Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1108677435395670037/1/AS55960.roa
File: AS55960.roa (raw, json)
Hash identifier: yBVzhMCIPo6kJblN+nw2mN2hqb7MaEeeLkPcBKiR0uM=
Subject key identifier: 52:DB:A5:F0:85:CF:C0:0A:2D:AA:49:59:ED:0C:F6:1D:03:BE:AD:C4
Certificate issuer: /CN=9FF679A48BDAB5820137C251333CE831F275BD8C
Certificate serial: 4F9C8A1AA4B68FD1DF3E61720FC4565B5E30EE17
Authority key identifier: 9F:F6:79:A4:8B:DA:B5:82:01:37:C2:51:33:3C:E8:31:F2:75:BD:8C
Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9FF679A48BDAB5820137C251333CE831F275BD8C.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1108677435395670037/1/AS55960.roa
Signing time: Mon 25 May 2026 06:06:36 +0000
ROA not before: Mon 25 May 2026 06:01:36 +0000
ROA not after: Mon 24 May 2027 06:06:36 +0000
asID: 55960
IP address blocks: 43.195.0.0/20 maxlen: 20
43.196.0.0/16 maxlen: 16
43.196.192.0/19 maxlen: 19
43.196.224.0/19 maxlen: 19
43.196.232.0/22 maxlen: 22
2400:7fc0::/40 maxlen: 40
2400:7fc0:220::/46 maxlen: 46
2400:7fc0:224::/46 maxlen: 46
2400:7fc0:228::/46 maxlen: 46
2400:7fc0:22c::/46 maxlen: 46
2400:7fc0:240::/44 maxlen: 44
2400:7fc0:240::/46 maxlen: 46
2400:7fc0:244::/46 maxlen: 46
2400:7fc0:248::/46 maxlen: 46
2400:7fc0:24c::/46 maxlen: 46
2400:7fc0:2a0::/46 maxlen: 46
2400:7fc0:2a4::/46 maxlen: 46
2400:7fc0:2a8::/46 maxlen: 46
2400:7fc0:2ac::/46 maxlen: 46
2400:7fc0:2c0::/46 maxlen: 46
2400:7fc0:2c4::/46 maxlen: 46
2400:7fc0:2c8::/46 maxlen: 46
2400:7fc0:2cc::/46 maxlen: 46
2400:7fc0:4000::/40 maxlen: 40
2400:7fc0:4100::/48 maxlen: 48
2400:7fc0:6000::/40 maxlen: 40
2400:7fc0:6020::/48 maxlen: 48
2400:7fc0:6040::/48 maxlen: 48
2400:7fc0:6060::/48 maxlen: 48
2400:7fc0:8000::/36 maxlen: 36
2400:7fc0:8000::/38 maxlen: 38
2400:7fc0:8400::/38 maxlen: 38
2400:7fc0:8800::/38 maxlen: 38
2400:7fc0:8c00::/38 maxlen: 38
2400:7fc0:a000::/36 maxlen: 36
2400:7fc0:a000::/37 maxlen: 37
2400:7fc0:a800::/37 maxlen: 37
2400:7fc0:bb00::/40 maxlen: 40
2400:7fc0:c000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1108677435395670037/1/9FF679A48BDAB5820137C251333CE831F275BD8C.crl
rsync://rpki-rps.cnnic.cn/repo/A1108677435395670037/1/9FF679A48BDAB5820137C251333CE831F275BD8C.mft
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9FF679A48BDAB5820137C251333CE831F275BD8C.cer
