Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/j3MYc-ZeCZUltYcD7mGB_gOh4YE.roa
File: j3MYc-ZeCZUltYcD7mGB_gOh4YE.roa (raw, json)
Hash identifier: PkiT7gawVseGEcOBUMRq39rqP4+AKQxW3mx8fnr5pm0=
Subject key identifier: 8F:73:18:73:E6:5E:09:95:25:B5:87:03:EE:61:81:FE:03:A1:E1:81
Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA
Certificate serial: 0657
Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/j3MYc-ZeCZUltYcD7mGB_gOh4YE.roa
Signing time: Tue 04 Mar 2025 06:58:44 +0000
ROA not before: Tue 04 Mar 2025 06:58:44 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 7641
IP address blocks: 150.242.52.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 15:08:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1623 (0x657)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA
Validity
Not Before: Mar 4 06:58:44 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=8F731873E65E099525B58703EE6181FE03A1E181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fd:5e:aa:ca:25:34:b5:53:5d:2f:06:90:b6:
62:99:11:3a:2e:49:60:67:30:ab:56:a9:c1:df:7e:
d3:fa:e1:fa:8a:a3:95:6a:26:9b:6a:31:7c:bd:33:
13:cf:da:57:3d:b0:42:cd:61:33:48:39:c3:fa:4b:
b3:9d:79:26:da:1b:28:9b:cf:b0:7f:20:95:21:f5:
23:59:4c:a2:f2:05:8b:5d:45:84:21:8f:b1:01:6d:
76:5c:94:ac:f4:53:10:f1:d5:08:1d:1a:88:e1:db:
2f:0a:c5:9a:1c:df:22:ed:d0:64:7e:94:cd:e5:f7:
32:5e:94:bf:d3:06:10:2e:bf:cc:65:39:2a:9e:b8:
c8:64:a0:79:d2:bb:23:c6:46:f1:78:64:b7:de:f9:
ac:42:0f:8a:39:03:bf:55:b0:91:64:9b:8d:4f:cc:
61:7b:61:b1:2f:16:59:27:02:c1:57:0a:28:f7:9f:
46:7b:9e:6d:01:d2:e1:a4:1c:73:2e:88:98:8e:de:
0d:9a:86:7c:53:45:fd:0a:5b:e0:35:80:ff:20:34:
03:4e:6e:b8:f9:45:b4:5d:a8:80:ab:70:96:2c:1e:
8f:1f:64:bb:73:29:95:47:41:34:84:9a:c0:86:4a:
5f:d9:90:6e:e2:ef:7a:57:37:a5:4d:f0:45:bf:cc:
6f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:73:18:73:E6:5E:09:95:25:B5:87:03:EE:61:81:FE:03:A1:E1:81
X509v3 Authority Key Identifier:
keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/j3MYc-ZeCZUltYcD7mGB_gOh4YE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.242.52.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:d7:0c:ad:0c:07:fe:4b:bb:18:8d:27:bd:27:0e:94:8c:d0:
92:ba:3f:05:55:55:f7:27:0c:2c:77:e0:b4:78:3c:62:9d:1d:
f5:8d:b6:2f:87:27:91:2b:5a:30:14:f1:d3:d7:76:e4:08:cf:
c8:43:0c:a1:91:66:47:75:aa:bd:f7:29:fc:32:d3:d5:1c:75:
f0:f1:7e:c2:f7:dd:38:fd:13:d9:82:4e:66:c3:38:db:41:d3:
ff:a7:08:e3:be:38:5f:8a:7c:46:64:bd:dc:b1:e8:c8:0b:49:
c4:2f:f1:55:28:33:bf:8b:54:2f:d0:7b:09:ac:d2:92:e1:a6:
32:d5:bb:50:88:b8:5c:df:5f:fd:32:79:24:4f:2b:a5:d7:6c:
17:42:4b:e3:df:91:07:be:6e:01:da:a4:76:28:5a:42:65:7e:
7b:cf:95:34:e1:99:38:54:d4:cc:ce:0c:5c:5c:4c:e6:fc:a8:
a4:16:27:d1:de:56:df:ba:6e:d6:04:ac:cb:d6:54:65:d1:bf:
d0:e7:8e:6c:c6:ef:ba:c8:b4:ab:ae:83:18:25:a7:9d:ad:1a:
bc:76:7f:7b:79:aa:b8:f3:90:cc:24:86:23:61:e8:a8:cc:ad:
fd:0f:dc:a5:7e:a7:e1:d9:ff:ea:a3:d6:a8:38:9c:ba:bc:76:
b3:25:47:b9
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICBlcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw
MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTAzMDQw
NjU4NDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDhGNzMxODczRTY1RTA5
OTUyNUI1ODcwM0VFNjE4MUZFMDNBMUUxODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs/V6qyiU0tVNdLwaQtmKZETouSWBnMKtWqcHfftP64fqKo5Vq
JptqMXy9MxPP2lc9sELNYTNIOcP6S7OdeSbaGyibz7B/IJUh9SNZTKLyBYtdRYQh
j7EBbXZclKz0UxDx1QgdGojh2y8KxZoc3yLt0GR+lM3l9zJelL/TBhAuv8xlOSqe
uMhkoHnSuyPGRvF4ZLfe+axCD4o5A79VsJFkm41PzGF7YbEvFlknAsFXCij3n0Z7
nm0B0uGkHHMuiJiO3g2ahnxTRf0KW+A1gP8gNANObrj5RbRdqICrcJYsHo8fZLtz
KZVHQTSEmsCGSl/ZkG7i73pXN6VN8EW/zG8hAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUj3MYc+ZeCZUltYcD7mGB/gOh4YEwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U
IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv
TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9qM01ZYy1aZUNaVWx0WWNE
N21HQl9nT2g0WUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
lvI0MA0GCSqGSIb3DQEBCwUAA4IBAQCP1wytDAf+S7sYjSe9Jw6UjNCSuj8FVVX3
Jwwsd+C0eDxinR31jbYvhyeRK1owFPHT13bkCM/IQwyhkWZHdaq99yn8MtPVHHXw
8X7C9904/RPZgk5mwzjbQdP/pwjjvjhfinxGZL3csejIC0nEL/FVKDO/i1Qv0HsJ
rNKS4aYy1btQiLhc31/9MnkkTyul12wXQkvj35EHvm4B2qR2KFpCZX57z5U04Zk4
VNTMzgxcXEzm/KikFifR3lbfum7WBKzL1lRl0b/Q545sxu+6yLSrroMYJaedrRq8
dn97eaq485DMJIYjYeiozK39D9ylfqfh2f/qo9aoOJy6vHazJUe5
-----END CERTIFICATE-----
Generated at Mon Apr 14 15:04:56 2025 by rpki-client