Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS4811.roa
File: AS4811.roa (raw, json)
Hash identifier: OLQn0pH4A1jjSXlAS7OUehLf7vfTpXTl31VWqofbKXU=
Subject key identifier: A6:EE:8E:62:0A:A2:4B:96:1E:AA:59:EA:C1:81:20:2F:1E:38:C9:6F
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 2EE50FBB394152F2F1AE95149A9FDF7966BC447F
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS4811.roa
Signing time: Wed 20 May 2026 16:40:30 +0000
ROA not before: Wed 20 May 2026 16:35:30 +0000
ROA not after: Wed 19 May 2027 16:40:30 +0000
asID: 4811
IP address blocks: 61.170.32.0/21 maxlen: 21
61.171.0.0/20 maxlen: 20
61.171.16.0/20 maxlen: 20
61.171.32.0/20 maxlen: 20
61.171.48.0/21 maxlen: 21
61.171.56.0/22 maxlen: 22
61.171.60.0/23 maxlen: 23
61.171.62.0/24 maxlen: 24
61.171.64.0/22 maxlen: 22
61.171.68.0/23 maxlen: 23
61.171.70.0/23 maxlen: 23
101.89.229.0/24 maxlen: 24
101.89.230.0/23 maxlen: 23
101.89.232.0/24 maxlen: 24
101.89.233.0/24 maxlen: 24
101.89.234.0/24 maxlen: 24
101.89.235.0/24 maxlen: 24
101.89.236.0/24 maxlen: 24
101.89.237.0/24 maxlen: 24
101.89.238.0/24 maxlen: 24
101.89.239.0/24 maxlen: 24
101.89.240.0/24 maxlen: 24
101.89.241.0/24 maxlen: 24
101.89.243.0/24 maxlen: 24
101.89.244.0/24 maxlen: 24
101.89.245.0/24 maxlen: 24
101.89.246.0/24 maxlen: 24
101.89.247.0/24 maxlen: 24
101.89.249.0/24 maxlen: 24
101.89.250.0/23 maxlen: 23
101.89.252.0/22 maxlen: 22
202.101.42.0/24 maxlen: 24
202.101.43.0/24 maxlen: 24
202.101.48.0/23 maxlen: 23
202.101.50.0/23 maxlen: 23
202.101.58.0/24 maxlen: 24
202.101.59.0/24 maxlen: 24
202.101.60.0/24 maxlen: 24
202.101.61.0/24 maxlen: 24
202.109.72.0/24 maxlen: 24
202.109.114.0/24 maxlen: 24
222.73.70.0/23 maxlen: 23
222.73.134.0/24 maxlen: 24
222.73.135.0/24 maxlen: 24
222.73.136.0/24 maxlen: 24
222.73.137.0/24 maxlen: 24
222.73.138.0/23 maxlen: 23
222.73.141.0/24 maxlen: 24
222.73.142.0/24 maxlen: 24
222.73.143.0/24 maxlen: 24
222.73.144.0/23 maxlen: 23
222.73.146.0/24 maxlen: 24
222.73.147.0/24 maxlen: 24
222.73.148.0/24 maxlen: 24
222.73.149.0/24 maxlen: 24
222.73.150.0/24 maxlen: 24
222.73.151.0/24 maxlen: 24
222.73.152.0/24 maxlen: 24
222.73.153.0/24 maxlen: 24
222.73.154.0/23 maxlen: 23
222.73.154.0/24 maxlen: 24
222.73.155.0/24 maxlen: 24
222.73.156.0/24 maxlen: 24
222.73.157.0/24 maxlen: 24
222.73.158.0/24 maxlen: 24
222.73.160.0/21 maxlen: 21
222.73.160.0/24 maxlen: 24
222.73.168.0/22 maxlen: 22
222.73.168.0/24 maxlen: 24
222.73.172.0/23 maxlen: 23
222.73.174.0/24 maxlen: 24
222.73.175.0/24 maxlen: 24
222.73.176.0/21 maxlen: 21
222.73.184.0/22 maxlen: 22
222.73.187.0/24 maxlen: 24
222.73.188.0/24 maxlen: 24
222.73.189.0/24 maxlen: 24
222.73.190.0/23 maxlen: 23
222.73.192.0/23 maxlen: 23
222.73.192.0/24 maxlen: 24
