Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1113654806364422163/0/AS17623.roa
File: AS17623.roa (raw, json)
Hash identifier: Z/NN+rYAuPx1ZhV623OHKHZ3uma7l04dKuis+ugrMnQ=
Subject key identifier: 1D:A9:3E:91:27:48:CE:64:A2:4D:68:7A:D7:E6:12:2A:EF:2C:E2:74
Certificate issuer: /CN=A915370F0000/serialNumber=0182D4CD0C6D21DC2C296ED2606A70D796D5BBB9
Certificate serial: 7FA124A0DDB563D8FEF3AFCE1ACD32B9232426D6
Authority key identifier: 01:82:D4:CD:0C:6D:21:DC:2C:29:6E:D2:60:6A:70:D7:96:D5:BB:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AYLUzQxtIdwsKW7SYGpw15bVu7k.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1113654806364422163/0/AS17623.roa
Signing time: Tue 09 Jun 2026 08:45:12 +0000
ROA not before: Tue 09 Jun 2026 08:40:12 +0000
ROA not after: Tue 08 Jun 2027 08:45:12 +0000
asID: 17623
IP address blocks: 123.58.32.0/24 maxlen: 24
123.58.33.0/24 maxlen: 24
123.58.34.0/24 maxlen: 24
123.58.36.0/24 maxlen: 24
123.58.38.0/24 maxlen: 24
123.58.39.0/24 maxlen: 24
123.58.40.0/24 maxlen: 24
123.58.41.0/24 maxlen: 24
123.58.42.0/24 maxlen: 24
123.58.43.0/24 maxlen: 24
123.58.44.0/24 maxlen: 24
123.58.45.0/24 maxlen: 24
123.58.47.0/24 maxlen: 24
123.58.48.0/24 maxlen: 24
123.58.50.0/24 maxlen: 24
123.58.53.0/24 maxlen: 24
123.58.54.0/24 maxlen: 24
123.58.55.0/24 maxlen: 24
123.58.56.0/24 maxlen: 24
123.58.57.0/24 maxlen: 24
123.58.59.0/24 maxlen: 24
123.58.60.0/24 maxlen: 24
123.58.61.0/24 maxlen: 24
123.58.62.0/24 maxlen: 24
123.58.63.0/24 maxlen: 24
123.58.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1113654806364422163/0/0182D4CD0C6D21DC2C296ED2606A70D796D5BBB9.crl
rsync://rpki-rps.cnnic.cn/repo/A1113654806364422163/0/0182D4CD0C6D21DC2C296ED2606A70D796D5BBB9.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AYLUzQxtIdwsKW7SYGpw15bVu7k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 12 Jun 2026 12:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:a1:24:a0:dd:b5:63:d8:fe:f3:af:ce:1a:cd:32:b9:23:24:26:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915370F0000, serialNumber=0182D4CD0C6D21DC2C296ED2606A70D796D5BBB9
Validity
Not Before: Jun 9 08:40:12 2026 GMT
Not After : Jun 8 08:45:12 2027 GMT
Subject: CN=1DA93E912748CE64A24D687AD7E6122AEF2CE274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5f:5a:6d:7b:05:f2:84:3c:db:96:40:a1:4f:
8a:ee:71:da:95:6f:73:5a:da:00:91:b5:3d:3b:04:
81:ad:78:25:8b:c2:eb:01:34:ed:59:bd:4b:66:3a:
c0:35:61:2c:0a:15:0f:89:76:29:38:ee:e0:e2:e2:
e1:be:34:af:0d:9d:0d:91:f3:a5:5b:3e:2d:01:8d:
a1:59:d2:c8:89:83:d4:c7:08:38:c1:55:29:27:81:
15:35:0e:ec:21:f7:72:f9:da:ed:af:da:1d:c4:0e:
5e:e4:f3:8e:10:49:dd:4a:5f:9a:f5:11:4a:c0:10:
5d:36:0a:99:f4:c0:34:c2:38:b8:a9:a5:0f:b6:76:
90:b2:3f:42:27:19:78:e9:ae:fa:a0:e6:b7:1e:b2:
67:67:4e:13:e9:f7:d3:19:ed:de:31:d9:ff:ca:a5:
69:82:ee:63:75:cb:c1:e9:1e:a8:d7:d0:41:ad:96:
3d:79:ec:c9:9b:00:49:b4:ce:7b:8b:c1:bf:66:ef:
a5:f1:e6:73:8b:41:29:fe:b7:6c:55:e2:1c:d3:35:
b4:f5:f2:5f:6d:af:28:78:ca:0f:91:dd:8a:81:c8:
47:5d:84:12:12:18:09:9f:d3:37:c7:d9:1c:e9:3a:
29:80:9b:0e:71:57:5d:ad:3d:f5:f1:aa:f7:58:ad:
3c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A9:3E:91:27:48:CE:64:A2:4D:68:7A:D7:E6:12:2A:EF:2C:E2:74
X509v3 Authority Key Identifier:
