Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/euHKmxbhnuiUYzsV26bmFHH1STg.roa
File: euHKmxbhnuiUYzsV26bmFHH1STg.roa (raw, json)
Hash identifier: kv5YmMzAHfW+QR5xw4D78VdkAdTybtXlCyeJTF3gx5I=
Subject key identifier: 7A:E1:CA:9B:16:E1:9E:E8:94:63:3B:15:DB:A6:E6:14:71:F5:49:38
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1508
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/euHKmxbhnuiUYzsV26bmFHH1STg.roa
Signing time: Wed 11 Sep 2024 02:27:33 +0000
ROA not before: Wed 11 Sep 2024 02:27:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 13444
IP address blocks: 103.221.30.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5384 (0x1508)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:27:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7AE1CA9B16E19EE894633B15DBA6E61471F54938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:de:9c:ae:2d:18:e7:08:55:fc:87:16:bb:64:
be:58:22:d1:ca:1e:ad:1a:8c:17:3e:a5:a7:ef:b4:
82:34:5a:83:68:76:a9:22:e5:c2:1d:64:da:0d:ce:
d8:c7:24:3e:7b:f0:3f:a3:4a:0b:f7:3d:a7:32:27:
01:d4:91:8a:58:74:26:c6:3c:1e:8a:bf:0c:dd:6a:
e4:68:96:b9:ad:6c:31:c5:0b:c0:d4:09:dd:ef:dd:
8b:63:4b:40:8e:7c:25:ac:9e:fa:ee:35:58:c9:bd:
c9:69:d9:4d:c4:87:de:82:74:f8:16:9d:63:d1:c8:
ec:e8:42:ca:81:69:01:95:3b:7f:0b:da:76:d5:5d:
9e:76:87:42:c8:79:81:ad:0e:4e:56:45:02:b1:ee:
4d:ba:18:4b:b0:34:b7:94:8b:f2:ea:ad:59:94:fb:
96:7e:dc:55:99:75:a7:4b:1e:fd:74:b2:b4:6f:c7:
e5:dc:bd:8e:5c:53:ed:b4:4a:3a:e4:e8:d7:bf:8f:
e5:c6:09:c5:53:be:c5:86:53:ff:2d:6e:27:22:40:
0a:ef:11:05:68:66:b8:52:58:50:1f:57:5c:fc:24:
c6:af:cf:ea:70:1a:76:90:04:16:61:7c:8d:b4:51:
49:12:e6:cc:00:b0:a7:79:cb:55:fd:09:f3:47:f9:
14:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:E1:CA:9B:16:E1:9E:E8:94:63:3B:15:DB:A6:E6:14:71:F5:49:38
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/euHKmxbhnuiUYzsV26bmFHH1STg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.30.0/24
Signature Algorithm: sha256WithRSAEncryption
03:57:11:da:74:6d:85:d4:b4:d5:42:ba:ac:05:d1:ed:61:31:
77:46:f0:c9:51:c8:83:8b:2b:a5:67:f1:8d:65:c3:22:95:b8:
4d:ae:94:be:36:0b:99:54:5f:5d:d3:b3:dd:14:ac:f3:f9:47:
a7:aa:02:7c:f5:81:88:43:f3:c7:8f:c2:b6:10:3e:19:13:3b:
2e:81:6c:39:38:77:32:6a:4c:99:51:78:90:c3:bf:6d:0f:fa:
90:c8:ce:7f:93:13:de:63:c5:f3:c9:42:be:ad:0c:04:92:98:
36:b2:a2:d1:38:40:1f:6e:f5:e2:ed:cd:ea:69:96:bd:0b:30:
12:26:2f:1f:ea:f3:b7:ce:cd:f8:67:7a:2f:ba:6d:4c:3c:ef:
9b:2b:5a:20:4d:4b:e0:31:fe:2a:3d:81:99:34:a4:76:5d:28:
58:9c:0f:fc:17:c1:36:5e:09:2b:d0:4a:fe:80:eb:75:90:6f:
21:3f:a1:8a:4f:d6:5b:56:7e:c0:70:ef:17:4a:7e:fa:31:73:
05:6e:27:73:47:67:5e:1d:14:02:91:47:e4:07:c0:ad:02:57:
69:81:26:29:bc:69:4a:07:e3:d9:f0:b4:97:61:b5:d4:06:71:
73:bb:88:c8:a8:ac:1a:c6:26:b8:ba:35:b0:52:77:0f:c5:6a:
59:f6:bc:2d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFQgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjI3MzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdBRTFDQTlCMTZFMTlF
RTg5NDYzM0IxNURCQTZFNjE0NzFGNTQ5MzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC03pyuLRjnCFX8hxa7ZL5YItHKHq0ajBc+pafvtII0WoNodqki
5cIdZNoNztjHJD578D+jSgv3PacyJwHUkYpYdCbGPB6KvwzdauRolrmtbDHFC8DU
Cd3v3YtjS0COfCWsnvruNVjJvclp2U3Eh96CdPgWnWPRyOzoQsqBaQGVO38L2nbV
XZ52h0LIeYGtDk5WRQKx7k26GEuwNLeUi/LqrVmU+5Z+3FWZdadLHv10srRvx+Xc
vY5cU+20Sjrk6Ne/j+XGCcVTvsWGU/8tbiciQArvEQVoZrhSWFAfV1z8JMavz+pw
GnaQBBZhfI20UUkS5swAsKd5y1X9CfNH+RTdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUeuHKmxbhnuiUYzsV26bmFHH1STgwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2V1SEtteGJobnVpVVl6
c1YyNmJtRkhIMVNUZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3R4wDQYJKoZIhvcNAQELBQADggEBAANXEdp0bYXUtNVCuqwF0e1hMXdG8MlR
yIOLK6Vn8Y1lwyKVuE2ulL42C5lUX13Ts90UrPP5R6eqAnz1gYhD88ePwrYQPhkT
Oy6BbDk4dzJqTJlReJDDv20P+pDIzn+TE95jxfPJQr6tDASSmDayotE4QB9u9eLt
zepplr0LMBImLx/q87fOzfhnei+6bUw875srWiBNS+Ax/io9gZk0pHZdKFicD/wX
wTZeCSvQSv6A63WQbyE/oYpP1ltWfsBw7xdKfvoxcwVuJ3NHZ14dFAKRR+QHwK0C
V2mBJim8aUoH49nwtJdhtdQGcXO7iMiorBrGJri6NbBSdw/Faln2vC0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:19 2025 by rpki-client