Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS138421.roa
File: AS138421.roa (raw, json)
Hash identifier: F3q5nFt6o8RlFfq/PMUg3P/lCPbL1bG0R793MOANK9s=
Subject key identifier: 7A:63:D9:4D:73:F2:66:E6:D5:37:2E:B0:F7:56:59:1D:DC:94:4E:E1
Certificate issuer: /CN=A9143CB30000/serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925
Certificate serial: 70DA63F27857C24FC9D361CAE43A5BFBC6C8297E
Authority key identifier: 8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS138421.roa
Signing time: Thu 04 Jun 2026 08:32:42 +0000
ROA not before: Thu 04 Jun 2026 08:27:42 +0000
ROA not after: Thu 03 Jun 2027 08:32:42 +0000
asID: 138421
IP address blocks: 112.65.64.0/24 maxlen: 24
112.65.66.0/24 maxlen: 24
112.65.72.0/24 maxlen: 24
112.65.73.0/24 maxlen: 24
112.65.74.0/24 maxlen: 24
112.65.75.0/24 maxlen: 24
112.65.94.0/24 maxlen: 24
112.65.112.0/24 maxlen: 24
112.65.116.0/23 maxlen: 23
112.65.116.0/24 maxlen: 24
112.65.117.0/24 maxlen: 24
112.65.216.0/24 maxlen: 24
112.65.217.0/24 maxlen: 24
112.65.219.0/24 maxlen: 24
112.65.220.0/24 maxlen: 24
112.65.222.0/23 maxlen: 23
112.65.222.0/24 maxlen: 24
112.65.223.0/24 maxlen: 24
112.65.224.0/23 maxlen: 23
112.65.226.0/24 maxlen: 24
112.65.227.0/24 maxlen: 24
112.65.228.0/22 maxlen: 22
112.65.232.0/23 maxlen: 23
112.65.235.0/24 maxlen: 24
112.65.237.0/24 maxlen: 24
112.65.238.0/24 maxlen: 24
210.51.25.0/24 maxlen: 24
210.51.26.0/24 maxlen: 24
210.51.27.0/24 maxlen: 24
210.51.29.0/24 maxlen: 24
210.51.32.0/24 maxlen: 24
210.51.36.0/24 maxlen: 24
210.51.40.0/24 maxlen: 24
210.51.41.0/24 maxlen: 24
210.51.45.0/24 maxlen: 24
210.51.46.0/24 maxlen: 24
210.51.47.0/24 maxlen: 24
210.51.52.0/24 maxlen: 24
210.51.53.0/24 maxlen: 24
210.51.59.0/24 maxlen: 24
210.51.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl
rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 05 Jun 2026 17:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:da:63:f2:78:57:c2:4f:c9:d3:61:ca:e4:3a:5b:fb:c6:c8:29:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB30000, serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925
Validity
Not Before: Jun 4 08:27:42 2026 GMT
Not After : Jun 3 08:32:42 2027 GMT
Subject: CN=7A63D94D73F266E6D5372EB0F756591DDC944EE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a1:04:f6:f9:4e:c3:5d:f3:69:27:80:af:de:
ca:32:79:41:ac:f8:0a:f7:2c:60:4a:fc:1b:b5:30:
af:70:a5:1b:8d:4b:36:48:c5:6e:36:e1:aa:24:ce:
7e:9c:c6:70:1f:f5:a7:d1:16:e0:da:2a:af:88:d2:
6d:25:18:6b:5e:57:d0:fc:03:12:76:94:b4:bc:91:
a8:8d:b9:b2:52:07:cf:1a:65:18:37:b2:56:ce:4f:
de:9c:85:fe:1a:8b:98:11:53:b9:06:fb:f9:fd:e9:
0b:eb:2f:25:82:8e:f1:f5:df:fc:1b:d4:36:82:e4:
b9:52:34:68:c3:d3:20:c4:8d:01:97:fa:6c:ee:73:
1a:29:d7:d9:31:64:9f:31:e1:25:83:ab:53:01:a1:
3c:63:4d:88:a2:17:c5:88:04:75:5a:28:6d:75:54:
e0:cc:25:d9:cb:ac:ea:bb:58:d9:de:4b:04:c6:55:
ae:d3:f1:e0:97:15:b9:01:ed:9c:3b:94:0e:33:1a:
02:23:f7:e5:e3:eb:fc:f6:49:74:2e:57:80:08:05:
7d:9a:9b:d1:85:c7:75:bf:aa:15:66:cc:db:ce:4d:
28:08:01:b7:99:e2:5f:10:03:d3:87:1e:77:f0:f4:
b0:97:27:ee:1c:78:fe:50:24:69:98:ea:39:fa:74:
72:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:63:D9:4D:73:F2:66:E6:D5:37:2E:B0:F7:56:59:1D:DC:94:4E:E1
X509v3 Authority Key Identifier:
keyid:8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS138421.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
112.65.64.0/24
112.65.66.0/24
112.65.72.0/22
112.65.94.0/24
112.65.112.0/24
112.65.116.0/23
112.65.216.0/23
112.65.219.0-112.65.220.255
112.65.222.0-112.65.233.255
112.65.235.0/24
112.65.237.0-112.65.238.255
210.51.25.0-210.51.27.255
210.51.29.0/24
210.51.32.0/24
210.51.36.0/24
210.51.40.0/23
210.51.45.0-210.51.47.255
210.51.52.0/23
210.51.59.0/24
210.51.61.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:b0:c8:3e:5a:d4:3c:0a:0e:db:8a:23:c1:4d:98:cc:92:17:
eb:18:b6:2c:3c:f2:e6:c2:a9:15:07:8c:83:0a:f5:0c:b9:3c:
28:e4:3d:71:e3:36:a4:57:3c:35:0d:25:06:a9:ae:73:55:f7:
30:58:c3:36:60:bf:58:11:26:2a:04:64:44:d2:00:d4:c7:a9:
15:a1:74:1e:12:94:a1:57:61:05:44:3f:73:d1:da:4c:04:c2:
91:f7:cb:34:98:4c:c0:dc:18:dd:2f:3d:57:cd:81:43:79:42:
18:20:93:5d:c7:fa:34:fe:ac:26:35:c9:24:a4:20:42:97:57:
7c:71:40:ab:8f:db:a4:ec:c2:93:a4:61:e8:39:4d:9d:2b:11:
11:9e:d3:9e:01:d5:1d:f5:52:0d:44:d6:5c:08:a3:30:b5:26:
5a:8d:18:84:ef:c3:31:d5:23:54:70:f9:c4:1d:d3:31:eb:32:
79:69:0a:d2:46:6d:ab:b4:11:fd:f1:b5:da:62:dd:cd:f3:de:
94:39:d6:90:ec:a6:12:d2:63:dc:f2:9c:e2:3b:77:1c:fc:53:
bd:19:7c:63:c7:8a:80:19:b9:04:62:e8:ec:e6:bf:3d:b5:48:
4c:ca:af:88:ab:f5:e8:f4:e3:41:bf:6d:d2:4d:2f:c0:05:25:
43:1b:11:ed
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIUcNpj8nhXwk/J02HK5Dpb+8bIKX4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNDNDQjMwMDAwMTEwLwYDVQQFEyg4QTFCNEU0QTYz
Mjk1RjE4QjRGMDZGRkY2QUQwMkMzMTY1QkY5OTI1MB4XDTI2MDYwNDA4Mjc0MloX
DTI3MDYwMzA4MzI0MlowMzExMC8GA1UEAxMoN0E2M0Q5NEQ3M0YyNjZFNkQ1Mzcy
RUIwRjc1NjU5MUREQzk0NEVFMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGhBPb5TsNd82kngK/eyjJ5Qaz4CvcsYEr8G7Uwr3ClG41LNkjFbjbhqiTO
fpzGcB/1p9EW4Noqr4jSbSUYa15X0PwDEnaUtLyRqI25slIHzxplGDeyVs5P3pyF
/hqLmBFTuQb7+f3pC+svJYKO8fXf/BvUNoLkuVI0aMPTIMSNAZf6bO5zGinX2TFk
nzHhJYOrUwGhPGNNiKIXxYgEdVoobXVU4Mwl2cus6rtY2d5LBMZVrtPx4JcVuQHt
nDuUDjMaAiP35ePr/PZJdC5XgAgFfZqb0YXHdb+qFWbM285NKAgBt5niXxAD04ce
d/D0sJcn7hx4/lAkaZjqOfp0ckkCAwEAAaOCAoMwggJ/MB0GA1UdDgQWBBR6Y9lN
c/Jm5tU3LrD3Vlkd3JRO4TAfBgNVHSMEGDAWgBSKG05KYylfGLTwb/9q0CwxZb+Z
JTAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk2NzA0NTkzNjk1MzQyNTkzLzEvOEExQjRF
NEE2MzI5NUYxOEI0RjA2RkZGNkFEMDJDMzE2NUJGOTkyNS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvaWh0T1NtTXBY
eGkwOEdfX2F0QXNNV1dfbVNVLmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NjcwNDU5MzY5
NTM0MjU5My8xL0FTMTM4NDIxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBABwQUADBABwQUIDBAJw
QUgDBABwQV4DBABwQXADBAFwQXQDBAFwQdgwDAMEAHBB2wMEAHBB3DAMAwQBcEHe
AwQBcEHoAwQAcEHrMAwDBABwQe0DBABwQe4wDAMEANIzGQMEAtIzGAMEANIzHQME
ANIzIAMEANIzJAMEAdIzKDAMAwQA0jMtAwQE0jMgAwQB0jM0AwQA0jM7AwQA0jM9
MA0GCSqGSIb3DQEBCwUAA4IBAQC3sMg+WtQ8Cg7biiPBTZjMkhfrGLYsPPLmwqkV
B4yDCvUMuTwo5D1x4zakVzw1DSUGqa5zVfcwWMM2YL9YESYqBGRE0gDUx6kVoXQe
EpShV2EFRD9z0dpMBMKR98s0mEzA3BjdLz1XzYFDeUIYIJNdx/o0/qwmNckkpCBC
l1d8cUCrj9uk7MKTpGHoOU2dKxERntOeAdUd9VINRNZcCKMwtSZajRiE78Mx1SNU
cPnEHdMx6zJ5aQrSRm2rtBH98bXaYt3N896UOdaQ7KYS0mPc8pziO3cc/FO9GXxj
x4qAGbkEYujs5r89tUhMyq+Iq/Xo9ONBv23STS/ABSVDGxHt
-----END CERTIFICATE-----
Generated at Thu Jun 4 19:43:24 2026 by rpki-client