Route Origin Authorization

$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS134762.roa
File:                     AS134762.roa (raw, json)
Hash identifier:          /YpP5imx3SNv/fkeOJWPNln3a+sUKiRQ6fFo+pEI0/s=
Subject key identifier:   EC:92:74:10:BD:50:ED:0C:A9:E2:ED:F1:D1:E6:F0:74:6A:BA:7A:F0
Certificate issuer:       /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial:       77365A56F5FBD537B232FCC3601861D6B5AF5E6F
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access:      rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS134762.roa
Signing time:             Wed 17 Jun 2026 16:10:43 +0000
ROA not before:           Wed 17 Jun 2026 16:05:43 +0000
ROA not after:            Wed 16 Jun 2027 16:10:43 +0000
asID:                     134762
IP address blocks:        42.202.128.0/19 maxlen: 19
                          42.202.160.0/20 maxlen: 20
                          42.202.208.0/20 maxlen: 20
                          59.44.64.0/19 maxlen: 19
                          59.44.96.0/19 maxlen: 19
                          59.46.128.0/18 maxlen: 18
                          59.46.192.0/18 maxlen: 18
                          123.177.16.0/22 maxlen: 22
                          123.177.20.0/22 maxlen: 22
                          123.177.42.0/23 maxlen: 23
                          123.177.44.0/23 maxlen: 23
                          123.177.46.0/23 maxlen: 23
                          123.177.48.0/23 maxlen: 23
                          123.177.52.0/22 maxlen: 22
                          123.177.60.0/22 maxlen: 22
                          123.184.192.0/20 maxlen: 20
                          123.185.0.0/18 maxlen: 18
                          123.185.0.0/20 maxlen: 20
                          123.185.16.0/20 maxlen: 20
                          123.185.32.0/20 maxlen: 20
                          123.185.48.0/20 maxlen: 20
                          123.185.64.0/18 maxlen: 18
                          123.185.64.0/20 maxlen: 20
                          123.185.80.0/20 maxlen: 20
                          123.185.96.0/20 maxlen: 20
                          123.185.112.0/20 maxlen: 20
                          123.185.128.0/18 maxlen: 18
                          123.185.192.0/18 maxlen: 18
                          123.246.80.0/20 maxlen: 20
                          182.201.0.0/18 maxlen: 18
                          182.201.240.0/21 maxlen: 21
                          219.149.0.0/21 maxlen: 21
                          219.149.8.0/21 maxlen: 21
                          240e:1:8800::/37 maxlen: 37
                          240e:41:c900::/40 maxlen: 40
                          240e:86:1000::/36 maxlen: 36
                          240e:108:4082::/48 maxlen: 48
                          240e:108:4882::/48 maxlen: 48
                          240e:30c:1a00::/39 maxlen: 39
                          240e:30c:1c00::/38 maxlen: 38
                          240e:30c:2000::/37 maxlen: 37
                          240e:30c:2800::/38 maxlen: 38
                          240e:30c:2c00::/39 maxlen: 39
                          240e:30d:1a00::/39 maxlen: 39
                          240e:30d:1c00::/38 maxlen: 38
                          240e:30d:2000::/37 maxlen: 37
                          240e:30d:2800::/38 maxlen: 38
                          240e:30d:2c00::/39 maxlen: 39
