Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/TXtC3cZeUPlx5Djx2Y8y70EpCKE.roa
File: TXtC3cZeUPlx5Djx2Y8y70EpCKE.roa (raw, json)
Hash identifier: T+QOCq4HGPyGEJkOeXU4JZQ4dYUSZpQyVSAJH0OrxV4=
Subject key identifier: 4D:7B:42:DD:C6:5E:50:F9:71:E4:38:F1:D9:8F:32:EF:41:29:08:A1
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1468
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/TXtC3cZeUPlx5Djx2Y8y70EpCKE.roa
Signing time: Wed 11 Sep 2024 02:23:16 +0000
ROA not before: Wed 11 Sep 2024 02:23:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139259
IP address blocks: 103.221.12.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5224 (0x1468)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4D7B42DDC65E50F971E438F1D98F32EF412908A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:20:5f:76:6b:53:e7:c7:bd:06:c0:a7:1e:26:
78:b8:28:84:73:e3:8b:c7:f8:f9:18:21:e4:7a:7d:
e2:07:b9:2e:17:47:15:18:9f:39:05:74:ab:4d:32:
a8:23:22:96:24:80:0c:45:63:65:50:0a:ba:ec:0c:
83:7a:ef:43:e3:15:b3:80:60:45:89:67:9f:4d:83:
55:27:01:52:47:f8:0f:f0:57:51:1e:1e:a7:07:63:
bf:56:e1:62:9f:0b:b3:39:63:21:d9:67:21:e7:9a:
cf:b1:74:39:d3:d6:57:80:1f:85:a5:f6:6f:e7:15:
e4:5b:d8:df:24:36:53:99:88:46:53:ae:ff:ad:dd:
05:12:d4:fa:81:a6:be:55:6d:dc:24:3a:f9:f9:ba:
b0:e9:8e:ee:dd:6a:b6:1d:45:90:58:bf:dd:bc:f7:
f8:4c:c7:ce:a8:87:12:0b:5e:e9:d9:5c:7f:f8:af:
89:02:d0:12:f2:cf:0c:1b:a7:a7:be:bd:f4:37:f2:
bc:59:12:3b:c9:c8:1e:6f:ce:c6:6a:5f:18:5d:a5:
f9:e5:5c:c5:82:a3:3b:92:c0:7b:78:f6:8a:09:2f:
22:86:c1:34:2e:f3:a8:a5:c5:20:93:04:0f:8e:5e:
1a:ea:b2:32:77:ad:5e:de:f4:e9:8f:9a:d9:1f:11:
dc:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:7B:42:DD:C6:5E:50:F9:71:E4:38:F1:D9:8F:32:EF:41:29:08:A1
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/TXtC3cZeUPlx5Djx2Y8y70EpCKE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.12.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:52:ca:0d:fb:96:28:43:2f:c8:cc:95:bb:fe:87:d9:e6:3b:
0f:96:0c:d3:8c:a6:cb:58:7c:88:0f:0c:2b:09:81:fc:ea:e6:
48:0b:bb:d6:d0:da:cb:ca:42:9e:39:69:82:4b:32:46:b4:14:
15:2c:5a:98:87:a0:1c:d6:b7:cd:15:0c:3e:f0:28:0a:2a:68:
20:14:c9:fd:f0:cf:69:49:f3:e0:a2:c8:7b:fa:df:fd:27:dd:
f3:e8:23:ea:6a:7e:47:5e:da:66:db:aa:0e:9f:b5:43:93:d8:
ad:01:0b:e1:8e:b8:7e:f4:9b:a2:21:f9:06:94:94:a6:d3:10:
8d:7c:05:da:02:32:65:73:83:0d:4c:15:7a:16:9a:9d:2d:69:
fe:94:2f:29:36:2e:dd:13:ef:6b:a7:60:3b:c4:c6:ba:89:4e:
3a:87:fb:26:f2:0f:a6:46:35:93:bd:13:d1:ca:47:3e:ea:a3:
01:f7:6f:ff:ea:2a:1f:27:f4:0f:6a:e3:98:86:85:a7:fd:5b:
2a:78:9e:53:dd:12:fd:e8:ca:13:70:37:6a:e6:f2:6b:2a:5b:
3a:63:4f:19:b2:ea:86:23:41:9b:8d:4c:d5:bb:a1:b6:db:fe:
87:0c:72:14:0e:59:ca:8e:ec:b7:43:50:c3:b5:22:14:f8:0b:
af:c5:07:a6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFGgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDREN0I0MkREQzY1RTUw
Rjk3MUU0MzhGMUQ5OEYzMkVGNDEyOTA4QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpIF92a1Pnx70GwKceJni4KIRz44vH+PkYIeR6feIHuS4XRxUY
nzkFdKtNMqgjIpYkgAxFY2VQCrrsDIN670PjFbOAYEWJZ59Ng1UnAVJH+A/wV1Ee
HqcHY79W4WKfC7M5YyHZZyHnms+xdDnT1leAH4Wl9m/nFeRb2N8kNlOZiEZTrv+t
3QUS1PqBpr5VbdwkOvn5urDpju7darYdRZBYv9289/hMx86ohxILXunZXH/4r4kC
0BLyzwwbp6e+vfQ38rxZEjvJyB5vzsZqXxhdpfnlXMWCozuSwHt49ooJLyKGwTQu
86ilxSCTBA+OXhrqsjJ3rV7e9OmPmtkfEdxhAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUTXtC3cZeUPlx5Djx2Y8y70EpCKEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1RYdEMzY1plVVBseDVE
angyWTh5NzBFcENLRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3QwwDQYJKoZIhvcNAQELBQADggEBAC9Syg37lihDL8jMlbv+h9nmOw+WDNOM
pstYfIgPDCsJgfzq5kgLu9bQ2svKQp45aYJLMka0FBUsWpiHoBzWt80VDD7wKAoq
aCAUyf3wz2lJ8+CiyHv63/0n3fPoI+pqfkde2mbbqg6ftUOT2K0BC+GOuH70m6Ih
+QaUlKbTEI18BdoCMmVzgw1MFXoWmp0taf6ULyk2Lt0T72unYDvExrqJTjqH+yby
D6ZGNZO9E9HKRz7qowH3b//qKh8n9A9q45iGhaf9Wyp4nlPdEv3oyhNwN2rm8msq
WzpjTxmy6oYjQZuNTNW7obbb/ocMchQOWcqO7LdDUMO1IhT4C6/FB6Y=
-----END CERTIFICATE-----
Generated at Mon Apr 14 23:27:23 2025 by rpki-client