Route Origin Authorization

$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS134765.roa
File:                     AS134765.roa (raw, json)
Hash identifier:          VNkLDrE7+iyDADVZu3gXMSgPW26sp4ahznn24KbBMNA=
Subject key identifier:   D0:71:56:C1:65:A4:E3:2F:7E:E6:1C:00:6B:6A:7D:5B:A7:BC:56:F0
Certificate issuer:       /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial:       5F7470E245AFDD5C0DC5793DCF6509342CF94E50
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access:      rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS134765.roa
Signing time:             Mon 15 Jun 2026 17:14:10 +0000
ROA not before:           Mon 15 Jun 2026 17:09:10 +0000
ROA not after:            Mon 14 Jun 2027 17:14:10 +0000
asID:                     134765
IP address blocks:        61.166.151.0/24 maxlen: 24
                          61.166.155.0/24 maxlen: 24
                          112.117.208.0/24 maxlen: 24
                          112.117.209.0/24 maxlen: 24
                          112.117.210.0/24 maxlen: 24
                          112.117.211.0/24 maxlen: 24
                          112.117.212.0/22 maxlen: 22
                          112.117.216.0/22 maxlen: 22
                          112.117.220.0/22 maxlen: 22
                          112.117.221.0/24 maxlen: 24
                          112.117.222.0/24 maxlen: 24
                          116.55.225.0/24 maxlen: 24
                          116.55.226.0/24 maxlen: 24
                          116.55.227.0/24 maxlen: 24
                          116.55.228.0/24 maxlen: 24
                          116.55.229.0/24 maxlen: 24
                          116.55.230.0/24 maxlen: 24
                          116.55.231.0/24 maxlen: 24
                          116.55.232.0/24 maxlen: 24
                          116.55.233.0/24 maxlen: 24
                          116.55.234.0/24 maxlen: 24
                          116.55.235.0/24 maxlen: 24
                          116.55.236.0/22 maxlen: 22
                          116.55.240.0/24 maxlen: 24
                          116.55.241.0/24 maxlen: 24
                          116.55.242.0/24 maxlen: 24
                          116.55.243.0/24 maxlen: 24
                          116.55.245.0/24 maxlen: 24
                          116.55.246.0/24 maxlen: 24
                          116.55.247.0/24 maxlen: 24
                          116.55.248.0/24 maxlen: 24
                          116.55.249.0/24 maxlen: 24
                          116.55.250.0/24 maxlen: 24
                          116.55.251.0/24 maxlen: 24
                          116.55.252.0/24 maxlen: 24
                          116.55.253.0/24 maxlen: 24
                          116.55.254.0/24 maxlen: 24
                          116.55.255.0/24 maxlen: 24
                          182.242.40.0/21 maxlen: 21
                          182.242.48.0/21 maxlen: 21
                          182.242.136.0/21 maxlen: 21
                          182.242.144.0/21 maxlen: 21
                          182.247.224.0/20 maxlen: 20
                          182.247.240.0/21 maxlen: 21
                          182.247.246.0/24 maxlen: 24
                          182.247.247.0/24 maxlen: 24
                          182.247.248.0/24 maxlen: 24
