Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1105044324229316617/0/AS23724.roa
File: AS23724.roa (raw, json)
Hash identifier: TonfoVCcJxebXiD2oRmtH1Wy3IOtbvOrDUDzM5m7elM=
Subject key identifier: 99:F7:E9:B2:5B:E6:8C:98:C2:85:B2:CF:0F:B3:39:D8:67:D4:B6:DE
Certificate issuer: /CN=A9EF6BDE84A8B115C80721B280C9470B3BC0D886
Certificate serial: 242C85C58A7D99AC950E9E3C78861D1F2BAD9FBD
Authority key identifier: A9:EF:6B:DE:84:A8:B1:15:C8:07:21:B2:80:C9:47:0B:3B:C0:D8:86
Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1105044324229316617/0/AS23724.roa
Signing time: Fri 05 Jun 2026 06:11:11 +0000
ROA not before: Fri 05 Jun 2026 06:06:11 +0000
ROA not after: Fri 04 Jun 2027 06:11:11 +0000
asID: 23724
IP address blocks: 103.26.64.0/22 maxlen: 22
110.43.64.0/20 maxlen: 20
110.43.80.0/20 maxlen: 20
110.43.90.0/23 maxlen: 23
110.43.96.0/21 maxlen: 21
110.43.104.0/21 maxlen: 21
110.43.160.0/21 maxlen: 21
110.43.168.0/21 maxlen: 21
110.43.176.0/21 maxlen: 21
110.43.192.0/19 maxlen: 19
120.92.0.0/17 maxlen: 17
120.92.0.0/23 maxlen: 23
120.92.2.0/23 maxlen: 23
120.92.4.0/23 maxlen: 23
120.92.6.0/23 maxlen: 23
120.92.8.0/23 maxlen: 23
120.92.10.0/23 maxlen: 23
120.92.12.0/23 maxlen: 23
120.92.14.0/23 maxlen: 23
120.92.16.0/21 maxlen: 21
120.92.24.0/21 maxlen: 21
120.92.32.0/21 maxlen: 21
120.92.40.0/21 maxlen: 21
120.92.48.0/21 maxlen: 21
120.92.56.0/21 maxlen: 21
120.92.64.0/21 maxlen: 21
120.92.72.0/21 maxlen: 21
120.92.80.0/21 maxlen: 21
120.92.88.0/21 maxlen: 21
120.92.96.0/21 maxlen: 21
120.92.104.0/21 maxlen: 21
120.92.112.0/21 maxlen: 21
120.92.120.0/21 maxlen: 21
120.92.192.0/19 maxlen: 19
120.92.192.0/23 maxlen: 23
120.92.194.0/23 maxlen: 23
120.92.200.0/21 maxlen: 21
120.92.208.0/20 maxlen: 20
120.131.0.0/20 maxlen: 20
120.131.0.0/23 maxlen: 23
120.131.2.0/23 maxlen: 23
120.131.4.0/23 maxlen: 23
120.131.6.0/23 maxlen: 23
120.131.8.0/23 maxlen: 23
120.131.10.0/23 maxlen: 23
120.131.12.0/23 maxlen: 23
120.131.14.0/23 maxlen: 23
2401:1d40::/48 maxlen: 48
2401:1d40:f8::/48 maxlen: 48
2401:1d40:f9::/48 maxlen: 48
2401:1d40:fa::/48 maxlen: 48
2401:1d40:fb::/48 maxlen: 48
2401:1d40:fc::/48 maxlen: 48
2401:1d40:fd::/48 maxlen: 48
2401:1d40:fe::/48 maxlen: 48
2401:1d40:ff::/48 maxlen: 48
2401:1d40:100::/48 maxlen: 48
2401:1d40:f21::/48 maxlen: 48
2401:1d40:f22::/48 maxlen: 48
2401:1d40:f23::/48 maxlen: 48
2401:1d40:f24::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1105044324229316617/0/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.crl
