Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/621/bMLuCIoFjI5dAsjvGA189ao8_ZM.roa
File: bMLuCIoFjI5dAsjvGA189ao8_ZM.roa (raw, json)
Hash identifier: kQngZ5m85nl6hcOwze17rQvSYYtI/+ofItFNQhO2f1k=
Subject key identifier: 6C:C2:EE:08:8A:05:8C:8E:5D:02:C8:EF:18:0D:7C:F5:AA:3C:FD:93
Certificate issuer: /CN=E56DA4C275F3CCC92D086202A1EDA7783F0C3D0D
Certificate serial: 15CD
Authority key identifier: E5:6D:A4:C2:75:F3:CC:C9:2D:08:62:02:A1:ED:A7:78:3F:0C:3D:0D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/bMLuCIoFjI5dAsjvGA189ao8_ZM.roa
Signing time: Wed 13 Mar 2024 01:23:56 +0000
ROA not before: Wed 13 Mar 2024 01:23:56 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 138915
IP address blocks: 27.0.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5581 (0x15cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E56DA4C275F3CCC92D086202A1EDA7783F0C3D0D
Validity
Not Before: Mar 13 01:23:56 2024 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=6CC2EE088A058C8E5D02C8EF180D7CF5AA3CFD93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:dd:39:47:97:8f:67:73:25:83:8f:41:4b:65:
cd:82:93:61:27:64:8a:a7:46:e4:00:e7:79:a6:56:
cc:de:5a:5f:39:fa:b9:3f:53:e2:2f:82:5d:84:52:
3f:88:e7:4a:74:59:e2:fb:a0:25:a5:d3:6b:75:c3:
2c:6f:18:74:13:b9:47:61:74:87:ae:fd:80:98:64:
f4:46:d7:47:d5:4e:90:3b:d4:c1:a7:25:eb:e1:9e:
de:6e:71:25:d6:ba:b8:42:7b:6f:82:58:83:4b:27:
b7:b6:2a:48:7f:62:24:ed:ae:96:a0:da:31:32:b6:
53:c4:fb:e9:45:a3:17:2b:a0:7b:92:76:22:ff:ef:
48:a4:a2:51:24:17:32:46:77:a3:d7:7d:fe:39:25:
fa:37:35:24:3b:fc:af:ac:f8:56:43:15:da:d4:77:
43:63:dc:1a:b2:d7:dc:c1:f8:22:06:ad:4b:60:4c:
c0:03:34:27:b2:0b:c1:33:c9:7a:c9:0c:a6:f9:d8:
9c:3d:41:f4:7a:a1:12:23:93:6f:4b:c8:5f:53:15:
1d:d7:d8:56:1b:3f:fa:d0:7b:88:a2:61:8d:b7:03:
ae:d2:5b:f7:48:c6:e8:50:29:8b:4e:6f:da:bd:6c:
b0:1b:57:f0:d0:ee:e1:3d:68:ac:9f:d5:f2:60:e9:
7e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C2:EE:08:8A:05:8C:8E:5D:02:C8:EF:18:0D:7C:F5:AA:3C:FD:93
X509v3 Authority Key Identifier:
keyid:E5:6D:A4:C2:75:F3:CC:C9:2D:08:62:02:A1:ED:A7:78:3F:0C:3D:0D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/5W2kwnXzzMktCGICoe2neD8MPQ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5W2kwnXzzMktCGICoe2neD8MPQ0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/621/bMLuCIoFjI5dAsjvGA189ao8_ZM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.0.133.0/24
Signature Algorithm: sha256WithRSAEncryption
