Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS152120.roa
File: AS152120.roa (raw, json)
Hash identifier: 0dSRUlDpwxecW0a1HoIjiXpEd+7xWZ34DIHGYILYUlo=
Subject key identifier: 30:E9:9F:76:B0:BA:53:02:45:82:36:64:E7:9F:6F:9B:8E:58:A0:77
Certificate issuer: /CN=A9143CB30000/serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925
Certificate serial: 547942B45BA0150A1B78BFC1E2981638EB33C763
Authority key identifier: 8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS152120.roa
Signing time: Wed 27 May 2026 01:52:08 +0000
ROA not before: Wed 27 May 2026 01:47:08 +0000
ROA not after: Wed 26 May 2027 01:52:08 +0000
asID: 152120
IP address blocks: 60.24.140.0/22 maxlen: 22
60.24.144.0/22 maxlen: 22
60.24.148.0/22 maxlen: 22
60.24.152.0/22 maxlen: 22
60.24.156.0/22 maxlen: 22
60.24.160.0/22 maxlen: 22
60.24.164.0/22 maxlen: 22
60.24.168.0/22 maxlen: 22
117.8.188.0/24 maxlen: 24
2408:8000:2014::/48 maxlen: 48
2408:8000:2015::/48 maxlen: 48
2408:8710:6010::/48 maxlen: 48
2408:8710:6020::/46 maxlen: 46
2408:8710:6024::/46 maxlen: 46
2408:8710:6028::/46 maxlen: 46
2408:8710:602c::/46 maxlen: 46
2408:8710:6030::/46 maxlen: 46
2408:8710:6034::/46 maxlen: 46
2408:8710:6038::/46 maxlen: 46
2408:8710:603c::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl
rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 31 May 2026 02:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:79:42:b4:5b:a0:15:0a:1b:78:bf:c1:e2:98:16:38:eb:33:c7:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB30000, serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925
Validity
Not Before: May 27 01:47:08 2026 GMT
Not After : May 26 01:52:08 2027 GMT
Subject: CN=30E99F76B0BA530245823664E79F6F9B8E58A077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f1:bc:7c:ea:21:21:fe:ba:04:8f:49:cb:8f:
d9:17:aa:91:59:2d:e4:61:4a:b6:f8:b3:a1:37:d9:
66:0f:6d:5f:62:d7:bc:f7:07:e6:18:e8:f3:cc:22:
84:f2:2c:b6:f8:54:59:bb:b4:46:5b:3a:33:b6:b4:
da:54:8e:6e:83:f6:c4:f5:8f:54:b8:62:f6:62:33:
bf:8c:3c:94:31:93:30:31:bc:02:af:c2:05:81:81:
dc:2a:6f:ad:de:d2:d3:ff:45:7e:50:07:17:9f:ac:
d5:09:ef:6d:51:24:2c:69:9b:02:99:ac:8a:c2:b2:
c7:53:11:48:29:a2:42:8d:44:d8:4e:a6:e9:9f:6d:
d3:ef:42:87:e4:0f:89:c5:53:07:86:a0:4a:97:db:
77:2a:ac:c2:5e:36:99:9b:ce:31:63:d5:ac:fc:51:
9d:34:22:bf:f6:e8:21:a4:7e:3d:48:e9:6d:56:30:
9a:eb:50:d7:a3:3e:46:05:cd:55:68:13:9e:51:3a:
47:56:17:61:21:40:25:b3:df:8c:01:f5:cf:c5:bd:
29:8e:17:a0:dc:44:72:94:6b:7a:91:f8:ec:b4:15:
ad:97:77:6a:d2:1a:e1:9d:2f:f7:e3:e5:06:9b:63:
17:84:38:95:c1:a2:30:ad:3d:3b:46:c9:f1:48:ee:
39:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:E9:9F:76:B0:BA:53:02:45:82:36:64:E7:9F:6F:9B:8E:58:A0:77
X509v3 Authority Key Identifier:
keyid:8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS152120.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
