Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS136959.roa
File: AS136959.roa (raw, json)
Hash identifier: 4tzNCgN2xzffcm2fo6LjIwqSC+f12SDmw5HLnXYOdEQ=
Subject key identifier: 2D:8F:62:69:05:11:85:31:89:2A:E2:27:C7:14:4B:39:21:F5:A8:96
Certificate issuer: /CN=A9143CB30000/serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925
Certificate serial: 06E9E47D3536A87B52820D7AB04EF54DFE25D2A3
Authority key identifier: 8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS136959.roa
Signing time: Fri 15 May 2026 06:58:36 +0000
ROA not before: Fri 15 May 2026 06:53:36 +0000
ROA not after: Fri 14 May 2027 06:58:36 +0000
asID: 136959
IP address blocks: 2408:8459:4c80::/44 maxlen: 44
2408:8459:4c90::/44 maxlen: 44
2408:8459:4ca0::/44 maxlen: 44
2408:8459:4cb0::/44 maxlen: 44
2408:8459:4e80::/44 maxlen: 44
2408:8459:4e90::/44 maxlen: 44
2408:8459:4ea0::/44 maxlen: 44
2408:8459:4eb0::/44 maxlen: 44
2408:8459:5080::/44 maxlen: 44
2408:8459:5090::/44 maxlen: 44
2408:8459:50a0::/44 maxlen: 44
2408:8459:50b0::/44 maxlen: 44
2408:8459:5280::/44 maxlen: 44
2408:8459:5290::/44 maxlen: 44
2408:8459:52a0::/44 maxlen: 44
2408:8459:52b0::/44 maxlen: 44
2408:8459:5480::/44 maxlen: 44
2408:8459:5490::/44 maxlen: 44
2408:8459:54a0::/44 maxlen: 44
2408:8459:54b0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl
rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 May 2026 09:59:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:e9:e4:7d:35:36:a8:7b:52:82:0d:7a:b0:4e:f5:4d:fe:25:d2:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB30000, serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925
Validity
Not Before: May 15 06:53:36 2026 GMT
Not After : May 14 06:58:36 2027 GMT
Subject: CN=2D8F626905118531892AE227C7144B3921F5A896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c7:7b:de:0a:83:d8:56:40:5c:b3:ee:0e:ac:
78:99:c1:0a:ec:16:65:4b:18:55:92:bd:b9:59:a0:
a9:74:c5:1e:56:94:81:8a:d6:12:3b:3b:bc:da:9f:
a5:bc:c9:ce:83:a1:b9:ec:5a:2c:32:9a:b0:b7:fc:
d7:41:42:3f:05:dd:36:4f:3d:ef:25:f3:4a:85:9d:
a6:84:ba:e1:d0:c0:76:de:a7:a2:98:8a:fc:2a:ed:
09:f2:d4:a3:6a:57:fb:a4:cb:59:e5:a2:14:42:a7:
4d:b3:56:7c:9d:0c:26:c5:69:3f:26:8e:ef:79:59:
ff:83:b9:d8:bb:dd:ee:ac:1c:b0:b0:59:6c:10:33:
1b:a3:c6:0a:f7:fa:d1:11:d3:01:43:75:67:d5:0e:
15:da:7d:7f:c2:a3:11:a7:91:a2:fa:28:d3:46:13:
04:4d:f8:b5:8a:3a:bf:2f:42:f9:e3:a8:6c:1d:ed:
e4:53:1d:4d:c3:08:ed:f3:34:4c:ea:d2:5f:32:89:
43:7f:a5:32:ba:25:46:2d:ec:9d:81:ba:36:15:aa:
21:7f:88:ce:e8:89:2f:dc:99:0d:f1:2c:90:cc:04:
c6:11:da:90:b8:e5:a1:d2:2b:19:a9:57:81:86:72:
92:3b:61:fe:66:f4:5c:2c:be:73:f9:86:8e:74:5a:
72:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:8F:62:69:05:11:85:31:89:2A:E2:27:C7:14:4B:39:21:F5:A8:96
X509v3 Authority Key Identifier:
