Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1108677435395670037/1/AS23724.roa
File: AS23724.roa (raw, json)
Hash identifier: JNw3gmBXj10Ma6OX0dfnotuXirnfdeZgLErqyBLrKM4=
Subject key identifier: F7:70:30:56:57:7E:FE:21:EC:EE:7E:8E:DA:A8:89:1F:32:2F:BC:CA
Certificate issuer: /CN=9FF679A48BDAB5820137C251333CE831F275BD8C
Certificate serial: 1D3FD0DBEA6DCE81E521CD8FAA40587DD61774E7
Authority key identifier: 9F:F6:79:A4:8B:DA:B5:82:01:37:C2:51:33:3C:E8:31:F2:75:BD:8C
Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9FF679A48BDAB5820137C251333CE831F275BD8C.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1108677435395670037/1/AS23724.roa
Signing time: Wed 27 May 2026 08:45:23 +0000
ROA not before: Wed 27 May 2026 08:40:23 +0000
ROA not after: Wed 26 May 2027 08:45:23 +0000
asID: 23724
IP address blocks: 117.107.128.0/19 maxlen: 19
117.107.160.0/19 maxlen: 19
117.107.192.0/19 maxlen: 19
117.107.224.0/19 maxlen: 19
117.118.128.0/19 maxlen: 19
117.118.160.0/19 maxlen: 19
117.118.192.0/19 maxlen: 19
117.118.224.0/19 maxlen: 19
118.102.16.0/22 maxlen: 22
118.102.20.0/22 maxlen: 22
118.102.24.0/22 maxlen: 22
118.102.28.0/23 maxlen: 23
118.102.30.0/23 maxlen: 23
119.253.32.0/19 maxlen: 19
119.253.64.0/19 maxlen: 19
119.254.0.0/17 maxlen: 17
119.254.0.0/20 maxlen: 20
119.254.32.0/21 maxlen: 21
119.254.56.0/21 maxlen: 21
119.254.64.0/19 maxlen: 19
119.254.128.0/17 maxlen: 17
119.254.224.0/20 maxlen: 20
119.255.128.0/20 maxlen: 20
119.255.144.0/20 maxlen: 20
119.255.160.0/20 maxlen: 20
119.255.176.0/20 maxlen: 20
119.255.192.0/20 maxlen: 20
119.255.208.0/20 maxlen: 20
119.255.224.0/20 maxlen: 20
119.255.240.0/20 maxlen: 20
124.42.0.0/22 maxlen: 22
124.42.4.0/22 maxlen: 22
124.42.8.0/21 maxlen: 21
124.42.16.0/22 maxlen: 22
124.42.20.0/22 maxlen: 22
124.42.24.0/22 maxlen: 22
124.42.28.0/22 maxlen: 22
124.42.32.0/21 maxlen: 21
124.42.40.0/21 maxlen: 21
124.42.48.0/21 maxlen: 21
124.42.56.0/21 maxlen: 21
203.86.64.0/22 maxlen: 22
203.86.68.0/22 maxlen: 22
203.86.72.0/22 maxlen: 22
203.86.76.0/22 maxlen: 22
203.86.80.0/22 maxlen: 22
203.86.84.0/22 maxlen: 22
203.86.88.0/22 maxlen: 22
203.86.92.0/22 maxlen: 22
203.187.160.0/22 maxlen: 22
203.187.164.0/22 maxlen: 22
203.187.168.0/22 maxlen: 22
203.187.172.0/22 maxlen: 22
203.187.176.0/22 maxlen: 22
203.187.180.0/22 maxlen: 22
203.187.184.0/22 maxlen: 22
203.187.188.0/22 maxlen: 22
218.97.240.0/22 maxlen: 22
218.97.244.0/22 maxlen: 22
218.97.248.0/22 maxlen: 22
218.97.252.0/22 maxlen: 22
220.231.32.0/21 maxlen: 21
220.231.40.0/21 maxlen: 21
240a:2001:1811::/48 maxlen: 48
