Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/TGBPUntLpuid-plzLOqq4_0TMA8.roa
File: TGBPUntLpuid-plzLOqq4_0TMA8.roa (raw, json)
Hash identifier: gAUGsLeuw24OHIhryHrsURCXJUEwpCSt29TnZXirUys=
Subject key identifier: 4C:60:4F:52:7B:4B:A6:E8:9D:FA:99:73:2C:EA:AA:E3:FD:13:30:0F
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1562
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/TGBPUntLpuid-plzLOqq4_0TMA8.roa
Signing time: Wed 11 Sep 2024 04:01:47 +0000
ROA not before: Wed 11 Sep 2024 04:01:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139259
IP address blocks: 103.221.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5474 (0x1562)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 04:01:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4C604F527B4BA6E89DFA99732CEAAAE3FD13300F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:eb:9f:c3:77:02:33:ad:ed:4a:0b:5f:16:b6:
75:fd:25:2a:9d:a5:5c:5d:a8:ce:19:1f:ae:a5:0d:
82:88:88:25:7a:9b:d1:2e:17:6e:ae:77:81:e6:4a:
d3:87:2a:54:43:ba:0c:7c:e2:74:ae:3b:2d:8a:6f:
ed:b3:43:a7:9f:7c:1d:a2:5e:aa:38:1e:0d:4b:22:
c6:be:d4:b0:58:98:7d:53:9f:f2:ea:91:cf:be:13:
c3:ed:60:fb:0f:d7:ea:01:f1:7c:d4:5f:e1:6e:3c:
e0:e4:ed:d3:b9:38:49:c4:44:ed:db:f9:55:b1:3e:
9d:fc:2c:c0:66:04:dc:2b:f5:dc:42:01:2b:bd:bb:
5e:ef:1b:c4:f8:a1:72:91:79:d1:8f:c3:60:61:65:
a4:06:ac:59:ea:34:6a:b0:c9:36:d4:1c:be:53:a7:
85:48:65:42:4e:6c:38:5a:57:64:40:5c:f2:3c:45:
5d:86:80:01:50:d4:6c:76:e2:6d:6d:74:cd:fa:38:
4a:10:57:65:c8:c3:2e:8c:ca:1b:c1:49:aa:5a:e0:
5a:7d:05:be:50:45:d3:14:2f:7e:38:65:3c:01:bc:
3e:e6:9f:e6:7e:12:cc:cf:94:77:24:fd:7d:e9:a8:
c1:58:69:c1:d4:62:e2:6f:cb:06:5c:ea:05:53:e3:
cd:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:60:4F:52:7B:4B:A6:E8:9D:FA:99:73:2C:EA:AA:E3:FD:13:30:0F
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/TGBPUntLpuid-plzLOqq4_0TMA8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.37.0/24
Signature Algorithm: sha256WithRSAEncryption
22:f1:b8:f4:a0:51:5b:3f:16:0a:9b:05:34:65:ff:0c:40:ff:
ca:27:32:1c:4b:87:2e:00:fa:e5:66:69:e0:2b:0d:14:02:80:
da:ed:98:a0:01:c2:df:9d:36:3d:6b:8c:63:27:b7:44:c1:98:
0e:a7:f2:71:c4:3a:58:ff:ca:fe:88:7b:f9:91:bd:9e:d0:cb:
b7:33:8a:6a:14:45:ca:c4:bf:9a:75:2b:06:2c:2c:52:dc:17:
04:34:33:d9:71:08:e8:17:13:3a:f6:e2:74:ad:c2:0f:ac:e7:
b8:fe:d6:72:33:2e:44:88:40:89:22:41:98:41:06:2d:3b:d5:
a4:c8:90:11:62:99:19:33:2e:3a:3c:a7:a8:21:4a:5e:36:42:
d4:75:4d:90:bf:18:84:1d:e9:25:65:52:f5:d3:de:0e:f9:8f:
f9:7c:a6:2b:c5:42:55:1c:68:7f:eb:4d:25:c7:ac:27:3f:a1:
1c:bc:8f:b3:29:f1:70:18:0a:82:c3:94:78:bb:eb:25:7b:9b:
7d:04:f9:f0:31:62:25:1c:51:f8:a4:62:73:8c:6d:f3:b9:6f:
47:e5:57:bc:c3:c9:3a:34:92:5a:85:26:e4:c9:77:00:6e:c9:
90:e7:fe:11:b5:b0:77:f9:30:0c:f5:b7:7e:de:e3:c2:bf:47:
41:cd:b9:8e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFWIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
NDAxNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRDNjA0RjUyN0I0QkE2
RTg5REZBOTk3MzJDRUFBQUUzRkQxMzMwMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK65/DdwIzre1KC18WtnX9JSqdpVxdqM4ZH66lDYKIiCV6m9Eu
F26ud4HmStOHKlRDugx84nSuOy2Kb+2zQ6effB2iXqo4Hg1LIsa+1LBYmH1Tn/Lq
kc++E8PtYPsP1+oB8XzUX+FuPODk7dO5OEnERO3b+VWxPp38LMBmBNwr9dxCASu9
u17vG8T4oXKRedGPw2BhZaQGrFnqNGqwyTbUHL5Tp4VIZUJObDhaV2RAXPI8RV2G
gAFQ1Gx24m1tdM36OEoQV2XIwy6MyhvBSapa4Fp9Bb5QRdMUL344ZTwBvD7mn+Z+
EszPlHck/X3pqMFYacHUYuJvywZc6gVT481BAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUTGBPUntLpuid+plzLOqq4/0TMA8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1RHQlBVbnRMcHVpZC1w
bHpMT3FxNF8wVE1BOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3SUwDQYJKoZIhvcNAQELBQADggEBACLxuPSgUVs/FgqbBTRl/wxA/8onMhxL
hy4A+uVmaeArDRQCgNrtmKABwt+dNj1rjGMnt0TBmA6n8nHEOlj/yv6Ie/mRvZ7Q
y7czimoURcrEv5p1KwYsLFLcFwQ0M9lxCOgXEzr24nStwg+s57j+1nIzLkSIQIki
QZhBBi071aTIkBFimRkzLjo8p6ghSl42QtR1TZC/GIQd6SVlUvXT3g75j/l8pivF
QlUcaH/rTSXHrCc/oRy8j7Mp8XAYCoLDlHi76yV7m30E+fAxYiUcUfikYnOMbfO5
b0flV7zDyTo0klqFJuTJdwBuyZDn/hG1sHf5MAz1t37e48K/R0HNuY4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:35 2025 by rpki-client