keyid:8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS136959.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2408:8459:4c80::/42
2408:8459:4e80::/42
2408:8459:5080::/42
2408:8459:5280::/42
2408:8459:5480::/42
Signature Algorithm: sha256WithRSAEncryption
a9:4b:99:c4:54:7c:4a:53:2a:f6:fc:16:2c:13:84:63:6f:c1:
37:9a:9f:14:70:90:a9:99:70:37:70:e4:20:f8:84:f2:f1:78:
15:0e:6c:c8:95:1f:9f:f7:fe:4a:0f:91:b1:fa:5e:ce:45:7e:
06:43:f5:15:dc:c9:09:54:91:80:60:2c:02:3a:77:86:31:ce:
4c:57:5b:c2:fb:d1:01:aa:9d:d3:32:6e:6e:66:41:28:d5:d1:
ff:66:8d:e1:4f:83:73:af:8c:c0:d8:2c:9f:6e:9c:54:69:57:
ba:6c:0b:71:e0:02:6a:8f:56:8c:3c:da:b6:31:0d:af:49:79:
38:7e:b3:23:c0:8e:3b:49:c7:04:ab:39:e7:1a:34:bd:ec:67:
60:64:94:8d:1a:3d:2d:39:14:67:b2:16:6a:f2:77:c2:e1:24:
7b:f4:89:88:51:58:05:71:32:95:53:9e:a1:a1:6c:47:5c:27:
55:21:09:ce:c5:93:71:bf:a0:19:53:3a:71:9c:9c:38:e4:88:
e4:3f:50:b0:c2:02:e7:36:ad:45:55:cf:cb:78:84:1c:9e:63:
40:e8:eb:82:89:6d:4c:f9:94:57:1b:b5:41:c9:9f:46:a3:93:
74:41:94:15:c5:33:8f:58:01:ab:37:33:84:f3:27:94:6f:ee:
dc:06:c3:16
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUBunkfTU2qHtSgg16sE71Tf4l0qMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNDNDQjMwMDAwMTEwLwYDVQQFEyg4QTFCNEU0QTYz
Mjk1RjE4QjRGMDZGRkY2QUQwMkMzMTY1QkY5OTI1MB4XDTI2MDUxNTA2NTMzNloX
DTI3MDUxNDA2NTgzNlowMzExMC8GA1UEAxMoMkQ4RjYyNjkwNTExODUzMTg5MkFF
MjI3QzcxNDRCMzkyMUY1QTg5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM3He94Kg9hWQFyz7g6seJnBCuwWZUsYVZK9uVmgqXTFHlaUgYrWEjs7vNqf
pbzJzoOhuexaLDKasLf810FCPwXdNk897yXzSoWdpoS64dDAdt6nopiK/CrtCfLU
o2pX+6TLWeWiFEKnTbNWfJ0MJsVpPyaO73lZ/4O52Lvd7qwcsLBZbBAzG6PGCvf6
0RHTAUN1Z9UOFdp9f8KjEaeRovoo00YTBE34tYo6vy9C+eOobB3t5FMdTcMI7fM0
TOrSXzKJQ3+lMrolRi3snYG6NhWqIX+IzuiJL9yZDfEskMwExhHakLjlodIrGalX
gYZykjth/mb0XCy+c/mGjnRact8CAwEAAaOCAgswggIHMB0GA1UdDgQWBBQtj2Jp
BRGFMYkq4ifHFEs5IfWoljAfBgNVHSMEGDAWgBSKG05KYylfGLTwb/9q0CwxZb+Z
JTAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk2NzA0NTkzNjk1MzQyNTkzLzEvOEExQjRF
NEE2MzI5NUYxOEI0RjA2RkZGNkFEMDJDMzE2NUJGOTkyNS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvaWh0T1NtTXBY
eGkwOEdfX2F0QXNNV1dfbVNVLmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NjcwNDU5MzY5
NTM0MjU5My8xL0FTMTM2OTU5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcGJAiEWUyAAwcGJAiEWU6AAwcG
JAiEWVCAAwcGJAiEWVKAAwcGJAiEWVSAMA0GCSqGSIb3DQEBCwUAA4IBAQCpS5nE
VHxKUyr2/BYsE4Rjb8E3mp8UcJCpmXA3cOQg+ITy8XgVDmzIlR+f9/5KD5Gx+l7O
RX4GQ/UV3MkJVJGAYCwCOneGMc5MV1vC+9EBqp3TMm5uZkEo1dH/Zo3hT4Nzr4zA
2CyfbpxUaVe6bAtx4AJqj1aMPNq2MQ2vSXk4frMjwI47SccEqznnGjS97GdgZJSN
Gj0tORRnshZq8nfC4SR79ImIUVgFcTKVU56hoWxHXCdVIQnOxZNxv6AZUzpxnJw4
5IjkP1CwwgLnNq1FVc/LeIQcnmNA6OuCiW1M+ZRXG7VByZ9Go5N0QZQVxTOPWAGr
NzOE8yeUb+7cBsMW
-----END CERTIFICATE-----
Generated at Thu May 21 10:24:58 2026 by rpki-client