Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/1JjEpP56gZe_kkWBRGe3-5U1DqQ.roa
File: 1JjEpP56gZe_kkWBRGe3-5U1DqQ.roa (raw, json)
Hash identifier: sJUuR8iwv375iZCtoI6vMgRKrIFSqzoqIVnS+dCXhzs=
Subject key identifier: D4:98:C4:A4:FE:7A:81:97:BF:92:45:81:44:67:B7:FB:95:35:0E:A4
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 11CF
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/1JjEpP56gZe_kkWBRGe3-5U1DqQ.roa
Signing time: Fri 14 Mar 2025 09:32:38 +0000
ROA not before: Fri 14 Mar 2025 09:32:38 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 55990
IP address blocks: 113.47.226.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 14:07:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4559 (0x11cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Mar 14 09:32:38 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D498C4A4FE7A8197BF9245814467B7FB95350EA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:38:47:d9:f4:19:97:bf:a1:9c:bd:53:31:73:
a1:49:a2:b7:51:ee:00:a1:7c:84:8f:79:7a:2b:54:
60:2b:b4:6e:b7:2e:8b:8f:db:52:ba:88:ff:14:1a:
3e:fe:69:c3:4f:ab:42:8e:ea:e4:9a:5e:1e:3a:a2:
da:f7:fb:87:d5:67:3f:bc:50:21:3f:2a:67:69:cc:
83:1a:f9:08:5e:bf:a9:f7:32:77:dd:e1:76:e8:6b:
8a:0b:a5:9c:fc:98:be:b1:4c:8d:b8:b4:23:61:d4:
3a:8c:42:73:8c:e1:0b:d1:3e:5b:c6:7d:74:46:0a:
b3:e9:15:d6:f3:9f:d0:21:85:13:81:bf:84:37:34:
2e:80:53:c3:79:ba:7d:3d:3d:31:a4:9d:8d:2f:57:
66:bb:62:c6:2f:6e:61:ab:ab:11:23:4a:6b:dd:8c:
a1:2b:9b:25:c2:a2:28:59:b5:8e:af:48:a3:5d:5b:
3f:f1:84:13:d0:d0:fb:25:3a:22:4a:5e:da:23:73:
61:9c:b9:ec:dd:31:53:a5:8e:f6:2e:1c:11:cd:61:
56:48:fa:97:51:8c:a7:6a:43:f5:93:62:49:a0:6a:
9d:ff:31:8b:2e:94:3a:f8:5c:7c:17:f9:7f:47:e4:
4a:d5:61:b9:b8:80:9e:d4:7c:d9:9c:2c:0e:95:6e:
ac:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:98:C4:A4:FE:7A:81:97:BF:92:45:81:44:67:B7:FB:95:35:0E:A4
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/1JjEpP56gZe_kkWBRGe3-5U1DqQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.47.226.0/23
Signature Algorithm: sha256WithRSAEncryption
43:54:82:09:ab:71:e6:5f:dc:43:f4:ff:dc:f1:a0:8e:67:59:
89:a3:23:0b:6a:58:67:92:f3:7a:f4:23:fe:b7:56:b2:20:e1:
fb:92:6b:3f:7a:4d:35:e5:fd:6e:8b:1c:ce:84:67:49:12:4a:
7f:fa:00:64:29:ca:b6:89:ac:bb:ae:5b:a6:f9:32:31:63:06:
03:71:f7:a7:95:3d:ac:19:af:66:6e:32:f6:3f:67:fd:38:6d:
6c:62:34:65:fa:c9:70:5b:87:23:f7:c3:b7:63:b6:9f:cf:37:
4d:9c:45:a7:83:2c:ae:fd:6a:20:9a:1b:77:02:16:51:75:7e:
8f:53:fe:23:e4:43:0d:96:83:cc:a3:da:04:30:ce:09:d2:8c:
78:41:1e:c0:97:58:53:5e:b4:4d:44:57:8f:99:bd:09:c7:48:
95:80:9e:d9:25:36:03:8b:8b:bf:a1:3a:b0:78:9c:b2:5c:2b:
4b:e8:e5:17:e7:71:29:49:31:74:5e:81:1c:d7:12:92:50:5f:
48:e4:2d:7a:3a:45:91:45:ed:50:c1:c4:1f:ab:d5:8f:55:1f:
0a:78:6f:98:ae:b7:1c:7e:bb:8f:e4:22:15:1b:0a:44:6e:9b:
27:86:62:29:42:25:b5:3b:a9:2a:7c:a6:e8:cb:96:32:b6:77:
f3:e6:32:8b
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEc8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTAzMTQw
OTMyMzhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ0OThDNEE0RkU3QTgx
OTdCRjkyNDU4MTQ0NjdCN0ZCOTUzNTBFQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8OEfZ9BmXv6GcvVMxc6FJordR7gChfISPeXorVGArtG63LouP
21K6iP8UGj7+acNPq0KO6uSaXh46otr3+4fVZz+8UCE/KmdpzIMa+Qhev6n3Mnfd
4Xboa4oLpZz8mL6xTI24tCNh1DqMQnOM4QvRPlvGfXRGCrPpFdbzn9AhhROBv4Q3
NC6AU8N5un09PTGknY0vV2a7YsYvbmGrqxEjSmvdjKErmyXCoihZtY6vSKNdWz/x
hBPQ0PslOiJKXtojc2GcuezdMVOljvYuHBHNYVZI+pdRjKdqQ/WTYkmgap3/MYsu
lDr4XHwX+X9H5ErVYbm4gJ7UfNmcLA6VbqzNAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU1JjEpP56gZe/kkWBRGe3+5U1DqQwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvMUpqRXBQNTZnWmVf
a2tXQlJHZTMtNVUxRHFRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAXEv4jANBgkqhkiG9w0BAQsFAAOCAQEAQ1SCCatx5l/cQ/T/3PGgjmdZiaMj
C2pYZ5LzevQj/rdWsiDh+5JrP3pNNeX9bosczoRnSRJKf/oAZCnKtomsu65bpvky
MWMGA3H3p5U9rBmvZm4y9j9n/ThtbGI0ZfrJcFuHI/fDt2O2n883TZxFp4Msrv1q
IJobdwIWUXV+j1P+I+RDDZaDzKPaBDDOCdKMeEEewJdYU160TURXj5m9CcdIlYCe
2SU2A4uLv6E6sHicslwrS+jlF+dxKUkxdF6BHNcSklBfSOQtejpFkUXtUMHEH6vV
j1UfCnhvmK63HH67j+QiFRsKRG6bJ4ZiKUIltTupKnym6MuWMrZ38+Yyiw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 11:28:29 2025 by rpki-client