60.24.140.0-60.24.171.255
117.8.188.0/24
IPv6:
2408:8000:2014::/47
2408:8710:6010::/48
2408:8710:6020::/43
Signature Algorithm: sha256WithRSAEncryption
2e:10:48:8d:61:f4:b1:73:9d:f9:a8:8f:95:e7:39:cc:01:c3:
7d:a3:8f:8e:92:0b:52:55:a3:90:59:25:5c:b1:3c:5c:52:6a:
3e:c3:c7:ab:83:2c:30:fb:f5:9c:88:2e:1f:88:13:ab:15:8e:
fa:24:b3:a9:bb:38:40:47:3f:96:fe:a2:48:56:97:ad:1a:8f:
c3:18:f7:d3:7d:ff:29:1b:a7:9e:c4:2f:8c:f9:26:2c:f8:ef:
0c:58:a4:10:9f:ee:2a:97:5e:3f:7e:a9:39:78:c8:47:19:e4:
f6:f0:b3:e6:cb:fb:bf:be:a5:f6:8e:f2:2c:c6:1c:7b:cb:21:
d9:d7:fa:5d:f7:fe:e4:76:0d:5c:f5:1b:72:34:af:23:fa:70:
08:90:8f:0b:3d:88:6e:77:fa:05:c6:58:77:5b:45:14:20:39:
12:9d:7f:b9:ee:81:46:9c:34:27:4d:53:b8:b4:84:61:05:76:
d5:9d:59:50:26:89:5b:5f:a2:5d:10:b5:4f:10:88:49:33:ca:
67:f3:7f:3c:36:be:12:14:65:30:87:21:d0:7d:a8:bd:31:18:
cc:5d:fb:4e:f9:fc:4a:4d:ca:dc:3f:2d:b0:a5:57:ac:8a:b2:
b7:38:0b:4b:11:f4:16:5c:65:e8:1d:6e:b6:cd:03:c3:f7:6c:
f3:d6:6a:cf
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUVHlCtFugFQobeL/B4pgWOOszx2MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNDNDQjMwMDAwMTEwLwYDVQQFEyg4QTFCNEU0QTYz
Mjk1RjE4QjRGMDZGRkY2QUQwMkMzMTY1QkY5OTI1MB4XDTI2MDUyNzAxNDcwOFoX
DTI3MDUyNjAxNTIwOFowMzExMC8GA1UEAxMoMzBFOTlGNzZCMEJBNTMwMjQ1ODIz
NjY0RTc5RjZGOUI4RTU4QTA3NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHxvHzqISH+ugSPScuP2ReqkVkt5GFKtvizoTfZZg9tX2LXvPcH5hjo88wi
hPIstvhUWbu0Rls6M7a02lSOboP2xPWPVLhi9mIzv4w8lDGTMDG8Aq/CBYGB3Cpv
rd7S0/9FflAHF5+s1QnvbVEkLGmbApmsisKyx1MRSCmiQo1E2E6m6Z9t0+9Ch+QP
icVTB4agSpfbdyqswl42mZvOMWPVrPxRnTQiv/boIaR+PUjpbVYwmutQ16M+RgXN
VWgTnlE6R1YXYSFAJbPfjAH1z8W9KY4XoNxEcpRrepH47LQVrZd3atIa4Z0v9+Pl
BptjF4Q4lcGiMK09O0bJ8UjuOT0CAwEAAaOCAhUwggIRMB0GA1UdDgQWBBQw6Z92
sLpTAkWCNmTnn2+bjligdzAfBgNVHSMEGDAWgBSKG05KYylfGLTwb/9q0CwxZb+Z
JTAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk2NzA0NTkzNjk1MzQyNTkzLzEvOEExQjRF
NEE2MzI5NUYxOEI0RjA2RkZGNkFEMDJDMzE2NUJGOTkyNS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvaWh0T1NtTXBY
eGkwOEdfX2F0QXNNV1dfbVNVLmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NjcwNDU5MzY5
NTM0MjU5My8xL0FTMTUyMTIwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MFAGCCsGAQUFBwEHAQH/BEEwPzAaBAIAATAUMAwDBAI8GIwDBAI8GKgDBAB1CLww
IQQCAAIwGwMHASQIgAAgFAMHACQIhxBgEAMHBSQIhxBgIDANBgkqhkiG9w0BAQsF
AAOCAQEALhBIjWH0sXOd+aiPlec5zAHDfaOPjpILUlWjkFklXLE8XFJqPsPHq4Ms
MPv1nIguH4gTqxWO+iSzqbs4QEc/lv6iSFaXrRqPwxj3033/KRunnsQvjPkmLPjv
DFikEJ/uKpdeP36pOXjIRxnk9vCz5sv7v76l9o7yLMYce8sh2df6Xff+5HYNXPUb
cjSvI/pwCJCPCz2Ibnf6BcZYd1tFFCA5Ep1/ue6BRpw0J01TuLSEYQV21Z1ZUCaJ
W1+iXRC1TxCISTPKZ/N/PDa+EhRlMIch0H2ovTEYzF37Tvn8Sk3K3D8tsKVXrIqy
tzgLSxH0Flxl6B1uts0Dw/ds89Zqzw==
-----END CERTIFICATE-----
Generated at Sat May 30 01:21:53 2026 by rpki-client