Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS134771.roa
File: AS134771.roa (raw, json)
Hash identifier: NpTN4lhKl/+2DCTfgKEpY34xCn+IZhEbNMPSv+glUPs=
Subject key identifier: 67:5B:43:8F:6B:E8:84:4F:FB:55:AF:B1:72:5E:C1:24:8B:C0:A0:17
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 2AD543A642AB500A8345601C24BEB794A5ABA0CD
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS134771.roa
Signing time: Thu 28 May 2026 16:38:27 +0000
ROA not before: Thu 28 May 2026 16:33:27 +0000
ROA not after: Thu 27 May 2027 16:38:27 +0000
asID: 134771
IP address blocks: 60.190.114.0/24 maxlen: 24
60.190.118.0/24 maxlen: 24
60.190.119.0/24 maxlen: 24
61.164.108.0/23 maxlen: 23
61.164.110.0/23 maxlen: 23
61.164.112.0/23 maxlen: 23
61.164.114.0/23 maxlen: 23
61.164.116.0/23 maxlen: 23
61.164.118.0/23 maxlen: 23
61.164.123.0/24 maxlen: 24
61.164.124.0/23 maxlen: 23
61.164.126.0/24 maxlen: 24
61.164.140.0/24 maxlen: 24
61.164.141.0/24 maxlen: 24
61.164.142.0/24 maxlen: 24
61.164.143.0/24 maxlen: 24
61.164.144.0/24 maxlen: 24
61.164.145.0/24 maxlen: 24
61.164.147.0/24 maxlen: 24
61.164.148.0/24 maxlen: 24
61.164.149.0/24 maxlen: 24
61.164.150.0/24 maxlen: 24
61.164.151.0/24 maxlen: 24
61.164.153.0/24 maxlen: 24
61.164.154.0/24 maxlen: 24
61.164.155.0/24 maxlen: 24
61.164.156.0/24 maxlen: 24
61.164.157.0/24 maxlen: 24
61.164.158.0/24 maxlen: 24
61.164.159.0/24 maxlen: 24
115.223.0.0/21 maxlen: 21
115.223.8.0/21 maxlen: 21
115.223.16.0/20 maxlen: 20
115.223.20.0/23 maxlen: 23
115.223.22.0/24 maxlen: 24
115.223.32.0/22 maxlen: 22
115.223.38.0/23 maxlen: 23
115.223.41.0/24 maxlen: 24
115.223.42.0/23 maxlen: 23
115.223.44.0/22 maxlen: 22
115.223.48.0/20 maxlen: 20
122.228.0.0/21 maxlen: 21
122.228.8.0/22 maxlen: 22
122.228.12.0/22 maxlen: 22
122.228.15.0/24 maxlen: 24
122.228.16.0/20 maxlen: 20
122.228.56.0/22 maxlen: 22
122.228.60.0/22 maxlen: 22
122.228.64.0/19 maxlen: 19
122.228.96.0/21 maxlen: 21
122.228.112.0/21 maxlen: 21
122.228.192.0/21 maxlen: 21
122.228.200.0/24 maxlen: 24
122.228.201.0/24 maxlen: 24
122.228.202.0/24 maxlen: 24
122.228.203.0/24 maxlen: 24
122.228.204.0/24 maxlen: 24
122.228.205.0/24 maxlen: 24
122.228.206.0/24 maxlen: 24
122.228.207.0/24 maxlen: 24
122.228.208.0/22 maxlen: 22
122.228.212.0/22 maxlen: 22
122.228.216.0/24 maxlen: 24
122.228.217.0/24 maxlen: 24
122.228.218.0/24 maxlen: 24
