Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/U1J15XOTQb5t32-NfaH3ZXbJCuQ.roa
File: U1J15XOTQb5t32-NfaH3ZXbJCuQ.roa (raw, json)
Hash identifier: WAa6NscIx8dkkNdHMGk3LrSQiSKdiEg0QZHs1SO5qdw=
Subject key identifier: 53:52:75:E5:73:93:41:BE:6D:DF:6F:8D:7D:A1:F7:65:76:C9:0A:E4
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1552
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/U1J15XOTQb5t32-NfaH3ZXbJCuQ.roa
Signing time: Wed 11 Sep 2024 03:59:23 +0000
ROA not before: Wed 11 Sep 2024 03:59:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139259
IP address blocks: 103.221.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5458 (0x1552)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 03:59:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=535275E5739341BE6DDF6F8D7DA1F76576C90AE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c0:94:9a:a5:79:44:d8:5a:40:9f:3c:43:c0:
42:b3:ec:47:a3:84:ae:5d:37:f6:85:61:9a:d5:fe:
ac:e3:a7:d4:ec:73:92:5d:7e:22:5b:15:28:90:64:
df:11:9d:39:46:69:2c:84:b8:87:0c:49:22:c6:87:
51:14:17:81:c7:0e:d3:60:49:35:ce:2f:f3:73:fb:
db:07:8f:1a:ab:27:34:2a:a5:0e:99:24:58:b5:5a:
c3:65:0f:a6:02:d4:d1:dc:66:67:29:96:d9:95:59:
e9:36:52:24:a1:7b:44:18:91:da:bb:fa:da:0c:3e:
42:78:b7:62:87:be:90:c1:51:2f:ae:26:90:93:5b:
4e:7b:70:77:f0:73:af:a8:13:13:b2:90:43:c4:4a:
13:53:b9:31:df:6e:06:85:62:2d:79:92:c8:db:1a:
28:9e:83:74:ad:fd:20:e7:c3:92:49:60:8d:19:aa:
a7:a1:d3:72:ec:a8:1e:ff:85:c5:8c:0b:42:80:de:
0b:fb:42:73:e4:29:1f:3f:e0:1f:2a:72:02:47:31:
e6:e2:be:e3:ea:65:8e:93:b2:29:6e:a8:83:36:3c:
e1:c0:51:21:9e:7b:fe:ac:98:fa:65:f9:88:d5:e8:
bf:72:1a:7b:71:78:f9:07:f2:53:65:3d:3e:ce:5c:
ec:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:52:75:E5:73:93:41:BE:6D:DF:6F:8D:7D:A1:F7:65:76:C9:0A:E4
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/U1J15XOTQb5t32-NfaH3ZXbJCuQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.22.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:00:9f:54:5b:6f:77:5a:f0:f8:aa:ea:c3:69:81:1c:8e:1f:
e3:67:44:c0:c3:76:44:55:2a:35:25:3e:88:82:1f:4e:55:c5:
e7:32:f4:df:1a:61:e2:dc:e8:4a:62:8e:25:94:8d:1a:d7:f8:
79:f8:34:56:14:c7:5e:33:02:76:5a:c9:22:dd:67:5b:b8:28:
40:d2:42:be:b9:d0:53:80:23:ec:fd:7c:f0:31:c9:21:42:e4:
e4:8b:cf:d3:1f:bd:bb:e6:f1:c4:df:8c:d1:19:ec:a1:f0:e0:
24:b3:44:80:9b:2a:23:1e:04:c3:1b:43:df:02:40:4a:5e:7c:
ad:b6:7f:fe:b8:38:5e:8a:b2:1c:85:35:86:67:dd:32:27:ce:
10:7d:b4:a6:f2:09:ca:85:a3:9c:26:10:4a:90:3c:d1:7b:dd:
0e:4d:99:ab:b5:33:60:2c:b9:03:47:f4:df:47:20:d0:d7:60:
33:7d:1d:a6:75:22:4f:8a:5e:c8:7c:26:22:1f:9a:de:3c:7c:
b1:ad:06:b3:9a:a1:a8:ab:75:b8:66:bb:5c:ab:b3:e9:a5:01:
7f:bb:6a:20:6f:62:ee:ae:40:42:4a:e7:94:6c:ca:21:40:51:
b7:91:75:d3:4e:94:37:83:74:d0:9a:f1:48:90:65:26:54:3a:
7f:e3:5f:ae
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFVIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MzU5MjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUzNTI3NUU1NzM5MzQx
QkU2RERGNkY4RDdEQTFGNzY1NzZDOTBBRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLwJSapXlE2FpAnzxDwEKz7EejhK5dN/aFYZrV/qzjp9Tsc5Jd
fiJbFSiQZN8RnTlGaSyEuIcMSSLGh1EUF4HHDtNgSTXOL/Nz+9sHjxqrJzQqpQ6Z
JFi1WsNlD6YC1NHcZmcpltmVWek2UiShe0QYkdq7+toMPkJ4t2KHvpDBUS+uJpCT
W057cHfwc6+oExOykEPEShNTuTHfbgaFYi15ksjbGiieg3St/SDnw5JJYI0Zqqeh
03LsqB7/hcWMC0KA3gv7QnPkKR8/4B8qcgJHMebivuPqZY6TsiluqIM2POHAUSGe
e/6smPpl+YjV6L9yGntxePkH8lNlPT7OXOy3AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUU1J15XOTQb5t32+NfaH3ZXbJCuQwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1UxSjE1WE9UUWI1dDMy
LU5mYUgzWlhiSkN1US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3RYwDQYJKoZIhvcNAQELBQADggEBAF4An1Rbb3da8Piq6sNpgRyOH+NnRMDD
dkRVKjUlPoiCH05Vxecy9N8aYeLc6EpijiWUjRrX+Hn4NFYUx14zAnZaySLdZ1u4
KEDSQr650FOAI+z9fPAxySFC5OSLz9Mfvbvm8cTfjNEZ7KHw4CSzRICbKiMeBMMb
Q98CQEpefK22f/64OF6KshyFNYZn3TInzhB9tKbyCcqFo5wmEEqQPNF73Q5Nmau1
M2AsuQNH9N9HINDXYDN9HaZ1Ik+KXsh8JiIfmt48fLGtBrOaoairdbhmu1yrs+ml
AX+7aiBvYu6uQEJK55RsyiFAUbeRddNOlDeDdNCa8UiQZSZUOn/jX64=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:35:14 2025 by rpki-client