Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/WQZ_ehKPTPMXyLov2y7qiReySdk.roa
File: WQZ_ehKPTPMXyLov2y7qiReySdk.roa (raw, json)
Hash identifier: iVSIHXarht7v4BUsrDj/pE6PpKcZ/EnHe3ol5VSjY6E=
Subject key identifier: 59:06:7F:7A:12:8F:4C:F3:17:C8:BA:2F:DB:2E:EA:89:17:B2:49:D9
Certificate issuer: /CN=9A5C74AE3F8CD3B679AC56C473F450378591926B
Certificate serial: 14A4
Authority key identifier: 9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/WQZ_ehKPTPMXyLov2y7qiReySdk.roa
Signing time: Thu 11 Jul 2024 03:24:00 +0000
ROA not before: Thu 11 Jul 2024 03:24:00 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 9391
IP address blocks: 211.156.224.0/20 maxlen: 20
218.97.224.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5284 (0x14a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9A5C74AE3F8CD3B679AC56C473F450378591926B
Validity
Not Before: Jul 11 03:24:00 2024 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=59067F7A128F4CF317C8BA2FDB2EEA8917B249D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:90:dc:4e:cf:1c:d6:36:53:2a:9b:e7:60:8d:
05:97:e1:6f:c0:10:b5:e3:f6:c5:e4:eb:f3:21:bc:
d5:67:c0:5d:38:8b:14:97:46:a6:71:78:b4:a0:cd:
e5:46:84:64:bb:0e:b5:02:2d:21:a3:5d:be:50:e3:
da:2b:f4:f8:c5:79:28:95:ed:4a:10:2a:dc:cd:f4:
d0:da:97:1d:f5:1b:6f:7a:e8:7e:a3:28:b7:8b:ab:
37:bc:06:a7:e0:93:73:09:d0:ae:cb:76:c3:f7:13:
ea:90:f8:1b:f0:8f:5c:08:56:88:d8:2d:ac:0f:0e:
af:53:7e:bf:b1:a9:f4:4c:e3:d1:bf:f1:9d:61:3b:
48:38:01:80:00:68:e5:a0:f2:d9:57:95:2c:68:75:
23:3f:91:14:6c:9b:a6:f3:5b:4e:05:bf:92:18:37:
d9:af:71:f1:78:7a:4e:4e:84:a2:e4:13:21:73:8b:
fe:2f:e0:46:4f:1a:46:a2:d2:1a:36:8e:7a:e9:e1:
d5:c1:c7:bd:cd:42:86:53:38:f7:7f:0b:bb:da:52:
80:ec:96:52:4a:48:c0:88:1a:f9:92:fb:8a:e2:d8:
b4:e1:39:83:b0:81:ca:55:97:d9:45:7e:ec:91:23:
25:be:11:4b:fa:ba:ea:de:c7:48:9d:ec:50:b9:8b:
5b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:06:7F:7A:12:8F:4C:F3:17:C8:BA:2F:DB:2E:EA:89:17:B2:49:D9
X509v3 Authority Key Identifier:
keyid:9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mlx0rj-M07Z5rFbEc_RQN4WRkms.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/WQZ_ehKPTPMXyLov2y7qiReySdk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.156.224.0/20
218.97.224.0/20
Signature Algorithm: sha256WithRSAEncryption
3f:24:29:e1:f5:9a:e6:5c:03:a0:e1:38:ce:6c:dd:67:91:a7:
