Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065588553129525251/0/AS204765.roa
File: AS204765.roa (raw, json)
Hash identifier: hWUzRs1GCTrdTHDpEHbXTRIxOjNbJ9gt7gB2U+BsG6c=
Subject key identifier: A1:E1:63:B1:3B:03:F0:02:AB:4F:38:7C:62:B9:8E:D1:35:F6:6E:0A
Certificate issuer: /CN=E893434A32058DAFE9758FDA7B36659444C9EF8E
Certificate serial: 75A15B125CF2C69A2215522CAEF271A17157AFDB
Authority key identifier: E8:93:43:4A:32:05:8D:AF:E9:75:8F:DA:7B:36:65:94:44:C9:EF:8E
Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/E893434A32058DAFE9758FDA7B36659444C9EF8E.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065588553129525251/0/AS204765.roa
Signing time: Thu 04 Jun 2026 04:16:00 +0000
ROA not before: Thu 04 Jun 2026 04:11:00 +0000
ROA not after: Thu 03 Jun 2027 04:16:00 +0000
asID: 204765
IP address blocks: 101.232.192.0/22 maxlen: 24
101.232.196.0/22 maxlen: 24
101.232.208.0/22 maxlen: 24
101.232.216.0/22 maxlen: 24
101.232.228.0/22 maxlen: 24
101.232.244.0/22 maxlen: 24
101.232.248.0/22 maxlen: 24
101.232.252.0/22 maxlen: 24
119.59.136.0/22 maxlen: 24
119.59.140.0/22 maxlen: 24
119.59.144.0/22 maxlen: 24
119.59.148.0/22 maxlen: 24
119.59.152.0/22 maxlen: 24
119.59.156.0/22 maxlen: 24
119.59.160.0/22 maxlen: 24
119.59.164.0/22 maxlen: 24
119.59.168.0/22 maxlen: 24
119.59.172.0/22 maxlen: 24
119.59.176.0/22 maxlen: 24
119.59.180.0/22 maxlen: 24
119.59.184.0/22 maxlen: 24
119.59.188.0/22 maxlen: 24
119.59.192.0/22 maxlen: 24
119.59.196.0/22 maxlen: 24
119.59.200.0/22 maxlen: 24
119.59.204.0/22 maxlen: 24
119.59.208.0/22 maxlen: 24
119.59.212.0/22 maxlen: 24
119.59.216.0/22 maxlen: 24
119.59.220.0/22 maxlen: 24
119.59.224.0/22 maxlen: 24
119.59.228.0/22 maxlen: 24
119.59.232.0/22 maxlen: 24
119.59.236.0/22 maxlen: 24
119.59.240.0/22 maxlen: 24
119.59.244.0/22 maxlen: 24
119.59.248.0/22 maxlen: 24
119.59.252.0/22 maxlen: 24
123.98.8.0/22 maxlen: 24
123.98.12.0/22 maxlen: 24
123.98.16.0/22 maxlen: 24
123.98.20.0/22 maxlen: 24
123.98.24.0/22 maxlen: 24
123.98.28.0/22 maxlen: 24
123.98.32.0/22 maxlen: 24
123.98.40.0/22 maxlen: 24
123.98.44.0/22 maxlen: 24
123.98.48.0/22 maxlen: 24
123.98.52.0/22 maxlen: 24
123.98.56.0/22 maxlen: 24
123.98.60.0/22 maxlen: 24
123.98.64.0/22 maxlen: 24
123.98.68.0/22 maxlen: 24
123.98.72.0/22 maxlen: 24
123.98.76.0/22 maxlen: 24
123.98.80.0/22 maxlen: 24
123.98.84.0/22 maxlen: 24
123.98.88.0/22 maxlen: 24
123.98.92.0/22 maxlen: 24
123.98.96.0/22 maxlen: 24
123.98.100.0/22 maxlen: 24
123.98.104.0/22 maxlen: 24
123.98.108.0/22 maxlen: 24
123.98.112.0/22 maxlen: 24
123.98.116.0/22 maxlen: 24
123.98.120.0/22 maxlen: 24
123.98.124.0/22 maxlen: 24
211.149.40.0/22 maxlen: 24
211.149.44.0/22 maxlen: 24
