Route Origin Authorization

$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1122361002747232293/0/3130332e3134352e36302e302f32332d3234203d3e20393332.roa
File:                     3130332e3134352e36302e302f32332d3234203d3e20393332.roa (raw, json)
Hash identifier:          Yp/8dD20XlslgkSYX3Zw2qk58UDNFY1ThOyLVD37ZgI=
Subject key identifier:   0A:CF:E0:CB:EE:CE:8A:8B:CB:54:5A:81:08:AF:10:E0:F7:AB:93:84
Certificate issuer:       /CN=A919AAA00000/serialNumber=ECE7AD10B332E86702B118145564E6C084B9C744
Certificate serial:       6C7774BD9C6775A04A4F4C2604575F6BFC006AF9
Authority key identifier: EC:E7:AD:10:B3:32:E8:67:02:B1:18:14:55:64:E6:C0:84:B9:C7:44
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7OetELMy6GcCsRgUVWTmwIS5x0Q.cer
Subject info access:      rsync://rpki-rps.cnnic.cn/repo/A1122361002747232293/0/3130332e3134352e36302e302f32332d3234203d3e20393332.roa
Signing time:             Thu 02 Jul 2026 04:19:39 +0000
ROA not before:           Thu 02 Jul 2026 04:14:39 +0000
ROA not after:            Thu 01 Jul 2027 04:19:39 +0000
asID:                     932
IP address blocks:        103.145.60.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.cnnic.cn/repo/A1122361002747232293/0/ECE7AD10B332E86702B118145564E6C084B9C744.crl
                          rsync://rpki-rps.cnnic.cn/repo/A1122361002747232293/0/ECE7AD10B332E86702B118145564E6C084B9C744.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7OetELMy6GcCsRgUVWTmwIS5x0Q.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 06 Jul 2026 07:22:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:77:74:bd:9c:67:75:a0:4a:4f:4c:26:04:57:5f:6b:fc:00:6a:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919AAA00000, serialNumber=ECE7AD10B332E86702B118145564E6C084B9C744
        Validity
            Not Before: Jul  2 04:14:39 2026 GMT
            Not After : Jul  1 04:19:39 2027 GMT
        Subject: CN=0ACFE0CBEECE8A8BCB545A8108AF10E0F7AB9384
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:16:eb:9b:64:31:e0:5e:74:54:92:ac:6c:28:
                    ba:1a:7f:ff:e1:48:78:fb:bc:13:10:f3:dd:4c:f7:
                    f5:3c:7f:ea:35:41:8e:b9:97:77:81:8e:7d:82:0c:
                    4f:79:35:2e:86:7d:40:34:5b:b9:52:39:d1:de:4b:
                    fb:11:74:52:a9:27:a6:16:b1:d8:1a:6d:01:1f:eb:
                    37:33:8c:9f:dc:64:70:4b:38:cb:ce:c5:3d:eb:c0:
                    8e:b5:10:f1:6b:2e:5b:e8:24:8c:c5:b7:2f:f2:ca:
                    27:a3:e0:07:a8:cb:89:c7:b7:8e:97:90:40:d4:50:
                    94:cc:1c:d3:03:49:b4:f1:45:3e:47:8d:7c:14:00:
                    9d:d1:49:ee:3f:47:d8:49:f2:31:15:ba:8d:c8:31:
                    77:17:c0:42:ac:af:ea:ab:38:cf:88:a7:85:dc:cb:
                    ff:fd:1c:b6:01:eb:63:38:c4:1a:be:64:4c:aa:1d:
                    f5:69:02:03:7e:1e:1a:55:47:02:b2:0a:2d:4e:bf:
                    76:93:e9:b5:57:4d:2b:c0:4e:31:26:73:46:a6:d0:
                    05:2c:b7:7e:1b:1a:4e:81:c2:d5:e9:82:a3:2d:5d:
                    59:96:8b:3a:0e:cd:be:71:92:78:62:94:0e:d3:b1:
                    7e:d2:50:2c:55:92:d0:fb:1f:34:41:a3:0f:bc:69:
                    8f:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:CF:E0:CB:EE:CE:8A:8B:CB:54:5A:81:08:AF:10:E0:F7:AB:93:84