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 May 2026 15:28:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:9c:8a:1a:a4:b6:8f:d1:df:3e:61:72:0f:c4:56:5b:5e:30:ee:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9FF679A48BDAB5820137C251333CE831F275BD8C
Validity
Not Before: May 25 06:01:36 2026 GMT
Not After : May 24 06:06:36 2027 GMT
Subject: CN=52DBA5F085CFC00A2DAA4959ED0CF61D03BEADC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c2:01:ab:8c:13:4d:05:be:a6:cc:9f:39:6a:
1e:c6:10:7a:10:3a:af:07:c4:5a:c2:30:a3:ce:da:
7d:d2:09:8f:65:d9:fe:31:04:a3:5c:86:73:47:2b:
fe:ea:61:83:30:f2:da:0a:34:f0:43:cf:49:cc:cf:
42:db:99:ab:bd:48:38:2b:19:cb:ec:f5:8f:45:68:
7f:e4:a2:3d:01:bd:2c:c6:c7:91:b5:dc:19:c0:5d:
b3:b3:eb:e9:ff:c7:8b:8f:a9:b4:a7:42:a4:8a:de:
af:71:e5:6d:a6:6b:63:52:eb:1e:38:e8:80:fd:e9:
05:50:e4:20:0d:f3:b0:c3:85:35:b6:d3:c0:a0:9b:
59:9c:18:6f:15:69:c7:12:9c:dd:8b:01:66:35:4e:
a7:fc:5e:80:2d:52:de:94:73:e2:9e:23:0e:aa:68:
bf:b5:7e:61:45:e8:21:35:04:bc:44:eb:bb:09:b0:
ff:9e:c0:f5:35:8f:1f:06:4f:08:62:fd:54:0f:aa:
91:d4:2e:3d:ab:b9:d8:d7:0f:b8:de:ab:61:8c:87:
23:fe:ac:c8:6a:01:db:b0:53:6a:27:d5:c6:df:b6:
b7:2c:41:2b:3b:4d:9e:86:a0:b3:40:b0:f3:b2:b0:
31:69:31:fc:52:e4:dc:60:8c:15:70:95:ca:71:fe:
62:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DB:A5:F0:85:CF:C0:0A:2D:AA:49:59:ED:0C:F6:1D:03:BE:AD:C4
X509v3 Authority Key Identifier:
keyid:9F:F6:79:A4:8B:DA:B5:82:01:37:C2:51:33:3C:E8:31:F2:75:BD:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1108677435395670037/1/9FF679A48BDAB5820137C251333CE831F275BD8C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9FF679A48BDAB5820137C251333CE831F275BD8C.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1108677435395670037/1/AS55960.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.195.0.0/20
43.196.0.0/16
IPv6:
2400:7fc0::/40
2400:7fc0:220::/44
2400:7fc0:240::/44
2400:7fc0:2a0::/44
2400:7fc0:2c0::/44
2400:7fc0:4000::-2400:7fc0:4100:ffff:ffff:ffff:ffff:ffff
2400:7fc0:6000::/40
2400:7fc0:8000::/36
2400:7fc0:a000::/36
2400:7fc0:bb00::/40
2400:7fc0:c000::/36
Signature Algorithm: sha256WithRSAEncryption
af:b2:59:62:f8:fe:c9:2d:14:05:b6:a0:fb:19:52:e9:43:35:
26:06:4a:01:f4:7d:c8:c7:b1:45:cf:e5:3e:bb:02:47:9f:85:
4a:15:c8:b7:10:a0:82:ea:1a:e3:0f:43:3b:30:ec:a9:bd:ec:
4a:bf:45:bb:d6:19:dd:03:a0:40:75:be:7a:6e:b9:7f:a4:57:
a0:ce:37:28:74:37:04:93:bc:71:d2:5e:ae:1c:82:a3:1e:c9:
ba:45:8c:d0:ad:24:3a:20:36:43:c5:a6:5f:6b:bf:e8:1f:32:
36:03:ae:61:15:4b:ba:68:69:6e:cb:97:d9:06:46:61:ee:34:
37:89:26:bd:f1:5f:13:ca:77:5e:8c:75:29:3a:ac:f1:97:28:
3f:e8:b7:24:ad:5e:d7:cc:9f:b4:54:a3:63:ee:7a:83:88:0c:
16:ad:15:40:a1:47:f9:36:87:ff:68:43:2e:be:bb:23:6c:23:
b4:40:f6:7a:0a:78:40:55:dc:59:fd:df:c6:89:32:9e:06:c8:
59:83:59:b3:cc:06:eb:1c:83:44:6c:16:b0:cd:8b:90:a2:8b:
51:1c:8b:8e:c2:4d:cb:e5:78:76:ec:51:4b:01:7f:10:af:ba:
24:b8:ab:bf:77:f3:a5:74:25:da:9c:c4:04:9d:bf:ff:2f:52:
ad:ab:15:80
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgIUT5yKGqS2j9HfPmFyD8RWW14w7hcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUZGNjc5QTQ4QkRBQjU4MjAxMzdDMjUxMzMzQ0U4MzFG
Mjc1QkQ4QzAeFw0yNjA1MjUwNjAxMzZaFw0yNzA1MjQwNjA2MzZaMDMxMTAvBgNV
BAMTKDUyREJBNUYwODVDRkMwMEEyREFBNDk1OUVEMENGNjFEMDNCRUFEQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0wgGrjBNNBb6mzJ85ah7GEHoQ
Oq8HxFrCMKPO2n3SCY9l2f4xBKNchnNHK/7qYYMw8toKNPBDz0nMz0Lbmau9SDgr
Gcvs9Y9FaH/koj0BvSzGx5G13BnAXbOz6+n/x4uPqbSnQqSK3q9x5W2ma2NS6x44
6ID96QVQ5CAN87DDhTW208Cgm1mcGG8VaccSnN2LAWY1Tqf8XoAtUt6Uc+KeIw6q
aL+1fmFF6CE1BLxE67sJsP+ewPU1jx8GTwhi/VQPqpHULj2rudjXD7jeq2GMhyP+
rMhqAduwU2on1cbftrcsQSs7TZ6GoLNAsPOysDFpMfxS5NxgjBVwlcpx/mKtAgMB
AAGjggJaMIICVjAdBgNVHQ4EFgQUUtul8IXPwAotqklZ7Qz2HQO+rcQwHwYDVR0j
BBgwFoAUn/Z5pIvatYIBN8JRMzzoMfJ1vYwwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud
HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTEw
ODY3NzQzNTM5NTY3MDAzNy8xLzlGRjY3OUE0OEJEQUI1ODIwMTM3QzI1MTMzM0NF
ODMxRjI3NUJEOEMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5
bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1
LzEvOUZGNjc5QTQ4QkRBQjU4MjAxMzdDMjUxMzMzQ0U4MzFGMjc1QkQ4Qy5jZXIw
XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu
bmljLmNuL3JlcG8vQTExMDg2Nzc0MzUzOTU2NzAwMzcvMS9BUzU1OTYwLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjAR
BAIAATALAwQEK8MAAwMAK8QwbQQCAAIwZwMGACQAf8AAAwcEJAB/wAIgAwcEJAB/
wAJAAwcEJAB/wAKgAwcEJAB/wALAMBEDBgYkAH/AQAMHACQAf8BBAAMGACQAf8Bg
AwYEJAB/wIADBgQkAH/AoAMGACQAf8C7AwYEJAB/wMAwDQYJKoZIhvcNAQELBQAD
ggEBAK+yWWL4/sktFAW2oPsZUulDNSYGSgH0fcjHsUXP5T67AkefhUoVyLcQoILq
GuMPQzsw7Km97Eq/RbvWGd0DoEB1vnpuuX+kV6DONyh0NwSTvHHSXq4cgqMeybpF
jNCtJDogNkPFpl9rv+gfMjYDrmEVS7poaW7Ll9kGRmHuNDeJJr3xXxPKd16MdSk6
rPGXKD/otyStXtfMn7RUo2PueoOIDBatFUChR/k2h/9oQy6+uyNsI7RA9noKeEBV
3Fn938aJMp4GyFmDWbPMBuscg0RsFrDNi5Cii1Eci47CTcvleHbsUUsBfxCvuiS4
q79386V0JdqcxASdv/8vUq2rFYA=
-----END CERTIFICATE-----
Generated at Fri May 29 23:48:41 2026 by rpki-client