:16:4c:7c:4d:
10:7c:23:17:7e:a1:09:d7:23:ae:f0:32:fb:46:d7:
ba:9a:a8:16:19:82:bd:1b:1c:af:46:d6:6e:c7:26:
e1:19:23:ed:ee:d6:c0:76:84:a1:37:6c:91:41:da:
0a:f5:7f:b3:f9:9e:b1:75:1f:42:d1:15:20:81:10:
36:12:90:24:0c:b3:e1:8e:5d:8d:ba:7c:20:39:9d:
70:df:62:85:a4:44:ba:dd:bd:4e:d1:d3:19:80:05:
59:b9:5b:58:42:f4:f8:09:30:b1:07:41:ae:11:50:
8c:31:ef:5c:92:68:18:31:a2:b3:29:6c:8e:59:fc:
91:cd:6e:06:1e:06:30:92:4b:07:c5:7d:80:3f:c5:
f6:01:90:31:b6:36:c4:f5:9a:d6:1b:fc:14:97:3a:
67:d4:f3:89:89:30:86:8f:78:c3:fe:72:ec:50:61:
d9:79:6c:ac:92:d6:d8:da:e6:f6:4d:dc:6c:40:a4:
d6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:6C:93:34:2F:72:1E:A7:AA:57:28:11:A8:A5:A4:E7:DA:2D:7A:6A
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/DWyTNC9yHqeqVygRqKWk59otemo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.28.0/22
Signature Algorithm: sha256WithRSAEncryption
76:a6:49:65:0e:49:59:81:26:38:ed:17:8b:eb:81:44:f7:a2:
06:e8:72:14:d7:16:e3:89:d6:41:f7:d5:15:cf:de:15:32:97:
db:1f:52:ea:4e:40:94:14:8b:58:46:64:fc:8f:56:24:ae:9c:
4b:08:da:8b:33:b4:88:2b:09:99:ff:16:b4:58:9f:c9:a4:06:
11:a6:6e:3e:76:aa:2c:c6:5c:db:e1:93:79:6d:c5:95:a4:96:
c7:4e:8d:75:52:45:87:44:f6:83:86:2e:ef:da:c4:c9:8b:90:
dc:97:93:60:31:73:48:b0:d7:98:e0:49:ba:7c:d2:48:57:6a:
25:f1:f8:6b:51:63:49:3f:e0:f8:6d:16:b9:2f:02:52:f7:f7:
44:45:49:40:fb:dc:2b:0f:e0:1b:bf:13:d8:8c:b6:f1:3c:c4:
5f:3c:62:ae:cd:6f:4d:e8:38:e9:e4:81:8a:9a:4e:1c:34:bf:
67:a0:4a:cd:87:66:87:93:d0:3f:28:4b:70:5f:8f:4c:74:c2:
e3:b4:4e:99:a3:35:d0:0d:cd:9b:d5:f7:db:5e:ea:e5:6a:1d:
c1:e9:2a:a0:71:61:73:16:d9:18:7b:a3:e7:cb:d3:7c:03:28:
a3:f6:93:2a:c9:ea:2a:df:8e:57:c2:15:f4:23:1b:94:68:89:
9f:f9:2b:a1
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFKAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBENkM5MzM0MkY3MjFF
QTdBQTU3MjgxMUE4QTVBNEU3REEyRDdBNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDr/ohOdJ/qtOPlJSIST4dYhI42HtYKiFLgj5brp/wH5eN829RT
LchLM5u2kM9+zaOCzkkJQ6WxdiYouA5KWafa2oxvRVBBFkx8TRB8Ixd+oQnXI67w
MvtG17qaqBYZgr0bHK9G1m7HJuEZI+3u1sB2hKE3bJFB2gr1f7P5nrF1H0LRFSCB
EDYSkCQMs+GOXY26fCA5nXDfYoWkRLrdvU7R0xmABVm5W1hC9PgJMLEHQa4RUIwx
71ySaBgxorMpbI5Z/JHNbgYeBjCSSwfFfYA/xfYBkDG2NsT1mtYb/BSXOmfU84mJ
MIaPeMP+cuxQYdl5bKyS1tja5vZN3GxApNbtAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUDWyTNC9yHqeqVygRqKWk59otemowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0RXeVROQzl5SHFlcVZ5
Z1JxS1drNTlvdGVtby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3RwwDQYJKoZIhvcNAQELBQADggEBAHamSWUOSVmBJjjtF4vrgUT3ogbochTX
FuOJ1kH31RXP3hUyl9sfUupOQJQUi1hGZPyPViSunEsI2osztIgrCZn/FrRYn8mk
BhGmbj52qizGXNvhk3ltxZWklsdOjXVSRYdE9oOGLu/axMmLkNyXk2Axc0iw15jg
Sbp80khXaiXx+GtRY0k/4PhtFrkvAlL390RFSUD73CsP4Bu/E9iMtvE8xF88Yq7N
b03oOOnkgYqaThw0v2egSs2HZoeT0D8oS3Bfj0x0wuO0TpmjNdANzZvV99te6uVq
HcHpKqBxYXMW2Rh7o+fL03wDKKP2kyrJ6irfjlfCFfQjG5RoiZ/5K6E=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:16 2025 by rpki-client