Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/PnrZXl-JMcCcet9XYmAc9zo9G7U.roa
File: PnrZXl-JMcCcet9XYmAc9zo9G7U.roa (raw, json)
Hash identifier: Kph7uzTsvzk8OPS9x2US++NU7Eb6y+WvjyGGYCvnm6U=
Subject key identifier: 3E:7A:D9:5E:5F:89:31:C0:9C:7A:DF:57:62:60:1C:F7:3A:3D:1B:B5
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 0EF8
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/PnrZXl-JMcCcet9XYmAc9zo9G7U.roa
Signing time: Mon 28 Oct 2024 10:22:12 +0000
ROA not before: Mon 28 Oct 2024 10:22:12 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 55990
IP address blocks: 113.45.100.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 26 Apr 2025 02:09:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3832 (0xef8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Oct 28 10:22:12 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=3E7AD95E5F8931C09C7ADF5762601CF73A3D1BB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2a:0f:ca:7d:f1:6f:89:b0:a4:a8:8b:3d:e8:
ad:bd:27:58:a4:47:df:16:39:ca:8c:ff:7e:31:f6:
61:18:db:94:6c:ab:81:ad:32:b2:a6:21:04:d2:75:
c7:ae:04:d4:bd:df:1f:ab:8d:06:72:77:12:da:72:
36:28:6a:b1:1a:ee:f3:10:88:3d:c8:34:62:9e:47:
d4:d6:ce:1b:b3:35:4d:49:a6:08:fd:ac:3b:62:9d:
7d:ca:52:15:64:8b:f8:eb:6e:81:61:0b:01:8d:04:
a7:7f:de:8b:c8:e5:80:bd:c5:fe:f5:53:80:01:89:
9c:af:df:f4:22:bd:53:81:7c:67:4c:66:a8:f1:df:
98:b3:e1:b7:95:62:2b:08:54:3a:35:4e:1e:88:f7:
0f:8f:75:c0:f9:6a:19:c5:34:50:f1:4f:ce:bb:52:
1e:82:10:c0:f9:29:20:1a:66:79:d2:b2:18:e8:30:
61:44:ac:6e:9f:88:3c:70:38:c8:b6:2b:14:69:46:
ca:14:8f:d5:b1:63:a0:ae:d7:75:19:86:cc:ce:db:
65:a7:c9:8d:3b:07:55:23:29:b2:de:c2:28:5c:fe:
58:7f:8f:03:f1:59:c7:b0:50:51:ca:e2:b6:e2:f3:
9f:c1:ed:18:7d:36:5e:e7:e2:63:6e:79:85:db:e0:
38:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:7A:D9:5E:5F:89:31:C0:9C:7A:DF:57:62:60:1C:F7:3A:3D:1B:B5
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/PnrZXl-JMcCcet9XYmAc9zo9G7U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.45.100.0/22
Signature Algorithm: sha256WithRSAEncryption
69:be:53:b4:28:85:97:79:44:b5:4c:a8:21:99:37:cb:78:91:
3e:f1:f7:ae:8e:d0:7a:9f:98:e9:19:7e:45:af:04:98:8c:67:
31:3d:be:b3:64:24:c5:94:19:ce:f1:aa:74:39:83:ee:25:ae:
55:6e:01:f8:f1:f3:96:82:4c:16:a6:04:f5:98:c5:a3:78:4d:
ae:92:7f:2a:7d:2a:5e:37:b7:58:04:dc:4c:48:00:1a:01:94:
6f:f6:72:e3:b7:73:58:50:80:aa:6a:3b:ce:da:d5:fd:fc:37:
75:d8:30:4b:9b:62:e5:66:bf:35:d9:1f:da:3f:e5:03:f1:60:
25:3a:53:9e:04:d9:16:42:eb:97:71:5c:01:a6:de:42:0c:41:
40:97:96:ae:b8:70:c2:75:75:75:1e:02:3f:f3:46:26:60:34:
eb:92:83:bd:be:60:2c:ff:8b:46:f5:7e:ec:97:ed:4e:88:3f:
8e:68:1b:49:c6:36:22:1f:22:91:38:51:1a:47:ce:bd:d4:ac:
18:71:e8:a7:0c:f1:c3:ec:d9:05:89:18:40:d7:dd:49:11:13:
05:0a:5d:14:9b:9b:d9:1a:3d:7c:5c:43:c5:eb:71:f9:38:34:
e6:eb:86:c3:c9:57:6e:89:cc:75:84:37:b8:46:2e:94:43:65:
5c:ee:b8:89
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICDvgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDEwMjgx
MDIyMTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDNFN0FEOTVFNUY4OTMx
QzA5QzdBREY1NzYyNjAxQ0Y3M0EzRDFCQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcKg/KffFvibCkqIs96K29J1ikR98WOcqM/34x9mEY25Rsq4Gt
MrKmIQTSdceuBNS93x+rjQZydxLacjYoarEa7vMQiD3INGKeR9TWzhuzNU1Jpgj9
rDtinX3KUhVki/jrboFhCwGNBKd/3ovI5YC9xf71U4ABiZyv3/QivVOBfGdMZqjx
35iz4beVYisIVDo1Th6I9w+PdcD5ahnFNFDxT867Uh6CEMD5KSAaZnnSshjoMGFE
rG6fiDxwOMi2KxRpRsoUj9WxY6Cu13UZhszO22WnyY07B1UjKbLewihc/lh/jwPx
WcewUFHK4rbi85/B7Rh9Nl7n4mNueYXb4DgVAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUPnrZXl+JMcCcet9XYmAc9zo9G7UwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvUG5yWlhsLUpNY0Nj
ZXQ5WFltQWM5em85RzdVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAnEtZDANBgkqhkiG9w0BAQsFAAOCAQEAab5TtCiFl3lEtUyoIZk3y3iRPvH3
ro7Qep+Y6Rl+Ra8EmIxnMT2+s2QkxZQZzvGqdDmD7iWuVW4B+PHzloJMFqYE9ZjF
o3hNrpJ/Kn0qXje3WATcTEgAGgGUb/Zy47dzWFCAqmo7ztrV/fw3ddgwS5ti5Wa/
Ndkf2j/lA/FgJTpTngTZFkLrl3FcAabeQgxBQJeWrrhwwnV1dR4CP/NGJmA065KD
vb5gLP+LRvV+7JftTog/jmgbScY2Ih8ikThRGkfOvdSsGHHopwzxw+zZBYkYQNfd
SRETBQpdFJub2Ro9fFxDxetx+Tg05uuGw8lXbonMdYQ3uEYulENlXO64iQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 21:56:31 2025 by rpki-client