Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1108677435395670037/1/AS23844.roa
File: AS23844.roa (raw, json)
Hash identifier: XWuWQzQzWF4m8rnsu7wvf249StKjXOQSZf2Pgb85QEY=
Subject key identifier: E2:6C:1B:38:D6:AA:15:CC:8D:1C:0D:21:16:AA:9D:3B:98:1D:56:32
Certificate issuer: /CN=9FF679A48BDAB5820137C251333CE831F275BD8C
Certificate serial: 712E4F596F7BB09CC2B0E95A0D91CD82C27D1E3E
Authority key identifier: 9F:F6:79:A4:8B:DA:B5:82:01:37:C2:51:33:3C:E8:31:F2:75:BD:8C
Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9FF679A48BDAB5820137C251333CE831F275BD8C.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1108677435395670037/1/AS23844.roa
Signing time: Wed 27 May 2026 08:46:31 +0000
ROA not before: Wed 27 May 2026 08:41:31 +0000
ROA not after: Wed 26 May 2027 08:46:31 +0000
asID: 23844
IP address blocks: 118.102.16.0/24 maxlen: 24
118.102.22.0/23 maxlen: 23
118.102.22.0/24 maxlen: 24
118.102.23.0/24 maxlen: 24
118.102.24.0/22 maxlen: 22
118.102.28.0/24 maxlen: 24
119.253.0.0/20 maxlen: 20
119.253.0.0/21 maxlen: 21
119.253.8.0/21 maxlen: 21
119.253.48.0/21 maxlen: 21
119.253.48.0/22 maxlen: 22
119.253.52.0/22 maxlen: 22
119.253.80.0/20 maxlen: 20
119.253.80.0/21 maxlen: 21
119.253.80.0/22 maxlen: 22
119.253.84.0/23 maxlen: 23
119.253.88.0/21 maxlen: 21
119.253.91.0/24 maxlen: 24
119.253.249.0/24 maxlen: 24
119.253.252.0/24 maxlen: 24
119.254.0.0/16 maxlen: 16
119.254.0.0/17 maxlen: 17
119.254.16.0/20 maxlen: 20
119.254.32.0/21 maxlen: 21
119.254.37.0/24 maxlen: 24
119.254.40.0/21 maxlen: 21
119.254.56.0/21 maxlen: 21
119.254.64.0/19 maxlen: 19
119.254.112.0/20 maxlen: 20
119.254.112.0/21 maxlen: 21
119.254.120.0/21 maxlen: 21
119.254.128.0/17 maxlen: 17
119.254.128.0/20 maxlen: 20
119.254.136.0/21 maxlen: 21
119.254.144.0/20 maxlen: 20
119.254.144.0/21 maxlen: 21
119.254.152.0/21 maxlen: 21
119.254.160.0/19 maxlen: 19
119.254.192.0/19 maxlen: 19
119.254.216.0/21 maxlen: 21
119.254.229.0/24 maxlen: 24
119.254.236.0/22 maxlen: 22
119.254.236.0/24 maxlen: 24
119.254.240.0/21 maxlen: 21
119.254.255.0/24 maxlen: 24
119.255.63.0/24 maxlen: 24
119.255.128.0/17 maxlen: 17
119.255.136.0/21 maxlen: 21
124.42.8.0/22 maxlen: 22
124.42.12.0/22 maxlen: 22
124.42.34.0/23 maxlen: 23
124.42.36.0/22 maxlen: 22
124.42.49.0/24 maxlen: 24
124.42.86.0/23 maxlen: 23
203.187.191.0/24 maxlen: 24
218.97.255.0/24 maxlen: 24
220.231.0.0/20 maxlen: 20
220.231.16.0/20 maxlen: 20
220.231.32.0/24 maxlen: 24
220.231.48.0/20 maxlen: 20
220.231.63.0/24 maxlen: 24
240a:2000::/40 maxlen: 40
240a:2001:100::/40 maxlen: 40
240a:2001:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1108677435395670037/1/9FF679A48BDAB5820137C251333CE831F275BD8C.crl
