Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/ysBb3LDvdjhqyzNnMr2Wc4Vl0iI.roa
File: ysBb3LDvdjhqyzNnMr2Wc4Vl0iI.roa (raw, json)
Hash identifier: Sp5WqxtbP5VBFw11+83rV1lZd1llOS5XUitKVQDXm0c=
Subject key identifier: CA:C0:5B:DC:B0:EF:76:38:6A:CB:33:67:32:BD:96:73:85:65:D2:22
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1461
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ysBb3LDvdjhqyzNnMr2Wc4Vl0iI.roa
Signing time: Wed 11 Sep 2024 02:23:14 +0000
ROA not before: Wed 11 Sep 2024 02:23:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 138527
IP address blocks: 103.198.240.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5217 (0x1461)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CAC05BDCB0EF76386ACB336732BD96738565D222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8d:dc:d5:e3:fb:32:fa:85:ad:b0:bd:5a:b0:
b5:af:90:89:91:2a:91:21:bc:a3:08:38:1d:6b:90:
ad:cb:a6:72:6c:41:91:db:6e:85:df:92:19:25:b8:
fe:6c:0c:d9:b8:cd:a8:d1:02:08:23:a4:b5:d9:82:
27:38:08:70:f1:9a:29:42:d2:b4:89:b5:80:17:b1:
a9:d9:0b:5e:5d:52:fd:42:93:9b:d4:6d:e3:46:9c:
74:b3:1f:98:00:d9:0c:11:90:57:56:3e:d3:10:71:
3d:86:60:f1:32:c9:2a:1d:51:7c:d2:b1:90:e0:60:
69:01:3b:dc:7a:b6:da:22:32:2d:09:90:7f:15:6a:
11:9a:d0:70:44:0a:3b:f1:42:98:ae:58:6c:8e:07:
57:8c:7e:c6:9a:47:c0:ad:4c:09:ae:a3:51:72:7e:
b3:0b:55:dc:98:49:55:9d:35:7c:b3:32:ad:b5:60:
e9:f6:e2:01:3c:5a:87:ed:70:e1:0f:50:8f:68:3a:
4e:84:ef:d2:97:29:57:c9:71:05:5a:96:da:01:15:
95:7a:56:cf:1f:1d:31:03:c5:73:1f:8d:9c:d2:03:
8f:55:de:17:d1:a9:e8:82:cc:fa:94:09:97:4e:d9:
49:36:e1:9a:e0:50:3b:b8:f1:8f:39:06:06:e4:1c:
cd:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C0:5B:DC:B0:EF:76:38:6A:CB:33:67:32:BD:96:73:85:65:D2:22
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ysBb3LDvdjhqyzNnMr2Wc4Vl0iI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.198.240.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:29:4c:31:9a:b9:cb:ca:d7:f1:df:3a:df:aa:76:3c:b4:42:
a4:20:ac:dc:69:67:e7:44:89:e3:46:c0:d5:9b:61:1e:1b:30:
e9:a9:4a:37:cf:ce:7b:49:82:2d:47:5a:bb:9a:36:42:23:ae:
5c:3a:4c:ea:90:f9:a9:ec:3d:b3:71:6f:67:4d:7c:30:d2:88:
45:78:20:a3:06:22:f3:cc:aa:e8:16:81:ab:b1:49:2a:24:ba:
f8:7b:88:7e:bf:a1:f0:7c:8a:77:e0:20:65:f0:78:97:7a:cb:
e8:03:dc:73:4e:79:0f:fc:c0:6c:78:b1:2c:b1:8b:3e:f7:c7:
76:f0:6a:70:d4:35:8c:b9:52:e7:b9:18:99:e3:22:61:3f:0f:
e3:f1:1f:13:05:11:03:5d:95:45:94:74:e0:8a:c0:75:69:a6:
d7:ce:6f:4a:50:25:e5:87:18:75:21:ad:ad:2d:11:54:9f:3d:
98:42:39:a9:92:49:37:61:d7:71:29:fe:85:f9:30:24:0f:ab:
5f:47:a2:85:8e:59:da:2c:6e:a7:e9:c3:1f:e8:d8:8e:34:a4:
cc:c5:50:51:bb:01:60:ea:60:b0:be:8b:f9:18:5d:79:cf:ff:
c1:46:d3:76:f1:5d:29:e9:c3:60:af:44:ab:11:f1:6b:77:23:
e7:d1:05:60
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFGEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBQzA1QkRDQjBFRjc2
Mzg2QUNCMzM2NzMyQkQ5NjczODU2NUQyMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPjdzV4/sy+oWtsL1asLWvkImRKpEhvKMIOB1rkK3LpnJsQZHb
boXfkhkluP5sDNm4zajRAggjpLXZgic4CHDxmilC0rSJtYAXsanZC15dUv1Ck5vU
beNGnHSzH5gA2QwRkFdWPtMQcT2GYPEyySodUXzSsZDgYGkBO9x6ttoiMi0JkH8V
ahGa0HBECjvxQpiuWGyOB1eMfsaaR8CtTAmuo1FyfrMLVdyYSVWdNXyzMq21YOn2
4gE8WoftcOEPUI9oOk6E79KXKVfJcQValtoBFZV6Vs8fHTEDxXMfjZzSA49V3hfR
qeiCzPqUCZdO2Uk24ZrgUDu48Y85BgbkHM1ZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUysBb3LDvdjhqyzNnMr2Wc4Vl0iIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3lzQmIzTER2ZGpocXl6
Tm5NcjJXYzRWbDBpSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJnxvAwDQYJKoZIhvcNAQELBQADggEBALMpTDGaucvK1/HfOt+qdjy0QqQgrNxp
Z+dEieNGwNWbYR4bMOmpSjfPzntJgi1HWruaNkIjrlw6TOqQ+ansPbNxb2dNfDDS
iEV4IKMGIvPMqugWgauxSSokuvh7iH6/ofB8infgIGXweJd6y+gD3HNOeQ/8wGx4
sSyxiz73x3bwanDUNYy5Uue5GJnjImE/D+PxHxMFEQNdlUWUdOCKwHVpptfOb0pQ
JeWHGHUhra0tEVSfPZhCOamSSTdh13Ep/oX5MCQPq19HooWOWdosbqfpwx/o2I40
pMzFUFG7AWDqYLC+i/kYXXnP/8FG03bxXSnpw2CvRKsR8Wt3I+fRBWA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:28 2025 by rpki-client