Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/gUWqixsq0T5LmLRKv9-WHeKsp2U.roa
File: gUWqixsq0T5LmLRKv9-WHeKsp2U.roa (raw, json)
Hash identifier: pI8nev1WR7vnZaa5ASvmTYiymRchF4PO5i51njgnyfE=
Subject key identifier: 81:45:AA:8B:1B:2A:D1:3E:4B:98:B4:4A:BF:DF:96:1D:E2:AC:A7:65
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 0FD4
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/gUWqixsq0T5LmLRKv9-WHeKsp2U.roa
Signing time: Thu 25 Apr 2024 10:42:16 +0000
ROA not before: Thu 25 Apr 2024 10:42:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 7018
IP address blocks: 180.223.64.0/21 maxlen: 24
180.223.72.0/21 maxlen: 24
180.223.80.0/21 maxlen: 24
180.223.88.0/21 maxlen: 24
180.223.96.0/21 maxlen: 24
180.223.104.0/21 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4052 (0xfd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Apr 25 10:42:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8145AA8B1B2AD13E4B98B44ABFDF961DE2ACA765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b7:61:2d:8a:40:37:6b:95:bd:7b:53:c0:a2:
05:2c:b7:69:f2:cc:19:5a:cc:5c:a4:1f:fe:6f:80:
f1:82:a4:a7:c9:60:28:d7:cb:d8:95:d0:ed:c7:03:
fb:87:06:63:66:e0:a7:c7:24:8e:b0:49:88:71:ba:
d4:b9:bf:31:44:e2:49:d0:5b:77:99:ec:67:ba:fc:
dc:2c:ea:22:d5:ab:1c:6c:97:1d:1d:0f:7b:2b:e8:
98:3a:f3:0f:cb:5e:72:58:1d:3d:6f:03:1f:8b:ec:
eb:db:54:0b:81:cb:9f:db:14:80:88:15:40:31:e6:
c1:da:cd:a2:15:ac:f0:df:dd:f7:07:35:7d:cc:5c:
e4:8c:bf:5a:73:94:a7:05:cc:8c:dd:5c:85:fd:b1:
6e:4c:a4:4e:9b:a8:13:c3:8c:8e:b5:03:06:9b:0b:
ab:82:ec:a0:91:3c:25:8f:bf:b8:1b:88:ae:ee:64:
12:68:f4:60:a1:0f:6a:f9:db:b5:8d:6a:bd:a2:dc:
f7:ed:b8:eb:b0:aa:f0:c3:74:25:c7:08:b7:38:83:
94:6d:9b:6d:48:60:90:cb:60:73:65:8b:b6:75:38:
d0:69:47:52:2b:1e:b7:5b:96:39:80:0c:a6:ef:48:
cd:12:7f:19:a6:74:b9:66:16:7e:ce:e8:c5:ae:16:
71:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:45:AA:8B:1B:2A:D1:3E:4B:98:B4:4A:BF:DF:96:1D:E2:AC:A7:65
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/gUWqixsq0T5LmLRKv9-WHeKsp2U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.64.0-180.223.111.255
Signature Algorithm: sha256WithRSAEncryption
0a:79:20:39:b3:ff:5b:cb:94:31:9d:b8:6d:c8:cc:eb:3e:2c:
68:7b:dd:d5:c2:79:8a:88:2f:8c:1d:70:45:c9:ec:23:21:26:
af:92:9b:2d:71:28:a8:77:13:a8:fe:53:db:82:6e:68:88:8c:
b9:fa:ed:f8:74:8d:24:e2:d4:13:54:0e:89:46:89:ab:37:93:
1d:88:3f:67:b3:b5:b8:cf:b4:00:2a:79:20:cf:ef:d9:48:e2:
77:29:a3:30:bd:5e:cc:6a:68:db:4e:49:ea:d8:6f:44:13:7e:
51:c0:67:53:8f:dd:ef:5e:20:20:dc:fb:fd:23:ea:53:67:10:
18:20:38:34:70:80:31:0a:06:a8:30:fa:0d:07:46:8d:38:ac:
ce:d0:bb:5d:57:7c:99:74:0d:36:a1:04:b2:dd:c4:c9:c4:c1:
56:fd:fe:a9:99:21:f6:3e:82:ef:76:69:52:b6:92:01:97:c4:
8e:bc:7b:aa:34:e7:53:07:df:a5:55:92:bd:a7:35:ca:d6:72:
fa:61:65:5c:36:5c:71:94:e3:f4:8c:ba:18:13:a0:5e:16:90:
c3:a9:65:d7:4b:d0:5c:7b:06:ac:75:70:93:fd:64:ac:5a:7a:
1e:a3:46:26:6d:c8:01:94:f2:41:82:fa:d9:1c:62:16:07:d5:
a8:8f:49:ca
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egAwIBAgICD9QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDA0MjUx
MDQyMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgxNDVBQThCMUIyQUQx
M0U0Qjk4QjQ0QUJGREY5NjFERTJBQ0E3NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAt2EtikA3a5W9e1PAogUst2nyzBlazFykH/5vgPGCpKfJYCjX
y9iV0O3HA/uHBmNm4KfHJI6wSYhxutS5vzFE4knQW3eZ7Ge6/Nws6iLVqxxslx0d
D3sr6Jg68w/LXnJYHT1vAx+L7OvbVAuBy5/bFICIFUAx5sHazaIVrPDf3fcHNX3M
XOSMv1pzlKcFzIzdXIX9sW5MpE6bqBPDjI61AwabC6uC7KCRPCWPv7gbiK7uZBJo
9GChD2r527WNar2i3PftuOuwqvDDdCXHCLc4g5Rtm21IYJDLYHNli7Z1ONBpR1Ir
HrdbljmADKbvSM0SfxmmdLlmFn7O6MWuFnGnAgMBAAGjggH7MIIB9zAdBgNVHQ4E
FgQUgUWqixsq0T5LmLRKv9+WHeKsp2UwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvZ1VXcWl4c3EwVDVM
bUxSS3Y5LVdIZUtzcDJVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEw
DjAMAwQGtN9AAwQEtN9gMA0GCSqGSIb3DQEBCwUAA4IBAQAKeSA5s/9by5Qxnbht
yMzrPixoe93VwnmKiC+MHXBFyewjISavkpstcSiodxOo/lPbgm5oiIy5+u34dI0k
4tQTVA6JRomrN5MdiD9ns7W4z7QAKnkgz+/ZSOJ3KaMwvV7MamjbTknq2G9EE35R
wGdTj93vXiAg3Pv9I+pTZxAYIDg0cIAxCgaoMPoNB0aNOKzO0LtdV3yZdA02oQSy
3cTJxMFW/f6pmSH2PoLvdmlStpIBl8SOvHuqNOdTB9+lVZK9pzXK1nL6YWVcNlxx
lOP0jLoYE6BeFpDDqWXXS9BcewasdXCT/WSsWnoeo0YmbcgBlPJBgvrZHGIWB9Wo
j0nK
-----END CERTIFICATE-----
Generated at Sat May 17 19:38:53 2025 by rpki-client