Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/WwhYoGpzHS3AWtY2_rLx2jCdH28.roa
File: WwhYoGpzHS3AWtY2_rLx2jCdH28.roa (raw, json)
Hash identifier: HUKIxbLW9sU8i1IJCRzoVFe5zFBzm2zcEHJ2jgjqtD0=
Subject key identifier: 5B:08:58:A0:6A:73:1D:2D:C0:5A:D6:36:FE:B2:F1:DA:30:9D:1F:6F
Certificate issuer: /CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2
Certificate serial: 105E
Authority key identifier: C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/WwhYoGpzHS3AWtY2_rLx2jCdH28.roa
Signing time: Fri 17 Jan 2025 01:28:53 +0000
ROA not before: Fri 17 Jan 2025 01:28:53 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 55990
IP address blocks: 139.9.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.mft
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 17:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4190 (0x105e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2
Validity
Not Before: Jan 17 01:28:53 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=5B0858A06A731D2DC05AD636FEB2F1DA309D1F6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c8:0c:47:23:71:af:80:b8:57:ec:11:e6:a5:
b4:79:9a:5c:76:66:90:f5:94:bb:fa:42:54:f8:dc:
e5:47:56:3e:e1:3d:3a:ec:db:52:b0:59:df:e0:5b:
ee:98:4b:58:5e:18:e8:dd:fe:8b:eb:4d:fb:e8:ed:
b9:df:da:f2:e1:ab:1a:ec:3b:bf:e0:b9:9d:a2:ca:
71:1b:6c:a0:54:35:8a:a3:2f:bc:aa:e1:ba:78:c3:
bd:f8:78:34:39:8a:5d:21:cc:8d:d5:67:68:a9:94:
99:f2:db:2b:9b:f3:b4:ee:27:04:7e:c4:89:9b:23:
17:a7:66:60:e4:8a:03:e8:3e:83:17:c3:88:12:54:
6b:42:72:a5:61:a5:91:b3:5a:1d:89:66:08:66:c2:
1c:b7:d5:e3:c3:32:97:cf:1c:3a:e9:fc:6b:2f:77:
7a:3b:a1:dd:a2:c0:bb:a4:f7:8b:49:4b:78:97:a6:
72:10:28:be:a7:1b:f1:49:a3:91:37:cd:fa:b6:d7:
f1:16:90:cd:00:ba:8b:f0:9d:12:f0:67:68:01:b4:
6f:58:15:67:74:99:f6:e6:41:25:f4:26:f1:76:0d:
1d:b4:cb:fe:81:ce:21:5e:5a:4d:7f:57:e1:d4:39:
f5:f6:54:68:1f:c4:30:cb:e4:43:31:a3:4c:78:39:
d2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:08:58:A0:6A:73:1D:2D:C0:5A:D6:36:FE:B2:F1:DA:30:9D:1F:6F
X509v3 Authority Key Identifier:
keyid:C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/WwhYoGpzHS3AWtY2_rLx2jCdH28.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
139.9.98.0/24
Signature Algorithm: sha256WithRSAEncryption
10:25:76:d6:ac:80:2d:10:60:6e:5d:6d:0a:b7:7d:93:a3:67:
ac:9e:c4:63:72:f4:dc:ef:b2:fe:bd:31:8b:4e:2e:26:dd:8d:
e0:29:99:05:46:e3:06:89:8a:88:47:98:fc:17:2e:80:1f:6a:
21:00:e3:43:79:05:6c:f5:0a:a6:e4:7a:a3:bb:88:25:b5:03:
49:58:7f:b4:05:7c:df:c9:9f:3b:1a:2f:bd:4e:a6:2f:55:98:
49:6c:29:ad:2b:d6:f2:26:36:b7:25:3a:15:d7:b5:71:ca:10:
b1:59:f1:41:91:54:9f:21:01:89:db:87:66:1e:80:dd:ea:dd:
1c:49:ea:31:03:58:9d:b9:0c:a8:db:bd:ef:4d:90:fc:00:b5:
fc:6d:d8:b5:2c:c3:c3:28:e8:1c:78:5f:97:1f:2f:c1:6d:18:
da:be:c7:a8:f2:8f:d6:39:fd:97:a4:3c:37:d9:68:2f:ce:2c:
5d:f0:de:12:4a:15:f9:07:fc:d5:06:77:29:1e:28:ac:bb:03:
b5:48:de:38:59:70:46:b8:90:8b:8d:1a:10:62:23:35:fd:9b:
e2:36:d7:76:a3:d7:a2:60:20:94:ec:1b:e6:6a:c8:db:d2:6e:
1f:ca:e0:eb:c8:b6:18:11:82:70:83:df:47:fc:3f:33:3d:53:
86:64:4a:bc
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzFE
MzEyOTE2MzhGNEE0MDQwQ0QzRDUyREVDM0ZGMkI5NzA5QzVGMjAeFw0yNTAxMTcw
MTI4NTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDVCMDg1OEEwNkE3MzFE
MkRDMDVBRDYzNkZFQjJGMURBMzA5RDFGNkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgyAxHI3GvgLhX7BHmpbR5mlx2ZpD1lLv6QlT43OVHVj7hPTrs
21KwWd/gW+6YS1heGOjd/ovrTfvo7bnf2vLhqxrsO7/guZ2iynEbbKBUNYqjL7yq
4bp4w734eDQ5il0hzI3VZ2iplJny2yub87TuJwR+xImbIxenZmDkigPoPoMXw4gS
VGtCcqVhpZGzWh2JZghmwhy31ePDMpfPHDrp/Gsvd3o7od2iwLuk94tJS3iXpnIQ
KL6nG/FJo5E3zfq21/EWkM0AuovwnRLwZ2gBtG9YFWd0mfbmQSX0JvF2DR20y/6B
ziFeWk1/V+HUOfX2VGgfxDDL5EMxo0x4OdK/AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUWwhYoGpzHS3AWtY2/rLx2jCdH28wHwYDVR0jBBgwFoAUwdMSkWOPSkBAzT1S
3sP/K5cJxfIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC93ZE1Ta1dPUFNrQkF6VDFTM3NQX0s1Y0p4ZkkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3dkTVNrV09QU2tCQXpUMVMzc1BfSzVjSnhmSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvV3doWW9HcHpIUzNB
V3RZMl9yTHgyakNkSDI4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAIsJYjANBgkqhkiG9w0BAQsFAAOCAQEAECV21qyALRBgbl1tCrd9k6NnrJ7E
Y3L03O+y/r0xi04uJt2N4CmZBUbjBomKiEeY/BcugB9qIQDjQ3kFbPUKpuR6o7uI
JbUDSVh/tAV838mfOxovvU6mL1WYSWwprSvW8iY2tyU6Fde1ccoQsVnxQZFUnyEB
iduHZh6A3erdHEnqMQNYnbkMqNu9702Q/AC1/G3YtSzDwyjoHHhflx8vwW0Y2r7H
qPKP1jn9l6Q8N9loL84sXfDeEkoV+Qf81QZ3KR4orLsDtUjeOFlwRriQi40aEGIj
Nf2b4jbXdqPXomAglOwb5mrI29JuH8rg68i2GBGCcIPfR/w/Mz1ThmRKvA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 17:35:27 2025 by rpki-client