Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS133776.roa
File: AS133776.roa (raw, json)
Hash identifier: ZXDW/0Hcd+WRtr4ceWdE6cvqwYXZtCryeVsTY7mXT8Q=
Subject key identifier: 15:9B:35:2D:E1:34:04:10:29:91:D4:13:9B:0F:97:F0:FF:B1:9A:F2
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 0E9880FFBCE32C7A86FBA997FAA101A9E856B62D
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS133776.roa
Signing time: Tue 09 Jun 2026 16:22:44 +0000
ROA not before: Tue 09 Jun 2026 16:17:44 +0000
ROA not after: Tue 08 Jun 2027 16:22:44 +0000
asID: 133776
IP address blocks: 27.150.128.0/21 maxlen: 21
27.150.136.0/23 maxlen: 23
27.152.28.0/23 maxlen: 23
27.152.60.0/24 maxlen: 24
27.152.180.0/24 maxlen: 24
27.152.181.0/24 maxlen: 24
27.152.182.0/23 maxlen: 23
27.152.184.0/23 maxlen: 23
27.152.186.0/23 maxlen: 23
27.152.188.0/23 maxlen: 23
27.152.190.0/24 maxlen: 24
27.152.191.0/24 maxlen: 24
59.57.12.0/23 maxlen: 23
59.57.15.0/24 maxlen: 24
59.60.21.0/24 maxlen: 24
59.60.28.0/24 maxlen: 24
59.60.30.0/24 maxlen: 24
59.60.40.0/24 maxlen: 24
61.154.116.0/24 maxlen: 24
106.126.0.0/20 maxlen: 20
110.81.152.0/24 maxlen: 24
110.81.153.0/24 maxlen: 24
110.85.4.0/23 maxlen: 23
117.24.0.0/20 maxlen: 20
117.24.240.0/20 maxlen: 20
120.33.34.0/24 maxlen: 24
120.33.50.0/24 maxlen: 24
120.37.140.0/24 maxlen: 24
120.37.141.0/24 maxlen: 24
121.204.244.0/22 maxlen: 22
121.204.248.0/22 maxlen: 22
121.204.252.0/23 maxlen: 23
121.205.6.0/23 maxlen: 23
121.205.88.0/23 maxlen: 23
121.205.90.0/24 maxlen: 24
125.77.128.0/19 maxlen: 19
125.77.160.0/20 maxlen: 20
125.77.176.0/23 maxlen: 23
125.78.88.0/23 maxlen: 23
218.5.112.0/23 maxlen: 23
218.66.170.0/23 maxlen: 23
220.160.32.0/20 maxlen: 20
222.77.96.0/24 maxlen: 24
240e:14:7800::/37 maxlen: 37
240e:108:1182::/48 maxlen: 48
240e:964:2800::/37 maxlen: 37
240e:964:9400::/38 maxlen: 38
240e:964:ca00::/39 maxlen: 39
240e:964:ea00::/39 maxlen: 39
240e:965:2800::/37 maxlen: 37
240e:965:9400::/38 maxlen: 38
240e:965:ca00::/39 maxlen: 39
240e:965:ea00::/39 maxlen: 39
240e:966:2800::/37 maxlen: 37
240e:966:9400::/38 maxlen: 38
240e:966:ca00::/39 maxlen: 39
240e:966:ea00::/39 maxlen: 39
240e:967:2800::/37 maxlen: 37
240e:967:9400::/38 maxlen: 38
240e:967:ca00::/39 maxlen: 39
240e:967:ea00::/39 maxlen: 39