3a:ea:d8:4a:ef:ce:03:d5:1e:48:cf:dc:79:3b:41:0a:d1:b2:
4a:93:e1:48:33:1b:7a:64:75:3a:41:e8:04:2c:1a:c9:67:10:
57:c9:01:10:50:03:88:2f:e6:27:79:ae:e1:ea:54:85:0c:2c:
4f:f9:b7:6b:5a:20:a7:61:9d:05:98:a6:68:65:a0:a0:20:61:
ca:d2:a5:2f:3c:a8:2e:0b:76:c3:4e:5d:af:12:5e:f9:55:43:
30:46:6d:18:49:b2:54:95:2a:ee:0e:db:a0:ba:d8:23:c3:52:
c7:ac:31:40:45:f7:f6:fc:dc:31:ae:b8:f1:12:c6:2d:73:a6:
d5:cd:e5:a6:2d:b0:a6:fa:e8:9d:c5:90:77:e6:54:e5:9f:6d:
8f:5d:0c:ba:ab:d6:21:2c:ae:00:03:2f:fd:58:5a:4e:44:fe:
77:28:41:ab:a6:54:6e:3d:ae:80:1d:8c:66:08:4d:e0:8e:f5:
1d:27:02:46:ca:3c:91:56:62:6e:f4:40:44:ee:81:cc:71:ae:
06:ec:eb:60:e6:58:98:ea:01:ef:85:d5:c1:a5:9e:20:80:f7:
d9:dc:5a:59:40:62:84:f2:50:00:ac:b6:1e:5e:36:53:ee:4f:
8d:ab:7e:fd
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgICFKQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUE1
Qzc0QUUzRjhDRDNCNjc5QUM1NkM0NzNGNDUwMzc4NTkxOTI2QjAeFw0yNDA3MTEw
MzI0MDBaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKDU5MDY3RjdBMTI4RjRD
RjMxN0M4QkEyRkRCMkVFQTg5MTdCMjQ5RDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmkNxOzxzWNlMqm+dgjQWX4W/AELXj9sXk6/MhvNVnwF04ixSX
RqZxeLSgzeVGhGS7DrUCLSGjXb5Q49or9PjFeSiV7UoQKtzN9NDalx31G2966H6j
KLeLqze8Bqfgk3MJ0K7LdsP3E+qQ+Bvwj1wIVojYLawPDq9Tfr+xqfRM49G/8Z1h
O0g4AYAAaOWg8tlXlSxodSM/kRRsm6bzW04Fv5IYN9mvcfF4ek5OhKLkEyFzi/4v
4EZPGkai0ho2jnrp4dXBx73NQoZTOPd/C7vaUoDsllJKSMCIGvmS+4ri2LThOYOw
gcpVl9lFfuyRIyW+EUv6uurex0id7FC5i1sbAgMBAAGjggH1MIIB8TAdBgNVHQ4E
FgQUWQZ/ehKPTPMXyLov2y7qiReySdkwHwYDVR0jBBgwFoAUmlx0rj+M07Z5rFbE
c/RQN4WRkmswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
bWx4MHJqLU0wN1o1ckZiRWNfUlFONFdSa21zLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9tbHgwcmotTTA3WjVyRmJFY19SUU40V1JrbXMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9XUVpfZWhLUFRQTVh5TG92
Mnk3cWlSZXlTZGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQE
05zgAwQE2mHgMA0GCSqGSIb3DQEBCwUAA4IBAQA/JCnh9ZrmXAOg4TjObN1nkac6
6thK784D1R5Iz9x5O0EK0bJKk+FIMxt6ZHU6QegELBrJZxBXyQEQUAOIL+Ynea7h
6lSFDCxP+bdrWiCnYZ0FmKZoZaCgIGHK0qUvPKguC3bDTl2vEl75VUMwRm0YSbJU
lSruDtugutgjw1LHrDFARff2/NwxrrjxEsYtc6bVzeWmLbCm+uidxZB35lTln22P
XQy6q9YhLK4AAy/9WFpORP53KEGrplRuPa6AHYxmCE3gjvUdJwJGyjyRVmJu9EBE
7oHMca4G7Otg5liY6gHvhdXBpZ4ggPfZ3FpZQGKE8lAArLYeXjZT7k+Nq379
-----END CERTIFICATE-----
Generated at Wed Sep 4 03:33:39 2024 by rpki-client on console-ams.rpki-client.org