Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hUwqPu6t8tUYFc-peBX6xMI4HBc.roa
File: hUwqPu6t8tUYFc-peBX6xMI4HBc.roa (raw, json)
Hash identifier: jOkPLxA3qJXTVDxX+ALBQiv9GL9hiNSiQhqdZqM62Co=
Subject key identifier: 85:4C:2A:3E:EE:AD:F2:D5:18:15:CF:A9:78:15:FA:C4:C2:38:1C:17
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3144
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hUwqPu6t8tUYFc-peBX6xMI4HBc.roa
Signing time: Sat 03 Feb 2024 02:49:42 +0000
ROA not before: Sat 03 Feb 2024 02:49:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.mft
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 23 Nov 2024 00:23:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12612 (0x3144)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Feb 3 02:49:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=854C2A3EEEADF2D51815CFA97815FAC4C2381C17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:62:4d:6c:78:a5:69:67:b2:1b:35:f5:0f:e3:
be:38:24:b4:8d:f8:76:2a:91:54:3d:53:01:ab:01:
ca:df:ed:5d:6a:95:8a:ac:60:80:73:6c:19:17:72:
0b:46:34:1f:aa:86:f0:d3:8d:80:c8:7b:56:1e:14:
97:3c:a9:0a:09:e1:b2:be:f2:38:10:80:e9:3b:6e:
cc:45:05:63:b6:32:11:b0:9c:02:c0:fc:b3:00:64:
2d:22:0a:ba:e2:c0:18:41:8e:b0:4c:a9:ca:e5:d3:
85:c1:67:04:e5:e5:41:b6:c2:27:3d:4a:ca:59:a2:
80:fd:e6:5c:bd:ab:f3:0e:55:f0:bd:e7:e8:74:5c:
9d:4e:a4:ae:93:7d:fa:83:9b:b1:b6:e7:41:e4:51:
02:33:e5:0c:03:3d:26:8a:61:29:02:4b:98:f7:b2:
fc:77:0b:1a:47:40:06:f4:59:45:6e:8a:9e:20:3e:
33:5e:67:ce:ec:51:ec:6b:db:e3:85:15:59:11:32:
d0:c5:27:a3:1f:a9:23:77:bd:2c:c2:74:f0:29:8f:
b4:24:14:34:bc:b7:a2:1c:c2:28:dc:44:11:d3:b4:
bd:f0:10:e4:a7:0d:4b:9e:d1:ab:da:fd:83:33:09:
a9:d2:2d:6b:c3:a2:d9:ff:2b:0a:e7:46:d4:a4:28:
c1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:4C:2A:3E:EE:AD:F2:D5:18:15:CF:A9:78:15:FA:C4:C2:38:1C:17
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hUwqPu6t8tUYFc-peBX6xMI4HBc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
5f:96:66:1e:20:4e:15:22:86:55:8a:11:38:e4:3f:3b:26:13:
30:ac:a7:17:9d:4c:cb:0c:66:a7:91:fd:ec:3b:fa:87:b8:76:
6e:1d:66:52:3a:65:4f:30:5f:e0:0e:ec:5b:44:ca:8f:a1:f4:
9b:3a:ac:9c:58:46:14:07:b2:6f:65:0d:23:93:47:5b:30:13:
01:5d:7a:b8:61:e9:3e:16:7e:aa:60:b7:be:db:a0:3a:63:5f:
d1:b6:3b:db:d8:3d:ac:13:ca:bf:64:4f:77:4a:9c:7a:ed:6f:
ca:9b:b2:e6:d5:0f:79:0f:bd:56:37:3d:0a:21:25:aa:37:aa:
d8:27:0c:29:32:03:e2:e1:b5:75:22:30:ff:85:d8:5f:c8:ee:
ce:e3:c0:82:a7:f3:44:ba:5b:29:2b:54:22:16:4b:01:b0:3c:
61:64:72:dd:8e:3c:af:15:63:af:35:d0:59:0f:45:9f:33:84:
20:8d:22:e9:12:46:06:d5:67:18:34:8c:a8:00:7a:a1:62:94:
c9:b1:a1:20:cf:56:dc:aa:df:94:b6:0b:ff:7b:58:20:9d:d7:
9b:1b:9e:5c:6f:13:83:18:60:69:77:30:0d:a8:1d:c4:e2:41:
8f:91:eb:4d:4f:bd:3c:f6:af:42:dc:35:af:52:c0:32:19:e6:
fa:84:d9:b3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICMUQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAyMDMw
MjQ5NDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg1NEMyQTNFRUVBREYy
RDUxODE1Q0ZBOTc4MTVGQUM0QzIzODFDMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJYk1seKVpZ7IbNfUP4744JLSN+HYqkVQ9UwGrAcrf7V1qlYqs
YIBzbBkXcgtGNB+qhvDTjYDIe1YeFJc8qQoJ4bK+8jgQgOk7bsxFBWO2MhGwnALA
/LMAZC0iCrriwBhBjrBMqcrl04XBZwTl5UG2wic9SspZooD95ly9q/MOVfC95+h0
XJ1OpK6TffqDm7G250HkUQIz5QwDPSaKYSkCS5j3svx3CxpHQAb0WUVuip4gPjNe
Z87sUexr2+OFFVkRMtDFJ6MfqSN3vSzCdPApj7QkFDS8t6IcwijcRBHTtL3wEOSn
DUue0ava/YMzCanSLWvDotn/KwrnRtSkKMHPAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUhUwqPu6t8tUYFc+peBX6xMI4HBcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hVd3FQdTZ0OHRVWUZj
LXBlQlg2eE1JNEhCYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBflmYe
IE4VIoZVihE45D87JhMwrKcXnUzLDGankf3sO/qHuHZuHWZSOmVPMF/gDuxbRMqP
ofSbOqycWEYUB7JvZQ0jk0dbMBMBXXq4Yek+Fn6qYLe+26A6Y1/Rtjvb2D2sE8q/
ZE93Spx67W/Km7Lm1Q95D71WNz0KISWqN6rYJwwpMgPi4bV1IjD/hdhfyO7O48CC
p/NEulspK1QiFksBsDxhZHLdjjyvFWOvNdBZD0WfM4QgjSLpEkYG1WcYNIyoAHqh
YpTJsaEgz1bcqt+Utgv/e1ggndebG55cbxODGGBpdzANqB3E4kGPketNT7089q9C
3DWvUsAyGeb6hNmz
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:28:42 2024 by rpki-client on console-ams.rpki-client.org