Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS137690.roa
File: AS137690.roa (raw, json)
Hash identifier: +rmWZdAZQhHdBAl7LXl6PG8PQNm/jR/FvySZRtboVsc=
Subject key identifier: 75:D1:55:5F:ED:86:3B:00:F5:41:6F:C8:D0:F6:7F:F1:1F:FC:B0:24
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 5B607F627B61CD1779781AC31BEE99A0E8124346
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS137690.roa
Signing time: Thu 28 May 2026 16:07:19 +0000
ROA not before: Thu 28 May 2026 16:02:19 +0000
ROA not after: Thu 27 May 2027 16:07:19 +0000
asID: 137690
IP address blocks: 150.138.64.0/19 maxlen: 19
150.138.64.0/20 maxlen: 20
150.138.85.0/24 maxlen: 24
150.138.88.0/23 maxlen: 23
150.138.89.0/24 maxlen: 24
150.138.92.0/24 maxlen: 24
150.138.93.0/24 maxlen: 24
240e:e:c800::/37 maxlen: 37
240e:104:7c00::/40 maxlen: 40
240e:947:1000::/36 maxlen: 36
240e:947:1000::/48 maxlen: 48
240e:947:1003::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 May 2026 20:29:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:60:7f:62:7b:61:cd:17:79:78:1a:c3:1b:ee:99:a0:e8:12:43:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: May 28 16:02:19 2026 GMT
Not After : May 27 16:07:19 2027 GMT
Subject: CN=75D1555FED863B00F5416FC8D0F67FF11FFCB024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d2:b9:8f:cc:4d:b0:3d:04:97:3a:a6:7e:ec:
fc:65:f2:8a:cf:76:71:07:e7:38:06:b1:8a:19:a1:
72:ca:e0:1f:12:60:60:bf:45:f2:04:38:11:88:e1:
94:be:a2:51:7b:22:48:b9:80:0a:7b:d0:99:50:a5:
51:87:c6:79:ce:ee:98:c2:87:f1:df:bc:eb:58:81:
6e:9b:ed:b2:e1:3d:69:65:02:12:11:fa:db:e6:99:
20:59:a4:41:f2:4f:03:1f:75:32:d8:67:7d:b6:5f:
8c:18:2f:10:91:c9:30:15:25:3b:f1:bf:cf:f4:7b:
23:72:fd:c6:89:02:3d:6b:ab:ec:b8:26:c4:78:cb:
56:22:22:7c:d5:14:f8:2e:08:e4:ec:b4:02:69:cb:
2b:51:24:a2:21:e2:9d:19:ac:5c:75:e9:dc:b7:fc:
08:40:bf:42:f9:46:36:18:14:84:55:f1:8f:5d:ea:
54:ff:5b:e9:71:e6:e5:bf:97:0d:e7:35:8a:d0:ca:
be:3b:33:bd:70:44:a9:a3:74:75:bb:ed:47:ba:56:
85:d3:22:45:58:e7:05:b4:69:95:76:e6:1e:15:ca:
75:5b:e1:c5:e0:71:1d:7b:29:09:b2:0f:29:a2:4e:
f4:d8:ce:d2:88:fe:db:40:7f:38:19:d5:6f:b9:c0:
2e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D1:55:5F:ED:86:3B:00:F5:41:6F:C8:D0:F6:7F:F1:1F:FC:B0:24
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS137690.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.138.64.0/19
