Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1211/o6QRv3bWs-mfrG9NTh0ZOLQ-dvs.roa
File: o6QRv3bWs-mfrG9NTh0ZOLQ-dvs.roa (raw, json)
Hash identifier: ZRPJEYiVT54YeJhOGGhGRKPy3EApl2sR/SAlz6vZdVU=
Subject key identifier: A3:A4:11:BF:76:D6:B3:E9:9F:AC:6F:4D:4E:1D:19:38:B4:3E:76:FB
Certificate issuer: /CN=183D882201945BE13993B4C6DAC954F8EE426C97
Certificate serial: 1017
Authority key identifier: 18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/o6QRv3bWs-mfrG9NTh0ZOLQ-dvs.roa
Signing time: Mon 24 Feb 2025 05:00:06 +0000
ROA not before: Mon 24 Feb 2025 05:00:06 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 63701
IP address blocks: 103.57.12.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.mft
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 19:37:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4119 (0x1017)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=183D882201945BE13993B4C6DAC954F8EE426C97
Validity
Not Before: Feb 24 05:00:06 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=A3A411BF76D6B3E99FAC6F4D4E1D1938B43E76FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:e3:f5:e9:6a:7c:d7:40:cf:73:0b:4c:8c:5d:
b0:fc:e1:fd:30:0c:84:6c:2e:1c:fb:1d:92:e2:8c:
59:64:b2:3c:0c:c0:9c:e8:c0:06:bd:81:b5:ed:04:
36:c6:ee:96:fe:87:a4:e3:97:83:81:73:05:aa:99:
59:2d:76:e8:cf:6a:b7:be:1f:0d:99:4e:6c:00:14:
23:ac:c2:0c:60:b0:ba:32:f4:50:95:da:72:13:ce:
69:a5:09:3e:82:2c:78:cc:e8:02:be:c1:63:aa:e7:
7d:a2:61:0d:9a:45:09:49:78:dd:74:8c:7b:18:ec:
8c:31:a5:3c:f2:e6:c1:b5:d1:c6:2c:a1:b9:10:f3:
d9:f5:15:aa:67:a7:60:ab:ef:5c:d5:85:1c:b9:1c:
ea:01:f4:33:e8:ac:d0:03:29:13:87:01:8c:45:ff:
17:24:73:33:46:99:e7:1d:f4:b9:4c:83:b8:10:d9:
66:1d:cf:e4:8c:6e:91:10:92:39:31:2b:71:50:32:
ba:90:84:3b:cf:b7:4c:6b:19:ca:75:d8:0d:6c:c3:
4a:69:72:e0:2d:e1:3a:b3:9f:29:28:5b:76:0e:21:
e3:52:4e:4b:70:3c:22:62:01:36:81:76:9f:43:4d:
91:69:fb:fd:42:3f:1e:f9:f5:b8:89:f4:b2:9d:c0:
b0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:A4:11:BF:76:D6:B3:E9:9F:AC:6F:4D:4E:1D:19:38:B4:3E:76:FB
X509v3 Authority Key Identifier:
keyid:18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/o6QRv3bWs-mfrG9NTh0ZOLQ-dvs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.57.12.0/22
Signature Algorithm: sha256WithRSAEncryption
23:c2:97:7f:c4:4b:6e:0f:f4:f2:2a:f4:33:3c:59:f8:d1:cf:
fd:d9:9e:45:73:5c:2c:b9:44:07:53:8a:39:bd:8b:ee:96:c4:
7e:e8:dd:79:11:7b:3d:1c:e3:ba:6d:f4:85:2b:9b:f7:9c:37:
a8:be:73:f5:1c:65:fe:50:86:79:89:81:f9:62:43:df:59:3f:
f7:55:dc:00:a3:8b:1a:b9:23:34:40:8e:a0:a4:16:92:ee:39:
ed:21:ff:46:fc:40:94:8f:60:1d:20:3e:93:75:f8:89:21:2e:
91:c3:44:f2:28:b1:a5:69:86:5e:f7:b4:6b:63:6f:47:95:c3:
8e:b1:65:c3:69:45:c8:92:79:a9:11:24:56:2f:bd:71:ff:51:
27:ad:05:08:33:40:06:e4:74:2d:5d:a4:76:66:86:63:5f:f7:
b0:f8:a0:79:bc:a7:3a:53:d2:e3:b1:ad:eb:32:af:59:e0:25:
1c:e1:e1:06:4a:8c:12:3d:e8:14:18:9e:c7:99:23:c3:04:41:
37:ee:49:ae:19:50:46:34:8c:00:16:7d:23:b2:fd:e3:4a:7c:
86:b0:6f:36:68:21:db:6b:65:d6:6d:4f:af:bd:fe:5b:b2:0f:
4e:fa:5f:eb:73:72:31:56:e6:97:2e:b0:b9:1f:b2:d4:c7:ce:
4a:59:71:b8
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEBcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTgz
RDg4MjIwMTk0NUJFMTM5OTNCNEM2REFDOTU0RjhFRTQyNkM5NzAeFw0yNTAyMjQw
NTAwMDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEEzQTQxMUJGNzZENkIz
RTk5RkFDNkY0RDRFMUQxOTM4QjQzRTc2RkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDu4/XpanzXQM9zC0yMXbD84f0wDIRsLhz7HZLijFlksjwMwJzo
wAa9gbXtBDbG7pb+h6Tjl4OBcwWqmVktdujPare+Hw2ZTmwAFCOswgxgsLoy9FCV
2nITzmmlCT6CLHjM6AK+wWOq532iYQ2aRQlJeN10jHsY7IwxpTzy5sG10cYsobkQ
89n1Fapnp2Cr71zVhRy5HOoB9DPorNADKROHAYxF/xckczNGmecd9LlMg7gQ2WYd
z+SMbpEQkjkxK3FQMrqQhDvPt0xrGcp12A1sw0ppcuAt4TqznykoW3YOIeNSTktw
PCJiATaBdp9DTZFp+/1CPx759biJ9LKdwLA7AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUo6QRv3bWs+mfrG9NTh0ZOLQ+dvswHwYDVR0jBBgwFoAUGD2IIgGUW+E5k7TG
2slU+O5CbJcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx
MS9HRDJJSWdHVVctRTVrN1RHMnNsVS1PNUNiSmMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0dEMklJZ0dVVy1FNWs3VEcyc2xVLU81Q2JKYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTEvbzZRUnYzYldzLW1m
ckc5TlRoMFpPTFEtZHZzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmc5DDANBgkqhkiG9w0BAQsFAAOCAQEAI8KXf8RLbg/08ir0MzxZ+NHP/dme
RXNcLLlEB1OKOb2L7pbEfujdeRF7PRzjum30hSub95w3qL5z9Rxl/lCGeYmB+WJD
31k/91XcAKOLGrkjNECOoKQWku457SH/RvxAlI9gHSA+k3X4iSEukcNE8iixpWmG
Xve0a2NvR5XDjrFlw2lFyJJ5qREkVi+9cf9RJ60FCDNABuR0LV2kdmaGY1/3sPig
ebynOlPS47Gt6zKvWeAlHOHhBkqMEj3oFBiex5kjwwRBN+5JrhlQRjSMABZ9I7L9
40p8hrBvNmgh22tl1m1Pr73+W7IPTvpf63NyMVbmly6wuR+y1MfOSllxuA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 19:29:32 2025 by rpki-client