Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1070955924073545731/0/AS17964.roa
File: AS17964.roa (raw, json)
Hash identifier: P3rrlTKZrz4xPMTuVdbrZMIQB0sb0IucDKdRBRdG+VM=
Subject key identifier: 55:64:FE:BB:F0:3D:26:20:D2:FB:4B:EB:DF:D6:9C:6D:7A:0C:BF:DA
Certificate issuer: /CN=1B27C26F8F7ECE53972D80933F503C09222E8F9F
Certificate serial: 2832E9783E4082E4DF22E9CB9F54D28A74959E64
Authority key identifier: 1B:27:C2:6F:8F:7E:CE:53:97:2D:80:93:3F:50:3C:09:22:2E:8F:9F
Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1B27C26F8F7ECE53972D80933F503C09222E8F9F.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/AS17964.roa
Signing time: Mon 20 Apr 2026 08:58:14 +0000
ROA not before: Mon 20 Apr 2026 08:53:14 +0000
ROA not after: Mon 19 Apr 2027 08:58:14 +0000
asID: 17964
IP address blocks: 60.195.252.0/22 maxlen: 22
115.182.0.0/21 maxlen: 21
115.182.0.0/22 maxlen: 22
115.182.4.0/22 maxlen: 22
115.182.8.0/21 maxlen: 21
115.182.16.0/21 maxlen: 21
115.182.17.0/24 maxlen: 24
115.182.19.0/24 maxlen: 24
115.182.20.0/24 maxlen: 24
115.182.22.0/23 maxlen: 23
115.182.24.0/21 maxlen: 21
115.182.26.0/23 maxlen: 23
115.182.28.0/24 maxlen: 24
115.182.32.0/22 maxlen: 22
115.182.40.0/21 maxlen: 21
115.182.43.0/24 maxlen: 24
115.182.44.0/24 maxlen: 24
115.182.46.0/23 maxlen: 23
115.182.48.0/21 maxlen: 21
115.182.56.0/21 maxlen: 21
115.182.64.0/21 maxlen: 21
115.182.72.0/21 maxlen: 21
115.182.80.0/21 maxlen: 21
115.182.83.0/24 maxlen: 24
115.182.88.0/22 maxlen: 22
115.182.89.0/24 maxlen: 24
115.182.92.0/22 maxlen: 22
115.182.92.0/23 maxlen: 23
115.182.94.0/24 maxlen: 24
115.182.96.0/21 maxlen: 21
115.182.96.0/22 maxlen: 22
115.182.104.0/21 maxlen: 21
115.182.112.0/21 maxlen: 21
115.182.120.0/21 maxlen: 21
115.182.122.0/24 maxlen: 24
115.182.124.0/24 maxlen: 24
115.182.128.0/20 maxlen: 20
115.182.144.0/20 maxlen: 20
115.182.160.0/20 maxlen: 20
115.182.192.0/22 maxlen: 22
115.182.200.0/21 maxlen: 21
115.182.208.0/21 maxlen: 21
115.182.220.0/22 maxlen: 22
115.182.224.0/20 maxlen: 20
118.144.64.0/21 maxlen: 21
118.144.67.0/24 maxlen: 24
118.144.69.0/24 maxlen: 24
118.144.70.0/24 maxlen: 24
118.144.71.0/24 maxlen: 24
118.144.72.0/22 maxlen: 22
118.144.72.0/24 maxlen: 24
118.144.75.0/24 maxlen: 24
118.144.77.0/24 maxlen: 24
118.144.78.0/24 maxlen: 24
118.144.80.0/20 maxlen: 20
118.144.94.0/24 maxlen: 24
118.144.95.0/24 maxlen: 24
118.145.0.0/20 maxlen: 20
118.145.12.0/24 maxlen: 24
118.145.14.0/24 maxlen: 24
118.145.16.0/20 maxlen: 20
118.145.18.0/24 maxlen: 24
118.145.28.0/24 maxlen: 24
118.145.30.0/24 maxlen: 24
118.145.31.0/24 maxlen: 24
118.244.192.0/22 maxlen: 22
118.244.196.0/24 maxlen: 24
118.244.202.0/24 maxlen: 24
118.244.203.0/24 maxlen: 24
118.244.205.0/24 maxlen: 24
118.244.206.0/24 maxlen: 24
118.244.207.0/24 maxlen: 24
118.244.208.0/20 maxlen: 20
118.244.208.0/24 maxlen: 24
118.244.209.0/24 maxlen: 24
118.244.210.0/24 maxlen: 24
118.244.211.0/24 maxlen: 24
118.244.216.0/24 maxlen: 24
118.244.217.0/24 maxlen: 24
118.244.218.0/24 maxlen: 24
118.244.219.0/24 maxlen: 24
118.244.220.0/24 maxlen: 24
118.244.221.0/24 maxlen: 24
118.244.222.0/24 maxlen: 24
