Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS58539.roa
File: AS58539.roa (raw, json)
Hash identifier: tElLoGLb+dabyIKaxzk8xDc2clk7qW8dmZ8Mf3A2NyI=
Subject key identifier: 99:D7:97:FA:81:5B:33:C5:33:1D:34:AB:45:A2:53:D4:00:41:6D:27
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 75983983FCEFFF32C962444040AC2CEB6240790D
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS58539.roa
Signing time: Fri 29 May 2026 16:04:44 +0000
ROA not before: Fri 29 May 2026 15:59:44 +0000
ROA not after: Fri 28 May 2027 16:04:44 +0000
asID: 58539
IP address blocks: 27.128.208.0/20 maxlen: 20
106.118.24.0/21 maxlen: 21
111.224.0.0/20 maxlen: 20
111.225.208.0/20 maxlen: 20
111.225.208.0/24 maxlen: 24
111.225.209.0/24 maxlen: 24
111.225.210.0/24 maxlen: 24
111.225.211.0/24 maxlen: 24
111.225.212.0/24 maxlen: 24
111.225.213.0/24 maxlen: 24
111.225.214.0/24 maxlen: 24
111.225.215.0/24 maxlen: 24
111.225.216.0/24 maxlen: 24
111.225.217.0/24 maxlen: 24
111.225.218.0/24 maxlen: 24
111.225.219.0/24 maxlen: 24
111.225.220.0/24 maxlen: 24
111.225.221.0/24 maxlen: 24
111.225.222.0/24 maxlen: 24
111.225.223.0/24 maxlen: 24
123.182.160.0/19 maxlen: 19
124.238.224.0/19 maxlen: 19
124.238.224.0/24 maxlen: 24
124.238.225.0/24 maxlen: 24
124.238.226.0/24 maxlen: 24
124.238.227.0/24 maxlen: 24
124.238.228.0/24 maxlen: 24
124.238.229.0/24 maxlen: 24
124.238.230.0/24 maxlen: 24
124.238.231.0/24 maxlen: 24
124.238.232.0/24 maxlen: 24
124.238.233.0/24 maxlen: 24
124.238.234.0/24 maxlen: 24
124.238.235.0/24 maxlen: 24
124.238.236.0/24 maxlen: 24
124.238.237.0/24 maxlen: 24
124.238.238.0/24 maxlen: 24
124.238.239.0/24 maxlen: 24
124.238.240.0/24 maxlen: 24
124.238.241.0/24 maxlen: 24
124.238.242.0/24 maxlen: 24
124.238.243.0/24 maxlen: 24
124.238.244.0/24 maxlen: 24
124.238.245.0/24 maxlen: 24
124.238.246.0/24 maxlen: 24
124.238.247.0/24 maxlen: 24
124.238.248.0/24 maxlen: 24
124.238.249.0/24 maxlen: 24
124.238.250.0/24 maxlen: 24
124.238.251.0/24 maxlen: 24
124.238.252.0/24 maxlen: 24
124.238.253.0/24 maxlen: 24
124.238.254.0/24 maxlen: 24
124.238.255.0/24 maxlen: 24
124.239.224.0/19 maxlen: 19
124.239.229.0/24 maxlen: 24
124.239.230.0/24 maxlen: 24
124.239.240.0/24 maxlen: 24
124.239.241.0/24 maxlen: 24
124.239.242.0/24 maxlen: 24
124.239.243.0/24 maxlen: 24
124.239.244.0/24 maxlen: 24
124.239.245.0/24 maxlen: 24