222.73.193.0/24 maxlen: 24
222.73.194.0/23 maxlen: 23
222.73.195.0/24 maxlen: 24
222.73.196.0/24 maxlen: 24
222.73.197.0/24 maxlen: 24
222.73.198.0/24 maxlen: 24
222.73.207.0/24 maxlen: 24
222.73.208.0/23 maxlen: 23
222.73.210.0/23 maxlen: 23
222.73.212.0/24 maxlen: 24
222.73.213.0/24 maxlen: 24
222.73.215.0/24 maxlen: 24
222.73.220.0/22 maxlen: 22
222.73.220.0/23 maxlen: 23
222.73.222.0/23 maxlen: 23
222.73.224.0/22 maxlen: 22
222.73.224.0/23 maxlen: 23
222.73.226.0/24 maxlen: 24
222.73.227.0/24 maxlen: 24
222.73.228.0/24 maxlen: 24
222.73.229.0/24 maxlen: 24
222.73.230.0/24 maxlen: 24
222.73.231.0/24 maxlen: 24
222.73.232.0/24 maxlen: 24
222.73.233.0/24 maxlen: 24
222.73.234.0/24 maxlen: 24
222.73.235.0/24 maxlen: 24
222.73.237.0/24 maxlen: 24
222.73.238.0/24 maxlen: 24
222.73.239.0/24 maxlen: 24
222.73.240.0/23 maxlen: 23
222.73.242.0/24 maxlen: 24
222.73.243.0/24 maxlen: 24
222.73.244.0/24 maxlen: 24
222.73.245.0/24 maxlen: 24
222.73.246.0/24 maxlen: 24
222.73.247.0/24 maxlen: 24
222.73.248.0/23 maxlen: 23
222.73.251.0/24 maxlen: 24
222.73.254.0/24 maxlen: 24
222.73.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 24 May 2026 06:28:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:e5:0f:bb:39:41:52:f2:f1:ae:95:14:9a:9f:df:79:66:bc:44:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: May 20 16:35:30 2026 GMT
Not After : May 19 16:40:30 2027 GMT
Subject: CN=A6EE8E620AA24B961EAA59EAC181202F1E38C96F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:03:00:f5:6b:97:39:95:e6:78:b3:1c:b6:b6:
dc:20:a0:57:8f:39:6f:12:b4:60:86:9e:18:6c:ce:
5e:14:c2:c8:b5:96:0d:73:fb:02:71:da:bb:6f:fa:
06:89:b8:be:dc:7c:c9:a2:d5:c6:96:55:92:05:75:
db:3f:b7:29:c1:2c:1b:ed:88:ef:ec:b5:0c:3e:63:
56:54:98:0f:50:b1:a1:bf:27:04:9d:95:cb:61:0c:
88:5b:d3:b2:d2:64:c4:20:be:ee:c1:c8:b2:3b:1e:
6e:e5:fe:38:58:e1:2c:2b:b4:73:09:4f:19:7e:85:
a9:d9:ce:f3:4f:bc:29:54:37:e3:28:ce:ff:29:49:
f1:4e:f2:6c:0c:8a:9f:07:f1:f0:d6:ca:00:2e:66:
5e:3c:09:64:0b:68:a2:72:e9:86:72:0b:84:98:0c:
a0:c2:22:3d:55:17:ed:84:65:87:06:14:e1:05:0e:
e9:57:f4:0b:c3:0d:07:ee:8c:bc:1c:98:58:ee:53:
b1:9e:d2:8f:dc:a4:ae:31:e2:06:0f:25:e6:01:e0:
b7:c8:b4:8c:6c:39:59:bb:f9:8b:9c:05:93:3e:75:
29:12:56:0d:f9:b2:c9:85:79:7f:fc:c7:86:bb:cb:
fc:b5:df:ad:44:4f:14:2f:c0:98:56:dd:f8:c4:15:
26:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:EE:8E:62:0A:A2:4B:96:1E:AA:59:EA:C1:81:20:2F:1E:38:C9:6F
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS4811.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
61.170.32.0/21
61.171.0.0-61.171.62.255
61.171.64.0/21
101.89.229.0-101.89.241.255
101.89.243.0-101.89.247.255
101.89.249.0-101.89.255.255
202.101.42.0/23
202.101.48.0/22
202.101.58.0-202.101.61.255
202.109.72.0/24
202.109.114.0/24
