Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/k2Vh2hbTp1R4i7JeUwgOM-Gbhhw.roa
File: k2Vh2hbTp1R4i7JeUwgOM-Gbhhw.roa (raw, json)
Hash identifier: wV8C10hcfztcOzO4L/qWpuj4EZOVT1vli4Jlylm3nSo=
Subject key identifier: 93:65:61:DA:16:D3:A7:54:78:8B:B2:5E:53:08:0E:33:E1:9B:86:1C
Certificate issuer: /CN=9A5C74AE3F8CD3B679AC56C473F450378591926B
Certificate serial: 14A8
Authority key identifier: 9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/k2Vh2hbTp1R4i7JeUwgOM-Gbhhw.roa
Signing time: Thu 11 Jul 2024 03:25:18 +0000
ROA not before: Thu 11 Jul 2024 03:25:18 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 9391
IP address blocks: 2402:ae00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5288 (0x14a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9A5C74AE3F8CD3B679AC56C473F450378591926B
Validity
Not Before: Jul 11 03:25:18 2024 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=936561DA16D3A754788BB25E53080E33E19B861C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:ed:fb:3d:02:df:19:0e:43:cd:eb:c4:10:f0:
f6:d9:ed:04:17:a0:93:37:5f:ce:88:ab:6e:57:2f:
dc:24:d5:13:8f:70:91:45:85:75:81:d9:43:15:3e:
a2:d4:94:15:19:9f:ea:83:5b:4e:df:95:fc:05:5f:
9b:43:d2:a8:5a:a1:a6:c1:02:56:80:ec:c8:cf:f1:
39:7e:ba:8d:7e:ed:d8:ef:b3:d5:11:23:1b:de:96:
17:b5:f0:e4:fd:06:14:2c:84:cb:56:b3:4f:ef:64:
62:d7:70:eb:d0:09:51:ee:8a:76:ec:1f:aa:35:33:
af:5c:07:e8:97:d1:6d:39:78:e5:e2:2f:ee:f7:f3:
b8:56:e6:7c:27:98:5e:a1:b5:5b:40:37:53:c7:fc:
b9:23:93:c1:e9:ce:d5:66:54:a6:5b:a7:da:d2:cb:
cc:79:7a:23:f8:3d:a7:ff:fd:b2:29:29:e0:79:c6:
0e:f7:f9:fd:b0:bc:83:de:aa:85:5a:d6:ab:8a:d5:
2d:b7:8d:3b:d8:34:a8:95:46:a3:e9:5e:7b:b0:14:
f8:5c:aa:6a:25:01:4c:c4:c0:ff:77:c2:fe:a4:f0:
32:52:54:64:00:34:1b:74:aa:fe:d1:0c:b7:68:59:
fe:08:e2:d6:39:df:5f:84:43:58:34:8e:7d:ed:64:
0b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:65:61:DA:16:D3:A7:54:78:8B:B2:5E:53:08:0E:33:E1:9B:86:1C
X509v3 Authority Key Identifier:
keyid:9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mlx0rj-M07Z5rFbEc_RQN4WRkms.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/k2Vh2hbTp1R4i7JeUwgOM-Gbhhw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:ae00::/32
Signature Algorithm: sha256WithRSAEncryption
98:36:8a:3d:cc:00:57:27:d0:e7:2b:18:a6:b3:27:c9:2d:1d:
ca:17:95:00:b9:99:80:a0:f0:9b:50:28:ee:d9:58:3f:8e:38:
a7:33:ab:72:5e:5d:93:d7:27:6e:13:0c:d2:f6:7c:0a:ff:29:
e9:59:46:04:80:30:35:c8:34:0b:62:9c:78:7d:09:ee:a3:51:
b6:8a:d4:26:67:79:01:c1:70:92:87:46:c0:2c:f4:1c:d4:94:
23:04:4b:31:b9:46:4e:04:58:54:bd:2b:c5:48:9f:b2:af:09:
d7:29:ad:f1:72:36:a0:db:3f:17:e8:50:bd:17:64:0e:09:c5:
be:dc:4c:da:29:7e:4a:9b:7a:56:27:30:c0:1f:15:db:20:9b:
0a:e0:28:2d:d3:32:3d:03:2f:36:d7:4b:7d:9c:81:73:c6:05:
dd:09:60:d3:50:e7:c1:dd:49:5a:43:b4:81:e3:65:c7:2b:59:
cf:9d:5d:bb:1d:25:63:e0:5e:88:85:67:10:7a:d4:45:84:81:
3e:ad:50:e8:df:c8:56:1b:78:98:7a:6b:bb:b4:a3:71:40:24:
11:1e:ea:9d:0b:30:51:74:17:b5:61:6c:2c:be:4b:0d:27:2d:
cc:39:a1:a7:f3:d6:c4:e5:b5:bf:11:34:dd:86:66:09:db:c3:
07:b0:01:72
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFKgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUE1
Qzc0QUUzRjhDRDNCNjc5QUM1NkM0NzNGNDUwMzc4NTkxOTI2QjAeFw0yNDA3MTEw
MzI1MThaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKDkzNjU2MURBMTZEM0E3
NTQ3ODhCQjI1RTUzMDgwRTMzRTE5Qjg2MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD17fs9At8ZDkPN68QQ8PbZ7QQXoJM3X86Iq25XL9wk1ROPcJFF
hXWB2UMVPqLUlBUZn+qDW07flfwFX5tD0qhaoabBAlaA7MjP8Tl+uo1+7djvs9UR
Ixvelhe18OT9BhQshMtWs0/vZGLXcOvQCVHuinbsH6o1M69cB+iX0W05eOXiL+73
87hW5nwnmF6htVtAN1PH/Lkjk8HpztVmVKZbp9rSy8x5eiP4Paf//bIpKeB5xg73
+f2wvIPeqoVa1quK1S23jTvYNKiVRqPpXnuwFPhcqmolAUzEwP93wv6k8DJSVGQA
NBt0qv7RDLdoWf4I4tY531+EQ1g0jn3tZAt/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUk2Vh2hbTp1R4i7JeUwgOM+GbhhwwHwYDVR0jBBgwFoAUmlx0rj+M07Z5rFbE
c/RQN4WRkmswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
bWx4MHJqLU0wN1o1ckZiRWNfUlFONFdSa21zLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9tbHgwcmotTTA3WjVyRmJFY19SUU40V1JrbXMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9rMlZoMmhiVHAxUjRpN0pl
VXdnT00tR2JoaHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
JAKuADANBgkqhkiG9w0BAQsFAAOCAQEAmDaKPcwAVyfQ5ysYprMnyS0dyheVALmZ
gKDwm1Ao7tlYP444pzOrcl5dk9cnbhMM0vZ8Cv8p6VlGBIAwNcg0C2KceH0J7qNR
torUJmd5AcFwkodGwCz0HNSUIwRLMblGTgRYVL0rxUifsq8J1ymt8XI2oNs/F+hQ
vRdkDgnFvtxM2il+Spt6VicwwB8V2yCbCuAoLdMyPQMvNtdLfZyBc8YF3Qlg01Dn
wd1JWkO0geNlxytZz51dux0lY+BeiIVnEHrURYSBPq1Q6N/IVht4mHpru7SjcUAk
ER7qnQswUXQXtWFsLL5LDSctzDmhp/PWxOW1vxE03YZmCdvDB7ABcg==
-----END CERTIFICATE-----
Generated at Wed Sep 4 02:16:58 2024 by rpki-client on console-fra.rpki-client.org