Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/187/q7QU6lU95ixq2YPLRtMk7F1dayQ.roa
File:                     q7QU6lU95ixq2YPLRtMk7F1dayQ.roa (raw, json)
Hash identifier:          N/yLBYFQ2d1CNqgsbqACcC8rdjiEfDBCgR7jvwcGnMg=
Subject key identifier:   AB:B4:14:EA:55:3D:E6:2C:6A:D9:83:CB:46:D3:24:EC:5D:5D:6B:24
Certificate issuer:       /CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
Certificate serial:       13C0
Authority key identifier: 2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/q7QU6lU95ixq2YPLRtMk7F1dayQ.roa
Signing time:             Fri 24 May 2024 02:24:48 +0000
ROA not before:           Fri 24 May 2024 02:24:48 +0000
ROA not after:            Fri 31 Jan 2025 01:13:46 +0000
asID:                     18118
IP address blocks:        219.72.160.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 17 Jun 2024 09:56:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5056 (0x13c0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
        Validity
            Not Before: May 24 02:24:48 2024 GMT
            Not After : Jan 31 01:13:46 2025 GMT
        Subject: CN=ABB414EA553DE62C6AD983CB46D324EC5D5D6B24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:26:dc:a5:18:bc:f6:7c:4c:bc:a0:82:27:67:
                    a0:e7:67:ac:38:76:ab:ea:ab:8b:d3:36:4c:ce:41:
                    33:7c:e4:3c:ca:ab:3d:e6:eb:1f:93:dd:be:5b:ba:
                    9f:97:d6:3f:d1:08:2a:13:41:2c:cb:46:c0:0e:a5:
                    c7:57:28:fa:7c:ac:4d:a6:f2:30:8c:20:fe:ff:d3:
                    33:54:97:31:f2:0e:26:c5:4c:cb:65:66:fd:33:fb:
                    1a:ee:c2:43:61:ec:5f:97:7e:f2:4c:38:32:f9:1b:
                    2e:6e:0f:27:6d:3d:8c:1f:79:63:11:80:02:9d:e1:
                    db:bd:14:3a:94:6e:44:27:ea:38:a0:a2:86:44:e0:
                    c4:4d:c8:dd:80:6f:d9:ed:81:38:01:a8:8b:fe:17:
                    5e:9b:b1:4d:77:47:39:07:52:3f:39:7d:2e:10:f1:
                    1e:b7:d7:af:20:6f:a0:27:b6:63:cf:35:7b:3e:19:
                    43:83:26:35:84:de:1a:fa:3b:93:a1:76:72:20:da:
                    38:8a:b7:ad:eb:a8:94:19:1c:a6:73:71:48:d1:66:
                    a5:94:cd:d1:ab:6a:fc:3a:67:88:8c:02:3a:c0:9e:
                    cc:ce:d4:3c:da:9f:86:f7:56:72:00:7a:ea:53:d0:
                    34:62:21:58:a3:ca:cc:77:f7:37:61:4c:01:9e:03:
                    4c:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:B4:14:EA:55:3D:E6:2C:6A:D9:83:CB:46:D3:24:EC:5D:5D:6B:24
            X509v3 Authority Key Identifier:
                keyid:2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/q7QU6lU95ixq2YPLRtMk7F1dayQ.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  219.72.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:5a:2b:f4:e7:df:7f:78:c8:1f:4e:cb:68:80:9b:47:f0:c7:
         a8:24:74:dc:ba:12:45:6d:2d:6f:59:ae:9d:75:d6:16:f2:15:
         69:12:9d:a6:28:5e:d0:90:e2:25:ee:08:01:6a:4a:59:57:f3:
         d5:2c:04:23:41:f8:eb:fb:bd:8c:81:eb:a9:83:64:4e:fd:c7:
         f2:68:a5:58:8e:3d:25:49:a3:a5:25:35:27:0f:11:32:63:38:
         b5:f9:85:53:8f:e3:ab:7f:bc:da:3d:81:c6:df:18:0a:33:94:
         5a:68:de:3d:89:58:40:9a:42:60:a1:75:6f:37:c8:3e:88:60:
         c7:1f:dd:d5:76:0f:a0:55:82:15:d0:72:9b:d4:19:1f:56:19:
         c9:1b:d5:86:78:c5:d0:2c:27:fa:81:38:5d:ed:d6:46:d0:41:
         e7:41:b1:a3:1f:86:9f:05:90:8b:15:59:f0:aa:dc:97:06:36:
         15:12:27:8d:fd:42:32:16:8a:f1:3a:d4:21:d9:a2:c2:1a:67:
         59:64:96:00:1a:ca:0b:5f:5b:be:65:d8:b4:07:f7:34:9f:7f:
         50:36:05:4a:ca:21:f6:50:57:e4:12:7a:b5:6a:c5:cf:d3:51:
         17:72:25:10:58:3b:c7:5c:d8:d5:29:c1:dc:e7:b6:2c:89:db:
         da:d9:e6:16
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICE8AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4
QzFERTE5NDc0MDM1Q0JFQTY3ODA1NEI2RDk0RjVBRkE1MzM2MTAeFw0yNDA1MjQw
MjI0NDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFCQjQxNEVBNTUzREU2
MkM2QUQ5ODNDQjQ2RDMyNEVDNUQ1RDZCMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgJtylGLz2fEy8oIInZ6DnZ6w4dqvqq4vTNkzOQTN85DzKqz3m
6x+T3b5bup+X1j/RCCoTQSzLRsAOpcdXKPp8rE2m8jCMIP7/0zNUlzHyDibFTMtl
Zv0z+xruwkNh7F+XfvJMODL5Gy5uDydtPYwfeWMRgAKd4du9FDqUbkQn6jigooZE
4MRNyN2Ab9ntgTgBqIv+F16bsU13RzkHUj85fS4Q8R63168gb6AntmPPNXs+GUOD
JjWE3hr6O5OhdnIg2jiKt63rqJQZHKZzcUjRZqWUzdGravw6Z4iMAjrAnszO1Dza
n4b3VnIAeupT0DRiIVijysx39zdhTAGeA0zVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUq7QU6lU95ixq2YPLRtMk7F1dayQwHwYDVR0jBBgwFoAULowd4ZR0A1y+pngF
S22U9a+lM2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3
L0xvd2Q0WlIwQTF5LXBuZ0ZTMjJVOWEtbE0yRS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTG93ZDRaUjBBMXktcG5nRlMyMlU5YS1sTTJFLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3L3E3UVU2bFU5NWl4cTJZ
UExSdE1rN0YxZGF5US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADbSKAwDQYJKoZIhvcNAQELBQADggEBABVaK/Tn3394yB9Oy2iAm0fwx6gkdNy6
EkVtLW9Zrp111hbyFWkSnaYoXtCQ4iXuCAFqSllX89UsBCNB+Ov7vYyB66mDZE79
x/JopViOPSVJo6UlNScPETJjOLX5hVOP46t/vNo9gcbfGAozlFpo3j2JWECaQmCh
dW83yD6IYMcf3dV2D6BVghXQcpvUGR9WGckb1YZ4xdAsJ/qBOF3t1kbQQedBsaMf
hp8FkIsVWfCq3JcGNhUSJ439QjIWivE61CHZosIaZ1lklgAaygtfW75l2LQH9zSf
f1A2BUrKIfZQV+QSerVqxc/TURdyJRBYO8dc2NUpwdzntiyJ29rZ5hY=
-----END CERTIFICATE-----
Generated at Mon Jun 17 07:40:03 2024 by rpki-client on console-fra.rpki-client.org