            X509v3 Authority Key Identifier:
                keyid:EC:E7:AD:10:B3:32:E8:67:02:B1:18:14:55:64:E6:C0:84:B9:C7:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.cnnic.cn/repo/A1122361002747232293/0/ECE7AD10B332E86702B118145564E6C084B9C744.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7OetELMy6GcCsRgUVWTmwIS5x0Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1122361002747232293/0/3130332e3134352e36302e302f32332d3234203d3e20393332.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.145.60.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a3:ac:d3:fa:87:6a:e8:e3:8d:bd:ca:79:d3:0a:56:63:24:8e:
         9e:6c:62:ed:89:eb:15:41:3b:89:57:ee:c7:07:54:e4:44:08:
         ee:66:6b:21:23:66:69:dc:64:da:80:f7:35:b6:16:c4:09:64:
         fa:6e:04:38:c6:be:c3:82:ca:a3:5b:d8:74:d7:5c:4a:3f:51:
         95:10:8f:d1:d3:d1:c4:16:ea:8f:29:22:ca:9d:8b:5f:fe:b0:
         96:c3:9b:e5:fc:8b:35:b0:32:ad:7d:00:78:d6:75:ae:a6:67:
         d1:c8:37:85:e5:1f:ba:a8:11:10:f8:c5:43:e5:bc:72:d1:e0:
         fa:6d:8e:a9:f7:d0:86:18:3b:56:a4:d1:45:e9:59:3d:ba:dd:
         37:f2:a3:8a:0d:e2:c3:a1:a9:08:f2:b5:ae:5d:b4:43:3e:02:
         86:ae:e5:01:90:40:9f:1b:09:f4:a2:ab:27:bb:6c:c6:0b:e1:
         e3:82:e3:90:5b:72:a7:4d:36:bd:48:c0:88:a9:42:e8:8e:c6:
         29:fd:25:84:5b:ba:c6:6a:4c:b6:41:c5:c7:d1:7c:1a:95:05:
         44:de:83:8e:21:33:b9:29:dd:88:0a:4c:26:9d:d2:4e:97:fa:
         7f:1d:16:62:63:61:10:0c:6d:6c:c8:e0:50:ac:e9:5f:79:59:
         0c:48:4f:55
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIUbHd0vZxndaBKT0wmBFdfa/wAavkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxOUFBQTAwMDAwMTEwLwYDVQQFEyhFQ0U3QUQxMEIz
MzJFODY3MDJCMTE4MTQ1NTY0RTZDMDg0QjlDNzQ0MB4XDTI2MDcwMjA0MTQzOVoX
DTI3MDcwMTA0MTkzOVowMzExMC8GA1UEAxMoMEFDRkUwQ0JFRUNFOEE4QkNCNTQ1
QTgxMDhBRjEwRTBGN0FCOTM4NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMW65tkMeBedFSSrGwouhp//+FIePu8ExDz3Uz39Tx/6jVBjrmXd4GOfYIM
T3k1LoZ9QDRbuVI50d5L+xF0Uqknphax2BptAR/rNzOMn9xkcEs4y87FPevAjrUQ
8WsuW+gkjMW3L/LKJ6PgB6jLice3jpeQQNRQlMwc0wNJtPFFPkeNfBQAndFJ7j9H
2EnyMRW6jcgxdxfAQqyv6qs4z4inhdzL//0ctgHrYzjEGr5kTKod9WkCA34eGlVH
ArIKLU6/dpPptVdNK8BOMSZzRqbQBSy3fhsaToHC1emCoy1dWZaLOg7NvnGSeGKU
DtOxftJQLFWS0PsfNEGjD7xpj5MCAwEAAaOCAg8wggILMB0GA1UdDgQWBBQKz+DL
7s6Ki8tUWoEIrxDg96uThDAfBgNVHSMEGDAWgBTs560QszLoZwKxGBRVZObAhLnH
RDAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMTIyMzYxMDAyNzQ3MjMyMjkzLzAvRUNFN0FE
MTBCMzMyRTg2NzAyQjExODE0NTU2NEU2QzA4NEI5Qzc0NC5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvN09ldEVMTXk2
R2NDc1JnVVZXVG13SVM1eDBRLmNlcjCBiAYIKwYBBQUHAQsEfDB6MHgGCCsGAQUF
BzALhmxyc3luYzovL3Jwa2ktcnBzLmNubmljLmNuL3JlcG8vQTExMjIzNjEwMDI3
NDcyMzIyOTMvMC8zMTMwMzMyZTMxMzQzNTJlMzYzMDJlMzAyZjMyMzMyZDMyMzQy
MDNkM2UyMDM5MzMzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeRPDANBgkqhkiG9w0BAQsFAAOCAQEA
o6zT+odq6OONvcp50wpWYySOnmxi7YnrFUE7iVfuxwdU5EQI7mZrISNmadxk2oD3
NbYWxAlk+m4EOMa+w4LKo1vYdNdcSj9RlRCP0dPRxBbqjykiyp2LX/6wlsOb5fyL
NbAyrX0AeNZ1rqZn0cg3heUfuqgREPjFQ+W8ctHg+m2OqffQhhg7VqTRRelZPbrd
N/Kjig3iw6GpCPK1rl20Qz4Chq7lAZBAnxsJ9KKrJ7tsxgvh44LjkFtyp002vUjA
iKlC6I7GKf0lhFu6xmpMtkHFx9F8GpUFRN6DjiEzuSndiApMJp3STpf6fx0WYmNh
EAxtbMjgUKzpX3lZDEhPVQ==
-----END CERTIFICATE-----
Generated at Sun Jul 5 09:21:09 2026 by rpki-client