Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1232/rrNjo0quuEut_7Aoh2Su8cCRCIc.roa
File:                     rrNjo0quuEut_7Aoh2Su8cCRCIc.roa (raw, json)
Hash identifier:          FcJywaP1B3WpMCCfJLPBgeGnTQEMzK9/O0903KO2sqY=
Subject key identifier:   AE:B3:63:A3:4A:AE:B8:4B:AD:FF:B0:28:87:64:AE:F1:C0:91:08:87
Certificate issuer:       /CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4
Certificate serial:       B1
Authority key identifier: F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/rrNjo0quuEut_7Aoh2Su8cCRCIc.roa
Signing time:             Thu 11 Sep 2025 05:56:37 +0000
ROA not before:           Thu 11 Sep 2025 05:56:37 +0000
ROA not after:            Thu 20 Aug 2026 07:49:18 +0000
asID:                     8075
IP address blocks:        103.61.63.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 19 Oct 2025 23:36:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 177 (0xb1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F1989B406901ADF8810B9DCDC4E0FC9E7E85EEB4
        Validity
            Not Before: Sep 11 05:56:37 2025 GMT
            Not After : Aug 20 07:49:18 2026 GMT
        Subject: CN=AEB363A34AAEB84BADFFB0288764AEF1C0910887
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:29:df:65:98:34:7c:64:2a:c4:59:71:71:e7:
                    04:20:e4:13:0f:27:c4:fa:d4:4e:ca:bd:ee:1d:e6:
                    94:29:ed:6d:be:68:fd:46:8d:31:ea:a2:32:97:ea:
                    b7:b6:76:94:2d:20:3e:99:b6:73:26:0d:34:dc:49:
                    81:95:fb:d6:c0:d1:52:47:46:c6:d9:fe:65:13:94:
                    fb:b5:a7:4a:d1:e5:4f:31:1f:b0:64:22:40:d7:a7:
                    11:92:2f:ce:34:2d:04:aa:3e:f0:c4:a0:73:6c:55:
                    12:7f:46:a2:ac:ec:79:a8:f4:07:90:b1:5f:b7:1a:
                    9a:2a:84:fe:63:ef:94:bd:39:8c:f4:e9:3a:cd:17:
                    b1:74:43:23:8e:e6:d1:5c:56:54:dd:7e:90:f4:ff:
                    a1:6e:e4:fb:93:30:a6:65:a6:60:7f:a7:ef:8f:e2:
                    d0:ca:87:8f:2b:a1:1d:f1:18:76:3b:1c:ac:6b:14:
                    0a:1f:cd:b8:68:26:59:2a:99:87:4b:a4:de:49:6d:
                    c6:38:50:fa:99:69:d9:c9:18:7d:e3:bb:3a:9b:10:
                    c0:8d:b6:ac:8b:60:32:c8:23:d2:47:df:4e:b1:21:
                    c4:52:00:6f:dd:32:24:0e:fb:0d:49:e5:46:12:93:
                    bb:39:d0:7a:94:66:41:0d:99:08:e4:1d:3c:8c:c9:
                    43:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:B3:63:A3:4A:AE:B8:4B:AD:FF:B0:28:87:64:AE:F1:C0:91:08:87
            X509v3 Authority Key Identifier:
                keyid:F1:98:9B:40:69:01:AD:F8:81:0B:9D:CD:C4:E0:FC:9E:7E:85:EE:B4