rsync://rpki-rps.cnnic.cn/repo/A1105044324229316617/0/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.mft
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.cer
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 16:02:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:2c:85:c5:8a:7d:99:ac:95:0e:9e:3c:78:86:1d:1f:2b:ad:9f:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9EF6BDE84A8B115C80721B280C9470B3BC0D886
Validity
Not Before: Jun 5 06:06:11 2026 GMT
Not After : Jun 4 06:11:11 2027 GMT
Subject: CN=99F7E9B25BE68C98C285B2CF0FB339D867D4B6DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f2:1e:dc:bb:c0:db:c6:d3:08:d2:51:ea:92:
bd:79:69:d9:1b:f0:be:49:62:6f:9a:46:48:9e:bd:
17:95:95:0c:a5:7f:7a:1d:d3:70:e2:f3:fc:b2:21:
56:a9:2d:31:38:9e:aa:bb:96:20:5a:4f:72:51:2c:
f0:18:c7:81:d9:0d:29:e1:d7:eb:95:93:e8:6d:5a:
16:24:e2:88:85:41:4a:92:e5:36:fe:49:cd:b4:bc:
dd:d9:7a:b4:a7:2f:92:52:51:c8:01:b1:a2:ad:a5:
c0:fd:f7:2f:04:3d:df:ab:1b:77:f8:4e:9e:fe:70:
f9:d7:23:f6:e8:57:46:ed:d3:50:90:36:64:93:04:
6d:56:5b:ba:b7:c0:c3:d6:89:d9:d7:92:bf:2f:b7:
36:b4:99:96:b9:64:cc:34:a1:a6:86:d4:12:4f:31:
a6:45:bd:72:1d:5a:91:2c:4a:62:b7:74:ec:13:48:
09:3a:6d:67:1b:28:60:84:5a:d2:c9:0a:66:76:75:
ca:12:64:12:9c:f2:63:b6:4b:24:88:ca:3d:bb:14:
6f:07:34:ce:94:5a:a6:40:a9:83:77:61:48:95:d0:
5a:84:99:8d:b7:69:0d:6a:e0:7a:4d:10:3f:f3:b7:
0e:0e:c6:97:b0:48:98:5b:de:68:f8:14:83:63:98:
fb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F7:E9:B2:5B:E6:8C:98:C2:85:B2:CF:0F:B3:39:D8:67:D4:B6:DE
X509v3 Authority Key Identifier:
keyid:A9:EF:6B:DE:84:A8:B1:15:C8:07:21:B2:80:C9:47:0B:3B:C0:D8:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1105044324229316617/0/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1105044324229316617/0/AS23724.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.26.64.0/22
110.43.64.0-110.43.111.255
110.43.160.0-110.43.183.255
110.43.192.0/19
120.92.0.0/17
120.92.192.0/19
120.131.0.0/20
IPv6:
2401:1d40::/48
2401:1d40:f8::-2401:1d40:100:ffff:ffff:ffff:ffff:ffff
2401:1d40:f21::-2401:1d40:f24:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5d:54:ef:c2:c3:31:1d:d9:20:5f:34:ed:f8:09:32:2b:c4:2a:
a0:45:f6:9a:69:c8:bb:82:a9:87:64:75:69:17:5c:11:c7:fb:
d2:ef:b7:3a:fd:9e:e4:3b:aa:8b:65:4b:16:61:1c:35:b2:94:
d0:29:38:eb:a2:ab:dc:1d:68:c5:4b:3b:f9:db:75:44:08:ad:
7c:6f:71:3c:c4:5a:bf:11:4c:a5:ca:04:41:f8:96:e5:74:cc:
bb:f2:2f:f8:3e:a7:c2:8c:0a:6c:20:9a:ce:e6:8c:e5:f2:cb:
