Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/cfigs9KHt7Qvq7HaY7yr6ribp-g.roa
File: cfigs9KHt7Qvq7HaY7yr6ribp-g.roa (raw, json)
Hash identifier: yvpkQllVgNfis2eqqiioRYCKaTVePaYmgeH8MB5oRMA=
Subject key identifier: 71:F8:A0:B3:D2:87:B7:B4:2F:AB:B1:DA:63:BC:AB:EA:B8:9B:A7:E8
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1490
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cfigs9KHt7Qvq7HaY7yr6ribp-g.roa
Signing time: Wed 11 Sep 2024 02:23:29 +0000
ROA not before: Wed 11 Sep 2024 02:23:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 17621
IP address blocks: 202.89.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5264 (0x1490)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=71F8A0B3D287B7B42FABB1DA63BCABEAB89BA7E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6c:bb:16:48:5b:57:a0:13:ab:d8:ec:63:c2:
23:2a:d2:20:62:ce:28:0a:47:d3:d2:bf:96:5f:d3:
12:28:46:2b:b9:63:d8:f4:d5:e6:52:5f:41:12:e3:
b5:ef:8f:65:47:56:13:76:03:68:e2:d0:df:f6:16:
a9:f0:39:25:fa:1f:aa:5e:c9:09:3e:08:fb:3f:53:
1c:2e:2f:bd:d3:95:4f:89:cc:43:92:d8:34:f4:f0:
6d:88:ed:7f:e3:0c:26:ab:26:fd:28:6b:66:37:ee:
c1:33:b7:75:bc:a5:f8:85:da:ac:b5:67:25:4e:50:
f2:f9:2d:4c:9c:87:a3:98:8a:77:76:da:65:96:cf:
9d:f9:d5:0e:22:87:c5:be:ff:f8:fc:0a:dc:a1:a7:
a1:a8:40:76:34:6a:52:45:c5:6f:d8:a1:7d:17:4a:
b8:5a:af:23:c8:56:d8:26:f9:c7:f7:64:0a:c7:d6:
b5:b5:8a:a0:ba:b8:4b:9d:f7:43:49:3e:cf:8c:6c:
50:46:d5:47:b6:37:3d:02:3b:ab:23:ea:5b:0a:8f:
18:a0:3e:bf:a2:07:61:0b:f0:bc:ac:a4:1d:51:d8:
95:00:26:d1:42:4d:94:4c:9d:17:05:a1:a5:0b:78:
f6:1b:55:50:e5:a1:17:10:86:c4:fb:83:c0:aa:8c:
28:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F8:A0:B3:D2:87:B7:B4:2F:AB:B1:DA:63:BC:AB:EA:B8:9B:A7:E8
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cfigs9KHt7Qvq7HaY7yr6ribp-g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.89.96.0/24
Signature Algorithm: sha256WithRSAEncryption
66:25:10:0e:0d:2c:fa:06:00:7f:ca:77:41:a0:2e:98:e1:22:
3a:2c:b0:5e:e4:a3:e3:6e:29:b5:fe:0e:ca:0f:b2:c7:72:5d:
fb:eb:6d:52:59:81:7b:76:7c:ec:05:11:be:c9:26:38:67:fb:
00:5c:c0:a5:11:61:0e:03:a0:77:81:d6:58:a1:f4:c5:5e:1d:
85:61:84:5c:af:e0:a6:8e:6c:bb:9c:3e:42:af:ed:bf:3c:67:
c8:c9:26:de:63:5e:79:47:01:ff:0b:eb:46:b7:d4:86:5c:53:
f9:95:d9:f9:a6:d1:80:30:6c:84:92:27:9e:69:3c:6b:36:d8:
db:7d:b0:83:52:a7:9b:97:db:c1:d7:7b:a9:e7:b0:84:cf:5f:
48:32:fe:b5:28:c9:c5:56:9c:87:68:ce:d1:64:0f:44:93:b6:
14:fd:f0:eb:d1:e7:89:7e:7b:c0:4a:dd:f0:89:79:1b:68:98:
20:a4:5b:81:c2:33:9b:56:5b:44:6e:ac:ff:0b:e0:59:37:da:
17:1d:ef:0a:20:96:61:3f:62:11:f6:b1:fd:61:e7:ea:5d:bc:
06:9d:15:92:04:b0:67:27:77:ba:b3:f9:ef:f4:12:9f:8c:a6:
85:93:f6:2a:9b:96:93:b5:0c:c4:c7:5d:cf:39:6e:89:a3:58:
7e:bd:f6:6f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFJAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcxRjhBMEIzRDI4N0I3
QjQyRkFCQjFEQTYzQkNBQkVBQjg5QkE3RTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5bLsWSFtXoBOr2OxjwiMq0iBizigKR9PSv5Zf0xIoRiu5Y9j0
1eZSX0ES47Xvj2VHVhN2A2ji0N/2FqnwOSX6H6peyQk+CPs/UxwuL73TlU+JzEOS
2DT08G2I7X/jDCarJv0oa2Y37sEzt3W8pfiF2qy1ZyVOUPL5LUych6OYind22mWW
z5351Q4ih8W+//j8Ctyhp6GoQHY0alJFxW/YoX0XSrharyPIVtgm+cf3ZArH1rW1
iqC6uEud90NJPs+MbFBG1Ue2Nz0CO6sj6lsKjxigPr+iB2EL8LyspB1R2JUAJtFC
TZRMnRcFoaULePYbVVDloRcQhsT7g8CqjChnAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUcfigs9KHt7Qvq7HaY7yr6ribp+gwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2NmaWdzOUtIdDdRdnE3
SGFZN3lyNnJpYnAtZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADKWWAwDQYJKoZIhvcNAQELBQADggEBAGYlEA4NLPoGAH/Kd0GgLpjhIjossF7k
o+NuKbX+DsoPssdyXfvrbVJZgXt2fOwFEb7JJjhn+wBcwKURYQ4DoHeB1lih9MVe
HYVhhFyv4KaObLucPkKv7b88Z8jJJt5jXnlHAf8L60a31IZcU/mV2fmm0YAwbISS
J55pPGs22Nt9sINSp5uX28HXe6nnsITPX0gy/rUoycVWnIdoztFkD0STthT98OvR
54l+e8BK3fCJeRtomCCkW4HCM5tWW0RurP8L4Fk32hcd7woglmE/YhH2sf1h5+pd
vAadFZIEsGcnd7qz+e/0Ep+MpoWT9iqblpO1DMTHXc85bomjWH699m8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:49:31 2025 by rpki-client