Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/Y9H6Jdbgv1nYdbdVxhVcEc8XeRE.roa
File: Y9H6Jdbgv1nYdbdVxhVcEc8XeRE.roa (raw, json)
Hash identifier: EBMx835HKWD2VaWajIpLfO0BMaJHOZci99+Nz3393ec=
Subject key identifier: 63:D1:FA:25:D6:E0:BF:59:D8:75:B7:55:C6:15:5C:11:CF:17:79:11
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 14FF
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Y9H6Jdbgv1nYdbdVxhVcEc8XeRE.roa
Signing time: Wed 11 Sep 2024 02:27:30 +0000
ROA not before: Wed 11 Sep 2024 02:27:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 13444
IP address blocks: 103.221.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5375 (0x14ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:27:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=63D1FA25D6E0BF59D875B755C6155C11CF177911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c0:80:44:f2:9f:9b:85:f5:6f:d9:70:dd:f4:
88:1a:8a:f2:46:94:2f:58:57:ef:70:60:e5:0e:c3:
7a:54:45:de:f2:3b:46:a6:30:a0:f8:40:4a:19:a3:
2a:69:a1:2a:94:7a:77:f9:25:0b:22:ca:c0:2a:4f:
f9:72:60:5a:a4:0e:d3:e4:2d:cb:38:8a:53:ad:3d:
c3:43:c3:8a:30:52:76:2e:65:a9:d7:00:16:ef:bf:
cf:e5:8c:4d:40:8a:66:10:83:08:bc:22:67:4a:74:
3d:29:26:a1:dd:5b:60:ae:26:a2:10:0b:e2:1c:8c:
cb:59:45:3c:db:d6:42:d2:09:34:bc:31:96:97:1a:
a9:58:37:e9:2a:32:b0:11:f4:b0:b5:c2:c0:f6:c2:
31:62:91:b8:25:bb:8c:a6:93:51:67:a6:0c:12:44:
d2:c4:c9:1d:3e:d4:37:f3:da:11:1d:74:cb:7f:85:
54:3b:38:ec:9f:66:9e:64:b5:9e:d3:04:79:16:66:
3c:58:f9:87:97:26:f6:3d:f7:2e:55:fa:e0:99:d5:
a0:70:b8:c9:e1:b9:59:c4:7a:3c:4c:01:8a:98:dc:
e3:26:54:96:2f:3e:e1:9e:cc:20:20:1b:85:53:49:
be:70:84:78:7f:cb:4d:98:be:8d:56:c5:d5:48:fd:
96:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D1:FA:25:D6:E0:BF:59:D8:75:B7:55:C6:15:5C:11:CF:17:79:11
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Y9H6Jdbgv1nYdbdVxhVcEc8XeRE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.38.0/24
Signature Algorithm: sha256WithRSAEncryption
85:a3:21:ca:ac:04:36:37:85:63:6b:19:e2:78:2d:d6:87:7f:
a5:f8:ca:76:45:77:15:dc:0a:20:e0:c2:c3:e2:96:61:42:9b:
20:fb:2b:ee:2d:e1:f3:bf:63:ee:7b:af:9f:80:6a:d3:86:d5:
8d:b8:69:f4:2c:a2:4e:dd:06:41:86:c1:cf:7d:d8:49:fe:61:
a2:aa:fe:e7:88:e4:59:e7:6f:ef:ec:a9:8c:be:9f:fc:54:85:
cf:54:90:4a:ee:44:d7:ca:8c:11:7d:1f:20:d9:71:a2:43:18:
a6:46:c1:27:9b:99:e5:4b:71:3e:ec:68:0e:69:63:88:25:65:
80:79:6b:93:cc:e4:9e:e6:0f:53:4a:70:93:58:2d:a4:93:dd:
05:ff:8b:39:69:47:8e:cd:f9:16:21:d6:7f:61:4f:19:df:86:
78:d6:9b:3a:51:1b:a8:5f:e3:7d:75:b9:c4:aa:18:aa:53:24:
59:e8:70:ee:b7:c5:3c:70:44:e8:5e:b6:73:e8:3c:29:91:aa:
6b:5e:7a:04:28:91:d3:db:88:a1:b8:76:ee:b7:1a:17:e3:e7:
cb:d5:c0:10:f4:77:a9:12:a8:31:8d:14:74:ac:e1:a4:f2:35:
a1:48:c5:06:3f:68:85:d4:de:fe:b7:70:5b:de:6a:36:be:2d:
2e:f3:31:bb
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFP8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjI3MzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYzRDFGQTI1RDZFMEJG
NTlEODc1Qjc1NUM2MTU1QzExQ0YxNzc5MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFwIBE8p+bhfVv2XDd9IgaivJGlC9YV+9wYOUOw3pURd7yO0am
MKD4QEoZoyppoSqUenf5JQsiysAqT/lyYFqkDtPkLcs4ilOtPcNDw4owUnYuZanX
ABbvv8/ljE1AimYQgwi8ImdKdD0pJqHdW2CuJqIQC+IcjMtZRTzb1kLSCTS8MZaX
GqlYN+kqMrAR9LC1wsD2wjFikbglu4ymk1FnpgwSRNLEyR0+1Dfz2hEddMt/hVQ7
OOyfZp5ktZ7TBHkWZjxY+YeXJvY99y5V+uCZ1aBwuMnhuVnEejxMAYqY3OMmVJYv
PuGezCAgG4VTSb5whHh/y02Yvo1WxdVI/Za5AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUY9H6Jdbgv1nYdbdVxhVcEc8XeREwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1k5SDZKZGJndjFuWWRi
ZFZ4aFZjRWM4WGVSRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3SYwDQYJKoZIhvcNAQELBQADggEBAIWjIcqsBDY3hWNrGeJ4LdaHf6X4ynZF
dxXcCiDgwsPilmFCmyD7K+4t4fO/Y+57r5+AatOG1Y24afQsok7dBkGGwc992En+
YaKq/ueI5Fnnb+/sqYy+n/xUhc9UkEruRNfKjBF9HyDZcaJDGKZGwSebmeVLcT7s
aA5pY4glZYB5a5PM5J7mD1NKcJNYLaST3QX/izlpR47N+RYh1n9hTxnfhnjWmzpR
G6hf4311ucSqGKpTJFnocO63xTxwROhetnPoPCmRqmteegQokdPbiKG4du63Ghfj
58vVwBD0d6kSqDGNFHSs4aTyNaFIxQY/aIXU3v63cFveaja+LS7zMbs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:58 2025 by rpki-client