Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/FuuV1FWcIVEmr12abTsIpRSfYQE.roa
File:                     FuuV1FWcIVEmr12abTsIpRSfYQE.roa (raw, json)
Hash identifier:          p3bkRyuJ7RO7ZQEWIdUEO8EVhuG0Ju5tEyYqdDsYyOU=
Subject key identifier:   16:EB:95:D4:55:9C:21:51:26:AF:5D:9A:6D:3B:08:A5:14:9F:61:01
Certificate issuer:       /CN=EC10C93455759C659D2BB819FB07FF7063CECC32
Certificate serial:       1457
Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/FuuV1FWcIVEmr12abTsIpRSfYQE.roa
Signing time:             Sat 23 Dec 2023 08:47:56 +0000
ROA not before:           Sat 23 Dec 2023 08:47:56 +0000
ROA not after:            Tue 08 Oct 2024 00:16:33 +0000
asID:                     13444
IP address blocks:        118.184.248.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 17 Jun 2024 03:56:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5207 (0x1457)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32
        Validity
            Not Before: Dec 23 08:47:56 2023 GMT
            Not After : Oct  8 00:16:33 2024 GMT
        Subject: CN=16EB95D4559C215126AF5D9A6D3B08A5149F6101
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:8b:f4:ad:0d:ff:91:4f:55:c4:72:3d:5b:26:
                    89:a8:1a:fd:4e:48:80:f9:e0:d8:e5:26:cd:7c:90:
                    03:1c:64:52:5c:c7:39:65:20:52:6b:df:4b:34:54:
                    9b:f5:68:c6:eb:be:3c:fa:7a:c0:90:59:2f:6e:07:
                    aa:87:1d:f4:a1:01:3d:6b:aa:7d:45:f2:64:2c:33:
                    8d:b4:5b:da:82:2c:74:ae:aa:b9:62:27:d0:db:b9:
                    fa:11:23:eb:da:6d:9b:96:f7:5d:b4:ec:c8:f9:e4:
                    b4:f9:15:6d:41:2e:92:6f:ab:4a:4d:a6:5d:78:62:
                    07:b2:44:f0:3c:ad:d8:4f:7a:b3:2f:06:48:75:96:
                    a7:fc:ae:85:20:5e:0b:6e:7c:95:f1:16:31:da:c5:
                    df:8a:68:74:73:c2:73:14:6e:e0:d9:71:62:f0:05:
                    54:e1:71:8a:f5:c3:8a:4b:39:f9:5e:2a:70:6b:df:
                    80:36:64:d6:75:37:77:f3:65:bd:5d:59:09:c3:09:
                    8e:99:0b:fa:34:c4:08:b5:4c:0e:f7:46:14:c2:06:
                    52:3d:5c:e4:5c:1a:0e:36:b2:c3:14:ae:e6:8d:61:
                    ea:c5:1b:6b:a2:c7:6d:22:5d:13:65:02:4b:cc:4d:
                    cc:58:76:cc:f7:f5:b9:a4:af:ec:92:99:62:c5:33:
                    06:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:EB:95:D4:55:9C:21:51:26:AF:5D:9A:6D:3B:08:A5:14:9F:61:01
            X509v3 Authority Key Identifier:
                keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/FuuV1FWcIVEmr12abTsIpRSfYQE.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.184.248.0/21

    Signature Algorithm: sha256WithRSAEncryption
         7b:f0:43:45:88:0c:ae:41:a5:39:2c:51:e8:f0:fb:ad:3f:bf:
         2f:5b:4d:fe:49:14:43:ea:1d:f5:1d:90:85:b9:3b:3a:38:0d:
         42:6e:2d:8f:a4:00:57:ed:5c:6f:87:86:8a:f7:b0:e7:e6:f3:
         fd:17:c5:7e:89:ae:cc:36:5e:9e:61:19:49:3f:ab:09:c6:b0:
         b0:5f:fa:66:5f:d5:30:0c:12:6c:2f:2e:ec:75:3b:29:79:93:
         fc:b5:04:c2:2a:7a:a6:37:f5:a2:78:1c:b5:0c:6c:64:29:4d:
         8b:6a:8a:e8:21:f1:0a:6b:23:31:64:e1:f0:a5:5f:8c:7c:fd:
         13:24:e2:04:b9:05:49:c8:1a:35:c9:e8:6e:b1:8c:58:e0:d4:
         03:a3:e8:9c:f1:d5:cd:6a:7b:eb:87:c2:fd:ac:e3:6b:70:f3:
         88:e8:50:8d:15:3a:b8:3e:1f:88:c8:01:23:4a:86:e5:86:21:
         19:16:42:91:e0:9f:f7:fe:9c:c5:c7:7c:45:26:e9:f2:92:a1:
         a5:18:36:65:55:84:6f:f7:48:95:5b:3f:b9:9c:12:7e:ab:3a:
         4a:e5:43:83:f2:4a:ba:82:b9:c6:e3:18:ef:42:91:ad:e4:ce:
         42:53:56:54:8c:de:57:ef:ce:56:12:aa:00:42:66:60:e2:b8:
         a7:15:8a:48
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFFcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx
MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yMzEyMjMw
ODQ3NTZaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDE2RUI5NUQ0NTU5QzIx
NTEyNkFGNUQ5QTZEM0IwOEE1MTQ5RjYxMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCti/StDf+RT1XEcj1bJomoGv1OSID54NjlJs18kAMcZFJcxzll
IFJr30s0VJv1aMbrvjz6esCQWS9uB6qHHfShAT1rqn1F8mQsM420W9qCLHSuqrli
J9DbufoRI+vabZuW91207Mj55LT5FW1BLpJvq0pNpl14YgeyRPA8rdhPerMvBkh1
lqf8roUgXgtufJXxFjHaxd+KaHRzwnMUbuDZcWLwBVThcYr1w4pLOfleKnBr34A2
ZNZ1N3fzZb1dWQnDCY6ZC/o0xAi1TA73RhTCBlI9XORcGg42ssMUruaNYerFG2ui
x20iXRNlAkvMTcxYdsz39bmkr+ySmWLFMwYjAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUFuuV1FWcIVEmr12abTsIpRSfYQEwHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ
+wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy
OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvRnV1VjFGV2NJVkVt
cjEyYWJUc0lwUlNmWVFFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA3a4+DANBgkqhkiG9w0BAQsFAAOCAQEAe/BDRYgMrkGlOSxR6PD7rT+/L1tN
/kkUQ+od9R2Qhbk7OjgNQm4tj6QAV+1cb4eGivew5+bz/RfFfomuzDZenmEZST+r
CcawsF/6Zl/VMAwSbC8u7HU7KXmT/LUEwip6pjf1ongctQxsZClNi2qK6CHxCmsj
MWTh8KVfjHz9EyTiBLkFScgaNcnobrGMWODUA6PonPHVzWp764fC/azja3DziOhQ
jRU6uD4fiMgBI0qG5YYhGRZCkeCf9/6cxcd8RSbp8pKhpRg2ZVWEb/dIlVs/uZwS
fqs6SuVDg/JKuoK5xuMY70KRreTOQlNWVIzeV+/OVhKqAEJmYOK4pxWKSA==
-----END CERTIFICATE-----
Generated at Mon Jun 17 01:04:05 2024 by rpki-client on console-fra.rpki-client.org