09:c1:74:28:0f:ba:56:0e:3a:1b:5e:f2:b7:c6:34:bc:ad:76:
41:c0:fa:09:88:61:a2:58:86:cd:1b:f5:aa:04:1d:8c:f9:06:
f8:9a:c5:3e:46:f3:b8:48:af:c0:27:74:63:c8:88:0a:c2:8b:
6d:a4:63:a8:73:f5:e7:9d:fb:52:6e:59:e8:7f:78:a9:04:5b:
69:fc:83:77:49:f8:12:12:17:5f:79:f0:c7:f6:b3:4c:11:70:
b8:cc:46:b9:9d:0d:58:d7:63:a6:a7:0b:c6:7e:8d:4c:5f:bc:
c7:6d:ed:c8:cc:26:f5:64:43:8a:90:f6:e4:5c:56:54:2b:12:
49:21:d4:29:9f:c3:ce:b2:7a:2b:47:1e:9d:eb:1b:0f:62:00:
cc:b3:97:df
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUJCyFxYp9mayVDp48eIYdHyutn70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTlFRjZCREU4NEE4QjExNUM4MDcyMUIyODBDOTQ3MEIz
QkMwRDg4NjAeFw0yNjA2MDUwNjA2MTFaFw0yNzA2MDQwNjExMTFaMDMxMTAvBgNV
BAMTKDk5RjdFOUIyNUJFNjhDOThDMjg1QjJDRjBGQjMzOUQ4NjdENEI2REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv8h7cu8DbxtMI0lHqkr15adkb
8L5JYm+aRkievReVlQylf3od03Di8/yyIVapLTE4nqq7liBaT3JRLPAYx4HZDSnh
1+uVk+htWhYk4oiFQUqS5Tb+Sc20vN3ZerSnL5JSUcgBsaKtpcD99y8EPd+rG3f4
Tp7+cPnXI/boV0bt01CQNmSTBG1WW7q3wMPWidnXkr8vtza0mZa5ZMw0oaaG1BJP
MaZFvXIdWpEsSmK3dOwTSAk6bWcbKGCEWtLJCmZ2dcoSZBKc8mO2SySIyj27FG8H
NM6UWqZAqYN3YUiV0FqEmY23aQ1q4HpNED/ztw4OxpewSJhb3mj4FINjmPuJAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUmffpslvmjJjChbLPD7M52GfUtt4wHwYDVR0j
BBgwFoAUqe9r3oSosRXIByGygMlHCzvA2IYwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud
HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTEw
NTA0NDMyNDIyOTMxNjYxNy8wL0E5RUY2QkRFODRBOEIxMTVDODA3MjFCMjgwQzk0
NzBCM0JDMEQ4ODYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5
bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1
LzEvQTlFRjZCREU4NEE4QjExNUM4MDcyMUIyODBDOTQ3MEIzQkMwRDg4Ni5jZXIw
XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu
bmljLmNuL3JlcG8vQTExMDUwNDQzMjQyMjkzMTY2MTcvMC9BUzIzNzI0LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswQAQC
AAEwOgMEAmcaQDAMAwQGbitAAwQEbitgMAwDBAVuK6ADBANuK7ADBAVuK8ADBAd4
XAADBAV4XMADBAR4gwAwNwQCAAIwMQMHACQBHUAAADASAwcDJAEdQAD4AwcAJAEd
QAEAMBIDBwAkAR1ADyEDBwAkAR1ADyQwDQYJKoZIhvcNAQELBQADggEBAF1U78LD
MR3ZIF807fgJMivEKqBF9pppyLuCqYdkdWkXXBHH+9Lvtzr9nuQ7qotlSxZhHDWy
lNApOOuiq9wdaMVLO/nbdUQIrXxvcTzEWr8RTKXKBEH4luV0zLvyL/g+p8KMCmwg
ms7mjOXyywnBdCgPulYOOhte8rfGNLytdkHA+gmIYaJYhs0b9aoEHYz5BviaxT5G
87hIr8AndGPIiArCi22kY6hz9eed+1JuWeh/eKkEW2n8g3dJ+BISF1958Mf2s0wR
cLjMRrmdDVjXY6anC8Z+jUxfvMdt7cjMJvVkQ4qQ9uRcVlQrEkkh1Cmfw86yeitH
Hp3rGw9iAMyzl98=
-----END CERTIFICATE-----
Generated at Sat Jun 13 22:38:50 2026 by rpki-client