124.239.246.0/24 maxlen: 24
124.239.247.0/24 maxlen: 24
124.239.248.0/24 maxlen: 24
124.239.249.0/24 maxlen: 24
124.239.250.0/24 maxlen: 24
124.239.251.0/24 maxlen: 24
124.239.252.0/24 maxlen: 24
124.239.253.0/24 maxlen: 24
124.239.254.0/24 maxlen: 24
124.239.255.0/24 maxlen: 24
240e:c:1800::/37 maxlen: 37
240e:4c:800::/37 maxlen: 37
240e:b1:9800::/37 maxlen: 37
240e:940:200::/40 maxlen: 40
240e:940:300::/40 maxlen: 40
240e:940:8200::/40 maxlen: 40
240e:940:8300::/40 maxlen: 40
240e:940:c200::/40 maxlen: 40
240e:940:c300::/40 maxlen: 40
240e:940:e200::/40 maxlen: 40
240e:940:e300::/40 maxlen: 40
240e:983:f00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 12 Jun 2026 18:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:98:39:83:fc:ef:ff:32:c9:62:44:40:40:ac:2c:eb:62:40:79:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: May 29 15:59:44 2026 GMT
Not After : May 28 16:04:44 2027 GMT
Subject: CN=99D797FA815B33C5331D34AB45A253D400416D27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c1:21:a9:c2:e0:cf:2f:2d:66:1e:82:5c:6f:
e5:20:a3:31:5e:fa:5b:b5:fc:02:b9:0a:6a:1b:a1:
e8:55:68:51:08:fc:82:18:98:fa:54:66:8e:15:2e:
35:63:33:59:f7:89:76:d0:a9:f4:c3:1c:c6:c6:e2:
e4:25:4c:20:d3:01:04:7d:2f:0c:3c:c3:9f:68:10:
9f:6b:1e:42:72:c3:a2:04:ad:e8:70:81:b1:c4:f6:
ee:34:b5:a2:4d:73:f8:7f:83:0f:97:2f:81:49:20:
16:a9:89:18:03:ad:6e:50:ee:47:db:9d:8f:b1:8c:
64:aa:9b:bc:80:24:f2:be:33:8e:4c:8b:8a:86:0e:
34:90:be:6d:5f:05:da:b8:83:72:63:da:9f:6d:4a:
d6:5f:72:bc:7a:3b:80:0a:4f:7c:5a:1f:a9:a6:2a:
3f:5c:b3:d3:65:10:86:7e:90:c2:b1:c6:fc:6d:e4:
3d:79:60:9d:86:44:a7:35:62:17:53:1f:2d:48:89:
4b:ce:33:96:de:aa:dc:4b:48:bc:df:fd:88:d4:21:
15:40:8d:10:1e:eb:54:72:98:22:aa:ce:ce:7b:ef:
df:85:38:66:03:d9:bb:ba:04:58:85:c2:e9:b7:20:
01:d4:c7:46:7e:e3:8a:f5:a9:0d:a4:4f:4f:c2:38:
f5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D7:97:FA:81:5B:33:C5:33:1D:34:AB:45:A2:53:D4:00:41:6D:27
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS58539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.128.208.0/20
106.118.24.0/21
111.224.0.0/20
111.225.208.0/20
123.182.160.0/19
124.238.224.0/19
124.239.224.0/19
IPv6:
240e:c:1800::/37
240e:4c:800::/37
240e:b1:9800::/37
240e:940:200::/39
240e:940:8200::/39
240e:940:c200::/39
240e:940:e200::/39
240e:983:f00::/48
Signature Algorithm: sha256WithRSAEncryption