122.228.219.0/24 maxlen: 24
122.228.220.0/22 maxlen: 22
122.228.224.0/21 maxlen: 21
122.228.225.0/24 maxlen: 24
122.228.226.0/24 maxlen: 24
122.228.232.0/21 maxlen: 21
122.228.233.0/24 maxlen: 24
122.228.240.0/20 maxlen: 20
240e:1c:5000::/36 maxlen: 36
240e:f7:2000::/36 maxlen: 36
240e:f7:6000::/36 maxlen: 36
240e:f7:c000::/36 maxlen: 36
240e:f7:d000::/36 maxlen: 36
240e:971:3000::/36 maxlen: 36
240e:983:1b01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 May 2026 20:29:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:d5:43:a6:42:ab:50:0a:83:45:60:1c:24:be:b7:94:a5:ab:a0:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: May 28 16:33:27 2026 GMT
Not After : May 27 16:38:27 2027 GMT
Subject: CN=675B438F6BE8844FFB55AFB1725EC1248BC0A017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:56:62:66:5a:38:fa:76:36:5d:3b:8c:2c:a8:
a8:06:15:3c:fd:fa:60:0d:b7:77:52:59:de:71:cb:
c6:9b:f4:c2:57:88:c2:90:e4:19:bf:9f:ef:b8:49:
eb:02:fa:15:4d:8d:18:fc:5d:0b:33:f8:21:ec:92:
57:87:b8:50:d0:13:41:2d:75:32:69:1b:e7:a2:44:
cc:4d:0b:7f:d4:84:31:16:4c:74:9d:93:01:e2:49:
01:25:80:b9:20:83:ea:e9:14:bc:d4:6d:79:8c:b1:
53:7d:e5:63:52:b9:5e:43:00:c7:65:f7:9c:9f:4a:
fb:37:80:e0:65:0e:b9:99:a7:c9:92:f6:e7:67:26:
52:9c:27:1a:11:7b:a7:fe:c5:4e:4c:41:df:81:f7:
b6:68:b6:7d:43:08:ac:5e:a5:14:28:56:e7:f5:78:
48:78:64:0c:e0:d3:af:13:2f:e4:3d:82:4d:17:65:
5b:fd:bb:65:86:c2:f1:c0:89:6c:4f:90:f7:b2:a1:
e5:a1:2d:bf:79:06:43:97:0d:76:77:2c:dd:f8:ea:
da:7e:8d:96:43:d3:3b:8f:11:f1:17:7c:1e:17:ae:
79:3f:10:94:98:ee:2b:d8:be:ad:0d:0b:83:36:2e:
f8:ef:41:90:86:8a:be:ac:c3:40:a9:fe:09:32:49:
67:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:5B:43:8F:6B:E8:84:4F:FB:55:AF:B1:72:5E:C1:24:8B:C0:A0:17
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS134771.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
60.190.114.0/24
60.190.118.0/23
61.164.108.0-61.164.119.255
61.164.123.0-61.164.126.255
61.164.140.0-61.164.145.255
61.164.147.0-61.164.151.255
61.164.153.0-61.164.159.255
115.223.0.0-115.223.35.255
115.223.38.0/23
115.223.41.0-115.223.63.255
122.228.0.0/19
122.228.56.0-122.228.103.255
122.228.112.0/21
122.228.192.0/18
IPv6:
240e:1c:5000::/36
240e:f7:2000::/36
240e:f7:6000::/36
240e:f7:c000::/35
240e:971:3000::/36
240e:983:1b01::/48
Signature Algorithm: sha256WithRSAEncryption
ab:96:dd:33:93:32:29:08:ca:32:a2:52:a3:7a:fe:7e:f3:72:
b9:ba:82:cd:29:92:fb:a3:44:3f:4a:6b:9c:0d:7a:2f:0a:05:
11:c3:e0:60:03:6b:77:4c:4b:c8:f8:c1:cb:ea:04:21:41:97:
e3:0b:56:77:a5:b4:c6:55:be:33:4f:a6:b7:2e:d6:7b:00:0c:
a4:f7:80:79:17:a1:db:a9:5a:38:57:f1:6a:62:e0:02:68:49:
60:75:a8:45:bb:3d:cb:c5:25:5a:a3:93:b3:29:d7:f6:e3:67:
b0:6f:31:4e:74:6d:1b:80:b5:82:34:4f:be:da:2f:f5:8e:a3:
8b:70:29:32:b5:26:aa:33:c3:7e:87:f7:26:55:98:b1:e4:e3:
c6:0b:e6:73:98:81:31:69:53:d0:b5:9e:fc:11:25:a4:98:40:
2d:0c:72:96:53:18:05:45:23:3b:01:e6:05:f7:d1:bb:c1:94:
cd:bc:bf:1f:d4:01:81:b8:b1:a1:5d:dd:6e:31:b8:85:4f:05:
32:86:a8:9f:11:0b:10:97:b6:f3:3b:a0:d4:ed:93:c9:7c:c7:
a7:15:ba:03:ef:2b:74:ba:3f:fb:9e:dd:b6:c0:4c:05:1a:8a:
63:43:ab:99:97:f6:d5:dc:4f:f6:04:65:92:ac:29:14:fe:4f:
84:8c:d3:55
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUKtVDpkKrUAqDRWAcJL63lKWroM0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDUyODE2MzMyN1oX
DTI3MDUyNzE2MzgyN1owMzExMC8GA1UEAxMoNjc1QjQzOEY2QkU4ODQ0RkZCNTVB
RkIxNzI1RUMxMjQ4QkMwQTAxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9WYmZaOPp2Nl07jCyoqAYVPP36YA23d1JZ3nHLxpv0wleIwpDkGb+f77hJ
6wL6FU2NGPxdCzP4IeySV4e4UNATQS11Mmkb56JEzE0Lf9SEMRZMdJ2TAeJJASWA
uSCD6ukUvNRteYyxU33lY1K5XkMAx2X3nJ9K+zeA4GUOuZmnyZL252cmUpwnGhF7
p/7FTkxB34H3tmi2fUMIrF6lFChW5/V4SHhkDODTrxMv5D2CTRdlW/27ZYbC8cCJ
bE+Q97Kh5aEtv3kGQ5cNdncs3fjq2n6NlkPTO48R8Rd8HheueT8QlJjuK9i+rQ0L
gzYu+O9BkIaKvqzDQKn+CTJJZ7ECAwEAAaOCAq8wggKrMB0GA1UdDgQWBBRnW0OP
a+iET/tVr7FyXsEki8CgFzAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTM0NzcxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIHpBggrBgEFBQcBBwEB/wSB2TCB1jCBmgQCAAEwgZMDBAA8vnIDBAE8vnYwDAME
Aj2kbAMEAz2kcDAMAwQAPaR7AwQAPaR+MAwDBAI9pIwDBAE9pJAwDAMEAD2kkwME
Az2kkDAMAwQAPaSZAwQFPaSAMAsDAwBz3wMEAnPfIAMEAXPfJjAMAwQAc98pAwQG
c98AAwQFeuQAMAwDBAN65DgDBAN65GADBAN65HADBAZ65MAwNwQCAAIwMQMGBCQO
ABxQAwYEJA4A9yADBgQkDgD3YAMGBSQOAPfAAwYEJA4JcTADBwAkDgmDGwEwDQYJ
KoZIhvcNAQELBQADggEBAKuW3TOTMikIyjKiUqN6/n7zcrm6gs0pkvujRD9Ka5wN
ei8KBRHD4GADa3dMS8j4wcvqBCFBl+MLVneltMZVvjNPprcu1nsADKT3gHkXodup
WjhX8Wpi4AJoSWB1qEW7PcvFJVqjk7Mp1/bjZ7BvMU50bRuAtYI0T77aL/WOo4tw
KTK1Jqozw36H9yZVmLHk48YL5nOYgTFpU9C1nvwRJaSYQC0McpZTGAVFIzsB5gX3
0bvBlM28vx/UAYG4saFd3W4xuIVPBTKGqJ8RCxCXtvM7oNTtk8l8x6cVugPvK3S6
P/ue3bbATAUaimNDq5mX9tXcT/YEZZKsKRT+T4SM01U=
-----END CERTIFICATE-----
Generated at Sat May 30 00:41:52 2026 by rpki-client