Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2048/NeekGFR5NIVtajaJ5HdjX8R8fNo.roa
File: NeekGFR5NIVtajaJ5HdjX8R8fNo.roa (raw, json)
Hash identifier: AQAjAJlgu+LEfO1yH586ESbhoVxFXl/P5tNzJvUMOEY=
Subject key identifier: 35:E7:A4:18:54:79:34:85:6D:6A:36:89:E4:77:63:5F:C4:7C:7C:DA
Certificate issuer: /CN=4E25934FE8D89959425D1018EB121981DA250985
Certificate serial: 06DE
Authority key identifier: 4E:25:93:4F:E8:D8:99:59:42:5D:10:18:EB:12:19:81:DA:25:09:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/NeekGFR5NIVtajaJ5HdjX8R8fNo.roa
Signing time: Sun 16 Feb 2025 02:25:44 +0000
ROA not before: Sun 16 Feb 2025 02:25:44 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 151296
IP address blocks: 2406:8880::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.mft
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 19:08:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1758 (0x6de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4E25934FE8D89959425D1018EB121981DA250985
Validity
Not Before: Feb 16 02:25:44 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=35E7A418547934856D6A3689E477635FC47C7CDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:01:bf:a8:c1:0f:0e:45:ca:38:e4:9a:db:e2:
38:d1:0a:57:4c:fc:36:27:e3:0f:e0:ca:d8:ea:da:
64:83:2c:f6:78:a9:fe:75:e1:08:56:fe:dc:f2:39:
cf:50:6c:e0:67:fd:68:f3:c1:27:27:4e:26:94:2d:
34:87:e3:37:10:d1:bf:fa:8c:4b:d9:ce:f1:6a:3f:
6e:6b:d3:fa:85:cb:23:c6:ca:3e:dc:49:f7:35:5b:
74:14:9e:c4:c3:ff:96:64:29:75:42:ba:86:9d:16:
b3:f2:4c:06:09:28:93:89:7c:e2:a1:0c:1b:c4:60:
e9:4e:f8:57:87:98:cc:33:07:71:b3:5d:30:83:eb:
b5:8f:90:79:c9:45:c9:50:27:8a:5e:f7:20:ac:42:
97:05:bd:8e:49:14:b1:2f:b6:dd:7c:8a:d8:dc:ac:
52:60:ce:9c:7f:27:1b:e4:7d:6c:81:c3:3e:68:df:
a0:58:72:40:61:81:d3:f2:58:31:5a:12:0c:5e:1f:
aa:58:42:1e:22:ac:de:f5:df:11:e9:64:8d:27:e4:
ad:a4:4e:7a:7f:ed:8e:d9:fa:f0:62:4d:49:7a:da:
c0:a2:3e:36:c3:ff:cd:2c:d9:c9:d7:c6:82:92:e2:
1d:4a:ca:bd:1e:f9:75:0e:17:e4:94:44:bc:9b:6b:
bb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E7:A4:18:54:79:34:85:6D:6A:36:89:E4:77:63:5F:C4:7C:7C:DA
X509v3 Authority Key Identifier:
keyid:4E:25:93:4F:E8:D8:99:59:42:5D:10:18:EB:12:19:81:DA:25:09:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/NeekGFR5NIVtajaJ5HdjX8R8fNo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:8880::/32
Signature Algorithm: sha256WithRSAEncryption
12:3f:db:9d:e0:09:88:93:8e:54:9a:bc:69:1d:ed:e1:58:81:
f0:31:a3:99:59:9b:3c:0e:8f:5f:5b:92:69:e0:93:aa:31:2d:
b2:af:e6:1e:75:43:52:b3:b5:20:d0:a4:81:58:db:57:ed:a9:
78:e1:e9:41:de:55:02:8b:83:6e:06:c3:6f:87:93:4b:b2:32:
07:17:c9:56:64:6a:73:34:a5:75:ae:96:58:6b:6b:ca:44:7a:
31:44:2d:bc:82:52:31:bc:06:0f:58:be:73:43:9a:15:54:9d:
6e:5b:8a:f1:60:4e:28:59:75:c8:d3:44:e9:88:12:25:b4:ba:
04:8a:10:ff:91:2d:98:e2:f1:46:22:4a:47:ee:57:de:54:84:
0b:0f:0c:58:53:cf:be:2b:2f:16:c6:41:89:29:3f:e3:93:de:
70:c3:7e:81:23:7d:26:6d:c2:4f:95:b2:f8:a4:b2:19:37:7c:
b5:7c:9f:a0:90:26:84:fe:49:11:a8:31:eb:79:1b:82:b4:e9:
a2:47:0d:2d:d8:0a:e7:cd:4b:04:2b:ad:6d:a9:25:7c:c7:3f:
26:1c:5f:05:53:3b:ba:b8:ed:83:a5:35:73:99:65:60:5e:ef:
94:ac:da:58:66:15:46:44:38:1e:e3:96:f3:11:11:c3:a0:6a:
f5:d7:c8:2e
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICBt4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEUy
NTkzNEZFOEQ4OTk1OTQyNUQxMDE4RUIxMjE5ODFEQTI1MDk4NTAeFw0yNTAyMTYw
MjI1NDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM1RTdBNDE4NTQ3OTM0
ODU2RDZBMzY4OUU0Nzc2MzVGQzQ3QzdDREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLAb+owQ8ORco45Jrb4jjRCldM/DYn4w/gytjq2mSDLPZ4qf51
4QhW/tzyOc9QbOBn/WjzwScnTiaULTSH4zcQ0b/6jEvZzvFqP25r0/qFyyPGyj7c
Sfc1W3QUnsTD/5ZkKXVCuoadFrPyTAYJKJOJfOKhDBvEYOlO+FeHmMwzB3GzXTCD
67WPkHnJRclQJ4pe9yCsQpcFvY5JFLEvtt18itjcrFJgzpx/JxvkfWyBwz5o36BY
ckBhgdPyWDFaEgxeH6pYQh4irN713xHpZI0n5K2kTnp/7Y7Z+vBiTUl62sCiPjbD
/80s2cnXxoKS4h1Kyr0e+XUOF+SURLyba7vpAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUNeekGFR5NIVtajaJ5HdjX8R8fNowHwYDVR0jBBgwFoAUTiWTT+jYmVlCXRAY
6xIZgdolCYUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA0
OC9UaVdUVC1qWW1WbENYUkFZNnhJWmdkb2xDWVUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1RpV1RULWpZbVZsQ1hSQVk2eElaZ2RvbENZVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNDgvTmVla0dGUjVOSVZ0
YWphSjVIZGpYOFI4Zk5vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQGiIAwDQYJKoZIhvcNAQELBQADggEBABI/253gCYiTjlSavGkd7eFYgfAx
o5lZmzwOj19bkmngk6oxLbKv5h51Q1KztSDQpIFY21ftqXjh6UHeVQKLg24Gw2+H
k0uyMgcXyVZkanM0pXWullhra8pEejFELbyCUjG8Bg9YvnNDmhVUnW5bivFgTihZ
dcjTROmIEiW0ugSKEP+RLZji8UYiSkfuV95UhAsPDFhTz74rLxbGQYkpP+OT3nDD
foEjfSZtwk+Vsvikshk3fLV8n6CQJoT+SRGoMet5G4K06aJHDS3YCufNSwQrrW2p
JXzHPyYcXwVTO7q47YOlNXOZZWBe75Ss2lhmFUZEOB7jlvMREcOgavXXyC4=
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:58:57 2025 by rpki-client