Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/261/N4VoeXRmbTCfdWn-G1RCRF_auPY.roa
File: N4VoeXRmbTCfdWn-G1RCRF_auPY.roa (raw, json)
Hash identifier: OPRIP+qSDei+QWOU020Lm+y3XMbTygW8/4+15pFKOt4=
Subject key identifier: 37:85:68:79:74:66:6D:30:9F:75:69:FE:1B:54:42:44:5F:DA:B8:F6
Certificate issuer: /CN=76E046E3ECA10B928499F22A5E765C0416A60A4F
Certificate serial: 0A
Authority key identifier: 76:E0:46:E3:EC:A1:0B:92:84:99:F2:2A:5E:76:5C:04:16:A6:0A:4F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/duBG4-yhC5KEmfIqXnZcBBamCk8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/N4VoeXRmbTCfdWn-G1RCRF_auPY.roa
Signing time: Wed 15 Jan 2025 07:44:40 +0000
ROA not before: Wed 15 Jan 2025 07:44:40 +0000
ROA not after: Wed 14 Jan 2026 03:00:41 +0000
asID: 23771
IP address blocks: 182.80.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/duBG4-yhC5KEmfIqXnZcBBamCk8.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/duBG4-yhC5KEmfIqXnZcBBamCk8.mft
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/duBG4-yhC5KEmfIqXnZcBBamCk8.cer
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 24 Apr 2025 22:39:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76E046E3ECA10B928499F22A5E765C0416A60A4F
Validity
Not Before: Jan 15 07:44:40 2025 GMT
Not After : Jan 14 03:00:41 2026 GMT
Subject: CN=3785687974666D309F7569FE1B5442445FDAB8F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:f9:2e:bf:06:71:73:8a:7a:29:4e:64:c8:00:
ca:d0:c8:42:bf:0b:e7:44:da:c5:05:d0:93:20:96:
bb:b5:07:0e:19:4f:d2:e1:36:92:4b:c6:f0:c3:bb:
99:69:49:c0:a0:3e:de:6c:8c:3f:c1:cd:e6:4f:24:
0c:bf:42:e9:e5:c8:b8:7d:c3:fc:87:ac:64:b8:e2:
4c:fb:84:a3:eb:86:d2:fc:dc:5d:e4:83:67:a7:87:
e7:91:8a:e3:78:10:9e:ff:02:8c:e0:50:76:3c:1f:
70:3c:f3:c4:a4:63:af:ce:c7:cb:55:48:92:4f:45:
47:19:2e:39:54:5b:83:c6:33:10:10:f8:11:19:2a:
96:4c:15:f6:8f:ca:b2:f3:88:d8:76:95:58:89:99:
ff:54:cb:c7:d2:0c:96:a9:af:43:ea:66:02:c5:51:
c7:12:7c:8c:48:3c:50:04:da:a0:75:d2:8b:9e:ea:
f2:93:5c:f5:26:79:51:50:10:1b:c7:a0:db:40:92:
00:19:8c:fe:f2:7b:2f:bb:5e:6b:53:d1:3b:31:a2:
10:bd:fd:6d:3a:fe:50:7a:e9:4e:81:89:db:b1:61:
14:db:01:49:88:42:82:c6:b0:5b:2b:c0:05:58:e8:
ba:60:1f:4e:b5:3a:23:91:9d:3b:da:33:97:e2:a9:
84:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:85:68:79:74:66:6D:30:9F:75:69:FE:1B:54:42:44:5F:DA:B8:F6
X509v3 Authority Key Identifier:
keyid:76:E0:46:E3:EC:A1:0B:92:84:99:F2:2A:5E:76:5C:04:16:A6:0A:4F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/duBG4-yhC5KEmfIqXnZcBBamCk8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/duBG4-yhC5KEmfIqXnZcBBamCk8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/N4VoeXRmbTCfdWn-G1RCRF_auPY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