                          182.247.249.0/24 maxlen: 24
                          182.247.250.0/24 maxlen: 24
                          182.247.251.0/24 maxlen: 24
                          182.247.252.0/24 maxlen: 24
                          182.247.253.0/24 maxlen: 24
                          182.247.254.0/24 maxlen: 24
                          182.247.255.0/24 maxlen: 24
                          220.165.0.0/24 maxlen: 24
                          220.165.1.0/24 maxlen: 24
                          220.165.2.0/24 maxlen: 24
                          220.165.3.0/24 maxlen: 24
                          220.165.4.0/24 maxlen: 24
                          220.165.5.0/24 maxlen: 24
                          220.165.7.0/24 maxlen: 24
                          220.165.8.0/24 maxlen: 24
                          220.165.9.0/24 maxlen: 24
                          220.165.10.0/24 maxlen: 24
                          220.165.11.0/24 maxlen: 24
                          220.165.12.0/24 maxlen: 24
                          220.165.13.0/24 maxlen: 24
                          220.165.14.0/24 maxlen: 24
                          220.165.15.0/24 maxlen: 24
                          240e:12:800::/37 maxlen: 37
                          240e:c9:4000::/35 maxlen: 35
                          240e:94c::/36 maxlen: 36
                          240e:94c:8000::/37 maxlen: 37
                          240e:94c:c000::/38 maxlen: 38
                          240e:94c:e000::/38 maxlen: 38
Validation:               OK
Signature path:           rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
                          rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 08 Jul 2026 04:56:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:74:70:e2:45:af:dd:5c:0d:c5:79:3d:cf:65:09:34:2c:f9:4e:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
        Validity
            Not Before: Jun 15 17:09:10 2026 GMT
            Not After : Jun 14 17:14:10 2027 GMT
        Subject: CN=D07156C165A4E32F7EE61C006B6A7D5BA7BC56F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:1f:9b:b4:87:67:64:5b:c2:1e:7d:5f:e8:3f:
                    b1:44:a6:dd:f5:52:e2:68:04:59:a2:76:66:00:ee:
                    e2:18:9a:18:bc:bd:2d:c2:a0:0b:53:b4:37:fd:78:
                    8a:a1:8a:10:6b:be:0c:82:7e:86:4a:41:37:9a:2d:
                    f4:ea:dd:d3:aa:33:d6:35:51:02:55:6b:5f:63:44:
                    b7:b7:30:37:58:c3:42:15:35:36:76:7b:0d:89:6a:
                    cc:11:0a:42:cd:cb:ad:af:fa:09:69:9d:2e:f1:69:
                    a5:da:7d:b3:f3:7e:9b:20:5e:a8:d0:0b:c4:81:42:
                    8f:d5:2f:15:04:5a:15:b5:21:c1:18:08:8e:74:9f:
                    cc:e0:4f:d2:1f:4b:f2:46:49:a5:60:18:23:bc:5f:
                    d6:ce:33:f8:fb:96:8a:10:64:f6:19:f1:5c:86:37:
                    e8:87:ff:97:0b:ab:4b:bf:2e:e0:50:0d:02:19:05:
                    e4:e2:f0:76:45:94:b2:93:91:c4:0d:56:d3:e2:e9:
                    07:00:a5:0b:27:bc:9e:46:02:23:bf:6e:76:4e:53:
                    a7:72:81:82:a0:1a:a2:e7:d6:77:25:8c:5b:58:ff:
                    94:59:48:5c:8f:73:11:86:e8:71:ad:bc:c8:b9:87:
                    e5:7b:5c:7f:1a:b4:07:84:e5:7d:28:6f:2c:40:b9:
                    fd:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:71:56:C1:65:A4:E3:2F:7E:E6:1C:00:6B:6A:7D:5B:A7:BC:56:F0
