Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/VoaLBaKmL8TcltEBxkHWX5oh2G8.roa
File: VoaLBaKmL8TcltEBxkHWX5oh2G8.roa (raw, json)
Hash identifier: u303kXQtatziJwMkyYE8SBHAvn4+YckyHkQ821UDW6o=
Subject key identifier: 56:86:8B:05:A2:A6:2F:C4:DC:96:D1:01:C6:41:D6:5F:9A:21:D8:6F
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 150D
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/VoaLBaKmL8TcltEBxkHWX5oh2G8.roa
Signing time: Wed 11 Sep 2024 02:27:34 +0000
ROA not before: Wed 11 Sep 2024 02:27:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 13444
IP address blocks: 103.221.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5389 (0x150d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:27:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=56868B05A2A62FC4DC96D101C641D65F9A21D86F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f3:75:76:29:ed:f5:0f:f7:f1:08:f5:23:2d:
1c:7a:48:68:db:67:ac:42:5a:ef:ab:32:6f:9a:da:
cb:ef:48:2d:46:c5:8c:d6:40:fd:03:ee:f4:89:96:
17:df:49:b6:0d:c6:5a:49:04:d8:6c:75:ab:f8:64:
76:aa:d0:39:27:22:bc:a4:39:28:f6:c5:c8:27:28:
96:04:ea:c0:8b:55:27:75:99:51:26:c6:79:9f:0e:
a8:e4:d9:ef:db:49:46:04:7d:8d:a0:e6:f5:bf:a2:
fb:ea:c6:d5:bd:13:f2:9a:ff:f0:c3:f4:12:af:98:
f2:d0:7b:c4:46:45:84:bb:14:1f:dd:e3:aa:1f:dc:
97:ca:65:61:f1:53:5d:ac:97:74:e2:4e:53:d8:87:
53:4c:a2:9d:d4:c1:1d:b6:52:b4:d7:fd:00:c2:86:
a2:98:27:08:30:9f:3d:62:2e:8f:fc:dd:d1:6c:ad:
09:9d:67:23:c6:cd:38:ed:44:32:d7:57:0f:2a:92:
3b:0a:72:03:e5:d2:de:d9:60:69:52:90:b6:e7:77:
f0:bf:b4:a5:8a:6d:0a:31:d2:e5:2c:a5:04:9e:82:
87:5e:09:75:fc:39:36:95:22:12:64:6c:e4:b4:14:
50:77:20:4f:27:71:5f:4f:ff:90:54:d4:b6:04:d0:
84:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:86:8B:05:A2:A6:2F:C4:DC:96:D1:01:C6:41:D6:5F:9A:21:D8:6F
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/VoaLBaKmL8TcltEBxkHWX5oh2G8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.20.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:e5:9e:29:8e:19:08:ff:21:2f:c3:08:db:79:6a:0a:ac:49:
62:47:54:2e:c2:54:72:ed:b0:02:55:fc:82:dd:af:f0:0a:da:
4d:ed:f4:9a:12:6e:a7:37:b9:15:8a:e3:4b:2c:60:d8:3a:88:
52:24:6c:82:a8:cf:c1:70:cb:37:c7:31:34:49:3f:23:37:1b:
cc:df:71:e6:0b:5b:51:19:57:11:bc:e0:e5:02:25:7a:ab:71:
92:4f:82:1c:98:09:06:d5:ed:4a:81:b1:60:c2:6e:d2:83:9a:
3a:b3:a0:b0:99:c8:f6:a6:4d:5f:fb:94:43:e8:85:e1:25:39:
ce:09:44:30:2c:15:0b:3a:9f:1c:e2:0f:46:7f:9c:1b:5d:4b:
18:fd:5d:c2:2c:0f:0b:45:f3:a0:fd:e2:39:df:ac:92:eb:4a:
37:79:64:f9:84:c3:25:48:9f:24:90:ea:cd:24:77:0b:97:43:
a1:e9:9e:ef:ae:54:1f:21:34:65:86:05:7c:45:24:81:0a:43:
04:5e:23:9e:97:77:06:86:70:5c:c9:d0:a7:65:b7:93:23:24:
d1:c1:aa:d8:0a:43:84:98:b6:a9:9f:39:07:86:5b:7a:c7:66:
44:08:d0:7a:92:46:e7:8f:3b:d1:0c:e3:38:97:e3:47:bf:ff:
1c:7a:a7:a2
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFQ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjI3MzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU2ODY4QjA1QTJBNjJG
QzREQzk2RDEwMUM2NDFENjVGOUEyMUQ4NkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCu83V2Ke31D/fxCPUjLRx6SGjbZ6xCWu+rMm+a2svvSC1GxYzW
QP0D7vSJlhffSbYNxlpJBNhsdav4ZHaq0DknIrykOSj2xcgnKJYE6sCLVSd1mVEm
xnmfDqjk2e/bSUYEfY2g5vW/ovvqxtW9E/Ka//DD9BKvmPLQe8RGRYS7FB/d46of
3JfKZWHxU12sl3TiTlPYh1NMop3UwR22UrTX/QDChqKYJwgwnz1iLo/83dFsrQmd
ZyPGzTjtRDLXVw8qkjsKcgPl0t7ZYGlSkLbnd/C/tKWKbQox0uUspQSegodeCXX8
OTaVIhJkbOS0FFB3IE8ncV9P/5BU1LYE0IRjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUVoaLBaKmL8TcltEBxkHWX5oh2G8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1ZvYUxCYUttTDhUY2x0
RUJ4a0hXWDVvaDJHOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3RQwDQYJKoZIhvcNAQELBQADggEBAMDlnimOGQj/IS/DCNt5agqsSWJHVC7C
VHLtsAJV/ILdr/AK2k3t9JoSbqc3uRWK40ssYNg6iFIkbIKoz8FwyzfHMTRJPyM3
G8zfceYLW1EZVxG84OUCJXqrcZJPghyYCQbV7UqBsWDCbtKDmjqzoLCZyPamTV/7
lEPoheElOc4JRDAsFQs6nxziD0Z/nBtdSxj9XcIsDwtF86D94jnfrJLrSjd5ZPmE
wyVInySQ6s0kdwuXQ6Hpnu+uVB8hNGWGBXxFJIEKQwReI56XdwaGcFzJ0Kdlt5Mj
JNHBqtgKQ4SYtqmfOQeGW3rHZkQI0HqSRuePO9EM4ziX40e//xx6p6I=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:04:41 2025 by rpki-client