Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1113654806364422163/0/AS4847.roa
File: AS4847.roa (raw, json)
Hash identifier: BEVSOAt7x+vLme7j+gI8xdsRKWhHSE9lO5BGT9hJXcw=
Subject key identifier: 58:F1:15:3B:92:E0:B9:5F:20:16:2A:B8:3E:75:3B:73:82:7C:A9:70
Certificate issuer: /CN=A915370F0000/serialNumber=0182D4CD0C6D21DC2C296ED2606A70D796D5BBB9
Certificate serial: 76A247C0DA3EF1C440E19E03DFF7ABBA1ACD9CAA
Authority key identifier: 01:82:D4:CD:0C:6D:21:DC:2C:29:6E:D2:60:6A:70:D7:96:D5:BB:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AYLUzQxtIdwsKW7SYGpw15bVu7k.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1113654806364422163/0/AS4847.roa
Signing time: Wed 10 Jun 2026 09:05:45 +0000
ROA not before: Wed 10 Jun 2026 09:00:45 +0000
ROA not after: Wed 09 Jun 2027 09:05:45 +0000
asID: 4847
IP address blocks: 101.39.0.0/16 maxlen: 16
101.39.224.0/20 maxlen: 20
101.39.252.0/23 maxlen: 23
101.39.254.0/23 maxlen: 23
101.40.0.0/16 maxlen: 16
118.26.72.0/22 maxlen: 22
118.26.128.0/22 maxlen: 22
118.26.136.0/22 maxlen: 22
118.26.160.0/20 maxlen: 24
118.186.88.0/22 maxlen: 22
118.186.92.0/22 maxlen: 22
118.186.104.0/21 maxlen: 21
118.186.112.0/21 maxlen: 21
118.186.160.0/19 maxlen: 19
118.187.32.0/20 maxlen: 20
118.187.48.0/20 maxlen: 20
118.187.56.0/24 maxlen: 24
118.187.57.0/24 maxlen: 24
118.187.80.0/20 maxlen: 20
118.188.18.0/23 maxlen: 23
118.188.20.0/22 maxlen: 22
118.188.24.0/23 maxlen: 23
118.192.20.0/24 maxlen: 24
118.192.64.0/24 maxlen: 24
118.192.65.0/24 maxlen: 24
118.192.67.0/24 maxlen: 24
118.192.68.0/24 maxlen: 24
118.192.69.0/24 maxlen: 24
118.192.70.0/24 maxlen: 24
122.14.62.0/24 maxlen: 24
123.58.224.0/21 maxlen: 21
123.58.232.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1113654806364422163/0/0182D4CD0C6D21DC2C296ED2606A70D796D5BBB9.crl
rsync://rpki-rps.cnnic.cn/repo/A1113654806364422163/0/0182D4CD0C6D21DC2C296ED2606A70D796D5BBB9.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AYLUzQxtIdwsKW7SYGpw15bVu7k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 12 Jun 2026 12:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:a2:47:c0:da:3e:f1:c4:40:e1:9e:03:df:f7:ab:ba:1a:cd:9c:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915370F0000, serialNumber=0182D4CD0C6D21DC2C296ED2606A70D796D5BBB9
Validity
Not Before: Jun 10 09:00:45 2026 GMT
Not After : Jun 9 09:05:45 2027 GMT
Subject: CN=58F1153B92E0B95F20162AB83E753B73827CA970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5f:8a:3a:51:1c:2f:ce:a1:23:21:12:46:31:
7d:58:f6:15:b5:68:52:a4:e6:cd:55:76:75:97:07:
65:ca:33:d8:cd:09:98:1c:4b:a1:17:b1:28:6e:ec:
42:59:98:10:ab:58:bd:6f:13:29:a0:d4:0b:9f:e5:
68:58:97:f4:8e:b0:92:86:89:a0:14:4a:42:7e:7b:
10:b0:1e:a7:f3:db:7a:1e:e4:7b:22:71:ff:79:0d:
cb:17:89:36:ed:7f:5b:59:6f:fd:d7:d8:b7:e7:a5:
12:e0:13:c3:ab:3a:97:de:fe:1a:a3:ce:97:62:63:
b4:e8:4a:8c:52:eb:ad:54:4e:39:c3:e5:f6:d9:c1:
c7:18:d2:75:e0:de:ba:9f:4b:b9:b2:eb:e1:14:e0:
35:86:6d:65:d4:47:52:43:3a:65:68:81:b0:7d:aa:
5b:75:f9:2a:b2:ee:65:b6:2f:35:c4:14:3e:18:31:
9d:29:f8:e6:a9:cf:19:ce:22:fa:a9:8f:00:e3:a3:
b4:33:d3:a5:94:0a:52:40:14:f7:b1:b6:c9:78:1d:
0d:cf:70:54:81:0e:37:1a:b7:c7:8e:6b:cc:63:b2:
69:e5:0e:7a:e0:87:0a:fb:58:fb:d8:72:88:08:48:
bc:d3:f5:fb:53:8f:d7:12:d2:1e:55:44:ad:9a:52:
01:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:F1:15:3B:92:E0:B9:5F:20:16:2A:B8:3E:75:3B:73:82:7C:A9:70
X509v3 Authority Key Identifier:
keyid:01:82:D4:CD:0C:6D:21:DC:2C:29:6E:D2:60:6A:70:D7:96:D5:BB:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1113654806364422163/0/0182D4CD0C6D21DC2C296ED2606A70D796D5BBB9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AYLUzQxtIdwsKW7SYGpw15bVu7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1113654806364422163/0/AS4847.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
101.39.0.0-101.40.255.255
118.26.72.0/22
118.26.128.0/22
118.26.136.0/22
118.26.160.0/20
118.186.88.0/21
118.186.104.0-118.186.119.255
118.186.160.0/19
118.187.32.0/19
118.187.80.0/20
118.188.18.0-118.188.25.255
118.192.20.0/24
118.192.64.0/23
118.192.67.0-118.192.70.255
122.14.62.0/24
123.58.224.0/20
Signature Algorithm: sha256WithRSAEncryption
91:a4:b5:b1:3d:3c:f7:37:ff:af:b7:9c:22:72:bd:53:29:8d:
9a:8a:d8:54:8e:ba:4c:5f:39:70:5a:df:e3:51:89:ab:6e:c6:
22:c5:84:1a:28:7e:80:a6:3b:27:09:55:cc:06:cb:bb:b4:c7:
06:2d:c3:11:34:91:30:a6:e7:a3:51:91:40:ca:4f:62:45:db:
3a:63:0d:1c:dd:fa:f4:6d:14:3d:d5:d5:50:c4:c7:8f:ec:6e:
1f:67:9b:49:90:22:57:08:b5:31:09:0d:1b:63:f8:7a:72:e5:
b0:9e:6b:f6:33:6d:50:0f:80:6e:8c:dd:2f:34:cf:1b:04:60:
fc:39:57:fb:eb:34:10:bc:15:c1:86:3e:aa:0e:bb:57:6b:69:
81:38:87:a2:77:e5:a4:08:ed:b6:bc:90:f2:4e:6b:21:62:87:
6d:53:6b:a1:d7:a8:75:a2:0f:6a:65:47:55:17:d5:fe:ce:bf:
28:55:a9:7d:48:d7:0c:38:91:cb:10:54:ec:df:0e:e8:6f:3d:
eb:ef:b2:2c:0a:17:54:e6:6a:b5:2d:eb:aa:82:88:b9:dc:37:
88:e7:10:d6:66:68:74:92:0b:7d:c5:6c:cf:ab:c2:45:bf:25:
1c:42:64:6a:23:fc:74:4e:a2:b8:7b:87:da:63:43:e1:89:55:
92:e3:e1:41
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgIUdqJHwNo+8cRA4Z4D3/eruhrNnKowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTM3MEYwMDAwMTEwLwYDVQQFEygwMTgyRDRDRDBD
NkQyMURDMkMyOTZFRDI2MDZBNzBENzk2RDVCQkI5MB4XDTI2MDYxMDA5MDA0NVoX
DTI3MDYwOTA5MDU0NVowMzExMC8GA1UEAxMoNThGMTE1M0I5MkUwQjk1RjIwMTYy
QUI4M0U3NTNCNzM4MjdDQTk3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM5fijpRHC/OoSMhEkYxfVj2FbVoUqTmzVV2dZcHZcoz2M0JmBxLoRexKG7s
QlmYEKtYvW8TKaDUC5/laFiX9I6wkoaJoBRKQn57ELAep/Pbeh7keyJx/3kNyxeJ
Nu1/W1lv/dfYt+elEuATw6s6l97+GqPOl2JjtOhKjFLrrVROOcPl9tnBxxjSdeDe
up9LubLr4RTgNYZtZdRHUkM6ZWiBsH2qW3X5KrLuZbYvNcQUPhgxnSn45qnPGc4i
+qmPAOOjtDPTpZQKUkAU97G2yXgdDc9wVIEONxq3x45rzGOyaeUOeuCHCvtY+9hy
iAhIvNP1+1OP1xLSHlVErZpSAScCAwEAAaOCAl4wggJaMB0GA1UdDgQWBBRY8RU7
kuC5XyAWKrg+dTtzgnypcDAfBgNVHSMEGDAWgBQBgtTNDG0h3CwpbtJganDXltW7
uTAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMTEzNjU0ODA2MzY0NDIyMTYzLzAvMDE4MkQ0
Q0QwQzZEMjFEQzJDMjk2RUQyNjA2QTcwRDc5NkQ1QkJCOS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvQVlMVXpReHRJ
ZHdzS1c3U1lHcHcxNWJWdTdrLmNlcjBcBggrBgEFBQcBCwRQME4wTAYIKwYBBQUH
MAuGQHJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTExMzY1NDgwNjM2
NDQyMjE2My8wL0FTNDg0Ny5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
mgYIKwYBBQUHAQcBAf8EgYowgYcwgYQEAgABMH4wCgMDAGUnAwMAZSgDBAJ2GkgD
BAJ2GoADBAJ2GogDBAR2GqADBAN2ulgwDAMEA3a6aAMEA3a6cAMEBXa6oAMEBXa7
IAMEBHa7UDAMAwQBdrwSAwQBdrwYAwQAdsAUAwQBdsBAMAwDBAB2wEMDBAB2wEYD
BAB6Dj4DBAR7OuAwDQYJKoZIhvcNAQELBQADggEBAJGktbE9PPc3/6+3nCJyvVMp
jZqK2FSOukxfOXBa3+NRiatuxiLFhBoofoCmOycJVcwGy7u0xwYtwxE0kTCm56NR
kUDKT2JF2zpjDRzd+vRtFD3V1VDEx4/sbh9nm0mQIlcItTEJDRtj+Hpy5bCea/Yz
bVAPgG6M3S80zxsEYPw5V/vrNBC8FcGGPqoOu1draYE4h6J35aQI7ba8kPJOayFi
h21Ta6HXqHWiD2plR1UX1f7OvyhVqX1I1ww4kcsQVOzfDuhvPevvsiwKF1TmarUt
66qCiLncN4jnENZmaHSSC33FbM+rwkW/JRxCZGoj/HROorh7h9pjQ+GJVZLj4UE=
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:23:45 2026 by rpki-client