182.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:62:ea:c0:a8:16:15:13:d7:8b:06:47:5f:0b:fb:80:3b:94:
23:89:93:07:f6:68:f1:59:e3:ea:45:92:61:e8:82:71:99:98:
bf:57:dc:dc:84:70:d6:4d:fa:7d:a8:94:43:04:e6:16:94:3d:
d7:c9:d2:d1:4c:2f:81:9a:49:15:66:dc:d5:f7:eb:70:ed:64:
93:bf:44:0d:fd:21:27:2e:71:8e:5f:3d:cc:dd:ff:00:5a:92:
32:ea:36:db:b7:4f:78:57:4b:3b:e5:92:d1:25:04:63:0b:7f:
a8:0d:98:0a:e6:f2:8c:f7:d7:24:fa:21:56:ad:6a:1b:55:a2:
81:af:fb:e0:59:f5:92:8c:fb:d1:a1:37:27:67:b8:f8:b0:e8:
04:49:10:1c:f5:61:4c:eb:e1:44:61:05:0f:36:9b:2f:7d:65:
3b:ed:80:8e:40:f7:1d:c5:eb:f8:ca:2b:cc:93:74:39:d9:51:
18:9a:df:5a:ad:ab:8f:7f:55:9e:78:85:17:3d:aa:ad:8f:03:
3b:33:a8:51:59:ff:3b:e1:24:15:fe:fb:18:0d:99:00:02:bc:
b7:63:d5:66:43:ab:22:99:41:44:24:12:3d:b5:83:1c:d4:5f:
32:a7:d0:9e:c3:9c:50:ac:dd:2b:a0:79:df:a8:c0:80:3e:cd:
16:a4:bb:42
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIBCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3NkUw
NDZFM0VDQTEwQjkyODQ5OUYyMkE1RTc2NUMwNDE2QTYwQTRGMB4XDTI1MDExNTA3
NDQ0MFoXDTI2MDExNDAzMDA0MVowMzExMC8GA1UEAxMoMzc4NTY4Nzk3NDY2NkQz
MDlGNzU2OUZFMUI1NDQyNDQ1RkRBQjhGNjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAPT5Lr8GcXOKeilOZMgAytDIQr8L50TaxQXQkyCWu7UHDhlP0uE2
kkvG8MO7mWlJwKA+3myMP8HN5k8kDL9C6eXIuH3D/IesZLjiTPuEo+uG0vzcXeSD
Z6eH55GK43gQnv8CjOBQdjwfcDzzxKRjr87Hy1VIkk9FRxkuOVRbg8YzEBD4ERkq
lkwV9o/KsvOI2HaVWImZ/1TLx9IMlqmvQ+pmAsVRxxJ8jEg8UATaoHXSi57q8pNc
9SZ5UVAQG8eg20CSABmM/vJ7L7tea1PROzGiEL39bTr+UHrpToGJ27FhFNsBSYhC
gsawWyvABVjoumAfTrU6I5GdO9ozl+KphMcCAwEAAaOCAfAwggHsMB0GA1UdDgQW
BBQ3hWh5dGZtMJ91af4bVEJEX9q49jAfBgNVHSMEGDAWgBR24Ebj7KELkoSZ8ipe
dlwEFqYKTzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjEv
ZHVCRzQteWhDNUtFbWZJcVhuWmNCQmFtQ2s4LmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9kdUJHNC15aEM1S0VtZklxWG5aY0JCYW1DazguY2VyMA4GA1UdDwEB/wQE
AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjEvTjRWb2VYUm1iVENmZFdu
LUcxUkNSRl9hdVBZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj
LmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD
ALZQMA0GCSqGSIb3DQEBCwUAA4IBAQBRYurAqBYVE9eLBkdfC/uAO5QjiZMH9mjx
WePqRZJh6IJxmZi/V9zchHDWTfp9qJRDBOYWlD3XydLRTC+BmkkVZtzV9+tw7WST
v0QN/SEnLnGOXz3M3f8AWpIy6jbbt094V0s75ZLRJQRjC3+oDZgK5vKM99ck+iFW
rWobVaKBr/vgWfWSjPvRoTcnZ7j4sOgESRAc9WFM6+FEYQUPNpsvfWU77YCOQPcd
xev4yivMk3Q52VEYmt9arauPf1WeeIUXPaqtjwM7M6hRWf874SQV/vsYDZkAAry3
Y9VmQ6simUFEJBI9tYMc1F8yp9Cew5xQrN0roHnfqMCAPs0WpLtC
-----END CERTIFICATE-----
Generated at Thu Apr 24 21:34:06 2025 by rpki-client