Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS58540.roa
File: AS58540.roa (raw, json)
Hash identifier: kLtyEt0dPwgkldPDvK+a2x8VfayinJnDxbS0imMkPps=
Subject key identifier: D2:C5:52:58:F7:14:8A:31:81:E9:67:F6:A9:95:F9:74:B9:28:30:B4
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 2EDCE2C50195F3381ABB541C1791BC63C66042FE
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS58540.roa
Signing time: Thu 28 May 2026 16:07:19 +0000
ROA not before: Thu 28 May 2026 16:02:19 +0000
ROA not after: Thu 27 May 2027 16:07:19 +0000
asID: 58540
IP address blocks: 58.56.9.0/24 maxlen: 24
58.56.66.0/24 maxlen: 24
58.56.108.0/24 maxlen: 24
58.56.110.0/24 maxlen: 24
58.56.111.0/24 maxlen: 24
58.57.102.0/24 maxlen: 24
58.57.117.0/24 maxlen: 24
58.57.119.0/24 maxlen: 24
58.57.120.0/24 maxlen: 24
58.58.110.0/24 maxlen: 24
58.59.1.0/24 maxlen: 24
58.59.8.0/24 maxlen: 24
58.59.18.0/24 maxlen: 24
150.139.250.0/24 maxlen: 24
182.40.88.0/21 maxlen: 21
182.40.128.0/20 maxlen: 20
182.40.144.0/20 maxlen: 20
182.40.168.0/21 maxlen: 21
182.40.176.0/21 maxlen: 21
182.40.224.0/20 maxlen: 20
222.173.50.0/24 maxlen: 24
222.173.51.0/24 maxlen: 24
222.173.52.0/24 maxlen: 24
222.175.101.0/24 maxlen: 24
222.175.102.0/24 maxlen: 24
222.175.136.0/23 maxlen: 23
240e:945:4000::/40 maxlen: 40
240e:945:4100::/40 maxlen: 40
240e:945:4300::/40 maxlen: 40
240e:946:1::/48 maxlen: 48
240e:946:2::/48 maxlen: 48
240e:946:5::/48 maxlen: 48
240e:946:3000::/48 maxlen: 48
240e:946:3002::/48 maxlen: 48
240e:946:3003::/48 maxlen: 48
240e:946:3004::/48 maxlen: 48
240e:946:3006::/48 maxlen: 48
240e:946:300a::/48 maxlen: 48
240e:946:300b::/48 maxlen: 48
240e:946:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 May 2026 20:29:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:dc:e2:c5:01:95:f3:38:1a:bb:54:1c:17:91:bc:63:c6:60:42:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: May 28 16:02:19 2026 GMT
Not After : May 27 16:07:19 2027 GMT
Subject: CN=D2C55258F7148A3181E967F6A995F974B92830B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4d:29:6c:81:09:44:73:11:91:30:01:7e:a8:
81:95:da:02:50:02:1e:dc:9c:f8:a5:7e:68:05:69:
c0:0f:03:1f:26:a2:49:f4:0d:b1:cb:d1:27:ff:0f:
b8:61:3a:10:ef:72:06:d5:0f:d3:5f:a5:f4:d2:43:
2c:8b:50:57:f8:c4:fb:22:20:9b:40:37:03:74:07:
2f:31:2d:1f:f5:f5:4b:d3:a4:65:fd:12:9f:02:5a:
49:67:8c:ac:e4:42:92:b3:ad:40:47:c9:3b:43:32:
fa:1e:d4:1a:fc:65:0a:85:10:1f:d0:b5:93:c5:0f:
46:6c:75:0f:5a:ec:ab:42:d6:77:29:aa:55:f6:e7:
18:cb:d4:60:9a:08:c4:4c:2a:07:20:1d:39:87:80:
d6:52:9b:e0:7e:e8:48:3e:c2:97:92:d5:86:b4:45:
d0:26:1e:9b:7a:48:17:b1:9d:06:c1:0e:40:3e:cf:
63:2b:03:6d:6f:0a:d2:e5:3a:4b:6c:34:ad:16:88:
1b:12:e6:cf:fc:9d:59:81:b3:55:32:b9:83:50:a1:
b5:a8:99:31:9f:37:b6:c1:83:3b:07:67:34:af:27:
39:e2:d5:2e:ef:66:c2:8e:ff:65:b1:a7:dc:00:bc:
67:32:99:e9:11:18:72:13:c8:0e:10:69:ba:71:bb:
34:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C5:52:58:F7:14:8A:31:81:E9:67:F6:A9:95:F9:74:B9:28:30:B4
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS58540.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
58.56.9.0/24
58.56.66.0/24
58.56.108.0/24
58.56.110.0/23
