Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS58542.roa
File: AS58542.roa (raw, json)
Hash identifier: WYYA+iVOkTa8jlwCU9DjjfpVjdCRgCahThej06smPJY=
Subject key identifier: 38:32:89:CE:4A:5C:55:40:65:C1:EE:F1:D4:F2:2F:77:C2:90:A2:7F
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 7AEC8041CE4D9878DE018DF8D1E7BFCCB26A3CDB
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS58542.roa
Signing time: Thu 11 Jun 2026 16:36:58 +0000
ROA not before: Thu 11 Jun 2026 16:31:58 +0000
ROA not after: Thu 10 Jun 2027 16:36:58 +0000
asID: 58542
IP address blocks: 42.81.138.0/24 maxlen: 24
42.81.168.0/24 maxlen: 24
42.81.169.0/24 maxlen: 24
42.81.170.0/24 maxlen: 24
42.81.171.0/24 maxlen: 24
42.81.172.0/24 maxlen: 24
42.81.173.0/24 maxlen: 24
123.150.70.0/23 maxlen: 23
123.150.72.0/23 maxlen: 23
123.150.76.0/22 maxlen: 22
123.150.174.0/24 maxlen: 24
123.150.208.0/24 maxlen: 24
123.151.8.0/24 maxlen: 24
123.151.9.0/24 maxlen: 24
123.151.10.0/23 maxlen: 23
123.151.12.0/22 maxlen: 22
123.151.26.0/23 maxlen: 23
123.151.39.0/24 maxlen: 24
123.151.40.0/24 maxlen: 24
123.151.42.0/24 maxlen: 24
123.151.46.0/24 maxlen: 24
123.151.47.0/24 maxlen: 24
123.151.48.0/20 maxlen: 20
123.151.64.0/21 maxlen: 21
123.151.72.0/22 maxlen: 22
123.151.76.0/22 maxlen: 22
123.151.92.0/22 maxlen: 22
123.151.96.0/20 maxlen: 20
123.151.137.0/24 maxlen: 24
123.151.138.0/24 maxlen: 24
123.151.139.0/24 maxlen: 24
123.151.144.0/24 maxlen: 24
123.151.148.0/22 maxlen: 22
123.151.152.0/22 maxlen: 22
123.151.156.0/23 maxlen: 23
123.151.158.0/24 maxlen: 24
123.151.180.0/24 maxlen: 24
123.151.181.0/24 maxlen: 24
123.151.182.0/24 maxlen: 24
123.151.183.0/24 maxlen: 24
123.151.190.0/24 maxlen: 24
180.213.52.0/22 maxlen: 22
180.213.56.0/21 maxlen: 21
180.213.64.0/22 maxlen: 22
180.213.100.0/22 maxlen: 22
180.213.112.0/20 maxlen: 20
180.213.240.0/20 maxlen: 20
221.238.34.0/24 maxlen: 24
221.238.35.0/24 maxlen: 24
221.238.41.0/24 maxlen: 24
221.238.70.0/24 maxlen: 24
221.238.73.0/24 maxlen: 24
221.238.92.0/24 maxlen: 24
221.238.94.0/24 maxlen: 24
240e:95:8001::/48 maxlen: 48
240e:108:1090::/48 maxlen: 48
240e:928:400::/48 maxlen: 48
240e:928:1400::/40 maxlen: 40
240e:980:9600::/40 maxlen: 40