118.244.223.0/24 maxlen: 24
118.244.224.0/21 maxlen: 21
118.244.224.0/24 maxlen: 24
118.244.225.0/24 maxlen: 24
118.244.226.0/24 maxlen: 24
118.244.228.0/24 maxlen: 24
118.244.230.0/24 maxlen: 24
118.244.231.0/24 maxlen: 24
118.244.232.0/21 maxlen: 21
118.244.232.0/24 maxlen: 24
118.244.233.0/24 maxlen: 24
118.244.234.0/24 maxlen: 24
118.244.239.0/24 maxlen: 24
123.196.112.0/21 maxlen: 21
123.196.120.0/21 maxlen: 21
124.202.128.0/20 maxlen: 20
124.202.129.0/24 maxlen: 24
124.202.144.0/20 maxlen: 20
211.147.4.0/22 maxlen: 22
211.154.160.0/21 maxlen: 21
211.154.160.0/24 maxlen: 24
211.154.168.0/21 maxlen: 21
218.241.152.0/22 maxlen: 22
218.241.156.0/22 maxlen: 22
219.234.80.0/21 maxlen: 21
219.234.88.0/21 maxlen: 21
219.238.232.0/22 maxlen: 22
219.238.236.0/22 maxlen: 22
219.239.92.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/1B27C26F8F7ECE53972D80933F503C09222E8F9F.crl
rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/1B27C26F8F7ECE53972D80933F503C09222E8F9F.mft
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1B27C26F8F7ECE53972D80933F503C09222E8F9F.cer
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 28 Apr 2026 06:07:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:32:e9:78:3e:40:82:e4:df:22:e9:cb:9f:54:d2:8a:74:95:9e:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1B27C26F8F7ECE53972D80933F503C09222E8F9F
Validity
Not Before: Apr 20 08:53:14 2026 GMT
Not After : Apr 19 08:58:14 2027 GMT
Subject: CN=5564FEBBF03D2620D2FB4BEBDFD69C6D7A0CBFDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b7:a4:6d:1c:21:32:b0:65:d2:da:59:09:c1:
6f:d1:cf:29:94:dd:18:78:b7:39:8e:fb:02:7f:51:
b0:84:d3:5b:2d:57:29:9f:80:15:66:99:95:97:37:
68:5f:9d:3b:cf:5a:8a:1e:e5:86:29:14:08:de:86:
d8:77:fe:07:8a:88:9f:f8:f7:c5:bc:c3:bf:83:20:
ab:a5:01:bc:e2:fa:b7:f0:d9:72:fe:49:51:92:f7:
3f:d8:c3:c4:d7:59:e1:f4:dc:6f:f9:4f:be:f4:b9:
fa:67:cc:15:db:ad:b9:2e:7c:87:6b:87:86:be:c7:
89:0a:33:7c:d3:83:25:93:3b:e8:61:56:e9:3d:61:
c8:e6:d8:5d:76:24:6b:47:57:34:1c:58:ab:e7:30:
09:8f:30:9a:73:fe:eb:26:24:ea:97:c9:31:12:cd:
ee:f6:3d:84:8a:b2:05:00:20:bc:83:d4:5f:f2:d1:
8c:ab:76:08:82:e3:fa:9e:e8:2f:5f:bb:67:eb:c8:
86:58:6c:3f:f8:e7:ba:28:ae:ab:fd:5c:46:0c:20:
93:52:45:fc:5f:94:24:43:8e:39:12:2f:82:78:b7:
7e:5a:07:dd:7e:3c:9e:df:73:61:03:9a:67:26:a0:
b5:be:00:60:fa:32:9a:1f:51:20:0b:82:1d:f4:c4:
32:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:64:FE:BB:F0:3D:26:20:D2:FB:4B:EB:DF:D6:9C:6D:7A:0C:BF:DA
X509v3 Authority Key Identifier:
keyid:1B:27:C2:6F:8F:7E:CE:53:97:2D:80:93:3F:50:3C:09:22:2E:8F:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/1B27C26F8F7ECE53972D80933F503C09222E8F9F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1B27C26F8F7ECE53972D80933F503C09222E8F9F.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/AS17964.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
60.195.252.0/22
115.182.0.0-115.182.35.255
115.182.40.0-115.182.175.255
115.182.192.0/22
115.182.200.0-115.182.215.255
115.182.220.0-115.182.239.255
118.144.64.0-118.144.75.255
118.144.77.0-118.144.78.255
118.144.80.0/20
118.145.0.0/19
118.244.192.0-118.244.196.255
