Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096704593695342593/0/AS17623.roa
File: AS17623.roa (raw, json)
Hash identifier: 4jjHSBrPjSJQ8oiSpFwbUP0Zl4BZGom44nAP3KGAduY=
Subject key identifier: 54:DB:7D:5B:DF:62:3F:2E:17:8A:39:D6:76:91:4F:2A:1D:89:57:47
Certificate issuer: /CN=A9143CB30000/serialNumber=EACB7B50F338DF2794EBA3F618C7233B2283E644
Certificate serial: 4253DA68A9C27C1E58323F3DBC9C747E53A6843E
Authority key identifier: EA:CB:7B:50:F3:38:DF:27:94:EB:A3:F6:18:C7:23:3B:22:83:E6:44
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6st7UPM43yeU66P2GMcjOyKD5kQ.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/0/AS17623.roa
Signing time: Tue 09 Jun 2026 03:02:33 +0000
ROA not before: Tue 09 Jun 2026 02:57:33 +0000
ROA not after: Tue 08 Jun 2027 03:02:33 +0000
asID: 17623
IP address blocks: 157.122.0.0/24 maxlen: 24
157.122.1.0/24 maxlen: 24
157.122.2.0/24 maxlen: 24
157.122.3.0/24 maxlen: 24
157.122.4.0/24 maxlen: 24
157.122.5.0/24 maxlen: 24
157.122.6.0/24 maxlen: 24
157.122.7.0/24 maxlen: 24
157.122.8.0/24 maxlen: 24
157.122.9.0/24 maxlen: 24
157.122.10.0/24 maxlen: 24
157.122.11.0/24 maxlen: 24
157.122.12.0/24 maxlen: 24
157.122.13.0/24 maxlen: 24
157.122.14.0/24 maxlen: 24
157.122.80.0/24 maxlen: 24
157.122.81.0/24 maxlen: 24
157.122.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/0/EACB7B50F338DF2794EBA3F618C7233B2283E644.crl
rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/0/EACB7B50F338DF2794EBA3F618C7233B2283E644.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6st7UPM43yeU66P2GMcjOyKD5kQ.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 01:46:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:53:da:68:a9:c2:7c:1e:58:32:3f:3d:bc:9c:74:7e:53:a6:84:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB30000, serialNumber=EACB7B50F338DF2794EBA3F618C7233B2283E644
Validity
Not Before: Jun 9 02:57:33 2026 GMT
Not After : Jun 8 03:02:33 2027 GMT
Subject: CN=54DB7D5BDF623F2E178A39D676914F2A1D895747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c3:38:fa:fd:51:0c:6b:f7:24:25:77:7e:5f:
e9:3d:73:e6:c3:75:5d:36:86:eb:fd:62:a7:8d:ed:
b8:ae:13:ed:89:46:9d:c3:dd:b1:88:7c:28:5a:f4:
5d:58:8b:3f:ab:ef:d7:b0:a6:79:78:e3:eb:7b:62:
d8:fd:5b:55:1d:0a:c1:e2:81:c9:19:aa:83:72:be:
3b:ac:25:92:cc:75:3f:9d:b5:e2:c8:e5:9a:35:e7:
dd:c2:6c:d7:2d:26:17:d3:5a:0e:75:5c:fd:fc:32:
6b:72:fe:fb:22:c7:88:e7:5d:84:9d:f3:b3:0b:42:
c3:5d:f9:91:d9:21:2e:ad:3b:21:dd:96:d5:c3:e7:
c3:03:38:e9:a3:16:52:e0:84:cb:b0:dd:4c:9b:c2:
f9:ad:8b:08:0b:b9:e8:7f:21:51:a1:32:c6:71:57:
be:b4:67:e9:38:96:d0:53:ae:5c:a0:ea:5e:e4:cb:
2b:89:9a:f9:0f:59:16:73:65:d0:d1:48:d3:33:6b:
34:25:03:bc:1b:46:cb:d8:61:65:fc:4b:8b:72:3d:
9e:61:ec:f5:57:87:c6:c2:c0:24:ce:a5:53:64:e6:
41:cf:74:a0:6b:b7:94:2a:69:cf:eb:b0:20:42:52:
dd:91:df:59:2d:16:f5:0e:4a:e1:0e:14:f0:8b:f5:
de:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:DB:7D:5B:DF:62:3F:2E:17:8A:39:D6:76:91:4F:2A:1D:89:57:47
X509v3 Authority Key Identifier:
