Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ZZb-6c-Wd7Tjge5gpverfNpsgA.roa
File:                     -ZZb-6c-Wd7Tjge5gpverfNpsgA.roa (raw, json)
Hash identifier:          HXdK03trP6XBIKeBgjUxSm8kA9kWC/XQa72N0+sODVs=
Subject key identifier:   F9:96:5B:FB:A7:3E:59:DE:D3:8E:07:B9:82:9B:DE:AD:F3:69:B2:00
Certificate issuer:       /CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F
Certificate serial:       105F
Authority key identifier: FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ZZb-6c-Wd7Tjge5gpverfNpsgA.roa
Signing time:             Mon 04 Aug 2025 13:04:28 +0000
ROA not before:           Mon 04 Aug 2025 13:04:28 +0000
ROA not after:            Mon 03 Aug 2026 08:44:40 +0000
asID:                     41717
IP address blocks:        103.116.151.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 11 Aug 2025 04:02:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4191 (0x105f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F
        Validity
            Not Before: Aug  4 13:04:28 2025 GMT
            Not After : Aug  3 08:44:40 2026 GMT
        Subject: CN=F9965BFBA73E59DED38E07B9829BDEADF369B200
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:77:89:35:07:84:1e:27:54:97:82:ad:38:f3:
                    51:d1:70:3f:6d:79:50:53:ae:bd:1d:6c:3f:4b:2c:
                    f3:62:47:33:2d:22:1b:16:3d:5b:25:d6:cf:e6:08:
                    0d:b0:ba:9c:1e:01:45:7d:00:c9:2e:c2:76:d5:ad:
                    18:5a:3c:1d:85:95:fa:3a:00:0a:00:2b:f7:69:14:
                    3e:a2:cc:38:cd:74:f4:8b:8f:3b:48:3a:d3:5f:a1:
                    89:bd:55:93:8f:e0:63:f0:42:a7:77:42:03:fb:7f:
                    9b:bf:dd:ef:ad:ac:d6:3f:cb:9f:a5:d1:3d:12:f0:
                    03:cf:34:42:db:21:d5:e6:21:c3:dd:49:ff:34:3d:
                    6e:1f:8a:d5:1c:85:35:cf:58:f1:94:78:8d:39:fd:
                    0f:27:f6:7f:8f:aa:5e:67:93:13:71:fe:75:4c:e3:
                    79:37:03:3c:ea:80:77:28:fa:f2:9f:39:b9:13:94:
                    04:45:5e:e6:b1:bc:cb:b6:4f:30:f2:6f:45:d5:eb:
                    15:75:e0:90:9d:e3:ac:94:18:55:fc:20:c4:0b:2c:
                    33:6a:50:6f:08:a7:19:c6:fc:31:0b:06:92:eb:bc:
                    d2:81:f8:c5:68:d8:cd:d4:9e:ee:b5:ee:a4:ff:b7:
                    4d:e1:00:b2:14:01:c0:52:02:e3:35:64:40:d7:07:
                    b8:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:96:5B:FB:A7:3E:59:DE:D3:8E:07:B9:82:9B:DE:AD:F3:69:B2:00
            X509v3 Authority Key Identifier:
                keyid:FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ZZb-6c-Wd7Tjge5gpverfNpsgA.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.116.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:de:52:12:23:a5:af:df:6e:3e:ea:86:1c:46:cd:04:ec:46:
         57:95:ca:3f:a5:c8:aa:f5:b7:10:ad:b4:77:2f:fc:f2:9c:17:
         85:2a:c5:a1:27:f7:1b:4c:95:2b:82:55:c8:5f:fc:d9:c2:87:
         a2:fd:fd:72:65:27:da:3e:6f:a0:96:f2:05:5b:be:7b:cd:ab:
         79:0a:8f:f0:5a:9f:5b:e8:aa:5a:37:5a:56:6a:eb:ad:a5:51:
         ce:1c:d5:10:d9:c3:89:a0:44:be:1b:43:7d:4a:34:76:f4:b3:
         99:88:b6:81:4e:4c:c8:15:96:57:f5:41:30:46:36:1e:06:da:
         81:6a:45:f9:d6:a4:ee:03:a1:99:46:78:e4:88:c7:8b:e9:0c:
         bf:d9:04:4e:de:79:43:11:f8:4d:11:82:be:77:fb:65:45:8a:
         78:6b:9c:fb:99:e8:14:01:ef:13:2e:eb:0d:29:90:4b:dc:bd:
         2f:43:8c:96:6b:9b:01:d7:aa:14:21:84:fc:43:c4:75:47:2f:
         3f:9a:d4:88:c9:5a:f6:34:66:1c:ec:74:e2:eb:d2:47:6b:1b:
         6f:82:a2:38:27:72:01:6b:00:82:a0:36:48:a2:50:30:26:63:
         05:cf:93:c4:29:83:e4:66:f1:d1:b0:4a:93:c6:d0:ed:7c:de:
         19:57:5f:b9
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEF8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkFE
NkI0M0MwOUQwNDkwQTBERjdGODkxREY5RjYzQjUyMENGMjEwRjAeFw0yNTA4MDQx
MzA0MjhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEY5OTY1QkZCQTczRTU5
REVEMzhFMDdCOTgyOUJERUFERjM2OUIyMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9d4k1B4QeJ1SXgq0481HRcD9teVBTrr0dbD9LLPNiRzMtIhsW
PVsl1s/mCA2wupweAUV9AMkuwnbVrRhaPB2Flfo6AAoAK/dpFD6izDjNdPSLjztI
OtNfoYm9VZOP4GPwQqd3QgP7f5u/3e+trNY/y5+l0T0S8APPNELbIdXmIcPdSf80
PW4fitUchTXPWPGUeI05/Q8n9n+Pql5nkxNx/nVM43k3AzzqgHco+vKfObkTlARF
XuaxvMu2TzDyb0XV6xV14JCd46yUGFX8IMQLLDNqUG8IpxnG/DELBpLrvNKB+MVo
2M3Unu617qT/t03hALIUAcBSAuM1ZEDXB7itAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU+ZZb+6c+Wd7Tjge5gpverfNpsgAwHwYDVR0jBBgwFoAU+ta0PAnQSQoN9/iR
359jtSDPIQ8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0
MS8tdGEwUEFuUVNRb045X2lSMzU5anRTRFBJUTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLy10YTBQQW5RU1FvTjlfaVIzNTlqdFNEUElROC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDEvLVpaYi02Yy1XZDdU
amdlNWdwdmVyZk5wc2dBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGd0lzANBgkqhkiG9w0BAQsFAAOCAQEAbt5SEiOlr99uPuqGHEbNBOxGV5XK
P6XIqvW3EK20dy/88pwXhSrFoSf3G0yVK4JVyF/82cKHov39cmUn2j5voJbyBVu+
e82reQqP8FqfW+iqWjdaVmrrraVRzhzVENnDiaBEvhtDfUo0dvSzmYi2gU5MyBWW
V/VBMEY2HgbagWpF+dak7gOhmUZ45IjHi+kMv9kETt55QxH4TRGCvnf7ZUWKeGuc
+5noFAHvEy7rDSmQS9y9L0OMlmubAdeqFCGE/EPEdUcvP5rUiMla9jRmHOx04uvS
R2sbb4KiOCdyAWsAgqA2SKJQMCZjBc+TxCmD5Gbx0bBKk8bQ7XzeGVdfuQ==
-----END CERTIFICATE-----
Generated at Mon Aug 11 02:23:52 2025 by rpki-client