Route Origin Authorization

$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS136959.roa
File:                     AS136959.roa (raw, json)
Hash identifier:          +LHPZscb+4mNB8auhA86ZR5EQMndpw4c5/Ap0L3KAyM=
Subject key identifier:   77:6F:27:43:22:08:63:23:C1:35:17:1D:0F:82:B4:6A:4B:EA:98:05
Certificate issuer:       /CN=A9143CB30000/serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925
Certificate serial:       21AA324ABF99E7AE9213AEC826B7557BF845F9BB
Authority key identifier: 8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
Subject info access:      rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS136959.roa
Signing time:             Thu 25 Jun 2026 03:15:44 +0000
ROA not before:           Thu 25 Jun 2026 03:10:44 +0000
ROA not after:            Thu 24 Jun 2027 03:15:44 +0000
asID:                     136959
IP address blocks:        27.36.113.0/24 maxlen: 24
                          27.36.118.0/23 maxlen: 23
                          27.36.118.0/24 maxlen: 24
                          27.36.119.0/24 maxlen: 24
                          27.36.120.0/24 maxlen: 24
                          27.36.121.0/24 maxlen: 24
                          27.36.123.0/24 maxlen: 24
                          27.36.124.0/24 maxlen: 24
                          27.36.125.0/24 maxlen: 24
                          27.36.126.0/24 maxlen: 24
                          27.36.127.0/24 maxlen: 24
                          27.45.150.0/24 maxlen: 24
                          27.45.151.0/24 maxlen: 24
                          27.45.160.0/24 maxlen: 24
                          27.45.161.0/24 maxlen: 24
                          27.45.164.0/24 maxlen: 24
                          27.45.165.0/24 maxlen: 24
                          27.45.166.0/24 maxlen: 24
                          27.45.167.0/24 maxlen: 24
                          58.255.175.0/24 maxlen: 24
                          112.90.152.0/24 maxlen: 24
                          112.90.153.0/24 maxlen: 24
                          112.90.154.0/24 maxlen: 24
                          112.90.155.0/24 maxlen: 24
                          112.90.156.0/24 maxlen: 24
                          112.90.157.0/24 maxlen: 24
                          112.93.112.0/24 maxlen: 24
                          112.93.114.0/24 maxlen: 24
                          112.93.115.0/24 maxlen: 24
                          112.96.82.0/24 maxlen: 24
                          112.96.83.0/24 maxlen: 24
                          120.80.84.0/24 maxlen: 24
                          120.80.85.0/24 maxlen: 24
                          120.83.13.0/24 maxlen: 24
                          120.83.144.0/23 maxlen: 23
                          120.83.144.0/24 maxlen: 24
                          120.83.146.0/23 maxlen: 23
                          120.83.146.0/24 maxlen: 24
                          120.83.180.0/23 maxlen: 23
                          120.83.182.0/23 maxlen: 23
                          120.83.182.0/24 maxlen: 24
                          120.83.183.0/24 maxlen: 24
                          122.13.168.0/24 maxlen: 24
                          122.13.170.0/24 maxlen: 24
                          122.13.171.0/24 maxlen: 24
                          122.13.172.0/24 maxlen: 24
                          122.13.173.0/24 maxlen: 24
                          122.13.175.0/24 maxlen: 24
                          122.13.254.0/24 maxlen: 24
                          163.142.152.0/24 maxlen: 24
                          163.142.153.0/24 maxlen: 24
                          163.142.154.0/24 maxlen: 24
                          163.142.155.0/24 maxlen: 24
                          163.142.156.0/24 maxlen: 24
                          163.142.157.0/24 maxlen: 24
                          163.142.158.0/24 maxlen: 24
                          163.142.159.0/24 maxlen: 24
                          163.177.152.0/23 maxlen: 23
                          163.177.153.0/24 maxlen: 24
                          163.177.154.0/24 maxlen: 24
                          163.177.155.0/24 maxlen: 24