keyid:EA:CB:7B:50:F3:38:DF:27:94:EB:A3:F6:18:C7:23:3B:22:83:E6:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/0/EACB7B50F338DF2794EBA3F618C7233B2283E644.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6st7UPM43yeU66P2GMcjOyKD5kQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/0/AS17623.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.122.0.0-157.122.14.255
157.122.80.0-157.122.82.255
Signature Algorithm: sha256WithRSAEncryption
41:5c:bd:13:f8:ea:00:14:94:9d:db:f9:9c:a6:cc:32:a4:a7:
15:56:92:97:c1:ed:41:9c:5f:56:a1:c0:a8:df:8d:62:3e:df:
8e:08:f3:b4:2e:16:41:c1:40:36:26:1f:86:64:33:72:b0:1d:
a3:60:68:1c:9d:e7:1b:bd:91:68:d4:5e:51:95:fa:8a:27:f9:
f6:8a:17:cb:d4:e1:46:1e:a2:60:cc:52:10:02:69:0e:f4:28:
5e:92:ce:1c:31:77:11:d7:d3:66:e9:9f:d9:74:71:d5:67:5d:
9e:cf:53:76:87:5d:71:e0:ec:8b:cc:ac:54:df:a9:78:80:4e:
57:c0:5a:73:48:b7:ca:c0:16:ef:f1:ce:4f:80:8b:3f:ab:06:
7e:a1:c6:05:01:49:43:7d:55:11:2c:fa:c4:2e:21:76:b2:4e:
0e:a5:1a:01:82:19:3e:33:0b:5e:a4:e7:2c:d2:44:80:43:5b:
8b:62:3d:90:ed:91:40:f9:d3:72:dc:1e:fb:82:17:c6:d8:2c:
4a:7c:e9:99:4d:e5:28:b8:d0:81:fb:c5:7e:a4:35:62:fb:80:
8a:40:c2:2f:3b:77:6f:76:50:9a:c4:7f:93:77:d0:a2:63:4b:
02:74:11:3f:2e:1a:a3:01:e3:17:0e:2a:d7:af:b1:55:d7:fd:
12:0c:21:69
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUQlPaaKnCfB5YMj89vJx0flOmhD4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNDNDQjMwMDAwMTEwLwYDVQQFEyhFQUNCN0I1MEYz
MzhERjI3OTRFQkEzRjYxOEM3MjMzQjIyODNFNjQ0MB4XDTI2MDYwOTAyNTczM1oX
DTI3MDYwODAzMDIzM1owMzExMC8GA1UEAxMoNTREQjdENUJERjYyM0YyRTE3OEEz
OUQ2NzY5MTRGMkExRDg5NTc0NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvDOPr9UQxr9yQld35f6T1z5sN1XTaG6/1ip43tuK4T7YlGncPdsYh8KFr0
XViLP6vv17CmeXjj63ti2P1bVR0KweKByRmqg3K+O6wlksx1P5214sjlmjXn3cJs
1y0mF9NaDnVc/fwya3L++yLHiOddhJ3zswtCw135kdkhLq07Id2W1cPnwwM46aMW
UuCEy7DdTJvC+a2LCAu56H8hUaEyxnFXvrRn6TiW0FOuXKDqXuTLK4ma+Q9ZFnNl
0NFI0zNrNCUDvBtGy9hhZfxLi3I9nmHs9VeHxsLAJM6lU2TmQc90oGu3lCppz+uw
IEJS3ZHfWS0W9Q5K4Q4U8Iv13vsCAwEAAaOCAfgwggH0MB0GA1UdDgQWBBRU231b
32I/LheKOdZ2kU8qHYlXRzAfBgNVHSMEGDAWgBTqy3tQ8zjfJ5Tro/YYxyM7IoPm
RDAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk2NzA0NTkzNjk1MzQyNTkzLzAvRUFDQjdC
NTBGMzM4REYyNzk0RUJBM0Y2MThDNzIzM0IyMjgzRTY0NC5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvNnN0N1VQTTQz
eWVVNjZQMkdNY2pPeUtENWtRLmNlcjBdBggrBgEFBQcBCwRRME8wTQYIKwYBBQUH
MAuGQXJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NjcwNDU5MzY5
NTM0MjU5My8wL0FTMTc2MjMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
NAYIKwYBBQUHAQcBAf8EJTAjMCEEAgABMBswCwMDAZ16AwQAnXoOMAwDBASdelAD
BACdelIwDQYJKoZIhvcNAQELBQADggEBAEFcvRP46gAUlJ3b+ZymzDKkpxVWkpfB
7UGcX1ahwKjfjWI+344I87QuFkHBQDYmH4ZkM3KwHaNgaByd5xu9kWjUXlGV+oon
+faKF8vU4UYeomDMUhACaQ70KF6SzhwxdxHX02bpn9l0cdVnXZ7PU3aHXXHg7IvM
rFTfqXiATlfAWnNIt8rAFu/xzk+Aiz+rBn6hxgUBSUN9VREs+sQuIXayTg6lGgGC
GT4zC16k5yzSRIBDW4tiPZDtkUD503LcHvuCF8bYLEp86ZlN5Si40IH7xX6kNWL7
gIpAwi87d292UJrEf5N30KJjSwJ0ET8uGqMB4xcOKtevsVXX/RIMIWk=
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:42:12 2026 by rpki-client