Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/u7lZgEdGCNs4Zvs-7HW2nC4w66U.roa
File: u7lZgEdGCNs4Zvs-7HW2nC4w66U.roa (raw, json)
Hash identifier: I3xdN1One72rCMnXT+saJ13uQuiWtYKVejucNosRwAo=
Subject key identifier: BB:B9:59:80:47:46:08:DB:38:66:FB:3E:EC:75:B6:9C:2E:30:EB:A5
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18F9
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/u7lZgEdGCNs4Zvs-7HW2nC4w66U.roa
Signing time: Fri 17 Jan 2025 01:25:53 +0000
ROA not before: Fri 17 Jan 2025 01:25:53 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59083
IP address blocks: 103.10.2.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 14:07:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6393 (0x18f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:53 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=BBB95980474608DB3866FB3EEC75B69C2E30EBA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d4:c8:2a:f3:0f:08:ba:ea:66:46:c8:72:12:
31:f6:78:cc:35:a7:c7:74:df:30:11:4f:92:0b:cf:
f2:15:f2:b9:49:f2:74:c9:a7:26:6a:c7:de:5b:3c:
0c:c5:ef:a8:b9:ae:5d:12:79:2f:7d:99:64:06:d9:
ac:9d:64:d2:98:fd:bc:95:20:6c:34:10:72:7c:0e:
62:ab:93:71:af:66:ce:41:be:cb:85:8e:56:f0:c8:
2b:bd:88:74:30:49:80:2e:ba:b0:6e:fd:f8:e4:64:
e7:fb:5a:0b:f6:be:97:f1:e7:39:4f:1a:b0:e0:ce:
37:85:a1:1f:04:a3:a1:11:b7:e4:2f:48:53:dc:be:
39:02:b9:be:95:61:99:10:a2:f1:13:11:4d:b9:f2:
cd:be:89:b6:c2:d6:04:03:a9:cd:e6:93:8a:16:d6:
72:5a:7c:e7:b1:4a:46:3f:5a:e9:f1:18:80:a3:d1:
84:4c:9c:9e:c4:1d:04:35:ce:c1:b2:81:96:ea:59:
ce:d8:d0:57:88:0c:eb:70:55:b7:3b:37:a2:c5:e9:
07:c8:cb:2b:01:4d:66:ad:5e:52:c7:63:7d:d7:74:
d4:ef:72:0d:ee:61:42:b3:91:43:ec:d3:2a:c9:a7:
74:35:91:cc:68:37:e6:ac:e7:a0:e4:1c:19:34:60:
a0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B9:59:80:47:46:08:DB:38:66:FB:3E:EC:75:B6:9C:2E:30:EB:A5
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/u7lZgEdGCNs4Zvs-7HW2nC4w66U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.10.2.0/23
Signature Algorithm: sha256WithRSAEncryption
88:4d:8d:a7:57:92:86:a5:85:6d:20:79:7d:31:fa:4a:94:a0:
52:fe:a4:6b:89:9f:8a:30:9e:2f:ba:c1:81:08:cc:95:0a:8d:
81:36:b8:ab:7b:2f:ea:65:e8:3b:66:e8:27:eb:db:d2:71:02:
03:2b:4b:c7:a3:66:9f:d9:b5:54:a9:1e:25:29:30:46:93:c0:
1c:d2:b7:42:53:f9:7e:fe:dc:8a:bc:7c:08:77:44:7d:30:7b:
d0:22:46:24:9b:70:9a:38:11:54:34:95:8f:86:3d:15:1b:06:
fd:70:ec:e5:89:ca:c0:db:33:8f:63:33:bb:44:2a:46:64:94:
fe:94:56:2d:b1:ae:73:a8:e3:0e:ae:8e:75:80:17:11:97:a9:
03:b4:0f:49:7b:98:99:88:68:86:e0:aa:40:51:47:73:40:c2:
24:2a:32:bc:54:ad:88:ad:59:ae:ae:df:5b:58:71:b2:b1:2e:
8f:b4:68:4e:8c:9b:38:c7:93:00:5a:14:87:45:a5:e3:1c:1f:
cc:59:77:b6:a8:3e:a1:20:62:39:d2:06:79:a9:ea:86:5f:ea:
64:97:60:ef:0b:eb:c7:b5:e6:a0:92:6e:2c:ad:33:97:b4:bb:
eb:f0:e3:79:7e:24:ca:e6:57:a8:3d:dc:a2:96:c1:a0:93:bf:
73:b7:82:59
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGPkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1NTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJCQjk1OTgwNDc0NjA4
REIzODY2RkIzRUVDNzVCNjlDMkUzMEVCQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB1Mgq8w8IuupmRshyEjH2eMw1p8d03zART5ILz/IV8rlJ8nTJ
pyZqx95bPAzF76i5rl0SeS99mWQG2aydZNKY/byVIGw0EHJ8DmKrk3GvZs5BvsuF
jlbwyCu9iHQwSYAuurBu/fjkZOf7Wgv2vpfx5zlPGrDgzjeFoR8Eo6ERt+QvSFPc
vjkCub6VYZkQovETEU258s2+ibbC1gQDqc3mk4oW1nJafOexSkY/WunxGICj0YRM
nJ7EHQQ1zsGygZbqWc7Y0FeIDOtwVbc7N6LF6QfIyysBTWatXlLHY33XdNTvcg3u
YUKzkUPs0yrJp3Q1kcxoN+as56DkHBk0YKDdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUu7lZgEdGCNs4Zvs+7HW2nC4w66UwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3U3bFpnRWRHQ05zNFp2
cy03SFcybkM0dzY2VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFnCgIwDQYJKoZIhvcNAQELBQADggEBAIhNjadXkoalhW0geX0x+kqUoFL+pGuJ
n4owni+6wYEIzJUKjYE2uKt7L+pl6Dtm6Cfr29JxAgMrS8ejZp/ZtVSpHiUpMEaT
wBzSt0JT+X7+3Iq8fAh3RH0we9AiRiSbcJo4EVQ0lY+GPRUbBv1w7OWJysDbM49j
M7tEKkZklP6UVi2xrnOo4w6ujnWAFxGXqQO0D0l7mJmIaIbgqkBRR3NAwiQqMrxU
rYitWa6u31tYcbKxLo+0aE6MmzjHkwBaFIdFpeMcH8xZd7aoPqEgYjnSBnmp6oZf
6mSXYO8L68e15qCSbiytM5e0u+vw43l+JMrmV6g93KKWwaCTv3O3glk=
-----END CERTIFICATE-----
Generated at Mon Apr 14 12:03:39 2025 by rpki-client