
Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS17799.roa
File: AS17799.roa (raw, json)
Hash identifier: 7ONFT11nl6EVPk0VDl1QPqgi/gNYxrRz6JXCihPUICo=
Subject key identifier: FD:21:2F:57:F2:3C:22:F8:F8:22:5E:74:8B:95:22:A2:C1:27:A7:F3
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 34B6FEDA3A37414F6E90CDB8F27016E7B4913F70
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS17799.roa
Signing time: Wed 17 Jun 2026 16:10:43 +0000
ROA not before: Wed 17 Jun 2026 16:05:43 +0000
ROA not after: Wed 16 Jun 2027 16:10:43 +0000
asID: 17799
IP address blocks: 42.248.152.0/21 maxlen: 21
42.249.128.0/19 maxlen: 19
115.168.37.0/24 maxlen: 24
115.168.69.0/24 maxlen: 24
123.177.0.0/22 maxlen: 22
123.177.128.0/18 maxlen: 18
123.177.192.0/18 maxlen: 18
123.246.255.0/24 maxlen: 24
123.247.128.0/17 maxlen: 17
182.201.201.0/24 maxlen: 24
182.205.0.0/16 maxlen: 16
182.205.0.0/18 maxlen: 18
182.205.128.0/17 maxlen: 17
182.206.0.0/16 maxlen: 16
182.206.0.0/17 maxlen: 17
218.30.170.0/24 maxlen: 24
219.148.194.0/23 maxlen: 23
219.148.196.0/22 maxlen: 22
219.148.200.0/22 maxlen: 22
219.148.202.0/24 maxlen: 24
219.148.203.0/24 maxlen: 24
219.148.204.0/23 maxlen: 23
219.148.205.0/24 maxlen: 24
219.148.206.0/24 maxlen: 24
219.148.207.0/24 maxlen: 24
219.148.209.0/24 maxlen: 24
219.148.210.0/24 maxlen: 24
240e:1:f800::/37 maxlen: 37
240e:41:c000::/37 maxlen: 37
240e:86:8000::/36 maxlen: 36
240e:981:2600::/40 maxlen: 40
240e:983:203::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 08 Jul 2026 04:56:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:b6:fe:da:3a:37:41:4f:6e:90:cd:b8:f2:70:16:e7:b4:91:3f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: Jun 17 16:05:43 2026 GMT
Not After : Jun 16 16:10:43 2027 GMT
Subject: CN=FD212F57F23C22F8F8225E748B9522A2C127A7F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ef:27:09:6a:83:8a:06:39:de:73:59:f9:9e:
2c:c7:5e:07:f0:76:10:dc:6e:d6:57:6c:f7:74:0f:
46:8b:69:f8:e8:04:f0:c1:c7:5a:87:3f:ea:39:a9:
65:c7:cd:e5:06:6b:9d:9e:c0:00:59:bf:e1:c7:cf:
fb:7c:9a:da:81:55:06:5f:06:0c:41:19:47:51:3f:
f2:63:3b:38:35:a4:d9:07:df:55:ba:7f:0f:4c:04:
40:46:1f:b3:e8:7f:28:78:61:6f:47:97:78:95:9a:
a8:c6:51:4d:5f:da:fa:4f:4b:3d:ed:3a:f6:fc:d5:
19:52:11:9d:db:2e:0c:1f:a9:39:bd:a9:2a:99:b4:
16:4e:86:12:b1:92:29:9f:22:e7:36:70:1f:82:c0:
49:5b:ba:a0:68:85:62:91:f3:c3:77:ab:a3:93:58:
7e:8b:c6:fb:ca:f0:62:6f:51:70:78:89:51:f4:e9:
af:aa:43:08:cf:fc:ab:3f:74:d0:16:98:96:47:b2:
2a:71:f4:68:1d:1c:0c:9d:ea:8d:50:ef:0c:83:e0:
77:e9:98:ed:54:18:90:c8:92:27:1a:9c:cf:18:de:
83:c4:69:2b:88:3f:b3:a7:2e:6c:c0:50:ac:1f:81:
9f:66:ba:d6:7b:07:bd:cc:ce:63:03:57:26:01:93:
39:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:21:2F:57:F2:3C:22:F8:F8:22:5E:74:8B:95:22:A2:C1:27:A7:F3
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS17799.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