118.244.202.0/23
118.244.205.0-118.244.239.255
123.196.112.0/20
124.202.128.0/19
211.147.4.0/22
211.154.160.0/20
218.241.152.0/21
219.234.80.0/20
219.238.232.0/21
219.239.92.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:89:d0:76:16:88:6c:b4:4b:dc:67:ac:fc:13:ec:f5:32:92:
c2:c9:f0:ae:70:f8:3f:bb:9b:80:60:9c:e5:ea:ea:0d:9d:19:
79:70:4f:37:83:d7:54:d3:20:ea:4a:8a:8d:bd:b1:c2:56:80:
6a:33:e7:b5:94:15:fa:99:95:35:b4:ba:0d:8c:ab:91:47:02:
53:75:90:06:c7:75:70:cd:27:c2:ba:fa:b8:2f:64:2e:bb:2c:
49:75:2b:83:57:9c:59:00:9f:30:b1:1f:a4:45:92:c4:da:7b:
ca:12:07:b3:9f:68:ee:a3:0a:db:0e:ac:2a:1f:86:52:e5:8e:
eb:12:1d:73:45:6d:9c:63:6e:d6:e4:1d:23:82:54:b7:a3:13:
0a:e9:78:54:e7:21:6b:94:53:54:22:64:ee:9d:f9:a8:e4:87:
3f:83:b6:44:7f:61:15:66:57:02:cc:8f:84:ba:70:b1:95:e9:
8e:05:9b:df:54:88:ee:42:37:9d:61:ec:a7:ae:02:a1:07:1a:
27:75:79:c3:d8:54:a2:58:24:ac:34:ee:ff:12:e6:db:b5:f8:
a5:3c:cb:1a:02:5e:20:d5:04:b5:ec:61:34:5f:ec:1c:36:d0:
c1:bf:6b:09:58:b2:d3:0e:fa:6c:fb:0a:24:20:30:c2:c1:6f:
1a:c4:2f:68
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIUKDLpeD5AguTfIunLn1TSinSVnmQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUIyN0MyNkY4RjdFQ0U1Mzk3MkQ4MDkzM0Y1MDNDMDky
MjJFOEY5RjAeFw0yNjA0MjAwODUzMTRaFw0yNzA0MTkwODU4MTRaMDMxMTAvBgNV
BAMTKDU1NjRGRUJCRjAzRDI2MjBEMkZCNEJFQkRGRDY5QzZEN0EwQ0JGREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAt6RtHCEysGXS2lkJwW/RzymU
3Rh4tzmO+wJ/UbCE01stVymfgBVmmZWXN2hfnTvPWooe5YYpFAjehth3/geKiJ/4
98W8w7+DIKulAbzi+rfw2XL+SVGS9z/Yw8TXWeH03G/5T770ufpnzBXbrbkufIdr
h4a+x4kKM3zTgyWTO+hhVuk9Ycjm2F12JGtHVzQcWKvnMAmPMJpz/usmJOqXyTES
ze72PYSKsgUAILyD1F/y0YyrdgiC4/qe6C9fu2fryIZYbD/457oorqv9XEYMIJNS
RfxflCRDjjkSL4J4t35aB91+PJ7fc2EDmmcmoLW+AGD6MpofUSALgh30xDKdAgMB
AAGjggKfMIICmzAdBgNVHQ4EFgQUVWT+u/A9JiDS+0vr39acbXoMv9owHwYDVR0j
BBgwFoAUGyfCb49+zlOXLYCTP1A8CSIuj58wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud
HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA3
MDk1NTkyNDA3MzU0NTczMS8wLzFCMjdDMjZGOEY3RUNFNTM5NzJEODA5MzNGNTAz
QzA5MjIyRThGOUYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5
bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1
LzEvMUIyN0MyNkY4RjdFQ0U1Mzk3MkQ4MDkzM0Y1MDNDMDkyMjJFOEY5Ri5jZXIw
XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu
bmljLmNuL3JlcG8vQTEwNzA5NTU5MjQwNzM1NDU3MzEvMC9BUzE3OTY0LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHaBggrBgEFBQcBBwEB/wSByjCBxzCB
xAQCAAEwgb0DBAI8w/wwCwMDAXO2AwQCc7YgMAwDBANztigDBARztqADBAJztsAw
DAMEA3O2yAMEA3O20DAMAwQCc7bcAwQEc7bgMAwDBAZ2kEADBAJ2kEgwDAMEAHaQ
TQMEAHaQTgMEBHaQUAMEBXaRADAMAwQGdvTAAwQAdvTEAwQBdvTKMAwDBAB29M0D
BAR29OADBAR7xHADBAV8yoADBALTkwQDBATTmqADBAPa8ZgDBATb6lADBAPb7ugD
BALb71wwDQYJKoZIhvcNAQELBQADggEBALGJ0HYWiGy0S9xnrPwT7PUyksLJ8K5w
+D+7m4BgnOXq6g2dGXlwTzeD11TTIOpKio29scJWgGoz57WUFfqZlTW0ug2Mq5FH
AlN1kAbHdXDNJ8K6+rgvZC67LEl1K4NXnFkAnzCxH6RFksTae8oSB7OfaO6jCtsO
rCofhlLljusSHXNFbZxjbtbkHSOCVLejEwrpeFTnIWuUU1QiZO6d+ajkhz+DtkR/
YRVmVwLMj4S6cLGV6Y4Fm99UiO5CN51h7KeuAqEHGid1ecPYVKJYJKw07v8S5tu1
+KU8yxoCXiDVBLXsYTRf7Bw20MG/awlYstMO+mz7CiQgMMLBbxrEL2g=
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:00:06 2026 by rpki-client