Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/595/uHQl5IX-oQ9EQTxWW0akN_KnEcY.roa
File: uHQl5IX-oQ9EQTxWW0akN_KnEcY.roa (raw, json)
Hash identifier: FXgnP2SlLUVdB9n5PZ8AOQ7P8/qMb5zF2w3/gE4vnA8=
Subject key identifier: B8:74:25:E4:85:FE:A1:0F:44:41:3C:56:5B:46:A4:37:F2:A7:11:C6
Certificate issuer: /CN=2CA390E2780550E44EC03598082E1995474DF2FB
Certificate serial: 07A2
Authority key identifier: 2C:A3:90:E2:78:05:50:E4:4E:C0:35:98:08:2E:19:95:47:4D:F2:FB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LKOQ4ngFUOROwDWYCC4ZlUdN8vs.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/uHQl5IX-oQ9EQTxWW0akN_KnEcY.roa
Signing time: Tue 07 Jun 2022 01:41:19 +0000
ROA not before: Tue 07 Jun 2022 01:41:19 +0000
ROA not after: Fri 02 Jun 2023 05:30:26 +0000
asID: 58862
IP address blocks: 167.220.244.0/22 maxlen: 23
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1954 (0x7a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2CA390E2780550E44EC03598082E1995474DF2FB
Validity
Not Before: Jun 7 01:41:19 2022 GMT
Not After : Jun 2 05:30:26 2023 GMT
Subject: CN=B87425E485FEA10F44413C565B46A437F2A711C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:20:82:16:1c:be:41:d8:42:b1:26:f3:6c:c0:
b4:af:94:35:f5:c0:1a:74:30:ee:a2:09:c8:91:8b:
9c:dd:31:78:b1:61:a8:46:76:85:cc:e5:44:08:e4:
16:0b:e1:91:e4:11:5e:5e:73:cc:99:01:f6:5b:cd:
e2:23:86:79:de:99:4c:a0:a3:77:36:a3:be:3e:af:
8c:37:41:95:f3:f4:15:19:90:e7:2d:21:be:b9:42:
15:d5:ee:4a:c0:48:6b:66:1c:1a:eb:4e:84:4e:f4:
62:3a:c5:5f:cb:b7:df:53:26:39:38:54:24:5e:fa:
02:f0:c6:ee:a0:42:60:25:80:af:9f:8a:08:24:6c:
d3:d2:22:48:fe:2f:05:85:75:54:bb:97:cc:09:4e:
be:f5:8e:bc:e9:b7:f1:31:aa:f6:6a:be:3c:88:d7:
65:66:a5:e6:73:c4:97:3b:6f:e4:c3:6b:80:7a:7a:
47:8a:d6:9a:02:90:d1:b9:90:b1:ed:e6:7c:92:3d:
54:ae:98:0f:5b:72:1f:fc:5b:08:35:3e:0d:28:21:
76:aa:0d:e3:84:f9:d7:d2:25:76:a2:be:b4:e2:54:
bf:5a:d7:1c:cf:4f:a9:e5:0c:20:9c:f5:87:16:64:
e8:27:f5:1d:32:16:83:fc:6f:80:6c:4f:e9:1d:1a:
4f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:74:25:E4:85:FE:A1:0F:44:41:3C:56:5B:46:A4:37:F2:A7:11:C6
X509v3 Authority Key Identifier:
keyid:2C:A3:90:E2:78:05:50:E4:4E:C0:35:98:08:2E:19:95:47:4D:F2:FB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/LKOQ4ngFUOROwDWYCC4ZlUdN8vs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LKOQ4ngFUOROwDWYCC4ZlUdN8vs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/uHQl5IX-oQ9EQTxWW0akN_KnEcY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