                          240e:30e:1a00::/39 maxlen: 39
                          240e:30e:1c00::/38 maxlen: 38
                          240e:30e:2000::/37 maxlen: 37
                          240e:30e:2800::/38 maxlen: 38
                          240e:30e:2c00::/39 maxlen: 39
                          240e:30f:1a00::/39 maxlen: 39
                          240e:30f:1c00::/38 maxlen: 38
                          240e:30f:2000::/37 maxlen: 37
                          240e:30f:2800::/38 maxlen: 38
                          240e:30f:2c00::/39 maxlen: 39
                          240e:60c:2000::/36 maxlen: 36
                          240e:60c:3000::/36 maxlen: 36
                          240e:90c:a000::/35 maxlen: 35
                          240e:90c:d000::/36 maxlen: 36
                          240e:90c:f000::/36 maxlen: 36
                          240e:90d::/33 maxlen: 33
                          240e:983:200::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
                          rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 08 Jul 2026 04:56:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:36:5a:56:f5:fb:d5:37:b2:32:fc:c3:60:18:61:d6:b5:af:5e:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
        Validity
            Not Before: Jun 17 16:05:43 2026 GMT
            Not After : Jun 16 16:10:43 2027 GMT
        Subject: CN=EC927410BD50ED0CA9E2EDF1D1E6F0746ABA7AF0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:7d:c3:89:a6:fd:71:7b:26:ce:2a:35:74:e8:
                    92:1e:a5:11:c6:24:37:87:95:00:20:21:f3:fd:f0:
                    45:ea:ff:30:2e:83:38:05:80:d7:4b:92:2e:f3:cf:
                    fb:4e:d7:f1:80:a4:2a:61:0f:fd:62:eb:dd:d0:1d:
                    b8:2a:a1:89:19:39:63:2d:0e:bc:af:f9:a6:85:9e:
                    45:69:d9:f7:a4:7b:b6:52:6d:df:2b:e8:41:c3:18:
                    7f:c1:62:93:cf:a5:60:86:31:4c:ad:26:2f:3e:54:
                    7a:27:80:d3:de:ac:37:b8:19:90:99:e5:b0:63:d7:
                    7b:d4:71:c8:36:35:ef:7c:16:4b:76:f8:1c:36:21:
                    d1:f9:42:d4:82:80:6d:55:08:cd:c3:f1:2c:56:fc:
                    53:ed:63:fe:40:0a:ae:8b:e2:c1:be:b3:de:52:e4:
                    cc:0b:6a:aa:bb:65:89:22:27:be:cd:21:f2:9e:9a:
                    f8:89:37:5b:9c:c2:84:cb:9c:d1:ec:41:15:66:ed:
                    7c:a6:e4:b9:c2:f4:fe:07:c1:da:04:83:ce:8d:2f:
                    21:d2:52:0c:90:b0:9b:f2:34:81:6b:21:c2:b1:56:
                    a9:51:fd:2f:bb:79:8d:1c:dc:63:fe:02:58:69:da:
                    c4:22:f1:b7:02:47:72:45:5c:58:75:d2:4e:6f:db:
                    ac:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:92:74:10:BD:50:ED:0C:A9:E2:ED:F1:D1:E6:F0:74:6A:BA:7A:F0
            X509v3 Authority Key Identifier:
                keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS134762.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  42.202.128.0-42.202.175.255
                  42.202.208.0/20
                  59.44.64.0/18
                  59.46.128.0/17
                  123.177.16.0/21
                  123.177.42.0-123.177.49.255
                  123.177.52.0/22
                  123.177.60.0/22
                  123.184.192.0/20
                  123.185.0.0/16
                  123.246.80.0/20
                  182.201.0.0/18
                  182.201.240.0/21
                  219.149.0.0/20