IPv6:
240e:e:c800::/37
240e:104:7c00::/40
240e:947:1000::/36
Signature Algorithm: sha256WithRSAEncryption
4e:9b:9b:06:c3:a8:cb:89:44:14:1c:70:ca:47:a1:b1:57:c8:
37:47:99:3f:a5:f0:f8:a2:cf:cc:e3:62:cd:4b:53:e6:a8:55:
b0:71:e8:6a:fb:c4:08:6b:70:8f:82:63:34:f1:0d:c7:c6:c6:
43:aa:35:bc:da:a7:35:7d:aa:4f:28:a3:9e:2b:e5:23:d3:94:
26:ee:77:c2:cc:45:82:2d:45:0d:cd:54:00:7b:e0:d9:07:e6:
48:aa:8d:f0:82:89:a8:81:cc:25:1c:b8:ae:ad:2a:e2:98:07:
81:5f:46:d5:33:31:67:b9:2c:69:42:c9:47:f6:af:43:a9:07:
0b:c3:a5:d4:e1:0c:f3:13:f4:13:14:ee:ee:b6:7b:d7:f9:6d:
68:62:51:e3:84:63:d6:cd:99:b2:59:e0:4c:df:82:f3:90:3f:
9c:f3:bc:ef:9f:b7:8a:ca:fd:3e:18:6d:69:a4:c3:a9:60:1a:
eb:54:d6:fa:49:e5:a6:63:e8:cb:35:ad:83:26:6e:1c:3a:e8:
00:e0:c5:bd:62:13:02:7e:6e:7d:2b:a8:57:8a:29:1b:8f:65:
9f:a4:61:c8:2b:80:83:86:5c:22:dd:d7:bd:50:ef:90:26:a1:
61:0d:8d:45:35:94:01:c7:a5:f7:5d:2c:9d:ce:00:ef:23:df:
aa:d5:43:6e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUW2B/YnthzRd5eBrDG+6ZoOgSQ0YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDUyODE2MDIxOVoX
DTI3MDUyNzE2MDcxOVowMzExMC8GA1UEAxMoNzVEMTU1NUZFRDg2M0IwMEY1NDE2
RkM4RDBGNjdGRjExRkZDQjAyNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJTSuY/MTbA9BJc6pn7s/GXyis92cQfnOAaxihmhcsrgHxJgYL9F8gQ4EYjh
lL6iUXsiSLmACnvQmVClUYfGec7umMKH8d+861iBbpvtsuE9aWUCEhH62+aZIFmk
QfJPAx91MthnfbZfjBgvEJHJMBUlO/G/z/R7I3L9xokCPWur7LgmxHjLViIifNUU
+C4I5Oy0AmnLK1EkoiHinRmsXHXp3Lf8CEC/QvlGNhgUhFXxj13qVP9b6XHm5b+X
Dec1itDKvjszvXBEqaN0dbvtR7pWhdMiRVjnBbRplXbmHhXKdVvhxeBxHXspCbIP
KaJO9NjO0oj+20B/OBnVb7nALmECAwEAAaOCAgQwggIAMB0GA1UdDgQWBBR10VVf
7YY7APVBb8jQ9n/xH/ywJDAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTM3NjkwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MD8GCCsGAQUFBwEHAQH/BDAwLjAMBAIAATAGAwQFlopAMB4EAgACMBgDBgMkDgAO
yAMGACQOAQR8AwYEJA4JRxAwDQYJKoZIhvcNAQELBQADggEBAE6bmwbDqMuJRBQc
cMpHobFXyDdHmT+l8Piiz8zjYs1LU+aoVbBx6Gr7xAhrcI+CYzTxDcfGxkOqNbza
pzV9qk8oo54r5SPTlCbud8LMRYItRQ3NVAB74NkH5kiqjfCCiaiBzCUcuK6tKuKY
B4FfRtUzMWe5LGlCyUf2r0OpBwvDpdThDPMT9BMU7u62e9f5bWhiUeOEY9bNmbJZ
4EzfgvOQP5zzvO+ft4rK/T4YbWmkw6lgGutU1vpJ5aZj6Ms1rYMmbhw66ADgxb1i
EwJ+bn0rqFeKKRuPZZ+kYcgrgIOGXCLd171Q75AmoWENjUU1lAHHpfddLJ3OAO8j
36rVQ24=
-----END CERTIFICATE-----
Generated at Sat May 30 00:54:47 2026 by rpki-client