Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS140345.roa
File: AS140345.roa (raw, json)
Hash identifier: aTNeIFbxDYgcV+qt3ZF9kKyddI8IIvLtXeLjDlooUiw=
Subject key identifier: 58:40:CA:8C:EA:5E:2B:06:3B:F2:C6:80:E0:32:FC:58:3C:61:10:F0
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 66BB25F06E5B301E6FD839C3373D0AFEE839BE83
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS140345.roa
Signing time: Thu 21 May 2026 16:11:32 +0000
ROA not before: Thu 21 May 2026 16:06:32 +0000
ROA not after: Thu 20 May 2027 16:11:32 +0000
asID: 140345
IP address blocks: 106.59.136.0/24 maxlen: 24
106.59.137.0/24 maxlen: 24
106.60.104.0/21 maxlen: 21
106.60.112.0/21 maxlen: 21
106.60.120.0/21 maxlen: 21
106.60.148.0/22 maxlen: 22
106.60.152.0/22 maxlen: 22
106.60.180.0/22 maxlen: 22
106.60.184.0/22 maxlen: 22
106.60.188.0/24 maxlen: 24
240e:44d:7200::/42 maxlen: 42
240e:44d:7300::/42 maxlen: 42
240e:44d:7400::/42 maxlen: 42
240e:44d:7500::/42 maxlen: 42
240e:44d:7600::/42 maxlen: 42
240e:44d:7700::/42 maxlen: 42
240e:44d:7800::/42 maxlen: 42
240e:44d:7900::/42 maxlen: 42
240e:44d:7a00::/42 maxlen: 42
240e:44d:7b00::/42 maxlen: 42
240e:44d:7c00::/42 maxlen: 42
240e:44d:7d00::/42 maxlen: 42
240e:44d:7d40::/42 maxlen: 42
240e:44d:7e00::/42 maxlen: 42
240e:44d:7e40::/42 maxlen: 42
240e:44d:7f00::/42 maxlen: 42
240e:44d:7f40::/42 maxlen: 42
240e:44d:8000::/42 maxlen: 42
240e:44d:8040::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 24 May 2026 06:28:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:bb:25:f0:6e:5b:30:1e:6f:d8:39:c3:37:3d:0a:fe:e8:39:be:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: May 21 16:06:32 2026 GMT
Not After : May 20 16:11:32 2027 GMT
Subject: CN=5840CA8CEA5E2B063BF2C680E032FC583C6110F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:39:31:df:34:4f:2a:dc:6e:7a:87:59:62:4b:
cb:86:4a:78:c5:4d:47:76:76:b8:b8:e6:06:10:85:
d3:88:65:8d:36:5a:17:45:f2:da:c8:77:c2:9d:0e:
43:2c:8d:e8:6e:e9:02:34:d5:dd:38:bf:7a:ff:2d:
f2:03:0a:2b:b7:16:e7:9e:c8:b5:1d:a8:4e:dd:c1:
1f:19:ec:2f:4a:24:0d:39:42:83:0c:64:03:8e:66:
0d:0a:44:1b:9c:3c:f9:a3:7a:6b:99:ed:21:66:47:
69:b4:5b:35:98:e6:a6:df:67:d7:76:38:b7:9e:2f:
16:a1:c4:85:3c:c3:bf:b9:9a:3a:26:54:e4:6f:a1:
87:78:f0:a1:47:5a:a7:7b:85:8a:9b:b1:5a:32:55:
56:c5:b5:1b:e1:7d:2a:21:d7:c3:11:4f:9b:67:6e:
f3:a6:b2:43:7f:15:8e:17:7f:15:78:c5:6a:d1:73:
ac:9d:a6:41:08:b9:5a:05:23:ab:3b:98:f8:0e:bf:
54:1d:ab:a6:f6:36:1d:39:5b:bb:71:30:99:d2:d0:
ae:12:df:01:88:bb:2b:35:05:4e:61:8b:95:a4:bc:
4e:06:d5:55:86:19:d4:3f:47:9c:95:f8:bf:39:a1:
be:51:e7:24:d8:d9:cb:b2:b8:28:6a:a7:b2:ea:0f:
43:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:40:CA:8C:EA:5E:2B:06:3B:F2:C6:80:E0:32:FC:58:3C:61:10:F0
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS140345.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