                IPv6:
                  240e:1:8800::/37
                  240e:41:c900::/40
                  240e:86:1000::/36
                  240e:108:4082::/48
                  240e:108:4882::/48
                  240e:30c:1a00::-240e:30c:2dff:ffff:ffff:ffff:ffff:ffff
                  240e:30d:1a00::-240e:30d:2dff:ffff:ffff:ffff:ffff:ffff
                  240e:30e:1a00::-240e:30e:2dff:ffff:ffff:ffff:ffff:ffff
                  240e:30f:1a00::-240e:30f:2dff:ffff:ffff:ffff:ffff:ffff
                  240e:60c:2000::/35
                  240e:90c:a000::/35
                  240e:90c:d000::/36
                  240e:90c:f000::-240e:90d:7fff:ffff:ffff:ffff:ffff:ffff
                  240e:983:200::/48

    Signature Algorithm: sha256WithRSAEncryption
         7a:91:33:e5:97:9a:82:78:40:9a:09:cc:c2:87:a3:56:3c:25:
         b0:f8:76:3d:3d:a1:5b:00:dc:1f:63:b2:38:22:06:8e:e5:c8:
         d5:5e:c9:d2:0b:1b:c3:62:1b:9e:72:e9:cd:0b:51:00:0a:09:
         ec:5e:1b:4b:bd:a0:19:8b:dd:e6:8b:59:6e:42:b3:d7:e4:41:
         21:f4:39:20:6c:80:35:74:b1:31:05:7a:f9:e4:98:77:2a:8f:
         59:7c:34:97:23:f8:39:a8:04:0a:e0:38:cd:9e:b0:a7:96:7c:
         3c:e1:43:35:99:33:af:17:12:6e:95:ac:b1:d2:f0:7f:c4:d5:
         a0:d1:81:e6:21:da:64:7a:c6:c1:08:58:a5:ec:d2:31:09:f7:
         88:62:09:5f:14:fb:f5:e3:d0:f0:c1:1f:c9:47:7d:cc:ed:e0:
         d9:94:00:e7:da:11:b3:08:a8:10:8f:23:83:be:4c:24:b4:e1:
         cd:fd:a4:53:19:4f:63:6d:8d:45:ba:5a:b3:0d:17:fc:de:62:
         c4:e5:36:77:7b:4b:48:dc:90:03:73:0a:be:15:45:84:0d:f7:
         fd:be:d5:10:38:29:d2:ba:c1:31:a3:be:68:68:cb:6d:93:ad:
         15:c2:b7:48:28:29:e5:b7:b4:bd:60:a4:ba:c7:85:e1:5a:69:
         39:10:66:5c
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgIUdzZaVvX71TeyMvzDYBhh1rWvXm8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYxNzE2MDU0M1oX
DTI3MDYxNjE2MTA0M1owMzExMC8GA1UEAxMoRUM5Mjc0MTBCRDUwRUQwQ0E5RTJF
REYxRDFFNkYwNzQ2QUJBN0FGMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM99w4mm/XF7Js4qNXTokh6lEcYkN4eVACAh8/3wRer/MC6DOAWA10uSLvPP
+07X8YCkKmEP/WLr3dAduCqhiRk5Yy0OvK/5poWeRWnZ96R7tlJt3yvoQcMYf8Fi
k8+lYIYxTK0mLz5UeieA096sN7gZkJnlsGPXe9RxyDY173wWS3b4HDYh0flC1IKA
bVUIzcPxLFb8U+1j/kAKroviwb6z3lLkzAtqqrtliSInvs0h8p6a+Ik3W5zChMuc
0exBFWbtfKbkucL0/gfB2gSDzo0vIdJSDJCwm/I0gWshwrFWqVH9L7t5jRzcY/4C
WGnaxCLxtwJHckVcWHXSTm/brCUCAwEAAaOCAvYwggLyMB0GA1UdDgQWBBTsknQQ
vVDtDKni7fHR5vB0arp68DAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTM0NzYyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjBpBAIAATBjMAwDBAcqyoADBAQqyqAD
BAQqytADBAY7LEADBAc7LoADBAN7sRAwDAMEAXuxKgMEAXuxMAMEAnuxNAMEAnux
PAMEBHu4wAMDAHu5AwQEe/ZQAwQGtskAAwQDtsnwAwQE25UAMIGsBAIAAjCBpQMG
AyQOAAGIAwYAJA4AQckDBgQkDgCGEAMHACQOAQhAggMHACQOAQhIgjAQAwYBJA4D
DBoDBgEkDgMMLDAQAwYBJA4DDRoDBgEkDgMNLDAQAwYBJA4DDhoDBgEkDgMOLDAQ
AwYBJA4DDxoDBgEkDgMPLAMGBSQOBgwgAwYFJA4JDKADBgQkDgkM0DAQAwYEJA4J
DPADBgckDgkNAAMHACQOCYMCADANBgkqhkiG9w0BAQsFAAOCAQEAepEz5ZeagnhA
mgnMwoejVjwlsPh2PT2hWwDcH2OyOCIGjuXI1V7J0gsbw2IbnnLpzQtRAAoJ7F4b
S72gGYvd5otZbkKz1+RBIfQ5IGyANXSxMQV6+eSYdyqPWXw0lyP4OagECuA4zZ6w
p5Z8POFDNZkzrxcSbpWssdLwf8TVoNGB5iHaZHrGwQhYpezSMQn3iGIJXxT79ePQ
8MEfyUd9zO3g2ZQA59oRswioEI8jg75MJLThzf2kUxlPY22NRbpasw0X/N5ixOU2
d3tLSNyQA3MKvhVFhA33/b7VEDgp0rrBMaO+aGjLbZOtFcK3SCgp5be0vWCkuseF
4VppORBmXA==
-----END CERTIFICATE-----
Generated at Tue Jul 7 16:00:34 2026 by rpki-client