rsync://rpki-rps.cnnic.cn/repo/A1108677435395670037/1/9FF679A48BDAB5820137C251333CE831F275BD8C.mft
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9FF679A48BDAB5820137C251333CE831F275BD8C.cer
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 May 2026 15:28:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:2e:4f:59:6f:7b:b0:9c:c2:b0:e9:5a:0d:91:cd:82:c2:7d:1e:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9FF679A48BDAB5820137C251333CE831F275BD8C
Validity
Not Before: May 27 08:41:31 2026 GMT
Not After : May 26 08:46:31 2027 GMT
Subject: CN=E26C1B38D6AA15CC8D1C0D2116AA9D3B981D5632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ac:d9:72:3f:e8:54:c5:34:3a:c2:e1:b0:2b:
93:5b:28:fd:b7:7c:df:f7:cb:76:0d:1d:9e:06:ce:
a6:2b:e9:31:53:55:71:c9:2f:2e:0f:d7:5e:88:64:
8b:ae:33:b0:52:f7:0f:53:a8:33:ac:f5:85:47:e1:
cd:0b:3a:73:53:1e:f4:3e:2e:de:23:b1:7b:d4:81:
2b:4b:73:8a:3d:a3:9f:25:d2:58:aa:38:21:48:0c:
fe:fa:19:c3:59:72:18:33:b5:ac:ce:d3:0e:f8:6c:
21:36:1f:59:20:5c:88:a9:a8:8f:34:c6:3b:30:92:
55:10:ed:c7:64:0b:33:2c:20:e7:10:bd:b3:16:f4:
cc:d3:0f:f4:7c:7a:f2:31:66:0e:2d:58:a7:bf:8e:
fb:2d:f9:c6:19:ba:fa:f0:12:a8:38:e2:a6:6d:7a:
7e:58:34:b3:18:25:26:ec:db:b3:b0:a4:13:a4:ad:
c6:68:82:3f:68:2e:0d:d8:9b:86:0a:48:c1:e7:e4:
98:14:b9:b1:52:95:19:f8:51:b1:64:f6:c5:83:2f:
44:64:9f:c6:74:d4:50:2a:b8:85:30:57:0d:a4:50:
88:f1:4a:e3:83:88:15:64:8b:c1:aa:62:c3:5c:c1:
6d:10:c9:e1:82:4d:2c:33:c9:b8:a2:9f:38:ea:ae:
63:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:6C:1B:38:D6:AA:15:CC:8D:1C:0D:21:16:AA:9D:3B:98:1D:56:32
X509v3 Authority Key Identifier:
keyid:9F:F6:79:A4:8B:DA:B5:82:01:37:C2:51:33:3C:E8:31:F2:75:BD:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1108677435395670037/1/9FF679A48BDAB5820137C251333CE831F275BD8C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9FF679A48BDAB5820137C251333CE831F275BD8C.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1108677435395670037/1/AS23844.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
118.102.16.0/24
118.102.22.0-118.102.28.255
119.253.0.0/20
119.253.48.0/21
119.253.80.0/20
119.253.249.0/24
119.253.252.0/24
119.254.0.0/16
119.255.63.0/24
119.255.128.0/17
124.42.8.0/21
124.42.34.0-124.42.39.255
124.42.49.0/24
124.42.86.0/23
203.187.191.0/24
218.97.255.0/24
220.231.0.0-220.231.32.255
220.231.48.0/20
IPv6:
240a:2000::/40
240a:2001:100::/40
240a:2001:1000::/36
Signature Algorithm: sha256WithRSAEncryption
4b:20:8f:8a:f5:cc:61:78:6d:25:5d:f3:8c:8c:83:2b:d6:4c:
88:ea:f8:b5:cc:0f:04:a9:17:0c:1f:96:3f:a7:be:a1:f4:a5:
3b:51:d7:8f:c4:be:d9:3b:17:f8:da:40:2e:91:8d:b7:ff:7c:
ea:de:95:d9:d4:4a:71:0d:69:b1:37:b1:2d:c4:ef:0a:5b:74:
ae:bb:05:6c:76:a6:23:a9:4c:b2:e6:62:92:fe:9d:29:91:67:
27:88:52:ef:f5:bf:6f:53:97:88:c5:60:5f:b6:a0:7c:a2:36:
14:a9:a2:00:e1:59:9f:47:6f:11:79:49:bd:90:7d:12:b5:30:
ca:36:d3:8f:e8:a2:6b:ad:6b:37:a1:94:72:66:e8:f0:0b:f1:
4c:36:03:59:a4:46:e6:18:78:f3:6d:39:d2:52:49:4e:95:04:
37:95:3b:4a:e7:a5:8d:43:f8:46:ea:ee:05:b8:01:37:7e:88:
fb:43:27:14:ca:f2:25:1e:a0:42:99:7b:1f:9f:71:77:e0:22:
ee:a6:24:59:d6:8c:58:1c:bb:b5:2e:88:27:b2:87:0e:3d:3b:
44:62:63:0a:f6:6d:49:23:95:8b:0f:37:e9:b7:32:e2:10:d3:
8b:5f:4b:e8:ca:62:c7:c2:a6:bf:c1:d8:ae:cb:80:b0:7f:f7:
8c:f7:63:c4
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUcS5PWW97sJzCsOlaDZHNgsJ9Hj4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUZGNjc5QTQ4QkRBQjU4MjAxMzdDMjUxMzMzQ0U4MzFG
Mjc1QkQ4QzAeFw0yNjA1MjcwODQxMzFaFw0yNzA1MjYwODQ2MzFaMDMxMTAvBgNV
BAMTKEUyNkMxQjM4RDZBQTE1Q0M4RDFDMEQyMTE2QUE5RDNCOTgxRDU2MzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVrNlyP+hUxTQ6wuGwK5NbKP23
fN/3y3YNHZ4GzqYr6TFTVXHJLy4P116IZIuuM7BS9w9TqDOs9YVH4c0LOnNTHvQ+
Lt4jsXvUgStLc4o9o58l0liqOCFIDP76GcNZchgztazO0w74bCE2H1kgXIipqI80
xjswklUQ7cdkCzMsIOcQvbMW9MzTD/R8evIxZg4tWKe/jvst+cYZuvrwEqg44qZt
en5YNLMYJSbs27OwpBOkrcZogj9oLg3Ym4YKSMHn5JgUubFSlRn4UbFk9sWDL0Rk
n8Z01FAquIUwVw2kUIjxSuODiBVki8GqYsNcwW0QyeGCTSwzybiinzjqrmMZAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQU4mwbONaqFcyNHA0hFqqdO5gdVjIwHwYDVR0j
BBgwFoAUn/Z5pIvatYIBN8JRMzzoMfJ1vYwwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud
HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTEw
ODY3NzQzNTM5NTY3MDAzNy8xLzlGRjY3OUE0OEJEQUI1ODIwMTM3QzI1MTMzM0NF
ODMxRjI3NUJEOEMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5
bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1
LzEvOUZGNjc5QTQ4QkRBQjU4MjAxMzdDMjUxMzMzQ0U4MzFGMjc1QkQ4Qy5jZXIw
XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu
bmljLmNuL3JlcG8vQTExMDg2Nzc0MzUzOTU2NzAwMzcvMS9BUzIzODQ0LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCB
iQQCAAEwgYIDBAB2ZhAwDAMEAXZmFgMEAHZmHAMEBHf9AAMEA3f9MAMEBHf9UAME
AHf9+QMEAHf9/AMDAHf+AwQAd/8/AwQHd/+AAwQDfCoIMAwDBAF8KiIDBAN8KiAD
BAB8KjEDBAF8KlYDBADLu78DBADaYf8wCwMDANznAwQA3OcgAwQE3OcwMB4EAgAC
MBgDBgAkCiAAAAMGACQKIAEBAwYEJAogARAwDQYJKoZIhvcNAQELBQADggEBAEsg
j4r1zGF4bSVd84yMgyvWTIjq+LXMDwSpFwwflj+nvqH0pTtR14/Evtk7F/jaQC6R
jbf/fOreldnUSnENabE3sS3E7wpbdK67BWx2piOpTLLmYpL+nSmRZyeIUu/1v29T
l4jFYF+2oHyiNhSpogDhWZ9HbxF5Sb2QfRK1MMo204/oomutazehlHJm6PAL8Uw2
A1mkRuYYePNtOdJSSU6VBDeVO0rnpY1D+Ebq7gW4ATd+iPtDJxTK8iUeoEKZex+f
cXfgIu6mJFnWjFgcu7UuiCeyhw49O0RiYwr2bUkjlYsPN+m3MuIQ04tfS+jKYsfC
pr/B2K7LgLB/94z3Y8Q=
-----END CERTIFICATE-----
Generated at Fri May 29 23:49:12 2026 by rpki-client