            X509v3 Authority Key Identifier:
                keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS134765.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.166.151.0/24
                  61.166.155.0/24
                  112.117.208.0/20
                  116.55.225.0-116.55.243.255
                  116.55.245.0-116.55.255.255
                  182.242.40.0-182.242.55.255
                  182.242.136.0-182.242.151.255
                  182.247.224.0/19
                  220.165.0.0-220.165.5.255
                  220.165.7.0-220.165.15.255
                IPv6:
                  240e:12:800::/37
                  240e:c9:4000::/35
                  240e:94c::/36
                  240e:94c:8000::/37
                  240e:94c:c000::/38
                  240e:94c:e000::/38

    Signature Algorithm: sha256WithRSAEncryption
         ab:62:58:dc:1f:3b:e0:56:d2:df:14:90:19:78:88:6c:7d:a9:
         97:f1:74:be:cc:1d:04:08:d5:c6:c8:18:ef:35:9e:17:93:8e:
         9e:f6:07:ff:87:57:3d:dd:7c:81:19:e0:f5:7a:d2:33:cf:c2:
         cd:7e:3e:c5:3e:ee:c7:17:b8:ba:ec:59:69:5b:da:f9:7c:ff:
         1f:90:5d:39:7d:76:2a:5a:da:36:5f:c4:56:e8:2b:4a:5a:eb:
         65:56:08:30:f2:a3:af:63:7f:91:dd:14:f4:d4:a7:c9:13:1d:
         10:10:78:05:0e:78:3a:55:c7:73:91:a6:15:af:fe:6b:f4:56:
         66:f0:ad:0c:bd:c5:a8:b5:25:a1:20:89:b4:67:4a:3e:0a:d7:
         d4:01:37:33:4b:1c:ce:47:0a:08:d8:16:45:d4:69:d6:0f:3e:
         5e:98:2e:a7:3e:01:14:9e:2a:31:8e:a5:bf:91:a3:5e:a3:4c:
         d5:1d:88:16:b2:47:de:c1:eb:a5:24:f5:46:71:12:b0:ac:ee:
         5a:41:86:a9:01:4e:57:c2:b5:69:15:73:54:df:d4:ad:d1:9a:
         7a:06:74:ee:12:ae:18:35:7a:cb:e4:bb:9d:a6:9c:b0:06:dc:
         ba:58:10:aa:c3:63:db:bb:1d:42:9e:ef:05:a5:62:5d:2e:a3:
         aa:bc:de:0f
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIUX3Rw4kWv3VwNxXk9z2UJNCz5TlAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYxNTE3MDkxMFoX
DTI3MDYxNDE3MTQxMFowMzExMC8GA1UEAxMoRDA3MTU2QzE2NUE0RTMyRjdFRTYx
QzAwNkI2QTdENUJBN0JDNTZGMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAfm7SHZ2Rbwh59X+g/sUSm3fVS4mgEWaJ2ZgDu4hiaGLy9LcKgC1O0N/14
iqGKEGu+DIJ+hkpBN5ot9Ord06oz1jVRAlVrX2NEt7cwN1jDQhU1NnZ7DYlqzBEK
Qs3Lra/6CWmdLvFppdp9s/N+myBeqNALxIFCj9UvFQRaFbUhwRgIjnSfzOBP0h9L
8kZJpWAYI7xf1s4z+PuWihBk9hnxXIY36If/lwurS78u4FANAhkF5OLwdkWUspOR
xA1W0+LpBwClCye8nkYCI79udk5Tp3KBgqAaoufWdyWMW1j/lFlIXI9zEYboca28
yLmH5Xtcfxq0B4TlfShvLEC5/cMCAwEAAaOCAoMwggJ/MB0GA1UdDgQWBBTQcVbB
ZaTjL37mHABran1bp7xW8DAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTM0NzY1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIG9BggrBgEFBQcBBwEB/wSBrTCBqjBwBAIAATBqAwQAPaaXAwQAPaabAwQEcHXQ
MAwDBAB0N+EDBAJ0N/AwCwMEAHQ39QMDA3QwMAwDBAO28igDBAO28jAwDAMEA7by
iAMEA7bykAMEBbb34DALAwMA3KUDBAHcpQQwDAMEANylBwMEBNylADA2BAIAAjAw
AwYDJA4AEggDBgUkDgDJQAMGBCQOCUwAAwYDJA4JTIADBgIkDglMwAMGAiQOCUzg
MA0GCSqGSIb3DQEBCwUAA4IBAQCrYljcHzvgVtLfFJAZeIhsfamX8XS+zB0ECNXG
yBjvNZ4Xk46e9gf/h1c93XyBGeD1etIzz8LNfj7FPu7HF7i67FlpW9r5fP8fkF05
fXYqWto2X8RW6CtKWutlVggw8qOvY3+R3RT01KfJEx0QEHgFDng6VcdzkaYVr/5r
9FZm8K0MvcWotSWhIIm0Z0o+CtfUATczSxzORwoI2BZF1GnWDz5emC6nPgEUniox
jqW/kaNeo0zVHYgWskfeweulJPVGcRKwrO5aQYapAU5XwrVpFXNU39St0Zp6BnTu
Eq4YNXrL5LudppywBty6WBCqw2Pbux1Cnu8FpWJdLqOqvN4P
-----END CERTIFICATE-----
Generated at Tue Jul 7 16:01:00 2026 by rpki-client