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/8ZibQGkBrfiBC53NxOD8nn6F7rQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/8ZibQGkBrfiBC53NxOD8nn6F7rQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1232/rrNjo0quuEut_7Aoh2Su8cCRCIc.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.61.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:83:17:f7:dd:b8:23:27:17:92:4b:0a:22:d7:10:54:07:6c:
         7a:39:bd:7e:75:36:56:77:b6:b9:76:4b:a9:9b:f4:9b:0a:06:
         44:96:08:9e:99:bc:d7:6d:16:35:dc:c1:60:18:3e:92:86:10:
         f0:50:64:84:33:b2:79:23:9f:28:0c:92:bc:7a:49:f1:58:72:
         2f:57:0c:be:11:7a:f9:bc:03:f8:c7:c0:89:bc:a1:44:27:1a:
         fe:f8:51:4c:52:31:a2:41:66:94:96:dc:66:5a:c1:fb:57:9b:
         fe:86:85:00:82:27:12:2c:d0:6c:f3:0d:62:1d:13:c3:4a:a3:
         36:d5:3e:ce:4d:09:de:59:b3:1b:fe:05:fd:89:78:c8:b2:d6:
         dd:14:00:85:fa:83:ae:2e:4d:57:8f:ed:ca:4a:1e:c1:2a:88:
         5b:a8:52:7f:f4:37:e4:bf:b9:54:1d:3f:89:0c:d8:4b:25:5a:
         ef:6e:99:55:e9:af:96:40:99:c2:22:0c:7f:79:2a:14:c6:cc:
         7d:f3:95:06:5f:4e:3c:a0:55:53:f9:eb:9b:d8:ae:16:91:ec:
         17:88:de:d2:7e:8a:9d:b8:aa:29:df:d0:e6:04:3c:91:02:5e:
         67:7a:d9:0e:f4:90:9e:c2:c0:c3:df:65:af:80:da:9d:1f:d6:
         30:cf:d8:28
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICALEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjE5
ODlCNDA2OTAxQURGODgxMEI5RENEQzRFMEZDOUU3RTg1RUVCNDAeFw0yNTA5MTEw
NTU2MzdaFw0yNjA4MjAwNzQ5MThaMDMxMTAvBgNVBAMTKEFFQjM2M0EzNEFBRUI4
NEJBREZGQjAyODg3NjRBRUYxQzA5MTA4ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIKd9lmDR8ZCrEWXFx5wQg5BMPJ8T61E7Kve4d5pQp7W2+aP1G
jTHqojKX6re2dpQtID6ZtnMmDTTcSYGV+9bA0VJHRsbZ/mUTlPu1p0rR5U8xH7Bk
IkDXpxGSL840LQSqPvDEoHNsVRJ/RqKs7Hmo9AeQsV+3GpoqhP5j75S9OYz06TrN
F7F0QyOO5tFcVlTdfpD0/6Fu5PuTMKZlpmB/p++P4tDKh48roR3xGHY7HKxrFAof
zbhoJlkqmYdLpN5JbcY4UPqZadnJGH3juzqbEMCNtqyLYDLII9JH306xIcRSAG/d
MiQO+w1J5UYSk7s50HqUZkENmQjkHTyMyUMrAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUrrNjo0quuEut/7Aoh2Su8cCRCIcwHwYDVR0jBBgwFoAU8ZibQGkBrfiBC53N
xOD8nn6F7rQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIz
Mi84WmliUUdrQnJmaUJDNTNOeE9EOG5uNkY3clEuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzhaaWJRR2tCcmZpQkM1M054T0Q4bm42RjdyUS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMzIvcnJOam8wcXV1RXV0
XzdBb2gyU3U4Y0NSQ0ljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGc9PzANBgkqhkiG9w0BAQsFAAOCAQEAQIMX9924IycXkksKItcQVAdsejm9
fnU2Vne2uXZLqZv0mwoGRJYInpm8120WNdzBYBg+koYQ8FBkhDOyeSOfKAySvHpJ
8VhyL1cMvhF6+bwD+MfAibyhRCca/vhRTFIxokFmlJbcZlrB+1eb/oaFAIInEizQ
bPMNYh0Tw0qjNtU+zk0J3lmzG/4F/Yl4yLLW3RQAhfqDri5NV4/tykoewSqIW6hS
f/Q35L+5VB0/iQzYSyVa726ZVemvlkCZwiIMf3kqFMbMffOVBl9OPKBVU/nrm9iu
FpHsF4je0n6KnbiqKd/Q5gQ8kQJeZ3rZDvSQnsLAw99lr4DanR/WMM/YKA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:20:28 2025 by rpki-client