                          163.177.156.0/24 maxlen: 24
                          163.177.157.0/24 maxlen: 24
                          163.177.158.0/24 maxlen: 24
                          163.177.159.0/24 maxlen: 24
                          221.4.146.0/24 maxlen: 24
                          221.4.154.0/24 maxlen: 24
                          221.4.159.0/24 maxlen: 24
                          221.5.35.0/24 maxlen: 24
                          221.5.96.0/23 maxlen: 23
                          221.5.96.0/24 maxlen: 24
                          221.5.97.0/24 maxlen: 24
                          221.5.102.0/24 maxlen: 24
                          221.5.103.0/24 maxlen: 24
                          221.5.107.0/24 maxlen: 24
                          2408:8459:4c80::/44 maxlen: 44
                          2408:8459:4c90::/44 maxlen: 44
                          2408:8459:4ca0::/44 maxlen: 44
                          2408:8459:4cb0::/44 maxlen: 44
                          2408:8459:4e80::/44 maxlen: 44
                          2408:8459:4e90::/44 maxlen: 44
                          2408:8459:4ea0::/44 maxlen: 44
                          2408:8459:4eb0::/44 maxlen: 44
                          2408:8459:5080::/44 maxlen: 44
                          2408:8459:5090::/44 maxlen: 44
                          2408:8459:50a0::/44 maxlen: 44
                          2408:8459:50b0::/44 maxlen: 44
                          2408:8459:5280::/44 maxlen: 44
                          2408:8459:5290::/44 maxlen: 44
                          2408:8459:52a0::/44 maxlen: 44
                          2408:8459:52b0::/44 maxlen: 44
                          2408:8459:5480::/44 maxlen: 44
                          2408:8459:5490::/44 maxlen: 44
                          2408:8459:54a0::/44 maxlen: 44
                          2408:8459:54b0::/44 maxlen: 44
Validation:               OK
Signature path:           rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl
                          rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 08 Jul 2026 04:23:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:aa:32:4a:bf:99:e7:ae:92:13:ae:c8:26:b7:55:7b:f8:45:f9:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9143CB30000, serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925
        Validity
            Not Before: Jun 25 03:10:44 2026 GMT
            Not After : Jun 24 03:15:44 2027 GMT
        Subject: CN=776F274322086323C135171D0F82B46A4BEA9805
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:3b:5d:b5:f6:58:b1:27:f0:2f:f7:12:55:42:
                    ca:0d:b4:2b:5d:10:ea:14:90:35:09:f0:90:10:f1:
                    1a:05:eb:8c:3b:ea:34:32:56:2a:00:5e:a4:2b:60:
                    aa:e7:6c:cf:35:b0:3d:23:4c:e3:10:f8:7d:57:d1:
                    c3:52:7b:1a:96:73:25:d5:15:18:39:e0:83:a7:aa:
                    37:3b:82:9a:93:6c:16:bd:3f:0f:4c:5d:dd:f9:3b:
                    f6:23:77:eb:b7:c8:d2:3c:0d:d2:00:b8:09:01:2f:
                    92:85:8f:4b:ce:25:c6:a1:75:ff:c3:d6:fd:f5:7c:
                    fe:a2:e4:7a:5c:b7:33:36:57:13:83:25:3b:0e:e6:
                    be:ae:a0:47:7e:1f:e2:8a:5b:c0:09:45:1f:53:b7:
                    c0:62:d5:09:a0:7a:b9:ac:59:d2:b0:5b:00:d7:93:
                    2c:3a:37:b5:d3:05:2d:e8:3a:c0:9a:8f:79:f8:2c:
                    f0:6f:68:17:dd:ee:c6:80:0e:3a:7a:f3:63:99:cb:
                    04:36:09:f8:f4:db:3c:85:c7:52:49:61:ca:5b:bd:
                    5c:36:48:ef:e5:0c:e4:fc:db:5d:25:4d:ec:75:49:
                    10:26:a7:a9:c1:d2:b0:c5:50:c4:fe:5a:6e:05:bb:
                    9c:65:10:d7:fa:c8:4b:9c:ca:8d:7f:a2:f2:4a:3e:
                    7f:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:6F:27:43:22:08:63:23:C1:35:17:1D:0F:82:B4:6A:4B:EA:98:05
            X509v3 Authority Key Identifier:
                keyid:8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS136959.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.36.113.0/24
                  27.36.118.0-27.36.121.255
                  27.36.123.0-27.36.127.255
