Route Origin Authorization

$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1112360312121655313/0/3130332e3138312e3136342e302f32332d3234203d3e20313531393531.roa
File:                     3130332e3138312e3136342e302f32332d3234203d3e20313531393531.roa (raw, json)
Hash identifier:          L382HMS0rAo61TZm5iGl3q8kDKIpUjYtF59dWqxf6aA=
Subject key identifier:   02:68:19:31:CF:5C:A3:52:47:36:EC:0C:6E:1B:83:3B:9D:C4:29:B9
Certificate issuer:       /CN=A91B10180000/serialNumber=721C36677F59FEEA9B6707B32253F3062FDFC899
Certificate serial:       2066645B1D73A5FF85690DF1431614B1EB5034F0
Authority key identifier: 72:1C:36:67:7F:59:FE:EA:9B:67:07:B3:22:53:F3:06:2F:DF:C8:99
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/chw2Z39Z_uqbZwezIlPzBi_fyJk.cer
Subject info access:      rsync://rpki-rps.cnnic.cn/repo/A1112360312121655313/0/3130332e3138312e3136342e302f32332d3234203d3e20313531393531.roa
Signing time:             Thu 18 Jun 2026 14:19:25 +0000
ROA not before:           Thu 18 Jun 2026 14:14:25 +0000
ROA not after:            Thu 17 Jun 2027 14:19:25 +0000
asID:                     151951
IP address blocks:        103.181.164.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.cnnic.cn/repo/A1112360312121655313/0/721C36677F59FEEA9B6707B32253F3062FDFC899.crl
                          rsync://rpki-rps.cnnic.cn/repo/A1112360312121655313/0/721C36677F59FEEA9B6707B32253F3062FDFC899.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/chw2Z39Z_uqbZwezIlPzBi_fyJk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 06 Jul 2026 01:40:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:66:64:5b:1d:73:a5:ff:85:69:0d:f1:43:16:14:b1:eb:50:34:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B10180000, serialNumber=721C36677F59FEEA9B6707B32253F3062FDFC899
        Validity
            Not Before: Jun 18 14:14:25 2026 GMT
            Not After : Jun 17 14:19:25 2027 GMT
        Subject: CN=02681931CF5CA3524736EC0C6E1B833B9DC429B9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:64:c6:13:2a:f9:1c:e1:ff:d3:41:1d:80:18:
                    eb:84:d7:61:2d:74:91:3b:bc:68:3f:c7:4f:86:c9:
                    57:71:91:a2:25:ee:69:5b:bf:2b:d6:3e:24:4a:95:
                    5f:09:75:20:0c:0c:3f:49:8f:4e:93:3e:95:5c:8b:
                    3e:c5:0b:ce:e9:4c:70:0b:16:71:2b:87:0e:96:91:
                    3a:dd:e3:1a:78:60:45:de:e3:f1:50:78:1e:2f:51:
                    51:87:ae:e9:4b:b9:a9:9a:dd:53:5d:76:c9:7a:9d:
                    c4:f0:30:77:bb:f7:d6:69:4a:34:6c:e2:44:37:58:
                    71:4d:3d:10:a2:42:5d:fa:3d:b0:e3:2b:9b:8d:2f:
                    33:f2:2c:35:8c:5e:ea:0f:29:5f:7d:5a:ca:e1:1e:
                    ce:bb:a8:e2:03:ad:64:59:79:bb:cd:59:a0:93:88:
                    1f:85:10:fc:52:38:0e:0f:2c:75:6a:3e:16:1c:fc:
                    1b:b9:83:7f:41:c1:33:c5:58:7a:dc:9e:67:50:46:
                    88:2e:65:77:d6:44:79:0d:95:9a:aa:e1:14:6f:db:
                    6e:bc:b9:bd:6f:4d:52:1e:c4:51:68:e1:02:a7:19:
                    77:f4:e9:8b:da:09:80:a3:11:2f:9e:dd:db:8e:2e:
                    be:61:18:79:92:c2:9b:aa:91:a8:99:a7:62:22:d0:
                    74:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:68:19:31:CF:5C:A3:52:47:36:EC:0C:6E:1B:83:3B:9D:C4:29:B9
            X509v3 Authority Key Identifier:
                keyid:72:1C:36:67:7F:59:FE:EA:9B:67:07:B3:22:53:F3:06:2F:DF:C8:99

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.cnnic.cn/repo/A1112360312121655313/0/721C36677F59FEEA9B6707B32253F3062FDFC899.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/chw2Z39Z_uqbZwezIlPzBi_fyJk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1112360312121655313/0/3130332e3138312e3136342e302f32332d3234203d3e20313531393531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.181.164.0/23