240e:982:8200::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 12 Jun 2026 18:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:98:80:ff:bc:e3:2c:7a:86:fb:a9:97:fa:a1:01:a9:e8:56:b6:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: Jun 9 16:17:44 2026 GMT
Not After : Jun 8 16:22:44 2027 GMT
Subject: CN=159B352DE13404102991D4139B0F97F0FFB19AF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:da:a9:71:b9:47:d3:bd:92:0c:d5:5d:59:ab:
c6:72:ad:44:5c:84:d2:58:f5:57:40:e3:f9:d2:1c:
ca:25:93:51:f6:8e:a0:a6:10:56:28:cf:48:58:2b:
c3:be:c9:74:7d:26:a3:7d:53:2c:8a:8b:96:10:62:
02:6c:6c:9a:f0:9c:24:52:d6:ce:7b:19:d7:fd:51:
34:b3:7b:d2:c7:42:19:13:a3:05:c5:c5:21:e6:7a:
ef:28:c1:3a:70:bd:5d:1d:f1:bb:56:e2:43:a3:89:
03:c6:08:95:f3:ac:a3:21:42:4c:4e:17:fa:67:d8:
d5:f5:cf:12:5a:37:34:a4:2f:97:ef:d0:b5:77:13:
60:8b:7e:cb:32:d0:59:81:5f:24:09:ee:c9:a7:0a:
88:6b:91:ec:2d:a6:ab:0d:6b:60:0a:f6:bd:37:78:
cf:09:e2:eb:b7:b6:ab:41:5f:4a:d5:ca:51:7c:50:
57:be:d3:ce:ef:e0:c3:d5:fd:27:e5:51:7f:73:fc:
b2:c8:3e:78:da:35:81:20:f2:72:dd:8f:68:42:96:
65:b8:a0:68:5c:6f:47:30:fd:72:2a:d2:3f:5f:32:
f2:c0:f2:54:0b:d7:15:e3:ef:f6:a5:82:b5:65:3e:
5d:90:24:18:97:39:42:66:8d:54:30:bd:ff:37:d6:
37:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:9B:35:2D:E1:34:04:10:29:91:D4:13:9B:0F:97:F0:FF:B1:9A:F2
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS133776.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.150.128.0-27.150.137.255
27.152.28.0/23
27.152.60.0/24
27.152.180.0-27.152.191.255
59.57.12.0/23
59.57.15.0/24
59.60.21.0/24
59.60.28.0/24
59.60.30.0/24
59.60.40.0/24
61.154.116.0/24
106.126.0.0/20
110.81.152.0/23
110.85.4.0/23
117.24.0.0/20
117.24.240.0/20
120.33.34.0/24
120.33.50.0/24
120.37.140.0/23
121.204.244.0-121.204.253.255
121.205.6.0/23
121.205.88.0-121.205.90.255
125.77.128.0-125.77.177.255
125.78.88.0/23
218.5.112.0/23
218.66.170.0/23
220.160.32.0/20
222.77.96.0/24
IPv6:
240e:14:7800::/37
240e:108:1182::/48
240e:964:2800::/37
240e:964:9400::/38
240e:964:ca00::/39
240e:964:ea00::/39
240e:965:2800::/37
240e:965:9400::/38
240e:965:ca00::/39
240e:965:ea00::/39
240e:966:2800::/37
240e:966:9400::/38
240e:966:ca00::/39
240e:966:ea00::/39
240e:967:2800::/37
240e:967:9400::/38
240e:967:ca00::/39
240e:967:ea00::/39
240e:982:8200::/40
Signature Algorithm: sha256WithRSAEncryption
78:8d:44:af:45:a6:d5:81:a1:f3:fe:4c:cf:94:d8:a9:8a:9a:
4b:94:66:f4:4d:fd:34:b5:68:a4:81:e7:5a:9c:e3:e8:96:c0:
0c:a2:68:a2:8f:c9:8d:a9:a0:4c:1f:05:f4:d1:7e:ed:c3:62:
11:93:96:e4:39:5b:09:44:fd:be:0d:8a:59:11:57:af:b3:58:
6e:e1:3d:0a:51:03:00:9a:8f:4a:30:bf:61:4c:e4:52:3b:a2:
75:50:4d:e4:43:de:1e:be:90:13:9a:14:50:b9:e1:48:cb:ba:
1e:75:ca:9a:0b:92:bd:60:0c:99:5d:b9:7a:1d:48:4e:21:24:
1a:42:18:cc:1d:0c:36:ae:05:50:60:8e:d0:3d:00:5c:50:40:
a0:17:ce:65:76:59:6b:57:ec:62:bf:0e:05:d6:5e:be:2d:2c:
e3:7f:bc:36:5e:ba:67:2d:cc:a3:c8:a0:dd:1b:7f:44:52:33:
f2:45:b8:8a:19:28:82:c3:65:f3:65:76:fb:37:53:40:71:e3:
18:e5:14:51:af:28:a6:0b:0a:ea:8c:fe:ef:56:4c:c6:6a:e6:
6d:a5:a3:9d:c0:bc:f7:f9:6d:54:a3:d8:6d:93:d2:34:9a:5d:
e9:97:31:f7:3a:b6:c5:53:ad:67:c9:4f:2f:2a:9a:9e:a8:fc:
a8:45:75:74
-----BEGIN CERTIFICATE-----
MIIGZjCCBU6gAwIBAgIUDpiA/7zjLHqG+6mX+qEBqehWti0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYwOTE2MTc0NFoX
DTI3MDYwODE2MjI0NFowMzExMC8GA1UEAxMoMTU5QjM1MkRFMTM0MDQxMDI5OTFE
NDEzOUIwRjk3RjBGRkIxOUFGMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjaqXG5R9O9kgzVXVmrxnKtRFyE0lj1V0Dj+dIcyiWTUfaOoKYQVijPSFgr
w77JdH0mo31TLIqLlhBiAmxsmvCcJFLWznsZ1/1RNLN70sdCGROjBcXFIeZ67yjB
OnC9XR3xu1biQ6OJA8YIlfOsoyFCTE4X+mfY1fXPElo3NKQvl+/QtXcTYIt+yzLQ
WYFfJAnuyacKiGuR7C2mqw1rYAr2vTd4zwni67e2q0FfStXKUXxQV77Tzu/gw9X9
J+VRf3P8ssg+eNo1gSDyct2PaEKWZbigaFxvRzD9cirSP18y8sDyVAvXFePv9qWC
tWU+XZAkGJc5QmaNVDC9/zfWN3UCAwEAAaOCA1kwggNVMB0GA1UdDgQWBBQVmzUt
4TQEECmR1BObD5fw/7Ga8jAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTMzNzc2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIIBkgYIKwYBBQUHAQcBAf8EggGBMIIBfTCB1wQCAAEwgdAwDAMEBxuWgAMEARuW
iAMEARuYHAMEABuYPDAMAwQCG5i0AwQGG5iAAwQBOzkMAwQAOzkPAwQAOzwVAwQA
OzwcAwQAOzweAwQAOzwoAwQAPZp0AwQEan4AAwQBblGYAwQBblUEAwQEdRgAAwQE
dRjwAwQAeCEiAwQAeCEyAwQBeCWMMAwDBAJ5zPQDBAF5zPwDBAF5zQYwDAMEA3nN
WAMEAHnNWjAMAwQHfU2AAwQBfU2wAwQBfU5YAwQB2gVwAwQB2kKqAwQE3KAgAwQA
3k1gMIGgBAIAAjCBmQMGAyQOABR4AwcAJA4BCBGCAwYDJA4JZCgDBgIkDglklAMG
ASQOCWTKAwYBJA4JZOoDBgMkDgllKAMGAiQOCWWUAwYBJA4JZcoDBgEkDgll6gMG
AyQOCWYoAwYCJA4JZpQDBgEkDglmygMGASQOCWbqAwYDJA4JZygDBgIkDglnlAMG
ASQOCWfKAwYBJA4JZ+oDBgAkDgmCgjANBgkqhkiG9w0BAQsFAAOCAQEAeI1Er0Wm
1YGh8/5Mz5TYqYqaS5Rm9E39NLVopIHnWpzj6JbADKJooo/JjamgTB8F9NF+7cNi
EZOW5DlbCUT9vg2KWRFXr7NYbuE9ClEDAJqPSjC/YUzkUjuidVBN5EPeHr6QE5oU
ULnhSMu6HnXKmguSvWAMmV25eh1ITiEkGkIYzB0MNq4FUGCO0D0AXFBAoBfOZXZZ
a1fsYr8OBdZevi0s43+8Nl66Zy3Mo8ig3Rt/RFIz8kW4ihkogsNl82V2+zdTQHHj
GOUUUa8opgsK6oz+71ZMxmrmbaWjncC89/ltVKPYbZPSNJpd6Zcx9zq2xVOtZ8lP
Lyqanqj8qEV1dA==
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:23:43 2026 by rpki-client