106.59.136.0/23
106.60.104.0-106.60.127.255
106.60.148.0-106.60.155.255
106.60.180.0-106.60.188.255
IPv6:
240e:44d:7200::/42
240e:44d:7300::/42
240e:44d:7400::/42
240e:44d:7500::/42
240e:44d:7600::/42
240e:44d:7700::/42
240e:44d:7800::/42
240e:44d:7900::/42
240e:44d:7a00::/42
240e:44d:7b00::/42
240e:44d:7c00::/42
240e:44d:7d00::/41
240e:44d:7e00::/41
240e:44d:7f00::/41
240e:44d:8000::/41
Signature Algorithm: sha256WithRSAEncryption
86:2d:2a:3d:27:14:32:88:92:9d:01:21:f0:fd:f7:95:7f:25:
1e:4c:22:b6:4f:04:cb:69:30:1c:30:12:a3:78:8a:06:6a:f9:
fb:f3:d4:d3:17:6d:a3:93:c9:a5:98:b6:df:96:ba:7b:b3:d2:
69:5d:2e:7c:a6:0d:f0:ce:55:40:49:48:a8:57:c5:34:32:75:
99:9b:c0:70:e0:e5:b1:a4:2d:d4:9a:e0:b2:86:bf:09:b4:6a:
e9:d8:81:ea:36:cd:68:df:ab:27:2f:a3:87:3a:77:2f:d7:aa:
67:22:3b:c0:5f:25:2e:7a:60:da:76:3b:a6:2f:46:11:c7:e9:
5d:0b:26:cc:9e:bb:e3:b9:f7:50:55:c9:11:55:31:8f:b2:6d:
86:5d:63:5f:b9:17:32:d2:9f:51:02:8c:17:5f:25:0e:45:0f:
a6:11:e9:1d:17:e5:13:c0:a3:8c:92:53:92:e5:14:5c:22:00:
db:7b:a8:1e:fa:1b:f2:d7:95:3d:e6:9f:7d:77:81:d9:e9:f4:
f5:c1:a7:7f:70:01:c4:f3:ef:06:eb:f9:ee:fe:8c:e1:9b:fb:
1f:ab:08:59:86:4b:a6:1d:4b:a5:1c:8d:8f:2f:e3:7c:c0:bc:
84:06:da:5d:26:21:3e:d3:c4:b3:92:67:e9:b7:ea:2a:97:64:
9d:3c:75:e7
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgIUZrsl8G5bMB5v2DnDNz0K/ug5voMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDUyMTE2MDYzMloX
DTI3MDUyMDE2MTEzMlowMzExMC8GA1UEAxMoNTg0MENBOENFQTVFMkIwNjNCRjJD
NjgwRTAzMkZDNTgzQzYxMTBGMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKI5Md80TyrcbnqHWWJLy4ZKeMVNR3Z2uLjmBhCF04hljTZaF0Xy2sh3wp0O
QyyN6G7pAjTV3Ti/ev8t8gMKK7cW557ItR2oTt3BHxnsL0okDTlCgwxkA45mDQpE
G5w8+aN6a5ntIWZHabRbNZjmpt9n13Y4t54vFqHEhTzDv7maOiZU5G+hh3jwoUda
p3uFipuxWjJVVsW1G+F9KiHXwxFPm2du86ayQ38Vjhd/FXjFatFzrJ2mQQi5WgUj
qzuY+A6/VB2rpvY2HTlbu3EwmdLQrhLfAYi7KzUFTmGLlaS8TgbVVYYZ1D9HnJX4
vzmhvlHnJNjZy7K4KGqnsuoPQwcCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRYQMqM
6l4rBjvyxoDgMvxYPGEQ8DAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTQwMzQ1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIHcBggrBgEFBQcBBwEB/wSBzDCByTA2BAIAATAwAwQBajuIMAwDBANqPGgDBAdq
PAAwDAMEAmo8lAMEAmo8mDAMAwQCajy0AwQAajy8MIGOBAIAAjCBhwMHBiQOBE1y
AAMHBiQOBE1zAAMHBiQOBE10AAMHBiQOBE11AAMHBiQOBE12AAMHBiQOBE13AAMH
BiQOBE14AAMHBiQOBE15AAMHBiQOBE16AAMHBiQOBE17AAMHBiQOBE18AAMHByQO
BE19AAMHByQOBE1+AAMHByQOBE1/AAMHByQOBE2AADANBgkqhkiG9w0BAQsFAAOC
AQEAhi0qPScUMoiSnQEh8P33lX8lHkwitk8Ey2kwHDASo3iKBmr5+/PU0xdto5PJ
pZi235a6e7PSaV0ufKYN8M5VQElIqFfFNDJ1mZvAcODlsaQt1Jrgsoa/CbRq6diB
6jbNaN+rJy+jhzp3L9eqZyI7wF8lLnpg2nY7pi9GEcfpXQsmzJ6747n3UFXJEVUx
j7Jthl1jX7kXMtKfUQKMF18lDkUPphHpHRflE8CjjJJTkuUUXCIA23uoHvob8teV
PeaffXeB2en09cGnf3ABxPPvBuv57v6M4Zv7H6sIWYZLph1LpRyNjy/jfMC8hAba
XSYhPtPEs5Jn6bfqKpdknTx15w==
-----END CERTIFICATE-----
Generated at Sat May 23 07:08:14 2026 by rpki-client