Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/z3Q7MjSdF4hTYbL4TAwdy8xgnQM.roa
File: z3Q7MjSdF4hTYbL4TAwdy8xgnQM.roa (raw, json)
Hash identifier: 1c2zFDZ6s/chDNEQ4ZMc8BcCE8L6KPbxX2SRGYKLSe0=
Subject key identifier: CF:74:3B:32:34:9D:17:88:53:61:B2:F8:4C:0C:1D:CB:CC:60:9D:03
Certificate issuer: /CN=9A5C74AE3F8CD3B679AC56C473F450378591926B
Certificate serial: 14A5
Authority key identifier: 9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/z3Q7MjSdF4hTYbL4TAwdy8xgnQM.roa
Signing time: Thu 11 Jul 2024 03:24:00 +0000
ROA not before: Thu 11 Jul 2024 03:24:00 +0000
ROA not after: Sat 10 Aug 2024 07:41:13 +0000
asID: 9391
IP address blocks: 203.118.192.0/19 maxlen: 19
210.77.96.0/19 maxlen: 19
210.78.64.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5285 (0x14a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9A5C74AE3F8CD3B679AC56C473F450378591926B
Validity
Not Before: Jul 11 03:24:00 2024 GMT
Not After : Aug 10 07:41:13 2024 GMT
Subject: CN=CF743B32349D17885361B2F84C0C1DCBCC609D03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ab:70:cc:fe:d4:ac:e6:fc:d8:a6:71:6a:58:
f9:49:4a:fe:10:68:ce:a7:e4:5c:29:92:57:e1:52:
ff:ee:d5:49:d7:4b:3d:f0:96:85:3d:7d:9f:bf:e1:
80:62:1e:fb:24:26:a1:07:df:78:a2:06:e9:3c:cf:
37:d7:59:3b:cb:cf:29:f0:64:e8:05:e7:4e:8b:70:
1b:bc:a5:23:3b:3e:b0:45:73:22:f8:59:f5:b6:f3:
d9:4a:11:d2:35:77:32:6e:fc:f4:ad:9c:5b:7b:fb:
02:86:e9:00:29:00:0d:5d:fb:3c:b4:08:fb:45:2e:
fb:5b:42:bf:7f:92:b0:f6:13:7d:e8:80:fa:3c:b3:
28:db:75:e7:93:2f:c1:1f:9a:2b:19:3d:9d:66:d8:
93:13:b8:41:03:fa:d4:31:76:16:2f:4b:b5:17:9c:
95:7e:aa:3c:07:ab:d4:44:ac:d6:54:79:d6:43:cb:
20:c0:0a:16:d3:a8:fc:45:ec:ed:10:9c:d2:73:ed:
1f:ff:6e:a2:7d:f6:66:b0:3f:a0:2f:71:a4:18:e0:
7b:79:06:21:4c:00:b8:18:07:f9:cb:7d:56:b7:6e:
db:d7:f4:8e:19:cc:c7:79:af:a8:aa:a2:9f:e1:f8:
c0:12:0d:a2:85:81:c3:ae:da:59:e1:2b:fc:be:2e:
a0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:74:3B:32:34:9D:17:88:53:61:B2:F8:4C:0C:1D:CB:CC:60:9D:03
X509v3 Authority Key Identifier:
keyid:9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mlx0rj-M07Z5rFbEc_RQN4WRkms.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/z3Q7MjSdF4hTYbL4TAwdy8xgnQM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.118.192.0/19
210.77.96.0/19
210.78.64.0/19
Signature Algorithm: sha256WithRSAEncryption
03:75:42:1f:da:f2:b0:4c:e0:97:a3:cf:61:8a:fe:83:d7:5f:
82:34:dd:85:ea:31:58:81:83:89:b6:e9:d7:55:1a:40:bd:28:
48:2c:83:12:75:8f:e2:e7:03:3b:65:af:7e:4d:5a:76:b1:7b:
4b:fb:20:2c:cd:99:11:1a:d4:f3:66:2c:36:a7:87:f3:22:dd:
74:d7:68:c0:66:48:8b:dc:5f:f6:23:16:74:37:d3:d3:97:1e:
30:85:dd:fa:86:1f:48:b0:5c:50:d5:bb:68:0f:8c:13:6b:2f:
d2:66:e0:a4:56:59:e8:20:cd:ed:b4:6f:0e:9c:1a:ed:76:38:
4d:23:6b:f7:91:41:5a:98:05:80:dc:01:2d:11:9d:fd:d3:a9:
10:a2:23:b6:4a:eb:33:bf:63:a6:bb:5c:59:43:d2:80:e0:c6:
03:3e:fd:e5:74:66:51:c8:50:4f:bd:c3:1a:32:e3:21:57:75:
4c:3f:48:0a:7a:eb:a9:97:91:f2:df:c8:9a:5b:21:62:7d:60:
52:50:9f:be:0d:3e:cd:16:3a:4f:5f:be:d2:ba:83:e1:d9:09:
25:18:8a:19:f8:54:78:b9:c1:70:e9:14:5f:03:b7:85:bb:0d:
ef:23:5a:93:c2:25:ee:60:8b:8b:aa:24:e1:a4:58:24:76:6f:
05:ff:00:3d
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egAwIBAgICFKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUE1
Qzc0QUUzRjhDRDNCNjc5QUM1NkM0NzNGNDUwMzc4NTkxOTI2QjAeFw0yNDA3MTEw
MzI0MDBaFw0yNDA4MTAwNzQxMTNaMDMxMTAvBgNVBAMTKENGNzQzQjMyMzQ5RDE3
ODg1MzYxQjJGODRDMEMxRENCQ0M2MDlEMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAq3DM/tSs5vzYpnFqWPlJSv4QaM6n5FwpklfhUv/u1UnXSz3w
loU9fZ+/4YBiHvskJqEH33iiBuk8zzfXWTvLzynwZOgF506LcBu8pSM7PrBFcyL4
WfW289lKEdI1dzJu/PStnFt7+wKG6QApAA1d+zy0CPtFLvtbQr9/krD2E33ogPo8
syjbdeeTL8EfmisZPZ1m2JMTuEED+tQxdhYvS7UXnJV+qjwHq9RErNZUedZDyyDA
ChbTqPxF7O0QnNJz7R//bqJ99mawP6AvcaQY4Ht5BiFMALgYB/nLfVa3btvX9I4Z
zMd5r6iqop/h+MASDaKFgcOu2lnhK/y+LqAvAgMBAAGjggH7MIIB9zAdBgNVHQ4E
FgQUz3Q7MjSdF4hTYbL4TAwdy8xgnQMwHwYDVR0jBBgwFoAUmlx0rj+M07Z5rFbE
c/RQN4WRkmswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
bWx4MHJqLU0wN1o1ckZiRWNfUlFONFdSa21zLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9tbHgwcmotTTA3WjVyRmJFY19SUU40V1JrbXMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni96M1E3TWpTZEY0aFRZYkw0
VEF3ZHk4eGduUU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQF
y3bAAwQF0k1gAwQF0k5AMA0GCSqGSIb3DQEBCwUAA4IBAQADdUIf2vKwTOCXo89h
iv6D11+CNN2F6jFYgYOJtunXVRpAvShILIMSdY/i5wM7Za9+TVp2sXtL+yAszZkR
GtTzZiw2p4fzIt1012jAZkiL3F/2IxZ0N9PTlx4whd36hh9IsFxQ1btoD4wTay/S
ZuCkVlnoIM3ttG8OnBrtdjhNI2v3kUFamAWA3AEtEZ3906kQoiO2Suszv2Omu1xZ
Q9KA4MYDPv3ldGZRyFBPvcMaMuMhV3VMP0gKeuupl5Hy38iaWyFifWBSUJ++DT7N
FjpPX77SuoPh2QklGIoZ+FR4ucFw6RRfA7eFuw3vI1qTwiXuYIuLqiThpFgkdm8F
/wA9
-----END CERTIFICATE-----
Generated at Wed Sep 4 03:33:39 2024 by rpki-client on console-ams.rpki-client.org