240a:2001:1861::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1108677435395670037/1/9FF679A48BDAB5820137C251333CE831F275BD8C.crl
rsync://rpki-rps.cnnic.cn/repo/A1108677435395670037/1/9FF679A48BDAB5820137C251333CE831F275BD8C.mft
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9FF679A48BDAB5820137C251333CE831F275BD8C.cer
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 May 2026 15:28:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:3f:d0:db:ea:6d:ce:81:e5:21:cd:8f:aa:40:58:7d:d6:17:74:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9FF679A48BDAB5820137C251333CE831F275BD8C
Validity
Not Before: May 27 08:40:23 2026 GMT
Not After : May 26 08:45:23 2027 GMT
Subject: CN=F7703056577EFE21ECEE7E8EDAA8891F322FBCCA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:22:1e:1c:16:c2:72:25:b9:3b:66:f1:ae:b5:
9a:cf:8f:fe:85:78:a6:ff:c9:a0:8b:6b:86:8b:34:
c6:76:d2:60:59:74:c0:45:77:c4:25:8d:b9:ef:e9:
c2:2d:d4:ce:05:64:bb:72:a7:cf:30:02:35:e2:d9:
1a:e3:00:83:8b:5b:a9:ff:1b:19:0f:23:55:51:69:
4e:c0:25:33:0e:71:66:cf:71:91:e5:65:df:88:04:
a6:0e:c4:e5:a6:2b:52:25:29:5e:51:b6:51:9a:9c:
8e:f1:66:1b:83:23:d8:f0:a3:a3:0c:02:5e:f4:09:
7d:f3:06:d6:82:96:11:16:2e:4c:c7:36:1b:34:c0:
d0:dd:fd:b5:35:83:93:ea:62:42:f7:7d:e7:f0:76:
2e:a4:97:37:1e:13:7e:ec:9d:42:90:8c:ee:fb:8f:
6c:61:a7:72:1e:e7:b2:e7:83:2e:50:78:48:bf:4d:
83:80:97:f9:08:a1:a0:6f:bc:60:f3:99:a2:78:95:
e4:a0:0b:af:92:a6:e8:da:ad:36:b3:e0:2e:93:03:
35:97:b7:79:95:ef:15:8b:1a:6a:94:79:bb:3f:0f:
a2:a2:6e:dc:90:dc:7e:7b:a6:c3:86:a8:71:7d:80:
a6:c6:27:39:5e:27:db:11:6f:c0:93:bc:99:e4:e9:
56:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:70:30:56:57:7E:FE:21:EC:EE:7E:8E:DA:A8:89:1F:32:2F:BC:CA
X509v3 Authority Key Identifier:
keyid:9F:F6:79:A4:8B:DA:B5:82:01:37:C2:51:33:3C:E8:31:F2:75:BD:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1108677435395670037/1/9FF679A48BDAB5820137C251333CE831F275BD8C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9FF679A48BDAB5820137C251333CE831F275BD8C.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1108677435395670037/1/AS23724.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
117.107.128.0/17
117.118.128.0/17
118.102.16.0/20
119.253.32.0-119.253.95.255
119.254.0.0/16
119.255.128.0/17
124.42.0.0/18
203.86.64.0/19
203.187.160.0/19
218.97.240.0/20
220.231.32.0/20
IPv6:
240a:2001:1811::/48
240a:2001:1861::/48
Signature Algorithm: sha256WithRSAEncryption
6d:f3:fc:c5:33:8f:e1:bc:3e:6c:ef:4c:5b:c6:9b:ec:7c:b6:
b6:b8:75:83:9a:f0:6f:b9:65:8d:ce:b6:04:66:a5:ac:a3:21:
ea:12:ca:06:ca:c5:1e:03:d4:da:d8:5d:9d:b5:05:52:a2:92:
dc:0a:4f:2c:aa:d9:19:43:14:6a:d6:e6:34:c0:3a:a1:a5:0a:
ea:89:28:98:1b:4d:66:1e:48:0a:28:41:c2:68:b4:6c:9c:ab:
90:55:bf:5a:89:51:ef:46:29:0e:59:af:75:b1:64:c0:c1:ef:
07:42:5c:0e:f6:1e:68:44:70:69:db:9b:59:f0:57:05:35:23:
f1:21:89:d4:56:7e:90:f2:80:14:19:ec:31:d2:5a:1d:ee:ee:
4f:d7:cd:e2:3a:6c:b6:fa:c8:5d:a4:97:9c:9a:3c:8c:37:cb:
9f:7d:de:c0:84:47:c1:29:56:9c:67:62:f5:58:c8:9f:11:91:
df:6e:02:d3:09:fd:56:5c:47:21:50:b7:a2:b1:69:bb:df:10:
a0:64:c8:fd:c3:5b:fa:e7:13:98:e1:7c:a3:5a:02:00:c8:f5:
a1:09:fe:c4:8d:21:e6:19:f5:23:ef:91:54:38:0b:a0:6d:91:
58:26:35:0f:50:87:b1:ef:69:21:21:39:96:88:aa:c9:32:ba:
c5:72:d5:f8
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUHT/Q2+ptzoHlIc2PqkBYfdYXdOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUZGNjc5QTQ4QkRBQjU4MjAxMzdDMjUxMzMzQ0U4MzFG
Mjc1QkQ4QzAeFw0yNjA1MjcwODQwMjNaFw0yNzA1MjYwODQ1MjNaMDMxMTAvBgNV
BAMTKEY3NzAzMDU2NTc3RUZFMjFFQ0VFN0U4RURBQTg4OTFGMzIyRkJDQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKIh4cFsJyJbk7ZvGutZrPj/6F
eKb/yaCLa4aLNMZ20mBZdMBFd8Qljbnv6cIt1M4FZLtyp88wAjXi2RrjAIOLW6n/
GxkPI1VRaU7AJTMOcWbPcZHlZd+IBKYOxOWmK1IlKV5RtlGanI7xZhuDI9jwo6MM
Al70CX3zBtaClhEWLkzHNhs0wNDd/bU1g5PqYkL3fefwdi6klzceE37snUKQjO77
j2xhp3Ie57Lngy5QeEi/TYOAl/kIoaBvvGDzmaJ4leSgC6+SpujarTaz4C6TAzWX
t3mV7xWLGmqUebs/D6KibtyQ3H57psOGqHF9gKbGJzleJ9sRb8CTvJnk6Vb5AgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQU93AwVld+/iHs7n6O2qiJHzIvvMowHwYDVR0j
BBgwFoAUn/Z5pIvatYIBN8JRMzzoMfJ1vYwwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud
HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTEw
ODY3NzQzNTM5NTY3MDAzNy8xLzlGRjY3OUE0OEJEQUI1ODIwMTM3QzI1MTMzM0NF
ODMxRjI3NUJEOEMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5
bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1
LzEvOUZGNjc5QTQ4QkRBQjU4MjAxMzdDMjUxMzMzQ0U4MzFGMjc1QkQ4Qy5jZXIw
XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu
bmljLmNuL3JlcG8vQTExMDg2Nzc0MzUzOTU2NzAwMzcvMS9BUzIzNzI0LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBPBAIA
ATBJAwQHdWuAAwQHdXaAAwQEdmYQMAwDBAV3/SADBAV3/UADAwB3/gMEB3f/gAME
BnwqAAMEBctWQAMEBcu7oAMEBNph8AMEBNznIDAYBAIAAjASAwcAJAogARgRAwcA
JAogARhhMA0GCSqGSIb3DQEBCwUAA4IBAQBt8/zFM4/hvD5s70xbxpvsfLa2uHWD
mvBvuWWNzrYEZqWsoyHqEsoGysUeA9Ta2F2dtQVSopLcCk8sqtkZQxRq1uY0wDqh
pQrqiSiYG01mHkgKKEHCaLRsnKuQVb9aiVHvRikOWa91sWTAwe8HQlwO9h5oRHBp
25tZ8FcFNSPxIYnUVn6Q8oAUGewx0lod7u5P183iOmy2+shdpJecmjyMN8uffd7A
hEfBKVacZ2L1WMifEZHfbgLTCf1WXEchULeisWm73xCgZMj9w1v65xOY4XyjWgIA
yPWhCf7EjSHmGfUj75FUOAugbZFYJjUPUIex72khITmWiKrJMrrFctX4
-----END CERTIFICATE-----
Generated at Fri May 29 23:48:41 2026 by rpki-client