58.57.102.0/24
58.57.117.0/24
58.57.119.0-58.57.120.255
58.58.110.0/24
58.59.1.0/24
58.59.8.0/24
58.59.18.0/24
150.139.250.0/24
182.40.88.0/21
182.40.128.0/19
182.40.168.0-182.40.183.255
182.40.224.0/20
222.173.50.0-222.173.52.255
222.175.101.0-222.175.102.255
222.175.136.0/23
IPv6:
240e:945:4000::/39
240e:945:4300::/40
240e:946:1::-240e:946:2:ffff:ffff:ffff:ffff:ffff
240e:946:5::/48
240e:946:3000::/48
240e:946:3002::-240e:946:3004:ffff:ffff:ffff:ffff:ffff
240e:946:3006::/48
240e:946:300a::/47
240e:946:8000::/33
Signature Algorithm: sha256WithRSAEncryption
51:da:bb:a2:d3:9b:cc:9b:7a:ff:bb:16:57:74:01:37:53:91:
72:ac:30:c3:09:dc:e3:6e:58:63:67:3a:53:bf:1c:c1:ca:fa:
cb:f6:77:04:07:49:f5:38:bf:2b:14:be:d8:8d:70:c9:60:3a:
45:84:95:0c:7b:eb:b0:77:fb:e0:8b:f2:5e:4d:01:37:d8:1b:
47:1e:eb:1c:0d:50:e4:04:95:74:2a:7e:b6:91:84:ee:c6:73:
2e:a4:6c:1c:14:d9:54:78:5a:97:13:32:6e:bb:2b:b9:55:16:
14:90:00:42:88:ab:1e:ea:cd:6b:ad:ef:83:ca:fa:a8:23:75:
88:a0:f3:61:fe:7b:e3:8e:ef:3a:5f:d7:3e:4d:ba:39:c0:16:
67:d0:6c:15:8b:72:6e:ab:ae:1d:e8:6e:a8:57:64:ec:83:18:
73:f0:2c:bf:db:3d:19:ae:26:9c:ca:fe:b4:ba:d9:db:20:46:
cd:c8:38:ca:28:bd:7b:b7:84:9b:6b:e1:f4:52:d7:ce:f3:1b:
3e:82:7d:3f:2e:fa:52:1a:32:d4:d4:7c:eb:52:35:09:0c:7b:
7d:9a:6a:1b:46:ba:10:25:b3:be:9e:56:2d:0d:4d:2c:b7:2d:
81:50:98:9d:b7:b6:1a:58:56:b6:31:24:57:28:0a:36:e1:f9:
ab:00:cd:da
-----BEGIN CERTIFICATE-----
MIIF8DCCBNigAwIBAgIULtzixQGV8zgau1QcF5G8Y8ZgQv4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDUyODE2MDIxOVoX
DTI3MDUyNzE2MDcxOVowMzExMC8GA1UEAxMoRDJDNTUyNThGNzE0OEEzMTgxRTk2
N0Y2QTk5NUY5NzRCOTI4MzBCNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZNKWyBCURzEZEwAX6ogZXaAlACHtyc+KV+aAVpwA8DHyaiSfQNscvRJ/8P
uGE6EO9yBtUP01+l9NJDLItQV/jE+yIgm0A3A3QHLzEtH/X1S9OkZf0SnwJaSWeM
rORCkrOtQEfJO0My+h7UGvxlCoUQH9C1k8UPRmx1D1rsq0LWdymqVfbnGMvUYJoI
xEwqByAdOYeA1lKb4H7oSD7Cl5LVhrRF0CYem3pIF7GdBsEOQD7PYysDbW8K0uU6
S2w0rRaIGxLmz/ydWYGzVTK5g1ChtaiZMZ83tsGDOwdnNK8nOeLVLu9mwo7/ZbGn
3AC8ZzKZ6REYchPIDhBpunG7NF8CAwEAAaOCAuMwggLfMB0GA1UdDgQWBBTSxVJY
9xSKMYHpZ/aplfl0uSgwtDAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBdBggrBgEFBQcBCwRRME8wTQYIKwYBBQUH
MAuGQXJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTNTg1NDAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
ggEdBggrBgEFBQcBBwEB/wSCAQwwggEIMIGZBAIAATCBkgMEADo4CQMEADo4QgME
ADo4bAMEATo4bgMEADo5ZgMEADo5dTAMAwQAOjl3AwQAOjl4AwQAOjpuAwQAOjsB
AwQAOjsIAwQAOjsSAwQAlov6AwQDtihYAwQFtiiAMAwDBAO2KKgDBAO2KLADBAS2
KOAwDAMEAd6tMgMEAN6tNDAMAwQA3q9lAwQA3q9mAwQB3q+IMGoEAgACMGQDBgEk
DglFQAMGACQOCUVDMBIDBwAkDglGAAEDBwAkDglGAAIDBwAkDglGAAUDBwAkDglG
MAAwEgMHASQOCUYwAgMHACQOCUYwBAMHACQOCUYwBgMHASQOCUYwCgMGByQOCUaA
MA0GCSqGSIb3DQEBCwUAA4IBAQBR2rui05vMm3r/uxZXdAE3U5FyrDDDCdzjblhj
ZzpTvxzByvrL9ncEB0n1OL8rFL7YjXDJYDpFhJUMe+uwd/vgi/JeTQE32BtHHusc
DVDkBJV0Kn62kYTuxnMupGwcFNlUeFqXEzJuuyu5VRYUkABCiKse6s1rre+Dyvqo
I3WIoPNh/nvjju86X9c+Tbo5wBZn0GwVi3Juq64d6G6oV2Tsgxhz8Cy/2z0Zriac
yv60utnbIEbNyDjKKL17t4Sba+H0UtfO8xs+gn0/LvpSGjLU1HzrUjUJDHt9mmob
RroQJbO+nlYtDU0sty2BUJidt7YaWFa2MSRXKAo24fmrAM3a
-----END CERTIFICATE-----
Generated at Sat May 30 01:21:53 2026 by rpki-client