222.73.70.0/23
222.73.134.0-222.73.139.255
222.73.141.0-222.73.158.255
222.73.160.0-222.73.198.255
222.73.207.0-222.73.213.255
222.73.215.0/24
222.73.220.0-222.73.235.255
222.73.237.0-222.73.249.255
222.73.251.0/24
222.73.254.0/23
Signature Algorithm: sha256WithRSAEncryption
98:c1:cb:f6:ab:2e:28:d4:83:10:09:18:8d:c6:80:7e:20:de:
e1:3e:a4:b9:a2:ca:52:28:33:6b:1c:cd:62:a2:c7:6f:9f:76:
68:81:5c:6f:34:89:82:7f:27:31:2f:5d:2c:76:43:9f:89:83:
b1:47:60:13:7a:3e:e4:6d:95:e5:45:d7:7f:10:60:7a:d4:bf:
d2:02:e3:0a:bb:a7:80:df:27:a8:a6:57:ac:cc:e7:cf:44:b0:
b1:89:d1:b5:44:e9:58:86:db:d7:d1:b4:87:49:0b:24:e2:3d:
52:1a:55:30:ce:35:d6:10:23:ce:a8:49:24:a8:3d:b3:3a:60:
67:54:a2:3c:02:40:a7:4c:73:43:a6:c6:30:10:d6:31:61:0f:
c4:1d:9d:d0:6a:86:95:7d:06:a5:57:24:77:c0:49:5d:22:1b:
fd:2b:42:c7:95:1f:21:0f:09:1a:af:e4:17:88:38:bb:f0:a4:
c6:01:7e:d0:99:f7:48:7e:37:59:66:49:34:7e:e4:f9:c0:db:
c4:32:cc:ee:3c:f8:e4:97:f2:1c:5b:ae:3b:33:94:c2:4b:db:
16:5d:2b:85:b0:ee:e2:f9:7f:53:5e:d3:4b:cc:1d:a6:9b:f6:
f0:af:b1:c0:00:8b:be:49:2a:e8:53:43:23:45:17:4d:39:89:
1a:a2:cf:da
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgIULuUPuzlBUvLxrpUUmp/feWa8RH8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDUyMDE2MzUzMFoX
DTI3MDUxOTE2NDAzMFowMzExMC8GA1UEAxMoQTZFRThFNjIwQUEyNEI5NjFFQUE1
OUVBQzE4MTIwMkYxRTM4Qzk2RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJUDAPVrlzmV5nizHLa23CCgV485bxK0YIaeGGzOXhTCyLWWDXP7AnHau2/6
Bom4vtx8yaLVxpZVkgV12z+3KcEsG+2I7+y1DD5jVlSYD1Cxob8nBJ2Vy2EMiFvT
stJkxCC+7sHIsjsebuX+OFjhLCu0cwlPGX6FqdnO80+8KVQ34yjO/ylJ8U7ybAyK
nwfx8NbKAC5mXjwJZAtoonLphnILhJgMoMIiPVUX7YRlhwYU4QUO6Vf0C8MNB+6M
vByYWO5TsZ7Sj9ykrjHiBg8l5gHgt8i0jGw5Wbv5i5wFkz51KRJWDfmyyYV5f/zH
hrvL/LXfrURPFC/AmFbd+MQVJmsCAwEAAaOCArUwggKxMB0GA1UdDgQWBBSm7o5i
CqJLlh6qWerBgSAvHjjJbzAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUH
MAuGQHJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTNDgxMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
8QYIKwYBBQUHAQcBAf8EgeEwgd4wgdsEAgABMIHUAwQDPaogMAsDAwA9qwMEAD2r
PgMEAz2rQDAMAwQAZVnlAwQBZVnwMAwDBABlWfMDBANlWfAwCwMEAGVZ+QMDAWVY
AwQBymUqAwQCymUwMAwDBAHKZToDBAHKZTwDBADKbUgDBADKbXIDBAHeSUYwDAME
Ad5JhgMEAt5JiDAMAwQA3kmNAwQA3kmeMAwDBAXeSaADBADeScYwDAMEAN5JzwME
Ad5J1AMEAN5J1zAMAwQC3kncAwQC3knoMAwDBADeSe0DBAHeSfgDBADeSfsDBAHe
Sf4wDQYJKoZIhvcNAQELBQADggEBAJjBy/arLijUgxAJGI3GgH4g3uE+pLmiylIo
M2sczWKix2+fdmiBXG80iYJ/JzEvXSx2Q5+Jg7FHYBN6PuRtleVF138QYHrUv9IC
4wq7p4DfJ6imV6zM589EsLGJ0bVE6ViG29fRtIdJCyTiPVIaVTDONdYQI86oSSSo
PbM6YGdUojwCQKdMc0OmxjAQ1jFhD8QdndBqhpV9BqVXJHfASV0iG/0rQseVHyEP
CRqv5BeIOLvwpMYBftCZ90h+N1lmSTR+5PnA28QyzO48+OSX8hxbrjszlMJL2xZd
K4Ww7uL5f1Ne00vMHaab9vCvscAAi75JKuhTQyNFF005iRqiz9o=
-----END CERTIFICATE-----
Generated at Sat May 23 07:08:18 2026 by rpki-client