167.220.244.0/22
Signature Algorithm: sha256WithRSAEncryption
51:bf:16:00:bc:4c:00:80:9b:ca:18:bc:50:23:18:ff:3e:99:
a2:7d:a5:20:9c:cf:74:3a:21:ed:5d:7b:82:58:68:2c:17:d9:
e3:fb:b1:43:e9:d4:0e:59:35:04:2d:1a:9b:ae:6c:0b:24:3c:
b3:3b:97:15:e8:0d:56:35:fe:1e:e7:15:3a:3c:42:ae:19:84:
15:9e:2b:c8:8d:ae:f7:e5:34:fa:2e:f6:0e:c7:a4:4c:a4:82:
eb:25:fb:f2:fb:49:72:65:cd:9e:f2:17:33:81:cc:84:ed:38:
a9:91:5f:63:22:05:b0:94:15:35:78:ab:90:9b:73:39:a3:63:
b7:d1:33:0b:9e:43:47:cb:16:d3:80:1a:58:87:8c:cb:c2:83:
5f:2c:66:65:cb:de:b3:52:09:ba:b0:33:b3:27:f1:de:2e:58:
8b:2f:48:7b:34:31:5d:33:34:8a:af:fb:57:5c:ac:d1:42:f8:
bb:20:34:9b:9d:da:1d:a6:b7:54:14:78:ed:81:d1:cc:23:05:
d3:bb:0e:3c:7f:4d:24:11:5c:d7:0a:28:49:9e:39:01:56:40:
8a:b5:40:05:c1:a4:26:32:4a:5a:cf:5e:f1:2e:cf:5b:1d:0e:
4d:d5:60:70:31:cf:3c:23:e5:a0:6f:89:a1:88:5d:95:62:60:
8d:82:c5:04
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICB6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkNB
MzkwRTI3ODA1NTBFNDRFQzAzNTk4MDgyRTE5OTU0NzRERjJGQjAeFw0yMjA2MDcw
MTQxMTlaFw0yMzA2MDIwNTMwMjZaMDMxMTAvBgNVBAMTKEI4NzQyNUU0ODVGRUEx
MEY0NDQxM0M1NjVCNDZBNDM3RjJBNzExQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhIIIWHL5B2EKxJvNswLSvlDX1wBp0MO6iCciRi5zdMXixYahG
doXM5UQI5BYL4ZHkEV5ec8yZAfZbzeIjhnnemUygo3c2o74+r4w3QZXz9BUZkOct
Ib65QhXV7krASGtmHBrrToRO9GI6xV/Lt99TJjk4VCRe+gLwxu6gQmAlgK+figgk
bNPSIkj+LwWFdVS7l8wJTr71jrzpt/ExqvZqvjyI12VmpeZzxJc7b+TDa4B6ekeK
1poCkNG5kLHt5nySPVSumA9bch/8Wwg1Pg0oIXaqDeOE+dfSJXaivrTiVL9a1xzP
T6nlDCCc9YcWZOgn9R0yFoP8b4BsT+kdGk/hAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUuHQl5IX+oQ9EQTxWW0akN/KnEcYwHwYDVR0jBBgwFoAULKOQ4ngFUOROwDWY
CC4ZlUdN8vswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1
L0xLT1E0bmdGVU9ST3dEV1lDQzRabFVkTjh2cy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTEtPUTRuZ0ZVT1JPd0RXWUNDNFpsVWROOHZzLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1L3VIUWw1SVgtb1E5RVFU
eFdXMGFrTl9LbkVjWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKn3PQwDQYJKoZIhvcNAQELBQADggEBAFG/FgC8TACAm8oYvFAjGP8+maJ9pSCc
z3Q6Ie1de4JYaCwX2eP7sUPp1A5ZNQQtGpuubAskPLM7lxXoDVY1/h7nFTo8Qq4Z
hBWeK8iNrvflNPou9g7HpEykgusl+/L7SXJlzZ7yFzOBzITtOKmRX2MiBbCUFTV4
q5CbczmjY7fRMwueQ0fLFtOAGliHjMvCg18sZmXL3rNSCbqwM7Mn8d4uWIsvSHs0
MV0zNIqv+1dcrNFC+LsgNJud2h2mt1QUeO2B0cwjBdO7Djx/TSQRXNcKKEmeOQFW
QIq1QAXBpCYySlrPXvEuz1sdDk3VYHAxzzwj5aBviaGIXZViYI2CxQQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:23 2023 by rpki-client on console-fra.rpki-client.org