Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/tjqAzYlz99lsd22lp75zHaKJ2Hs.roa
File: tjqAzYlz99lsd22lp75zHaKJ2Hs.roa (raw, json)
Hash identifier: 3Q9xS6yWj7Gsfk09FY3TQO696/BF21/1v6ao8lFUe1w=
Subject key identifier: B6:3A:80:CD:89:73:F7:D9:6C:77:6D:A5:A7:BE:73:1D:A2:89:D8:7B
Certificate issuer: /CN=9A5C74AE3F8CD3B679AC56C473F450378591926B
Certificate serial: 14A6
Authority key identifier: 9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tjqAzYlz99lsd22lp75zHaKJ2Hs.roa
Signing time: Thu 11 Jul 2024 03:24:01 +0000
ROA not before: Thu 11 Jul 2024 03:24:01 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 9391
IP address blocks: 124.29.0.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5286 (0x14a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9A5C74AE3F8CD3B679AC56C473F450378591926B
Validity
Not Before: Jul 11 03:24:01 2024 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=B63A80CD8973F7D96C776DA5A7BE731DA289D87B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fb:77:53:f7:a0:9a:ee:f1:99:12:44:dc:2e:
f8:a6:73:62:ae:02:29:b9:08:80:93:02:19:3a:55:
89:d9:3a:8b:ae:9d:15:17:2e:e7:29:ab:4d:5a:e6:
42:87:9e:82:de:6e:8a:c0:bc:da:8c:0d:83:26:e9:
ba:54:36:16:56:4f:fc:6b:9d:94:aa:b6:e5:3e:7c:
68:52:f9:b5:08:f2:03:a1:46:9e:e0:03:c2:62:6b:
d7:36:de:0c:8e:ae:7e:cc:07:2e:58:65:4a:5b:7c:
4b:20:07:4e:bc:6f:f7:5a:47:55:1f:d1:58:14:f0:
ca:48:7d:28:4b:0f:7e:7b:4d:08:82:62:13:c7:ef:
fd:3c:b0:a5:6b:45:5d:c4:f8:90:1e:cb:36:89:5a:
3c:9a:36:74:a5:9d:25:86:22:21:0a:c8:7b:cc:0b:
fb:1e:d1:1f:c6:79:46:22:c5:4a:88:50:2e:99:55:
bc:c6:77:20:0e:de:e9:55:7e:dc:b7:e2:52:3c:ae:
c0:7d:03:54:f1:bf:52:dd:ca:4c:cd:c1:97:08:a1:
3d:42:7e:d5:7a:eb:c6:49:12:cc:b9:51:f1:a9:90:
3a:1b:54:57:5f:df:44:78:77:7d:ca:c2:f9:8a:8d:
e0:f2:3b:36:9f:fa:1f:0b:0c:2e:40:82:56:10:36:
fa:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:3A:80:CD:89:73:F7:D9:6C:77:6D:A5:A7:BE:73:1D:A2:89:D8:7B
X509v3 Authority Key Identifier:
keyid:9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mlx0rj-M07Z5rFbEc_RQN4WRkms.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tjqAzYlz99lsd22lp75zHaKJ2Hs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.29.0.0/17
Signature Algorithm: sha256WithRSAEncryption
6b:ec:94:92:bf:11:95:be:fa:58:95:fb:46:36:bc:6e:ff:7d:
78:94:a9:80:6a:9d:f6:f8:8d:a6:56:82:f7:9b:4b:f6:80:2f:
53:42:af:f5:b3:05:8c:c6:7b:6a:1e:9e:f7:82:3f:cd:6f:91:
d0:41:ef:5f:03:92:10:64:10:c0:02:17:f4:8d:aa:4c:7d:2e:
59:69:70:0e:16:bd:69:91:43:55:5e:e8:26:47:e1:45:aa:cc:
ff:66:2b:99:84:ab:b7:91:01:1f:20:c4:d5:a1:4d:ab:93:bf:
9a:b3:c3:16:ab:f5:17:1d:f2:06:eb:46:0f:b4:8c:23:36:ee:
f1:a9:6f:2f:fe:47:0d:02:67:24:b8:dd:14:4e:55:02:41:91:
6e:57:52:54:6a:9b:ff:6c:41:ce:47:c1:12:23:8e:5d:d4:c2:
17:c7:59:94:75:e7:25:89:df:2d:22:ae:67:52:4f:42:43:a6:
06:d1:94:8d:08:8c:58:23:93:b8:51:d5:65:92:d7:0b:06:88:
5f:6b:f7:12:c2:57:f3:5a:2f:9c:b5:4b:ec:ce:a0:4b:b0:d2:
7c:45:3c:ce:c3:ed:b6:6f:d2:fe:a5:5e:d0:bb:e1:75:05:6f:
ee:73:f3:23:f1:4c:5b:c7:c4:02:31:d5:48:cf:2a:fb:ba:61:
63:dd:73:73
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICFKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUE1
Qzc0QUUzRjhDRDNCNjc5QUM1NkM0NzNGNDUwMzc4NTkxOTI2QjAeFw0yNDA3MTEw
MzI0MDFaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKEI2M0E4MENEODk3M0Y3
RDk2Qzc3NkRBNUE3QkU3MzFEQTI4OUQ4N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCg+3dT96Ca7vGZEkTcLvimc2KuAim5CICTAhk6VYnZOouunRUX
Lucpq01a5kKHnoLeborAvNqMDYMm6bpUNhZWT/xrnZSqtuU+fGhS+bUI8gOhRp7g
A8Jia9c23gyOrn7MBy5YZUpbfEsgB068b/daR1Uf0VgU8MpIfShLD357TQiCYhPH
7/08sKVrRV3E+JAeyzaJWjyaNnSlnSWGIiEKyHvMC/se0R/GeUYixUqIUC6ZVbzG
dyAO3ulVfty34lI8rsB9A1Txv1LdykzNwZcIoT1CftV668ZJEsy5UfGpkDobVFdf
30R4d33KwvmKjeDyOzaf+h8LDC5AglYQNvrfAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUtjqAzYlz99lsd22lp75zHaKJ2HswHwYDVR0jBBgwFoAUmlx0rj+M07Z5rFbE
c/RQN4WRkmswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
bWx4MHJqLU0wN1o1ckZiRWNfUlFONFdSa21zLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9tbHgwcmotTTA3WjVyRmJFY19SUU40V1JrbXMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni90anFBellsejk5bHNkMjJs
cDc1ekhhS0oySHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH
fB0AMA0GCSqGSIb3DQEBCwUAA4IBAQBr7JSSvxGVvvpYlftGNrxu/314lKmAap32
+I2mVoL3m0v2gC9TQq/1swWMxntqHp73gj/Nb5HQQe9fA5IQZBDAAhf0japMfS5Z
aXAOFr1pkUNVXugmR+FFqsz/ZiuZhKu3kQEfIMTVoU2rk7+as8MWq/UXHfIG60YP
tIwjNu7xqW8v/kcNAmckuN0UTlUCQZFuV1JUapv/bEHOR8ESI45d1MIXx1mUdecl
id8tIq5nUk9CQ6YG0ZSNCIxYI5O4UdVlktcLBohfa/cSwlfzWi+ctUvszqBLsNJ8
RTzOw+22b9L+pV7Qu+F1BW/uc/Mj8Uxbx8QCMdVIzyr7umFj3XNz
-----END CERTIFICATE-----
Generated at Wed Sep 4 02:16:58 2024 by rpki-client on console-fra.rpki-client.org