240e:981:9000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 12 Jun 2026 18:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:ec:80:41:ce:4d:98:78:de:01:8d:f8:d1:e7:bf:cc:b2:6a:3c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: Jun 11 16:31:58 2026 GMT
Not After : Jun 10 16:36:58 2027 GMT
Subject: CN=383289CE4A5C554065C1EEF1D4F22F77C290A27F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c4:7e:53:07:55:e6:57:3c:81:1f:81:5f:52:
79:39:e9:d4:fc:06:e2:1b:7a:27:9e:e9:df:d4:c0:
5c:c8:9b:9a:70:b8:67:cb:22:e5:ee:28:3a:48:d9:
59:69:db:18:36:8e:56:e1:9a:fc:ce:64:ed:e1:21:
ba:9c:b5:41:d4:a8:5c:43:e9:cd:ba:7e:e6:1b:eb:
e3:d8:3b:56:00:fa:e6:81:8e:4d:8b:87:1a:bc:62:
d3:42:40:4e:6d:58:b9:7d:c2:a2:fa:69:42:42:d1:
16:28:33:02:26:6f:b9:8f:a7:47:b5:c3:58:ab:2a:
ae:49:a5:1b:60:57:17:da:72:ee:f1:4f:d0:7d:ec:
62:29:1d:41:27:c1:b6:04:72:42:f9:ae:4f:d0:93:
97:6e:23:c4:c3:3c:61:2a:72:e1:38:7a:87:ba:30:
ce:14:85:56:43:e9:53:5e:18:0f:1b:e9:d6:3f:d1:
d6:39:0f:6f:a1:09:b5:a6:6b:5c:0c:34:61:b0:89:
a4:68:89:cf:d1:60:e6:f9:b5:4e:46:fd:bb:96:3e:
07:59:71:74:14:e8:35:d5:d8:94:e1:46:b2:40:00:
67:ee:38:38:af:43:ea:9f:3f:4d:b2:f9:5e:2a:6d:
82:bd:8f:f2:f8:20:b5:0e:1f:61:26:56:0e:d3:72:
60:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:32:89:CE:4A:5C:55:40:65:C1:EE:F1:D4:F2:2F:77:C2:90:A2:7F
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS58542.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
42.81.138.0/24
42.81.168.0-42.81.173.255
123.150.70.0-123.150.73.255
123.150.76.0/22
123.150.174.0/24
123.150.208.0/24
123.151.8.0/21
123.151.26.0/23
123.151.39.0-123.151.40.255
123.151.42.0/24
123.151.46.0-123.151.79.255
123.151.92.0-123.151.111.255
123.151.137.0-123.151.139.255
123.151.144.0/24
123.151.148.0-123.151.158.255
123.151.180.0/22
123.151.190.0/24
180.213.52.0-180.213.67.255
180.213.100.0/22
180.213.112.0/20
180.213.240.0/20
221.238.34.0/23
221.238.41.0/24
221.238.70.0/24
221.238.73.0/24
221.238.92.0/24
221.238.94.0/24
IPv6:
240e:95:8001::/48
240e:108:1090::/48
240e:928:400::/48
240e:928:1400::/40
240e:980:9600::/40
240e:981:9000::/40
Signature Algorithm: sha256WithRSAEncryption
78:07:3f:d0:21:45:ba:d9:99:e2:32:ce:06:b6:30:8e:4f:bd:
0c:eb:5b:be:1d:02:5a:eb:5c:df:1a:77:57:df:a3:c3:66:3f:
97:64:0b:18:91:39:f0:67:62:2b:cd:76:24:ba:e1:eb:43:36:
92:d3:3f:81:45:7b:2c:31:09:3c:53:90:04:21:9a:a3:85:0b:
1f:3a:66:e2:c3:42:31:ff:1a:9c:22:95:67:42:87:29:fb:10:
d2:8d:d8:f2:a9:d0:cb:68:dc:b1:41:6f:7f:cc:51:2c:bb:16:
5a:71:1a:41:ba:21:92:6e:fb:d4:03:af:29:7b:5f:80:fc:9d:
99:fb:8d:a0:17:30:01:c2:dc:2c:0c:08:36:0a:1e:f2:e7:35:
43:70:c2:78:30:1d:20:a6:2f:12:92:7d:e8:ca:ad:0f:fc:f3:
7b:bb:61:46:03:e0:e8:39:ee:aa:6c:65:14:df:c4:7b:04:80:
ff:13:a2:27:f1:94:3f:c5:8c:06:df:0d:a1:28:8e:83:ad:b7:
05:6f:46:61:0b:a9:2f:d9:ae:7a:74:25:62:f6:4c:72:94:39:
45:a6:34:7e:95:88:f2:6e:b1:fc:d6:ce:60:88:9b:05:6d:d2:
84:5b:de:2c:9f:11:bf:78:91:e9:b8:61:9a:38:60:10:4f:1c:
b9:2b:3d:7d
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgIUeuyAQc5NmHjeAY340ee/zLJqPNswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYxMTE2MzE1OFoX
DTI3MDYxMDE2MzY1OFowMzExMC8GA1UEAxMoMzgzMjg5Q0U0QTVDNTU0MDY1QzFF
RUYxRDRGMjJGNzdDMjkwQTI3RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzEflMHVeZXPIEfgV9SeTnp1PwG4ht6J57p39TAXMibmnC4Z8si5e4oOkjZ
WWnbGDaOVuGa/M5k7eEhupy1QdSoXEPpzbp+5hvr49g7VgD65oGOTYuHGrxi00JA
Tm1YuX3CovppQkLRFigzAiZvuY+nR7XDWKsqrkmlG2BXF9py7vFP0H3sYikdQSfB
tgRyQvmuT9CTl24jxMM8YSpy4Th6h7owzhSFVkPpU14YDxvp1j/R1jkPb6EJtaZr
XAw0YbCJpGiJz9Fg5vm1Tkb9u5Y+B1lxdBToNdXYlOFGskAAZ+44OK9D6p8/TbL5
Xiptgr2P8vggtQ4fYSZWDtNyYA0CAwEAAaOCAwIwggL+MB0GA1UdDgQWBBQ4MonO
SlxVQGXB7vHU8i93wpCifzAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBdBggrBgEFBQcBCwRRME8wTQYIKwYBBQUH
MAuGQXJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTNTg1NDIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
ggE8BggrBgEFBQcBBwEB/wSCASswggEnMIHpBAIAATCB4gMEACpRijAMAwQDKlGo
AwQBKlGsMAwDBAF7lkYDBAF7lkgDBAJ7lkwDBAB7lq4DBAB7ltADBAN7lwgDBAF7
lxowDAMEAHuXJwMEAHuXKAMEAHuXKjAMAwQBe5cuAwQEe5dAMAwDBAJ7l1wDBAR7
l2AwDAMEAHuXiQMEAnuXiAMEAHuXkDAMAwQCe5eUAwQAe5eeAwQCe5e0AwQAe5e+
MAwDBAK01TQDBAK01UADBAK01WQDBAS01XADBAS01fADBAHd7iIDBADd7ikDBADd
7kYDBADd7kkDBADd7lwDBADd7l4wOQQCAAIwMwMHACQOAJWAAQMHACQOAQgQkAMH
ACQOCSgEAAMGACQOCSgUAwYAJA4JgJYDBgAkDgmBkDANBgkqhkiG9w0BAQsFAAOC
AQEAeAc/0CFFutmZ4jLOBrYwjk+9DOtbvh0CWutc3xp3V9+jw2Y/l2QLGJE58Gdi
K812JLrh60M2ktM/gUV7LDEJPFOQBCGao4ULHzpm4sNCMf8anCKVZ0KHKfsQ0o3Y
8qnQy2jcsUFvf8xRLLsWWnEaQbohkm771AOvKXtfgPydmfuNoBcwAcLcLAwINgoe
8uc1Q3DCeDAdIKYvEpJ96MqtD/zze7thRgPg6DnuqmxlFN/EewSA/xOiJ/GUP8WM
Bt8NoSiOg623BW9GYQupL9muenQlYvZMcpQ5RaY0fpWI8m6x/NbOYIibBW3ShFve
LJ8Rv3iR6bhhmjhgEE8cuSs9fQ==
-----END CERTIFICATE-----
Generated at Fri Jun 12 07:23:33 2026 by rpki-client