Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/WMXMXq3CT70ytwe8tFgvJviEmkE.roa
File: WMXMXq3CT70ytwe8tFgvJviEmkE.roa (raw, json)
Hash identifier: YCY6Km3U8RBmIRZra9MTLwIarnAR5UD2Wyq1/PQK04E=
Subject key identifier: 58:C5:CC:5E:AD:C2:4F:BD:32:B7:07:BC:B4:58:2F:26:F8:84:9A:41
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1493
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/WMXMXq3CT70ytwe8tFgvJviEmkE.roa
Signing time: Wed 11 Sep 2024 02:23:31 +0000
ROA not before: Wed 11 Sep 2024 02:23:31 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139259
IP address blocks: 103.220.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5267 (0x1493)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:31 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=58C5CC5EADC24FBD32B707BCB4582F26F8849A41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:5e:8a:b3:89:e0:d8:44:99:85:bb:88:8f:9f:
8c:23:4e:26:ef:b7:a3:ee:a2:9c:e9:e3:2b:cf:41:
82:d6:f1:00:77:da:22:33:f6:94:93:db:74:39:10:
04:1f:69:7a:c9:d8:66:50:65:0e:f3:be:1e:1a:ad:
15:70:8b:7b:f7:c6:6a:ba:c6:03:3f:59:2c:48:b9:
f2:ba:35:41:8e:60:83:14:48:03:41:9b:31:89:bb:
60:87:d4:58:72:09:5d:f6:60:41:12:e0:5f:82:b5:
0d:9d:17:82:b7:3c:d9:1e:83:59:a1:f1:c3:33:16:
22:2c:a8:78:62:1e:d7:e5:53:f0:75:5f:ea:97:2e:
59:4b:0b:af:c3:dd:3e:16:d5:4d:8a:94:19:83:73:
5c:21:83:cf:40:7d:72:ac:5b:1d:59:80:bd:f6:16:
78:19:35:5d:c1:2f:45:2d:13:2d:b8:75:62:40:42:
5f:40:3c:2d:99:f8:31:ea:50:51:73:89:26:e4:fb:
f9:8e:a0:41:d4:46:2f:4b:0b:58:46:ef:86:0b:76:
15:76:59:2c:98:d3:21:c4:ad:87:8f:fd:68:81:6a:
f5:c1:30:81:1e:e8:a6:85:7a:54:c5:a7:7b:49:13:
82:c3:2e:36:3f:fe:6d:25:e6:1c:f0:34:7b:6c:e3:
7c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:C5:CC:5E:AD:C2:4F:BD:32:B7:07:BC:B4:58:2F:26:F8:84:9A:41
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/WMXMXq3CT70ytwe8tFgvJviEmkE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.220.252.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:bd:2f:4f:2f:40:8c:d5:ab:76:85:3f:54:e3:a6:a0:5c:f9:
6e:67:b8:28:94:48:f8:88:0d:39:fa:2d:35:c8:2c:4a:ba:ad:
c4:29:cd:62:43:e5:ff:b1:99:c1:2e:36:11:4a:1c:4f:56:c1:
49:40:bf:96:21:33:f5:aa:b7:3a:e7:f4:90:23:35:a0:a4:08:
41:16:67:a8:3d:14:16:c0:da:e4:73:f4:8a:b4:a1:3c:8d:dd:
83:c3:c0:2d:d7:b6:e0:42:78:c5:c8:b5:c2:5e:1c:7f:1d:ed:
b6:cc:07:e8:6b:ed:34:fd:bb:a2:fe:f5:05:aa:7c:ef:c9:da:
1b:63:10:64:04:a5:7e:ff:ca:3b:fb:b9:47:39:d3:9c:94:8c:
ce:2b:a7:16:ad:45:96:58:89:f1:fc:d6:df:8b:53:9e:7b:3f:
11:4c:53:ed:cb:d7:f7:62:1a:57:7f:47:cf:75:07:4b:9f:81:
41:e8:4c:64:2b:af:76:62:cd:65:07:fa:7a:eb:bc:65:81:01:
87:dc:24:1b:4a:34:89:2b:ee:f9:4c:19:7e:af:09:6e:f4:4d:
27:dd:97:3d:b1:73:68:6a:50:d6:00:bc:5d:e5:46:ee:74:db:
ea:42:03:32:08:ec:1e:d8:be:4b:fb:01:8d:e9:e4:4d:53:e8:
d4:c5:16:8b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFJMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU4QzVDQzVFQURDMjRG
QkQzMkI3MDdCQ0I0NTgyRjI2Rjg4NDlBNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtXoqzieDYRJmFu4iPn4wjTibvt6Puopzp4yvPQYLW8QB32iIz
9pST23Q5EAQfaXrJ2GZQZQ7zvh4arRVwi3v3xmq6xgM/WSxIufK6NUGOYIMUSANB
mzGJu2CH1FhyCV32YEES4F+CtQ2dF4K3PNkeg1mh8cMzFiIsqHhiHtflU/B1X+qX
LllLC6/D3T4W1U2KlBmDc1whg89AfXKsWx1ZgL32FngZNV3BL0UtEy24dWJAQl9A
PC2Z+DHqUFFziSbk+/mOoEHURi9LC1hG74YLdhV2WSyY0yHErYeP/WiBavXBMIEe
6KaFelTFp3tJE4LDLjY//m0l5hzwNHts43yRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUWMXMXq3CT70ytwe8tFgvJviEmkEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1dNWE1YcTNDVDcweXR3
ZTh0Rmd2SnZpRW1rRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJn3PwwDQYJKoZIhvcNAQELBQADggEBAFu9L08vQIzVq3aFP1TjpqBc+W5nuCiU
SPiIDTn6LTXILEq6rcQpzWJD5f+xmcEuNhFKHE9WwUlAv5YhM/Wqtzrn9JAjNaCk
CEEWZ6g9FBbA2uRz9Iq0oTyN3YPDwC3XtuBCeMXItcJeHH8d7bbMB+hr7TT9u6L+
9QWqfO/J2htjEGQEpX7/yjv7uUc505yUjM4rpxatRZZYifH81t+LU557PxFMU+3L
1/diGld/R891B0ufgUHoTGQrr3ZizWUH+nrrvGWBAYfcJBtKNIkr7vlMGX6vCW70
TSfdlz2xc2hqUNYAvF3lRu502+pCAzII7B7Yvkv7AY3p5E1T6NTFFos=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:13 2025 by rpki-client