Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS17633.roa
File: AS17633.roa (raw, json)
Hash identifier: ethKz/w31p5uLyRyHuRVdBHtmZqeBx8DGzR9hJXnrF8=
Subject key identifier: 7C:25:08:C2:B1:1E:FD:1A:70:29:9A:49:B0:2C:9F:BB:EE:27:B9:06
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 5F54313B31CF4993603627C341036B1246DB3374
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS17633.roa
Signing time: Wed 03 Jun 2026 17:40:02 +0000
ROA not before: Wed 03 Jun 2026 17:35:02 +0000
ROA not after: Wed 02 Jun 2027 17:40:02 +0000
asID: 17633
IP address blocks: 202.111.230.0/24 maxlen: 24
202.111.247.0/24 maxlen: 24
219.146.0.0/19 maxlen: 19
219.146.0.0/24 maxlen: 24
219.146.1.0/24 maxlen: 24
219.146.2.0/24 maxlen: 24
219.146.3.0/24 maxlen: 24
219.146.4.0/24 maxlen: 24
219.146.10.0/24 maxlen: 24
219.146.11.0/24 maxlen: 24
219.146.12.0/24 maxlen: 24
219.146.13.0/24 maxlen: 24
219.146.14.0/24 maxlen: 24
219.146.15.0/24 maxlen: 24
219.146.23.0/24 maxlen: 24
240e:e:a800::/37 maxlen: 37
240e:4e::/37 maxlen: 37
240e:4e::/48 maxlen: 48
240e:4e:4::/48 maxlen: 48
240e:4e:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:54:31:3b:31:cf:49:93:60:36:27:c3:41:03:6b:12:46:db:33:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: Jun 3 17:35:02 2026 GMT
Not After : Jun 2 17:40:02 2027 GMT
Subject: CN=7C2508C2B11EFD1A70299A49B02C9FBBEE27B906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d5:56:e0:be:da:57:64:46:fd:b5:37:30:61:
22:bd:d9:d0:c9:59:2c:4a:e7:93:4e:47:3f:a3:45:
a7:00:dd:d5:6e:4f:77:be:1d:68:e8:ae:0d:b8:fe:
dd:9d:04:8c:27:4e:a4:3a:73:cc:e7:e2:5d:98:e5:
b4:99:7d:87:5d:d4:57:13:73:73:15:32:58:4f:ed:
b4:27:d0:04:26:db:1b:e5:b8:11:08:bc:a5:8e:09:
02:c0:0c:5a:53:a1:e4:93:83:08:3e:03:92:55:6e:
12:6c:c2:70:6e:22:be:a0:9e:ff:e8:ba:3a:ba:45:
14:63:90:98:18:ab:1a:83:01:0e:73:f0:c6:58:78:
47:9b:9b:7c:39:fc:01:88:df:b3:0c:3d:5f:35:0f:
7a:b5:00:2c:8f:23:c4:8f:72:6a:c3:ee:8e:2c:4e:
1c:3f:53:0f:49:06:f2:7b:09:29:9a:83:03:30:e8:
68:0a:7f:d6:eb:04:05:01:e2:e6:88:73:56:1b:e2:
c1:a3:a1:6f:f0:4c:ca:97:95:ad:db:35:07:8c:3d:
df:b1:33:4a:ac:3b:2c:11:2d:f8:c7:b8:f2:bd:e6:
ab:b5:a7:91:73:6f:15:3e:7e:ec:d4:db:21:d6:96:
69:cf:02:c8:a7:56:49:9e:e7:70:41:1b:dc:29:e8:
bc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:25:08:C2:B1:1E:FD:1A:70:29:9A:49:B0:2C:9F:BB:EE:27:B9:06
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS17633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.111.230.0/24