keyid:01:82:D4:CD:0C:6D:21:DC:2C:29:6E:D2:60:6A:70:D7:96:D5:BB:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1113654806364422163/0/0182D4CD0C6D21DC2C296ED2606A70D796D5BBB9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AYLUzQxtIdwsKW7SYGpw15bVu7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1113654806364422163/0/AS17623.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
123.58.32.0-123.58.34.255
123.58.36.0/24
123.58.38.0-123.58.45.255
123.58.47.0-123.58.48.255
123.58.50.0/24
123.58.53.0-123.58.57.255
123.58.59.0-123.58.64.255
Signature Algorithm: sha256WithRSAEncryption
8f:5b:60:9f:ae:df:94:a5:e5:60:f8:34:5d:14:c6:00:c0:28:
db:67:99:5b:98:72:0f:ca:bd:1f:cf:fa:21:aa:68:6e:64:63:
08:e1:18:bd:db:fd:d0:e9:8d:2a:d7:14:13:f9:ea:e0:df:18:
51:36:de:3d:17:7e:bf:85:23:a0:20:72:d4:55:a2:29:90:b0:
8f:54:ba:36:21:5e:90:bc:b8:e1:1f:4a:df:52:bf:cd:98:16:
a7:09:e9:f4:5c:f0:0d:0d:5e:7a:e9:16:79:e0:0b:b0:41:6e:
cd:51:28:28:f6:41:da:72:9e:e2:4e:2d:a7:89:a7:98:cb:7c:
9b:a8:db:42:58:4b:a1:0b:ff:d9:bb:93:4b:c9:3f:71:1c:5f:
5f:4d:a6:0e:33:55:d0:ba:26:3c:f4:28:7c:9b:27:bf:bf:8a:
d7:a6:67:46:58:3c:45:06:92:68:2d:05:2c:1f:8c:e9:f1:f8:
e8:b2:1f:b5:d5:2c:9b:dc:08:84:5d:a8:5e:47:66:67:a1:f9:
2c:a2:b3:2c:ea:e4:3f:d3:ae:1e:36:1e:ce:29:09:a1:18:bc:
20:62:23:b1:14:ee:fb:a2:19:7a:b3:b7:9b:a2:df:06:14:81:
47:af:86:e4:12:e6:0a:52:ef:cf:0a:f0:64:59:c3:56:3f:af:
fc:6a:10:ea
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUf6EkoN21Y9j+86/OGs0yuSMkJtYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTM3MEYwMDAwMTEwLwYDVQQFEygwMTgyRDRDRDBD
NkQyMURDMkMyOTZFRDI2MDZBNzBENzk2RDVCQkI5MB4XDTI2MDYwOTA4NDAxMloX
DTI3MDYwODA4NDUxMlowMzExMC8GA1UEAxMoMURBOTNFOTEyNzQ4Q0U2NEEyNEQ2
ODdBRDdFNjEyMkFFRjJDRTI3NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpfWm17BfKEPNuWQKFPiu5x2pVvc1raAJG1PTsEga14JYvC6wE07Vm9S2Y6
wDVhLAoVD4l2KTju4OLi4b40rw2dDZHzpVs+LQGNoVnSyImD1McIOMFVKSeBFTUO
7CH3cvna7a/aHcQOXuTzjhBJ3UpfmvURSsAQXTYKmfTANMI4uKmlD7Z2kLI/QicZ
eOmu+qDmtx6yZ2dOE+n30xnt3jHZ/8qlaYLuY3XLwekeqNfQQa2WPXnsyZsASbTO
e4vBv2bvpfHmc4tBKf63bFXiHNM1tPXyX22vKHjKD5HdioHIR12EEhIYCZ/TN8fZ
HOk6KYCbDnFXXa099fGq91itPGcCAwEAAaOCAi8wggIrMB0GA1UdDgQWBBQdqT6R
J0jOZKJNaHrX5hIq7yzidDAfBgNVHSMEGDAWgBQBgtTNDG0h3CwpbtJganDXltW7
uTAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMTEzNjU0ODA2MzY0NDIyMTYzLzAvMDE4MkQ0
Q0QwQzZEMjFEQzJDMjk2RUQyNjA2QTcwRDc5NkQ1QkJCOS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvQVlMVXpReHRJ
ZHdzS1c3U1lHcHcxNWJWdTdrLmNlcjBdBggrBgEFBQcBCwRRME8wTQYIKwYBBQUH
MAuGQXJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTExMzY1NDgwNjM2
NDQyMjE2My8wL0FTMTc2MjMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
awYIKwYBBQUHAQcBAf8EXDBaMFgEAgABMFIwDAMEBXs6IAMEAHs6IgMEAHs6JDAM
AwQBezomAwQBezosMAwDBAB7Oi8DBAB7OjADBAB7OjIwDAMEAHs6NQMEAXs6ODAM
AwQAezo7AwQAezpAMA0GCSqGSIb3DQEBCwUAA4IBAQCPW2Cfrt+UpeVg+DRdFMYA
wCjbZ5lbmHIPyr0fz/ohqmhuZGMI4Ri92/3Q6Y0q1xQT+erg3xhRNt49F36/hSOg
IHLUVaIpkLCPVLo2IV6QvLjhH0rfUr/NmBanCen0XPANDV566RZ54AuwQW7NUSgo
9kHacp7iTi2niaeYy3ybqNtCWEuhC//Zu5NLyT9xHF9fTaYOM1XQuiY89Ch8mye/
v4rXpmdGWDxFBpJoLQUsH4zp8fjosh+11Syb3AiEXaheR2ZnofksorMs6uQ/064e
Nh7OKQmhGLwgYiOxFO77ohl6s7ebot8GFIFHr4bkEuYKUu/PCvBkWcNWP6/8ahDq
-----END CERTIFICATE-----
Generated at Fri Jun 12 04:32:39 2026 by rpki-client