Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/Zq92Ty84jRxtOjDQ3X_aieVtwXY.roa
File: Zq92Ty84jRxtOjDQ3X_aieVtwXY.roa (raw, json)
Hash identifier: O2XbU33p6Hl2NRLzywVQRAf3Mr/Hrtsg03NJWL9sJM4=
Subject key identifier: 66:AF:76:4F:2F:38:8D:1C:6D:3A:30:D0:DD:7F:DA:89:E5:6D:C1:76
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 14F1
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Zq92Ty84jRxtOjDQ3X_aieVtwXY.roa
Signing time: Wed 11 Sep 2024 02:26:10 +0000
ROA not before: Wed 11 Sep 2024 02:26:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 13444
IP address blocks: 103.221.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5361 (0x14f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:26:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=66AF764F2F388D1C6D3A30D0DD7FDA89E56DC176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:55:95:fd:88:50:6f:bb:fb:57:ab:87:fd:a2:
b9:2c:4d:48:07:91:ca:b9:48:1f:1e:0b:f7:43:21:
f6:13:11:10:04:d3:cf:4c:3f:17:fb:d3:28:e4:6d:
1a:e8:69:0c:1c:c3:e5:74:68:a6:56:b6:8d:18:16:
e1:f8:73:9b:fe:58:4c:a0:25:81:57:cb:c7:26:0c:
ee:03:e8:c0:83:eb:62:a5:e7:15:96:29:62:43:7e:
95:4c:db:54:18:f1:ce:29:f4:8d:a0:8c:2e:04:bd:
36:74:bf:e3:61:cc:bc:73:ba:33:cc:b4:70:6c:15:
86:e7:cd:b9:b7:8c:6b:c7:45:69:b2:c9:0c:92:3e:
8a:85:88:6b:be:90:d2:8f:91:c9:e2:e4:ac:31:a7:
a2:29:14:ca:01:59:4b:26:53:6f:bf:26:89:d8:49:
72:05:05:32:8d:fa:a9:bb:29:b7:8d:d0:8a:4d:56:
df:68:ad:86:be:82:fe:91:d5:b4:5f:9f:c9:04:a5:
f5:8e:6e:f0:f5:f7:74:ef:ec:07:c4:60:47:8b:70:
ee:c7:cd:e2:c5:e0:f6:50:c3:30:93:23:33:43:65:
36:7e:ee:2d:4d:48:f3:f2:8c:60:2e:cd:06:2b:25:
54:ee:b0:07:eb:ee:3c:d2:3e:91:fe:3f:2d:7d:63:
5f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:AF:76:4F:2F:38:8D:1C:6D:3A:30:D0:DD:7F:DA:89:E5:6D:C1:76
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Zq92Ty84jRxtOjDQ3X_aieVtwXY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.5.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:22:bf:b0:3c:1a:6f:26:2f:c9:4e:3a:58:26:fe:b3:6b:04:
55:b9:1c:49:b8:4d:b9:da:5d:ae:c2:e2:ea:16:c6:a9:27:2c:
a8:e7:44:ea:6b:55:bf:ef:09:26:70:94:c7:5a:19:40:d3:6b:
ea:65:5f:64:31:8b:5e:55:80:59:3f:d0:11:ab:e2:65:5b:d4:
f3:a2:5f:12:7b:42:3c:0c:8f:9a:3e:17:5f:75:80:2c:69:4d:
9d:0a:b7:ed:a9:86:1c:a3:08:7c:2c:8c:52:80:e9:f8:08:25:
14:78:7e:24:81:90:f5:b0:fe:fe:1b:cf:b6:73:c0:ea:40:47:
45:3d:84:80:18:b3:85:6d:b0:76:e4:c4:68:4c:8f:0b:20:d1:
03:bc:eb:3c:15:b3:d0:08:e4:2d:09:05:41:e1:e8:18:3c:9b:
6a:26:09:26:72:58:70:f0:55:01:df:c5:fe:6e:ac:e4:f6:83:
f7:8a:cb:22:c0:7d:64:5b:c9:7c:a8:64:a1:b1:c9:ba:1d:d1:
84:01:07:40:45:4e:b4:e2:b2:ad:79:81:af:af:b0:25:ec:ee:
d8:51:18:11:8b:ef:b3:eb:bc:56:c4:70:4c:df:de:7a:c0:04:
58:e3:9d:88:82:e5:db:f0:42:ac:c1:05:f8:2d:8e:dc:fb:aa:
4a:45:52:39
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFPEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjI2MTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY2QUY3NjRGMkYzODhE
MUM2RDNBMzBEMEREN0ZEQTg5RTU2REMxNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwVZX9iFBvu/tXq4f9orksTUgHkcq5SB8eC/dDIfYTERAE089M
Pxf70yjkbRroaQwcw+V0aKZWto0YFuH4c5v+WEygJYFXy8cmDO4D6MCD62Kl5xWW
KWJDfpVM21QY8c4p9I2gjC4EvTZ0v+NhzLxzujPMtHBsFYbnzbm3jGvHRWmyyQyS
PoqFiGu+kNKPkcni5Kwxp6IpFMoBWUsmU2+/JonYSXIFBTKN+qm7KbeN0IpNVt9o
rYa+gv6R1bRfn8kEpfWObvD193Tv7AfEYEeLcO7HzeLF4PZQwzCTIzNDZTZ+7i1N
SPPyjGAuzQYrJVTusAfr7jzSPpH+Py19Y1/VAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUZq92Ty84jRxtOjDQ3X/aieVtwXYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1pxOTJUeTg0alJ4dE9q
RFEzWF9haWVWdHdYWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3QUwDQYJKoZIhvcNAQELBQADggEBAKQiv7A8Gm8mL8lOOlgm/rNrBFW5HEm4
TbnaXa7C4uoWxqknLKjnROprVb/vCSZwlMdaGUDTa+plX2Qxi15VgFk/0BGr4mVb
1POiXxJ7QjwMj5o+F191gCxpTZ0Kt+2phhyjCHwsjFKA6fgIJRR4fiSBkPWw/v4b
z7ZzwOpAR0U9hIAYs4VtsHbkxGhMjwsg0QO86zwVs9AI5C0JBUHh6Bg8m2omCSZy
WHDwVQHfxf5urOT2g/eKyyLAfWRbyXyoZKGxybod0YQBB0BFTrTisq15ga+vsCXs
7thRGBGL77PrvFbEcEzf3nrABFjjnYiC5dvwQqzBBfgtjtz7qkpFUjk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:35:24 2025 by rpki-client