04:c2:c9:fc:9c:e5:2f:ae:ec:2b:ce:fc:8e:25:5e:46:7a:3f:
ee:d1:86:60:7e:f2:58:45:7d:a6:55:0d:70:1d:83:3b:aa:85:
fc:1c:d2:91:81:9c:f2:8d:62:34:3c:ec:91:ab:ff:b5:cc:1d:
17:0e:2a:42:57:50:7d:92:38:c5:3f:0b:5d:38:9e:15:eb:e2:
b6:7d:8a:24:e4:99:2c:a9:7b:b4:dc:48:73:4f:73:0a:67:8a:
84:2e:bb:19:86:28:bd:5d:fd:ec:fa:b9:f0:83:bc:3a:06:d0:
a4:a6:1e:73:a6:69:25:95:23:d2:c3:df:7d:14:2d:68:82:6d:
42:5b:a4:a4:73:58:3e:4a:d6:a2:e8:5c:ec:21:32:87:d3:1e:
82:ca:49:8a:2a:0d:e3:18:2b:06:ef:47:39:59:f7:b0:3d:16:
e1:45:41:ef:42:28:9d:31:96:0c:f6:b4:07:81:41:75:85:c9:
22:bc:30:cc:b7:75:f0:f4:c6:b9:8a:f8:4a:19:4f:e6:e3:92:
cb:83:cb:6a:57:7e:76:25:2e:ca:30:c4:39:a3:6d:45:61:c3:
bc:9c:18:39:df:61:42:87:47:fd:b2:19:40:3f:46:ee:7c:33:
0c:1a:41:a6:eb:9e:fd:f6:52:02:f1:4d:1e:cd:8c:bd:25:f5:
87:9f:0e:b5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdZg5g/zv/zLJYkRAQKws62JAeQ0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDUyOTE1NTk0NFoX
DTI3MDUyODE2MDQ0NFowMzExMC8GA1UEAxMoOTlENzk3RkE4MTVCMzNDNTMzMUQz
NEFCNDVBMjUzRDQwMDQxNkQyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXBIanC4M8vLWYeglxv5SCjMV76W7X8ArkKahuh6FVoUQj8ghiY+lRmjhUu
NWMzWfeJdtCp9MMcxsbi5CVMINMBBH0vDDzDn2gQn2seQnLDogSt6HCBscT27jS1
ok1z+H+DD5cvgUkgFqmJGAOtblDuR9udj7GMZKqbvIAk8r4zjkyLioYONJC+bV8F
2riDcmPan21K1l9yvHo7gApPfFofqaYqP1yz02UQhn6QwrHG/G3kPXlgnYZEpzVi
F1MfLUiJS84zlt6q3EtIvN/9iNQhFUCNEB7rVHKYIqrOznvv34U4ZgPZu7oEWIXC
6bcgAdTHRn7jivWpDaRPT8I49dUCAwEAAaOCAlEwggJNMB0GA1UdDgQWBBSZ15f6
gVszxTMdNKtFolPUAEFtJzAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBdBggrBgEFBQcBCwRRME8wTQYIKwYBBQUH
MAuGQXJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTNTg1Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
gYwGCCsGAQUFBwEHAQH/BH0wezAwBAIAATAqAwQEG4DQAwQDanYYAwQEb+AAAwQE
b+HQAwQFe7agAwQFfO7gAwQFfO/gMEcEAgACMEEDBgMkDgAMGAMGAyQOAEwIAwYD
JA4AsZgDBgEkDglAAgMGASQOCUCCAwYBJA4JQMIDBgEkDglA4gMHACQOCYMPADAN
BgkqhkiG9w0BAQsFAAOCAQEABMLJ/JzlL67sK878jiVeRno/7tGGYH7yWEV9plUN
cB2DO6qF/BzSkYGc8o1iNDzskav/tcwdFw4qQldQfZI4xT8LXTieFevitn2KJOSZ
LKl7tNxIc09zCmeKhC67GYYovV397Pq58IO8OgbQpKYec6ZpJZUj0sPffRQtaIJt
QlukpHNYPkrWouhc7CEyh9MegspJiioN4xgrBu9HOVn3sD0W4UVB70IonTGWDPa0
B4FBdYXJIrwwzLd18PTGuYr4ShlP5uOSy4PLald+diUuyjDEOaNtRWHDvJwYOd9h
QodH/bIZQD9G7nwzDBpBpuue/fZSAvFNHs2MvSX1h58OtQ==
-----END CERTIFICATE-----
Generated at Fri Jun 12 08:27:38 2026 by rpki-client