Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/R6UYKHKscbVpoFreX8n-2hyP3wA.roa
File: R6UYKHKscbVpoFreX8n-2hyP3wA.roa (raw, json)
Hash identifier: hwFaw3GR1e2rh2E/7bj7qfZ60Al2hPIYdoyOL+r47xo=
Subject key identifier: 47:A5:18:28:72:AC:71:B5:69:A0:5A:DE:5F:C9:FE:DA:1C:8F:DF:00
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 148E
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/R6UYKHKscbVpoFreX8n-2hyP3wA.roa
Signing time: Wed 11 Sep 2024 02:23:28 +0000
ROA not before: Wed 11 Sep 2024 02:23:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 17621
IP address blocks: 103.24.118.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5262 (0x148e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=47A5182872AC71B569A05ADE5FC9FEDA1C8FDF00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cf:0b:94:16:4e:cc:cc:52:91:8b:d0:10:89:
81:fd:af:83:67:8f:61:65:a7:f4:b0:42:1a:7b:71:
e7:22:17:f0:1c:8c:6d:54:d3:d3:93:77:10:d3:7f:
9b:97:40:a5:5f:f7:9f:e6:1b:b5:96:37:9e:81:c2:
73:97:74:8d:7d:4d:5d:52:b6:3e:a6:25:db:c9:29:
15:e1:af:04:fa:ba:80:23:07:b8:a5:46:62:6e:99:
19:81:e6:f9:f9:fb:87:9c:56:de:c1:91:78:9b:5f:
8f:68:77:cf:a4:73:c4:a2:57:26:2a:e6:3d:b5:9f:
36:ec:c0:21:f3:f5:f1:f4:72:69:67:51:c0:79:0c:
b0:19:64:32:6a:8b:8c:b0:22:48:8f:03:7e:5f:a4:
15:2d:a8:c0:28:23:ef:be:0b:2d:15:cb:5b:86:62:
68:75:05:ec:4b:24:46:97:af:3e:da:c5:dd:b3:0f:
a0:85:03:60:3f:b3:92:f1:2a:75:32:1f:59:35:39:
84:57:a3:a4:41:bb:71:7d:8a:34:37:23:70:36:31:
1d:87:5a:a7:33:a5:f4:d7:37:a1:b3:2d:33:7c:c0:
b4:84:80:00:d9:a4:02:a5:95:ca:d4:4b:41:58:2f:
44:6d:44:83:9a:34:1d:1f:ae:11:1f:67:d9:7b:31:
77:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A5:18:28:72:AC:71:B5:69:A0:5A:DE:5F:C9:FE:DA:1C:8F:DF:00
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/R6UYKHKscbVpoFreX8n-2hyP3wA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.24.118.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:34:6a:8a:5c:35:ad:f0:b0:a9:70:fb:ee:fd:db:05:b7:e7:
10:7f:0e:29:48:b3:20:c3:38:53:6d:f0:82:19:00:ce:96:82:
c6:f8:77:75:10:49:ed:c8:58:ad:80:1b:ae:72:de:ea:e7:25:
d8:7c:17:de:2d:d7:f8:13:b8:39:00:28:25:c3:a9:68:7b:c1:
a7:6f:22:4a:51:cf:a6:49:78:9a:52:8c:00:88:8d:65:18:c1:
df:d7:3b:54:6d:80:4b:c9:42:32:09:8a:a4:b7:aa:9c:b0:fd:
93:75:c0:7f:f0:cd:f6:b4:64:79:e5:83:a4:f3:ab:35:17:8d:
7d:f2:64:d8:10:e4:80:9f:af:e3:eb:60:cc:9a:5f:3c:7a:a7:
11:b1:41:31:9d:67:d8:74:e3:66:5c:3e:3b:71:3d:a3:2c:00:
ff:79:e3:62:a0:d7:3f:8f:9b:02:f9:f3:fb:53:4b:25:e1:f6:
c0:79:fe:c6:98:46:31:c5:c2:ca:6c:27:53:d8:2c:80:3f:34:
24:4b:31:de:67:66:b8:fd:30:36:ca:82:12:d1:dd:15:d5:fd:
48:4d:5b:7b:c5:24:b3:c4:f7:0f:71:80:72:7c:1c:62:ea:70:
a9:b0:10:30:93:3b:13:b5:42:10:55:1e:c6:9e:48:29:8b:f5:
36:cd:30:e3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFI4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ3QTUxODI4NzJBQzcx
QjU2OUEwNUFERTVGQzlGRURBMUM4RkRGMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2zwuUFk7MzFKRi9AQiYH9r4Nnj2Flp/SwQhp7ceciF/AcjG1U
09OTdxDTf5uXQKVf95/mG7WWN56BwnOXdI19TV1Stj6mJdvJKRXhrwT6uoAjB7il
RmJumRmB5vn5+4ecVt7BkXibX49od8+kc8SiVyYq5j21nzbswCHz9fH0cmlnUcB5
DLAZZDJqi4ywIkiPA35fpBUtqMAoI+++Cy0Vy1uGYmh1BexLJEaXrz7axd2zD6CF
A2A/s5LxKnUyH1k1OYRXo6RBu3F9ijQ3I3A2MR2HWqczpfTXN6GzLTN8wLSEgADZ
pAKllcrUS0FYL0RtRIOaNB0frhEfZ9l7MXfDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUR6UYKHKscbVpoFreX8n+2hyP3wAwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1I2VVlLSEtzY2JWcG9G
cmVYOG4tMmh5UDN3QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFnGHYwDQYJKoZIhvcNAQELBQADggEBABo0aopcNa3wsKlw++792wW35xB/DilI
syDDOFNt8IIZAM6Wgsb4d3UQSe3IWK2AG65y3urnJdh8F94t1/gTuDkAKCXDqWh7
wadvIkpRz6ZJeJpSjACIjWUYwd/XO1RtgEvJQjIJiqS3qpyw/ZN1wH/wzfa0ZHnl
g6TzqzUXjX3yZNgQ5ICfr+PrYMyaXzx6pxGxQTGdZ9h042ZcPjtxPaMsAP9542Kg
1z+PmwL58/tTSyXh9sB5/saYRjHFwspsJ1PYLIA/NCRLMd5nZrj9MDbKghLR3RXV
/UhNW3vFJLPE9w9xgHJ8HGLqcKmwEDCTOxO1QhBVHsaeSCmL9TbNMOM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:45:44 2025 by rpki-client