Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/VKlESSzOgia0rL5xvXpjmh3C3vM.roa
File: VKlESSzOgia0rL5xvXpjmh3C3vM.roa (raw, json)
Hash identifier: dZcibaSwLbpqSjuXsOJ4nQtTDLjhWcFb53yFZihAE9s=
Subject key identifier: 54:A9:44:49:2C:CE:82:26:B4:AC:BE:71:BD:7A:63:9A:1D:C2:DE:F3
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1506
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/VKlESSzOgia0rL5xvXpjmh3C3vM.roa
Signing time: Wed 11 Sep 2024 02:27:33 +0000
ROA not before: Wed 11 Sep 2024 02:27:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 13444
IP address blocks: 103.221.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5382 (0x1506)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:27:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=54A944492CCE8226B4ACBE71BD7A639A1DC2DEF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:23:dc:62:00:ff:63:ee:ae:7a:73:78:b2:2b:
ab:d9:a1:b0:0a:6d:35:77:e2:8c:e3:7a:6a:c6:cc:
a4:db:7d:bd:b4:9e:8e:1e:b4:46:5f:b7:0d:74:34:
5c:8d:c9:b4:43:85:2f:ff:3d:92:34:b1:90:7e:39:
fe:bb:42:9a:9f:e4:ff:32:fe:02:ba:f2:66:45:76:
ab:bb:99:c2:bd:88:07:9c:bf:0f:30:53:9b:12:f5:
de:ab:ee:29:2c:0d:37:e0:1e:75:6f:b9:fd:bc:8b:
ad:ae:48:fb:b1:90:05:2a:dd:d7:53:74:34:8a:92:
ed:70:21:47:05:8b:44:dc:8e:76:96:e2:99:71:c5:
fd:f2:eb:d9:e3:28:3d:a2:db:c3:95:01:a6:ef:aa:
47:9b:c3:c5:eb:46:23:b8:3d:9b:9e:87:3a:41:eb:
8c:49:2a:ef:54:1a:68:4d:11:98:33:23:da:49:d1:
19:d8:af:c0:cd:6f:f4:42:0a:c7:da:bf:17:ef:8f:
1d:3e:6e:72:15:27:11:e9:ea:e4:f8:6b:3f:0b:30:
61:2d:e8:a5:65:cb:16:f1:0e:ba:e8:0f:ed:50:59:
b8:b5:ae:64:68:f6:fd:ad:b3:2c:b1:10:6f:bc:31:
d1:c9:6f:3a:a0:1f:fc:4a:60:bb:54:2a:ce:58:93:
ec:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:A9:44:49:2C:CE:82:26:B4:AC:BE:71:BD:7A:63:9A:1D:C2:DE:F3
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/VKlESSzOgia0rL5xvXpjmh3C3vM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.22.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:66:cd:39:d6:a5:be:ac:9b:b6:46:15:d6:c5:81:f6:1c:dd:
56:22:57:64:f1:6d:3b:62:63:d9:00:bc:af:8f:3d:56:1e:e6:
c8:47:7a:3e:c3:24:5d:4a:de:74:80:98:46:50:1b:6d:f9:04:
d7:07:b6:57:05:ee:14:f8:11:e0:4e:59:f4:8a:bf:04:03:78:
d6:39:fe:20:c2:fa:8e:02:43:07:32:cd:5c:d4:f0:1f:ed:29:
ff:b9:d8:c6:a7:ce:ba:3c:46:5e:c0:d6:90:08:16:bf:d1:46:
36:a3:39:e8:c4:eb:c9:ce:44:84:4b:6f:c1:97:f0:cc:a5:77:
5b:62:ca:08:b7:99:ac:72:eb:cd:89:de:3d:6c:7b:09:ba:b4:
01:24:21:2e:46:52:86:1a:2f:1a:ff:8c:b7:a0:aa:60:1b:f9:
cb:61:51:be:5d:be:99:de:b4:a4:82:ea:6e:28:be:4a:19:23:
b1:70:04:11:01:95:97:f2:a3:38:63:5f:f4:a6:12:3c:29:87:
bd:fe:40:1c:2e:39:06:f3:c5:1a:a2:f6:09:40:6f:c2:aa:eb:
57:81:57:e7:07:d4:1d:58:f7:9f:7d:af:40:79:3c:6e:98:64:
a9:54:e1:9c:4c:2b:cb:56:f8:a9:72:37:ff:87:ca:98:5c:fe:
e1:b6:4b:0e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFQYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjI3MzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU0QTk0NDQ5MkNDRTgy
MjZCNEFDQkU3MUJEN0E2MzlBMURDMkRFRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2I9xiAP9j7q56c3iyK6vZobAKbTV34ozjemrGzKTbfb20no4e
tEZftw10NFyNybRDhS//PZI0sZB+Of67Qpqf5P8y/gK68mZFdqu7mcK9iAecvw8w
U5sS9d6r7iksDTfgHnVvuf28i62uSPuxkAUq3ddTdDSKku1wIUcFi0TcjnaW4plx
xf3y69njKD2i28OVAabvqkebw8XrRiO4PZuehzpB64xJKu9UGmhNEZgzI9pJ0RnY
r8DNb/RCCsfavxfvjx0+bnIVJxHp6uT4az8LMGEt6KVlyxbxDrroD+1QWbi1rmRo
9v2tsyyxEG+8MdHJbzqgH/xKYLtUKs5Yk+xvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUVKlESSzOgia0rL5xvXpjmh3C3vMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1ZLbEVTU3pPZ2lhMHJM
NXh2WHBqbWgzQzN2TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3RYwDQYJKoZIhvcNAQELBQADggEBAL1mzTnWpb6sm7ZGFdbFgfYc3VYiV2Tx
bTtiY9kAvK+PPVYe5shHej7DJF1K3nSAmEZQG235BNcHtlcF7hT4EeBOWfSKvwQD
eNY5/iDC+o4CQwcyzVzU8B/tKf+52Manzro8Rl7A1pAIFr/RRjajOejE68nORIRL
b8GX8Myld1tiygi3maxy682J3j1sewm6tAEkIS5GUoYaLxr/jLegqmAb+cthUb5d
vpnetKSC6m4ovkoZI7FwBBEBlZfyozhjX/SmEjwph73+QBwuOQbzxRqi9glAb8Kq
61eBV+cH1B1Y9599r0B5PG6YZKlU4ZxMK8tW+KlyN/+Hyphc/uG2Sw4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:08 2025 by rpki-client