202.111.247.0/24
219.146.0.0/19
IPv6:
240e:e:a800::/37
240e:4e::/37
Signature Algorithm: sha256WithRSAEncryption
6f:6e:5e:da:5c:e4:98:07:c9:38:07:fc:b6:41:5f:bf:a8:8f:
91:c0:6d:bf:36:1b:20:36:7e:c7:fb:b1:51:c3:31:1f:5e:d6:
e7:34:b5:12:4b:06:23:3d:16:cd:9c:75:96:29:b4:23:34:d1:
1d:d9:dc:37:8a:24:cd:a3:3a:34:eb:d1:d2:9f:9a:d9:c8:73:
bd:48:dd:e0:99:44:ea:fd:5d:a2:7f:84:19:c0:0a:1e:18:2c:
28:9d:24:ea:f0:7d:a8:ab:c7:cc:d6:57:83:4b:09:66:22:3f:
ed:47:b9:89:2d:40:04:77:bb:9b:5f:85:98:ac:be:6d:f6:9f:
10:5d:fa:43:b7:c7:ee:d8:0c:8e:62:3d:44:7b:ad:58:ef:c4:
9f:31:12:c2:d3:4c:36:46:e7:a1:63:2c:54:66:2e:1c:4d:01:
63:89:f9:5c:bb:b6:70:04:d2:c3:d9:ec:64:d8:da:e1:ac:4c:
f4:aa:ab:85:cb:9e:b9:96:20:78:fa:4f:19:ab:31:b3:4d:47:
82:ff:78:99:71:ca:24:4e:4f:d5:3e:1a:64:28:b6:48:64:29:
59:07:e8:37:41:e4:aa:27:d0:40:52:73:54:9e:03:01:f3:5c:
66:9b:a0:f8:72:b9:9c:37:63:e9:d6:ea:c4:58:1e:1d:b2:58:
a9:d9:e7:88
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIUX1QxOzHPSZNgNifDQQNrEkbbM3QwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYwMzE3MzUwMloX
DTI3MDYwMjE3NDAwMlowMzExMC8GA1UEAxMoN0MyNTA4QzJCMTFFRkQxQTcwMjk5
QTQ5QjAyQzlGQkJFRTI3QjkwNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDVVuC+2ldkRv21NzBhIr3Z0MlZLErnk05HP6NFpwDd1W5Pd74daOiuDbj+
3Z0EjCdOpDpzzOfiXZjltJl9h13UVxNzcxUyWE/ttCfQBCbbG+W4EQi8pY4JAsAM
WlOh5JODCD4DklVuEmzCcG4ivqCe/+i6OrpFFGOQmBirGoMBDnPwxlh4R5ubfDn8
AYjfsww9XzUPerUALI8jxI9yasPujixOHD9TD0kG8nsJKZqDAzDoaAp/1usEBQHi
5ohzVhviwaOhb/BMypeVrds1B4w937EzSqw7LBEt+Me48r3mq7WnkXNvFT5+7NTb
IdaWac8CyKdWSZ7ncEEb3CnovFcCAwEAAaOCAgcwggIDMB0GA1UdDgQWBBR8JQjC
sR79GnApmkmwLJ+77ie5BjAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBdBggrBgEFBQcBCwRRME8wTQYIKwYBBQUH
MAuGQXJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTc2MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
QwYIKwYBBQUHAQcBAf8ENDAyMBgEAgABMBIDBADKb+YDBADKb/cDBAXbkgAwFgQC
AAIwEAMGAyQOAA6oAwYDJA4ATgAwDQYJKoZIhvcNAQELBQADggEBAG9uXtpc5JgH
yTgH/LZBX7+oj5HAbb82GyA2fsf7sVHDMR9e1uc0tRJLBiM9Fs2cdZYptCM00R3Z
3DeKJM2jOjTr0dKfmtnIc71I3eCZROr9XaJ/hBnACh4YLCidJOrwfairx8zWV4NL
CWYiP+1HuYktQAR3u5tfhZisvm32nxBd+kO3x+7YDI5iPUR7rVjvxJ8xEsLTTDZG
56FjLFRmLhxNAWOJ+Vy7tnAE0sPZ7GTY2uGsTPSqq4XLnrmWIHj6TxmrMbNNR4L/
eJlxyiROT9U+GmQotkhkKVkH6DdB5Kon0EBSc1SeAwHzXGaboPhyuZw3Y+nW6sRY
Hh2yWKnZ54g=
-----END CERTIFICATE-----
Generated at Sun Jun 14 06:30:58 2026 by rpki-client