                  27.45.150.0/23
                  27.45.160.0/23
                  27.45.164.0/22
                  58.255.175.0/24
                  112.90.152.0-112.90.157.255
                  112.93.112.0/24
                  112.93.114.0/23
                  112.96.82.0/23
                  120.80.84.0/23
                  120.83.13.0/24
                  120.83.144.0/22
                  120.83.180.0/22
                  122.13.168.0/24
                  122.13.170.0-122.13.173.255
                  122.13.175.0/24
                  122.13.254.0/24
                  163.142.152.0/21
                  163.177.152.0/21
                  221.4.146.0/24
                  221.4.154.0/24
                  221.4.159.0/24
                  221.5.35.0/24
                  221.5.96.0/23
                  221.5.102.0/23
                  221.5.107.0/24
                IPv6:
                  2408:8459:4c80::/42
                  2408:8459:4e80::/42
                  2408:8459:5080::/42
                  2408:8459:5280::/42
                  2408:8459:5480::/42

    Signature Algorithm: sha256WithRSAEncryption
         48:9c:f4:d0:4f:04:37:ea:f0:2d:cb:a5:8b:03:19:e6:55:7c:
         9a:fc:f1:a0:f8:34:24:38:18:91:91:3f:3c:8c:f7:f2:e0:20:
         ac:d3:50:bc:ae:e4:38:3d:30:d1:a0:76:6a:90:9d:a9:76:68:
         13:5f:61:6b:17:da:26:54:92:3b:ba:73:ea:22:1f:d3:88:54:
         90:a0:3b:77:14:32:95:e2:d1:59:43:2e:c7:71:09:ae:70:79:
         48:f6:51:23:a7:de:64:ae:f4:ef:43:04:99:fa:af:db:c2:00:
         41:c0:0c:44:3b:4e:cc:bf:25:47:38:7f:80:f1:6d:99:27:91:
         4d:df:12:81:46:b5:6c:5a:de:8f:78:1d:f5:32:a2:c9:59:64:
         9b:f4:65:13:b7:b3:07:86:e1:ec:1e:04:8d:26:0c:d8:e6:82:
         d7:25:3d:f4:6c:c8:be:b9:96:b7:21:9c:11:bb:c0:e9:f8:2e:
         c7:26:9e:b1:22:4d:b6:3c:02:b3:a2:56:8a:17:95:03:23:3a:
         9d:cc:6c:5a:e4:e8:b8:79:42:03:a7:63:13:9b:8b:93:f0:6f:
         1b:37:3c:ea:bf:4b:3a:76:9c:b0:18:f8:94:a4:d5:f8:f9:86:
         01:60:18:08:55:08:87:9b:53:13:c6:92:b9:9e:59:0c:9a:f6:
         a3:85:0a:2d
-----BEGIN CERTIFICATE-----
MIIF8DCCBNigAwIBAgIUIaoySr+Z566SE67IJrdVe/hF+bswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNDNDQjMwMDAwMTEwLwYDVQQFEyg4QTFCNEU0QTYz
Mjk1RjE4QjRGMDZGRkY2QUQwMkMzMTY1QkY5OTI1MB4XDTI2MDYyNTAzMTA0NFoX
DTI3MDYyNDAzMTU0NFowMzExMC8GA1UEAxMoNzc2RjI3NDMyMjA4NjMyM0MxMzUx
NzFEMEY4MkI0NkE0QkVBOTgwNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALk7XbX2WLEn8C/3ElVCyg20K10Q6hSQNQnwkBDxGgXrjDvqNDJWKgBepCtg
qudszzWwPSNM4xD4fVfRw1J7GpZzJdUVGDngg6eqNzuCmpNsFr0/D0xd3fk79iN3
67fI0jwN0gC4CQEvkoWPS84lxqF1/8PW/fV8/qLkely3MzZXE4MlOw7mvq6gR34f
4opbwAlFH1O3wGLVCaB6uaxZ0rBbANeTLDo3tdMFLeg6wJqPefgs8G9oF93uxoAO
OnrzY5nLBDYJ+PTbPIXHUklhylu9XDZI7+UM5PzbXSVN7HVJECanqcHSsMVQxP5a
bgW7nGUQ1/rIS5zKjX+i8ko+f80CAwEAAaOCAuMwggLfMB0GA1UdDgQWBBR3bydD
IghjI8E1Fx0PgrRqS+qYBTAfBgNVHSMEGDAWgBSKG05KYylfGLTwb/9q0CwxZb+Z
JTAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk2NzA0NTkzNjk1MzQyNTkzLzEvOEExQjRF
NEE2MzI5NUYxOEI0RjA2RkZGNkFEMDJDMzE2NUJGOTkyNS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvaWh0T1NtTXBY
eGkwOEdfX2F0QXNNV1dfbVNVLmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NjcwNDU5MzY5
NTM0MjU5My8xL0FTMTM2OTU5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCBzwQCAAEwgcgDBAAbJHEwDAMEARsk
dgMEARskeDAMAwQAGyR7AwQHGyQAAwQBGy2WAwQBGy2gAwQCGy2kAwQAOv+vMAwD
BANwWpgDBAFwWpwDBABwXXADBAFwXXIDBAFwYFIDBAF4UFQDBAB4Uw0DBAJ4U5AD
BAJ4U7QDBAB6DagwDAMEAXoNqgMEAXoNrAMEAHoNrwMEAHoN/gMEA6OOmAMEA6Ox
mAMEAN0EkgMEAN0EmgMEAN0EnwMEAN0FIwMEAd0FYAMEAd0FZgMEAN0FazAzBAIA
AjAtAwcGJAiEWUyAAwcGJAiEWU6AAwcGJAiEWVCAAwcGJAiEWVKAAwcGJAiEWVSA
MA0GCSqGSIb3DQEBCwUAA4IBAQBInPTQTwQ36vAty6WLAxnmVXya/PGg+DQkOBiR
kT88jPfy4CCs01C8ruQ4PTDRoHZqkJ2pdmgTX2FrF9omVJI7unPqIh/TiFSQoDt3
FDKV4tFZQy7HcQmucHlI9lEjp95krvTvQwSZ+q/bwgBBwAxEO07MvyVHOH+A8W2Z
J5FN3xKBRrVsWt6PeB31MqLJWWSb9GUTt7MHhuHsHgSNJgzY5oLXJT30bMi+uZa3
IZwRu8Dp+C7HJp6xIk22PAKzolaKF5UDIzqdzGxa5Oi4eUIDp2MTm4uT8G8bNzzq
v0s6dpywGPiUpNX4+YYBYBgIVQiHm1MTxpK5nlkMmvajhQot
-----END CERTIFICATE-----
Generated at Tue Jul 7 19:53:43 2026 by rpki-client