Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS58541.roa
File: AS58541.roa (raw, json)
Hash identifier: flnv74IMfzCjNcT07qMMkwYN2HxjE0rYy3DptPtS45s=
Subject key identifier: 60:AF:09:A7:C8:D3:46:19:4F:55:B3:B9:1D:38:4B:87:BA:55:57:37
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 5D0AF449C2198677A9415ABE12813F91880CD3D1
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS58541.roa
Signing time: Wed 03 Jun 2026 17:40:02 +0000
ROA not before: Wed 03 Jun 2026 17:35:02 +0000
ROA not after: Wed 02 Jun 2027 17:40:02 +0000
asID: 58541
IP address blocks: 58.56.161.0/24 maxlen: 24
58.56.163.0/24 maxlen: 24
58.58.33.0/24 maxlen: 24
58.58.34.0/24 maxlen: 24
150.138.96.0/19 maxlen: 19
150.138.97.0/24 maxlen: 24
150.138.98.0/24 maxlen: 24
150.138.102.0/24 maxlen: 24
150.138.112.0/23 maxlen: 23
150.138.114.0/23 maxlen: 23
150.138.116.0/22 maxlen: 22
150.138.128.0/19 maxlen: 19
150.138.160.0/19 maxlen: 19
150.139.192.0/20 maxlen: 20
150.139.208.0/20 maxlen: 20
219.146.68.0/24 maxlen: 24
219.146.94.0/24 maxlen: 24
219.146.244.0/24 maxlen: 24
219.146.248.0/24 maxlen: 24
240e:e:b000::/37 maxlen: 37
240e:944::/36 maxlen: 36
240e:944:3000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 12 Jun 2026 18:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:0a:f4:49:c2:19:86:77:a9:41:5a:be:12:81:3f:91:88:0c:d3:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: Jun 3 17:35:02 2026 GMT
Not After : Jun 2 17:40:02 2027 GMT
Subject: CN=60AF09A7C8D346194F55B3B91D384B87BA555737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ab:0d:7d:ba:50:56:34:a9:7f:a2:c7:bf:a4:
83:38:a0:47:8c:ce:96:3d:ea:db:f9:ed:d5:43:6c:
c2:b8:58:9f:ab:59:5b:87:98:54:5b:ee:8d:ae:42:
1b:e8:dd:f1:52:98:db:e7:94:ec:a5:5c:05:b6:2a:
b2:4c:97:77:4c:1e:6c:72:03:35:d8:bb:75:50:ad:
48:44:9c:06:63:00:41:95:d4:6c:7d:10:2f:4d:45:
e3:30:0b:4d:c7:e1:e1:ed:f5:2f:10:68:8a:51:d6:
01:3f:58:ee:dc:9a:f7:7c:c1:eb:35:3a:41:bb:87:
41:13:da:c6:6c:7a:9b:d7:63:17:b2:53:c1:60:c8:
62:c4:8b:0a:59:06:33:46:e9:5c:da:a8:cd:d5:d6:
f4:42:ea:91:80:a0:59:cf:66:f6:40:b7:8b:35:5a:
52:88:e3:c7:dc:59:6b:03:1f:54:61:bd:ad:4d:dd:
7c:01:fd:85:c8:39:03:49:b4:4f:41:83:f2:27:9c:
74:82:d2:2d:06:29:05:fd:5e:32:e4:25:f1:45:80:
76:b0:0b:64:a7:93:b1:f3:fa:f7:4d:79:4a:27:f7:
eb:b7:67:05:cf:8c:34:36:3c:95:73:46:52:f7:27:
1b:a9:53:67:1e:31:d4:7d:33:b6:2a:88:9a:a3:0b:
3b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:AF:09:A7:C8:D3:46:19:4F:55:B3:B9:1D:38:4B:87:BA:55:57:37
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS58541.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
58.56.161.0/24