42.248.152.0/21
42.249.128.0/19
115.168.37.0/24
115.168.69.0/24
123.177.0.0/22
123.177.128.0/17
123.246.255.0/24
123.247.128.0/17
182.201.201.0/24
182.205.0.0-182.206.255.255
218.30.170.0/24
219.148.194.0-219.148.207.255
219.148.209.0-219.148.210.255
IPv6:
240e:1:f800::/37
240e:41:c000::/37
240e:86:8000::/36
240e:981:2600::/40
240e:983:203::/48
Signature Algorithm: sha256WithRSAEncryption
3c:da:f5:bf:a5:eb:59:c5:d7:63:87:0d:c3:b1:71:e9:6a:3e:
ea:a0:b9:58:86:8d:dd:73:5b:fc:a2:3b:01:11:6c:2f:a8:83:
fe:d0:fd:61:bb:1e:58:09:f1:46:c5:ee:19:37:56:a6:0b:11:
f6:ff:23:2b:12:d0:20:bd:c4:bb:b7:99:6a:ac:e7:da:a3:10:
55:63:8d:79:9b:75:ef:2a:bc:27:ab:52:15:f1:73:08:ad:ea:
2e:ae:8c:f7:a5:8f:67:be:08:13:16:0a:30:8f:13:e6:0d:0f:
62:b4:0b:69:4b:13:aa:9e:b5:dd:cb:fc:8c:0a:6f:e5:6f:04:
65:dc:0d:b1:70:97:4b:e0:e4:e8:5a:f2:90:79:18:02:8c:6a:
53:e3:bd:1e:21:46:ae:02:06:87:9d:42:0f:2c:36:39:fc:5d:
df:cc:8e:9f:0f:f6:60:de:54:6c:51:51:e4:8d:70:e6:b2:72:
1e:9e:62:33:96:e5:cb:02:7f:b6:c6:54:9a:97:ea:f7:8f:74:
fd:5e:2b:2d:17:6f:f3:43:80:10:19:36:2c:4f:00:40:ef:d0:
53:bb:65:41:1d:93:ac:1c:e2:1e:f0:96:10:0c:d4:44:69:57:
97:62:1d:94:20:fe:cc:d6:14:c1:b9:47:dc:f1:bf:a2:88:40:
6a:ab:fd:f0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIUNLb+2jo3QU9ukM248nAW57SRP3AwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYxNzE2MDU0M1oX
DTI3MDYxNjE2MTA0M1owMzExMC8GA1UEAxMoRkQyMTJGNTdGMjNDMjJGOEY4MjI1
RTc0OEI5NTIyQTJDMTI3QTdGMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbvJwlqg4oGOd5zWfmeLMdeB/B2ENxu1lds93QPRotp+OgE8MHHWoc/6jmp
ZcfN5QZrnZ7AAFm/4cfP+3ya2oFVBl8GDEEZR1E/8mM7ODWk2QffVbp/D0wEQEYf
s+h/KHhhb0eXeJWaqMZRTV/a+k9LPe069vzVGVIRndsuDB+pOb2pKpm0Fk6GErGS
KZ8i5zZwH4LASVu6oGiFYpHzw3ero5NYfovG+8rwYm9RcHiJUfTpr6pDCM/8qz90
0BaYlkeyKnH0aB0cDJ3qjVDvDIPgd+mY7VQYkMiSJxqczxjeg8RpK4g/s6cubMBQ
rB+Bn2a61nsHvczOYwNXJgGTObcCAwEAAaOCAnUwggJxMB0GA1UdDgQWBBT9IS9X
8jwi+PgiXnSLlSKiwSen8zAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBdBggrBgEFBQcBCwRRME8wTQYIKwYBBQUH
MAuGQXJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTc3OTkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
gbAGCCsGAQUFBwEHAQH/BIGgMIGdMGoEAgABMGQDBAMq+JgDBAUq+YADBABzqCUD
BABzqEUDBAJ7sQADBAd7sYADBAB79v8DBAd794ADBAC2yckwCgMDALbNAwMAts4D
BADaHqowDAMEAduUwgMEBNuUwDAMAwQA25TRAwQA25TSMC8EAgACMCkDBgMkDgAB
+AMGAyQOAEHAAwYEJA4AhoADBgAkDgmBJgMHACQOCYMCAzANBgkqhkiG9w0BAQsF
AAOCAQEAPNr1v6XrWcXXY4cNw7Fx6Wo+6qC5WIaN3XNb/KI7ARFsL6iD/tD9Ybse
WAnxRsXuGTdWpgsR9v8jKxLQIL3Eu7eZaqzn2qMQVWONeZt17yq8J6tSFfFzCK3q
Lq6M96WPZ74IExYKMI8T5g0PYrQLaUsTqp613cv8jApv5W8EZdwNsXCXS+Dk6Fry
kHkYAoxqU+O9HiFGrgIGh51CDyw2Ofxd38yOnw/2YN5UbFFR5I1w5rJyHp5iM5bl
ywJ/tsZUmpfq9490/V4rLRdv80OAEBk2LE8AQO/QU7tlQR2TrBziHvCWEAzURGlX
l2IdlCD+zNYUwblH3PG/oohAaqv98A==
-----END CERTIFICATE-----
Generated at Tue Jul 7 16:00:17 2026 by rpki-client