12:c4:30:4c:c3:7e:c8:ec:1d:70:91:e2:5b:97:80:c4:c7:ca:
e8:3c:03:c4:99:f9:e8:b9:fb:f8:a9:04:3d:51:65:91:b2:23:
d7:49:64:40:f6:ed:42:81:9f:45:37:d1:80:f0:38:1b:d2:c5:
c0:34:9d:69:0e:85:9f:d7:be:b0:91:4d:1c:19:a3:a6:b3:73:
b9:0f:5a:db:7b:e3:eb:7a:d0:39:80:97:ff:08:6f:3a:1e:a2:
7f:e1:63:46:27:2b:2d:28:d4:8b:db:bc:f4:d7:f0:66:49:d9:
f5:1a:83:3f:d0:a6:f5:55:78:57:64:9d:79:0b:10:ec:6b:83:
30:cc:eb:f5:22:c9:5d:4b:24:59:5f:79:5c:bd:c0:0f:5a:53:
41:a1:6a:1f:50:f8:4b:c0:50:f5:ec:9b:9c:dd:13:2c:76:3b:
ea:bd:37:c9:c9:58:68:58:37:b2:55:30:c5:30:b7:a2:4e:de:
bc:6c:5e:f1:b2:26:c0:1c:72:4d:7b:68:f1:f8:5e:9a:3e:69:
80:fb:6b:9c:79:34:cb:b1:5d:60:2e:61:33:1f:15:90:33:b5:
d5:57:01:6c:ef:16:53:cf:22:75:39:db:de:4f:71:69:9c:9f:
9b:fd:86:4c:20:8e:b4:ac:58:12:b2:32:5d:24:a2:7f:56:8f:
df:22:42:37
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFc0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTU2
REE0QzI3NUYzQ0NDOTJEMDg2MjAyQTFFREE3NzgzRjBDM0QwRDAeFw0yNDAzMTMw
MTIzNTZaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKDZDQzJFRTA4OEEwNThD
OEU1RDAyQzhFRjE4MEQ3Q0Y1QUEzQ0ZEOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT3TlHl49ncyWDj0FLZc2Ck2EnZIqnRuQA53mmVszeWl85+rk/
U+Ivgl2EUj+I50p0WeL7oCWl02t1wyxvGHQTuUdhdIeu/YCYZPRG10fVTpA71MGn
Jevhnt5ucSXWurhCe2+CWINLJ7e2Kkh/YiTtrpag2jEytlPE++lFoxcroHuSdiL/
70ikolEkFzJGd6PXff45Jfo3NSQ7/K+s+FZDFdrUd0Nj3Bqy19zB+CIGrUtgTMAD
NCeyC8EzyXrJDKb52Jw9QfR6oRIjk29LyF9TFR3X2FYbP/rQe4iiYY23A67SW/dI
xuhQKYtOb9q9bLAbV/DQ7uE9aKyf1fJg6X4PAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUbMLuCIoFjI5dAsjvGA189ao8/ZMwHwYDVR0jBBgwFoAU5W2kwnXzzMktCGIC
oe2neD8MPQ0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIx
LzVXMmt3blh6ek1rdENHSUNvZTJuZUQ4TVBRMC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNVcya3duWHp6TWt0Q0dJQ29lMm5lRDhNUFEwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIxL2JNTHVDSW9Gakk1ZEFz
anZHQTE4OWFvOF9aTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAbAIUwDQYJKoZIhvcNAQELBQADggEBABLEMEzDfsjsHXCR4luXgMTHyug8A8SZ
+ei5+/ipBD1RZZGyI9dJZED27UKBn0U30YDwOBvSxcA0nWkOhZ/XvrCRTRwZo6az
c7kPWtt74+t60DmAl/8Ibzoeon/hY0YnKy0o1IvbvPTX8GZJ2fUagz/QpvVVeFdk
nXkLEOxrgzDM6/UiyV1LJFlfeVy9wA9aU0Ghah9Q+EvAUPXsm5zdEyx2O+q9N8nJ
WGhYN7JVMMUwt6JO3rxsXvGyJsAcck17aPH4Xpo+aYD7a5x5NMuxXWAuYTMfFZAz
tdVXAWzvFlPPInU5295PcWmcn5v9hkwgjrSsWBKyMl0kon9Wj98iQjc=
-----END CERTIFICATE-----
Generated at Sat Aug 31 01:57:51 2024 by rpki-client on console-ams.rpki-client.org