58.56.163.0/24
58.58.33.0-58.58.34.255
150.138.96.0-150.138.191.255
150.139.192.0/19
219.146.68.0/24
219.146.94.0/24
219.146.244.0/24
219.146.248.0/24
IPv6:
240e:e:b000::/37
240e:944::/36
240e:944:3000::/36
Signature Algorithm: sha256WithRSAEncryption
71:e8:43:c4:9a:86:0f:40:fb:dd:7a:0f:f7:fb:3b:73:b1:26:
8d:d3:f3:aa:4d:a2:27:b1:da:8d:fe:d6:2b:e0:a9:da:aa:7b:
82:00:49:4c:9c:b3:d8:46:74:73:18:33:09:ba:d8:52:29:a0:
42:55:b4:fc:5f:3b:89:39:29:35:17:f7:45:3a:cf:25:a1:9d:
08:35:9e:a8:2f:71:13:e6:51:30:72:ed:ac:24:60:cf:9d:b1:
a0:f4:6e:72:ba:de:fd:81:60:f5:fc:bf:8a:c6:23:84:b8:4f:
9b:c0:23:55:a5:f5:6f:b3:38:25:dd:1c:56:62:dc:18:a1:18:
30:f5:db:10:84:e5:3e:4f:f9:82:c7:5e:c5:c2:1c:1a:ef:8c:
0a:a3:24:e9:1d:72:45:de:4e:77:90:be:5a:fb:89:15:82:ab:
f3:91:34:7e:95:90:35:5d:8a:b4:d3:0e:4e:7d:20:5c:e3:91:
20:bb:81:5b:a5:ff:ba:77:3c:94:8d:fd:44:71:7d:69:ed:bd:
04:4f:43:35:8e:94:ae:a4:79:4b:e2:f5:0d:1b:fa:a0:6b:4b:
80:46:03:43:99:36:70:5c:dc:b2:8a:b6:fd:0f:10:a7:39:83:
3a:a6:47:aa:45:47:d1:44:a9:42:4b:e9:4e:dd:2e:93:de:14:
c1:1d:83:c9
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgIUXQr0ScIZhnepQVq+EoE/kYgM09EwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYwMzE3MzUwMloX
DTI3MDYwMjE3NDAwMlowMzExMC8GA1UEAxMoNjBBRjA5QTdDOEQzNDYxOTRGNTVC
M0I5MUQzODRCODdCQTU1NTczNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqrDX26UFY0qX+ix7+kgzigR4zOlj3q2/nt1UNswrhYn6tZW4eYVFvuja5C
G+jd8VKY2+eU7KVcBbYqskyXd0webHIDNdi7dVCtSEScBmMAQZXUbH0QL01F4zAL
Tcfh4e31LxBoilHWAT9Y7tya93zB6zU6QbuHQRPaxmx6m9djF7JTwWDIYsSLClkG
M0bpXNqozdXW9ELqkYCgWc9m9kC3izVaUojjx9xZawMfVGG9rU3dfAH9hcg5A0m0
T0GD8iecdILSLQYpBf1eMuQl8UWAdrALZKeTsfP69015Sif367dnBc+MNDY8lXNG
UvcnG6lTZx4x1H0ztiqImqMLO38CAwEAAaOCAkMwggI/MB0GA1UdDgQWBBRgrwmn
yNNGGU9Vs7kdOEuHulVXNzAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBdBggrBgEFBQcBCwRRME8wTQYIKwYBBQUH
MAuGQXJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTNTg1NDEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
fwYIKwYBBQUHAQcBAf8EcDBuMEwEAgABMEYDBAA6OKEDBAA6OKMwDAMEADo6IQME
ADo6IjAMAwQFlopgAwQGloqAAwQFlovAAwQA25JEAwQA25JeAwQA25L0AwQA25L4
MB4EAgACMBgDBgMkDgAOsAMGBCQOCUQAAwYEJA4JRDAwDQYJKoZIhvcNAQELBQAD
ggEBAHHoQ8Sahg9A+916D/f7O3OxJo3T86pNoiex2o3+1ivgqdqqe4IASUycs9hG
dHMYMwm62FIpoEJVtPxfO4k5KTUX90U6zyWhnQg1nqgvcRPmUTBy7awkYM+dsaD0
bnK63v2BYPX8v4rGI4S4T5vAI1Wl9W+zOCXdHFZi3BihGDD12xCE5T5P+YLHXsXC
HBrvjAqjJOkdckXeTneQvlr7iRWCq/ORNH6VkDVdirTTDk59IFzjkSC7gVul/7p3
PJSN/URxfWntvQRPQzWOlK6keUvi9Q0b+qBrS4BGA0OZNnBc3LKKtv0PEKc5gzqm
R6pFR9FEqUJL6U7dLpPeFMEdg8k=
-----END CERTIFICATE-----
Generated at Fri Jun 12 11:22:25 2026 by rpki-client