211.149.56.0/22 maxlen: 24
211.149.60.0/22 maxlen: 24
211.149.72.0/22 maxlen: 24
211.149.76.0/22 maxlen: 24
211.149.88.0/22 maxlen: 24
211.149.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065588553129525251/0/E893434A32058DAFE9758FDA7B36659444C9EF8E.crl
rsync://rpki-rps.cnnic.cn/repo/A1065588553129525251/0/E893434A32058DAFE9758FDA7B36659444C9EF8E.mft
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/E893434A32058DAFE9758FDA7B36659444C9EF8E.cer
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 05 Jun 2026 05:17:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:a1:5b:12:5c:f2:c6:9a:22:15:52:2c:ae:f2:71:a1:71:57:af:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E893434A32058DAFE9758FDA7B36659444C9EF8E
Validity
Not Before: Jun 4 04:11:00 2026 GMT
Not After : Jun 3 04:16:00 2027 GMT
Subject: CN=A1E163B13B03F002AB4F387C62B98ED135F66E0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:70:fd:c7:c4:39:98:3f:a9:50:3b:7e:e3:48:
72:23:0e:12:b5:a0:d2:cc:9c:e9:cf:b5:d3:2e:88:
dd:2b:d5:0d:02:09:b8:48:06:5c:e2:e7:d2:e2:be:
70:e7:9f:53:7e:33:cf:02:03:af:95:79:ef:a1:47:
de:6c:81:89:76:5d:86:ff:4c:f4:81:35:e4:34:d3:
0c:24:e3:d4:18:49:76:91:b5:e7:ea:75:8e:c8:ba:
bc:52:24:ef:72:bc:de:6d:a7:43:8b:fe:d7:73:ff:
b6:de:78:ff:b1:3d:45:e1:5c:6f:8c:49:e1:86:8c:
66:41:34:92:31:8f:46:6f:d0:c6:ad:df:de:98:71:
6f:7c:eb:c0:d3:83:f2:5a:50:08:76:b5:36:c2:37:
50:7f:c2:b3:77:59:2f:b7:74:ad:34:6e:e4:5e:52:
52:5b:d7:4d:41:4b:ba:9e:25:5b:a4:2c:bc:f0:91:
5d:ce:4d:7a:57:26:aa:4b:b7:90:74:6b:21:ba:18:
01:1b:6d:64:fe:73:cb:d9:7e:81:3c:0b:d7:06:57:
91:a2:ae:64:de:0d:80:5d:c3:f5:19:37:26:79:6c:
82:b9:06:e4:10:97:4d:0b:d6:1f:25:e9:1a:79:4b:
47:a1:b4:27:66:f9:db:e4:4f:7d:49:e8:a2:b1:14:
60:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:E1:63:B1:3B:03:F0:02:AB:4F:38:7C:62:B9:8E:D1:35:F6:6E:0A
X509v3 Authority Key Identifier:
keyid:E8:93:43:4A:32:05:8D:AF:E9:75:8F:DA:7B:36:65:94:44:C9:EF:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1065588553129525251/0/E893434A32058DAFE9758FDA7B36659444C9EF8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/E893434A32058DAFE9758FDA7B36659444C9EF8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065588553129525251/0/AS204765.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
101.232.192.0/21
101.232.208.0/22
101.232.216.0/22
101.232.228.0/22
101.232.244.0-101.232.255.255
119.59.136.0-119.59.255.255
123.98.8.0-123.98.35.255
123.98.40.0-123.98.127.255
211.149.40.0/21
211.149.56.0/21
211.149.72.0/21
211.149.88.0/21
Signature Algorithm: sha256WithRSAEncryption
ac:9b:52:fa:59:95:f2:0b:49:67:ce:6c:40:99:af:6a:93:39:
21:49:3b:54:4c:0d:9c:d0:a6:60:e4:a6:80:05:9c:e4:d7:4d:
33:3e:b5:5b:bf:f9:50:51:2b:71:40:22:9e:05:27:75:91:60:
12:86:8c:63:ae:ee:ab:e5:46:26:cb:0d:06:c9:7d:37:a6:57:
55:5d:da:2b:c3:32:9e:2f:2e:f5:5d:30:f6:90:e2:db:38:30:
8c:93:06:87:e2:32:fa:2c:5e:d0:f8:c9:45:d8:e4:41:38:61:
d7:53:d1:72:24:0e:e2:20:42:73:bb:ed:ad:c6:0c:53:9c:2b:
65:1c:c8:b3:9d:6f:dc:ee:28:6a:a9:91:83:94:0c:c0:a3:38:
97:20:86:c9:5e:8a:df:69:de:40:fc:ad:5d:fd:3f:07:56:47:
cb:c6:ea:c7:97:71:17:a2:52:69:7e:24:24:72:2d:75:af:02:
fe:c0:b7:2d:2b:fe:6b:0c:5d:67:49:e9:11:90:22:88:f3:c5:
bd:a9:ef:f5:0c:ad:cc:57:6b:d6:34:52:34:ea:71:4a:63:32:
3a:e9:af:4c:46:ee:3c:b6:d7:40:d8:d9:b3:f9:3f:79:06:e3:
87:d0:09:e6:74:91:97:5a:a5:33:d7:5f:f6:9a:11:c3:7c:6e:
27:23:3e:d0
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUdaFbElzyxpoiFVIsrvJxoXFXr9swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTg5MzQzNEEzMjA1OERBRkU5NzU4RkRBN0IzNjY1OTQ0
NEM5RUY4RTAeFw0yNjA2MDQwNDExMDBaFw0yNzA2MDMwNDE2MDBaMDMxMTAvBgNV
BAMTKEExRTE2M0IxM0IwM0YwMDJBQjRGMzg3QzYyQjk4RUQxMzVGNjZFMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvcP3HxDmYP6lQO37jSHIjDhK1
oNLMnOnPtdMuiN0r1Q0CCbhIBlzi59LivnDnn1N+M88CA6+Vee+hR95sgYl2XYb/
TPSBNeQ00wwk49QYSXaRtefqdY7IurxSJO9yvN5tp0OL/tdz/7beeP+xPUXhXG+M
SeGGjGZBNJIxj0Zv0Mat396YcW9868DTg/JaUAh2tTbCN1B/wrN3WS+3dK00buRe
UlJb101BS7qeJVukLLzwkV3OTXpXJqpLt5B0ayG6GAEbbWT+c8vZfoE8C9cGV5Gi
rmTeDYBdw/UZNyZ5bIK5BuQQl00L1h8l6Rp5S0ehtCdm+dvkT31J6KKxFGBxAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUoeFjsTsD8AKrTzh8YrmO0TX2bgowHwYDVR0j
BBgwFoAU6JNDSjIFja/pdY/aezZllETJ744wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud
HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2
NTU4ODU1MzEyOTUyNTI1MS8wL0U4OTM0MzRBMzIwNThEQUZFOTc1OEZEQTdCMzY2
NTk0NDRDOUVGOEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5
bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1
LzEvRTg5MzQzNEEzMjA1OERBRkU5NzU4RkRBN0IzNjY1OTQ0NEM5RUY4RS5jZXIw
XgYIKwYBBQUHAQsEUjBQME4GCCsGAQUFBzALhkJyc3luYzovL3Jwa2ktcnBzLmNu
bmljLmNuL3JlcG8vQTEwNjU1ODg1NTMxMjk1MjUyNTEvMC9BUzIwNDc2NS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/BggrBgEFBQcBBwEB/wRwMG4wbAQC
AAEwZgMEA2XowAMEAmXo0AMEAmXo2AMEAmXo5DALAwQCZej0AwMAZegwCwMEA3c7
iAMDAnc4MAwDBAN7YggDBAJ7YiAwDAMEA3tiKAMEB3tiAAMEA9OVKAMEA9OVOAME
A9OVSAMEA9OVWDANBgkqhkiG9w0BAQsFAAOCAQEArJtS+lmV8gtJZ85sQJmvapM5
IUk7VEwNnNCmYOSmgAWc5NdNMz61W7/5UFErcUAingUndZFgEoaMY67uq+VGJssN
Bsl9N6ZXVV3aK8Myni8u9V0w9pDi2zgwjJMGh+Iy+ixe0PjJRdjkQThh11PRciQO
4iBCc7vtrcYMU5wrZRzIs51v3O4oaqmRg5QMwKM4lyCGyV6K32neQPytXf0/B1ZH
y8bqx5dxF6JSaX4kJHItda8C/sC3LSv+awxdZ0npEZAiiPPFvanv9QytzFdr1jRS
NOpxSmMyOumvTEbuPLbXQNjZs/k/eQbjh9AJ5nSRl1qlM9df9poRw3xuJyM+0A==
-----END CERTIFICATE-----
Generated at Thu Jun 4 15:07:29 2026 by rpki-client