    Signature Algorithm: sha256WithRSAEncryption
         53:f2:88:1b:1a:f7:16:1f:6e:9b:39:f7:e4:41:0a:2c:30:19:
         83:f7:29:a3:87:b2:4e:98:06:db:52:48:77:ed:bc:17:69:12:
         27:5c:51:ce:c7:f8:fe:64:e1:eb:af:34:48:e1:66:ed:0f:49:
         56:02:d9:f7:c0:10:bd:29:47:7f:83:28:dc:bd:e6:79:ad:cd:
         59:4a:db:31:5d:96:2a:cc:c5:54:a1:a6:85:fe:32:f6:64:e1:
         42:c0:30:ec:88:ed:7d:bc:39:c4:dc:d0:3d:91:5e:77:85:32:
         31:41:74:df:b9:eb:71:98:9f:be:40:87:8e:4b:21:7f:ba:c5:
         43:cf:87:41:33:d0:fd:e2:d4:f0:67:4a:d1:72:29:f0:66:a4:
         60:a8:c8:1d:51:18:bb:04:39:67:21:61:55:cc:a2:38:53:b5:
         24:12:7f:07:59:27:31:ae:a0:b0:7f:95:b1:f3:44:7a:5a:b7:
         0a:c4:7a:e7:3f:aa:6b:40:5e:1c:7f:07:1d:0b:24:0d:af:08:
         be:e8:9e:3e:15:b8:ba:33:63:1a:06:3a:3d:51:ef:14:f2:6a:
         8a:fd:54:03:b7:4c:23:06:f5:cb:a4:25:dc:a8:29:98:d6:1d:
         c1:6f:4c:a4:09:ec:53:c1:af:85:05:24:0e:03:50:a5:f0:37:
         26:19:26:56
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIUIGZkWx1zpf+FaQ3xQxYUsetQNPAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQjEwMTgwMDAwMTEwLwYDVQQFEyg3MjFDMzY2NzdG
NTlGRUVBOUI2NzA3QjMyMjUzRjMwNjJGREZDODk5MB4XDTI2MDYxODE0MTQyNVoX
DTI3MDYxNzE0MTkyNVowMzExMC8GA1UEAxMoMDI2ODE5MzFDRjVDQTM1MjQ3MzZF
QzBDNkUxQjgzM0I5REM0MjlCOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOpkxhMq+Rzh/9NBHYAY64TXYS10kTu8aD/HT4bJV3GRoiXuaVu/K9Y+JEqV
Xwl1IAwMP0mPTpM+lVyLPsULzulMcAsWcSuHDpaROt3jGnhgRd7j8VB4Hi9RUYeu
6Uu5qZrdU112yXqdxPAwd7v31mlKNGziRDdYcU09EKJCXfo9sOMrm40vM/IsNYxe
6g8pX31ayuEezruo4gOtZFl5u81ZoJOIH4UQ/FI4Dg8sdWo+Fhz8G7mDf0HBM8VY
etyeZ1BGiC5ld9ZEeQ2VmqrhFG/bbry5vW9NUh7EUWjhAqcZd/Tpi9oJgKMRL57d
244uvmEYeZLCm6qRqJmnYiLQdLsCAwEAAaOCAhowggIWMB0GA1UdDgQWBBQCaBkx
z1yjUkc27AxuG4M7ncQpuTAfBgNVHSMEGDAWgBRyHDZnf1n+6ptnB7MiU/MGL9/I
mTAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMTEyMzYwMzEyMTIxNjU1MzEzLzAvNzIxQzM2
Njc3RjU5RkVFQTlCNjcwN0IzMjI1M0YzMDYyRkRGQzg5OS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvY2h3MlozOVpf
dXFiWndleklsUHpCaV9meUprLmNlcjCBkwYIKwYBBQUHAQsEgYYwgYMwgYAGCCsG
AQUFBzALhnRyc3luYzovL3Jwa2ktcnBzLmNubmljLmNuL3JlcG8vQTExMTIzNjAz
MTIxMjE2NTUzMTMvMC8zMTMwMzMyZTMxMzgzMTJlMzEzNjM0MmUzMDJmMzIzMzJk
MzIzNDIwM2QzZTIwMzEzNTMxMzkzNTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ7WkMA0GCSqGSIb3
DQEBCwUAA4IBAQBT8ogbGvcWH26bOffkQQosMBmD9ymjh7JOmAbbUkh37bwXaRIn
XFHOx/j+ZOHrrzRI4WbtD0lWAtn3wBC9KUd/gyjcveZ5rc1ZStsxXZYqzMVUoaaF
/jL2ZOFCwDDsiO19vDnE3NA9kV53hTIxQXTfuetxmJ++QIeOSyF/usVDz4dBM9D9
4tTwZ0rRcinwZqRgqMgdURi7BDlnIWFVzKI4U7UkEn8HWScxrqCwf5Wx80R6WrcK
xHrnP6prQF4cfwcdCyQNrwi+6J4+Fbi6M2MaBjo9Ue8U8mqK/VQDt0wjBvXLpCXc
qCmY1h3Bb0ykCexTwa+FBSQOA1Cl8DcmGSZW
-----END CERTIFICATE-----
Generated at Sun Jul 5 08:36:34 2026 by rpki-client