Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1113654806364422163/0/AS59045.roa
File: AS59045.roa (raw, json)
Hash identifier: hjhXHrQPwp5HbBdJBSJyhM63ftUWqb9sQF8t5BV8oQY=
Subject key identifier: 42:18:AB:33:1C:DA:57:A2:DF:EC:E7:88:6B:9F:C1:79:5B:9B:6E:BA
Certificate issuer: /CN=A915370F0000/serialNumber=0182D4CD0C6D21DC2C296ED2606A70D796D5BBB9
Certificate serial: 4C8E98181BB2A973E694935362D02E96A22395D1
Authority key identifier: 01:82:D4:CD:0C:6D:21:DC:2C:29:6E:D2:60:6A:70:D7:96:D5:BB:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AYLUzQxtIdwsKW7SYGpw15bVu7k.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1113654806364422163/0/AS59045.roa
Signing time: Thu 11 Jun 2026 08:28:17 +0000
ROA not before: Thu 11 Jun 2026 08:23:17 +0000
ROA not after: Thu 10 Jun 2027 08:28:17 +0000
asID: 59045
IP address blocks: 118.191.128.0/24 maxlen: 24
118.191.129.0/24 maxlen: 24
118.191.130.0/24 maxlen: 24
118.191.131.0/24 maxlen: 24
118.191.132.0/24 maxlen: 24
118.191.133.0/24 maxlen: 24
118.191.134.0/24 maxlen: 24
118.191.135.0/24 maxlen: 24
118.191.136.0/24 maxlen: 24
118.191.137.0/24 maxlen: 24
118.191.138.0/24 maxlen: 24
118.191.139.0/24 maxlen: 24
118.191.140.0/24 maxlen: 24
118.191.141.0/24 maxlen: 24
118.191.142.0/24 maxlen: 24
118.191.143.0/24 maxlen: 24
118.191.144.0/24 maxlen: 24
118.191.145.0/24 maxlen: 24
118.191.146.0/24 maxlen: 24
118.191.147.0/24 maxlen: 24
118.191.148.0/24 maxlen: 24
118.191.149.0/24 maxlen: 24
118.191.150.0/24 maxlen: 24
118.191.151.0/24 maxlen: 24
118.191.152.0/24 maxlen: 24
118.191.153.0/24 maxlen: 24
118.191.154.0/24 maxlen: 24
118.191.155.0/24 maxlen: 24
118.191.156.0/24 maxlen: 24
118.191.157.0/24 maxlen: 24
118.191.158.0/24 maxlen: 24
118.191.159.0/24 maxlen: 24
118.191.192.0/23 maxlen: 23
118.191.208.0/24 maxlen: 24
118.191.216.0/24 maxlen: 24
118.191.217.0/24 maxlen: 24
118.191.218.0/24 maxlen: 24
118.191.219.0/24 maxlen: 24
118.191.223.0/24 maxlen: 24
118.191.224.0/24 maxlen: 24
118.191.240.0/24 maxlen: 24
118.191.241.0/24 maxlen: 24
118.191.242.0/24 maxlen: 24
118.191.243.0/24 maxlen: 24
118.191.244.0/24 maxlen: 24
118.191.245.0/24 maxlen: 24
118.191.246.0/24 maxlen: 24
118.191.247.0/24 maxlen: 24
118.191.248.0/22 maxlen: 22
118.191.248.0/24 maxlen: 24
118.191.249.0/24 maxlen: 24
118.191.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1113654806364422163/0/0182D4CD0C6D21DC2C296ED2606A70D796D5BBB9.crl
rsync://rpki-rps.cnnic.cn/repo/A1113654806364422163/0/0182D4CD0C6D21DC2C296ED2606A70D796D5BBB9.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AYLUzQxtIdwsKW7SYGpw15bVu7k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 12 Jun 2026 12:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:8e:98:18:1b:b2:a9:73:e6:94:93:53:62:d0:2e:96:a2:23:95:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915370F0000, serialNumber=0182D4CD0C6D21DC2C296ED2606A70D796D5BBB9
Validity
Not Before: Jun 11 08:23:17 2026 GMT
Not After : Jun 10 08:28:17 2027 GMT
Subject: CN=4218AB331CDA57A2DFECE7886B9FC1795B9B6EBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6b:89:48:89:2e:27:1a:e3:57:c8:97:55:67:
60:38:50:9a:e0:38:5e:98:e4:f1:16:83:77:c7:ff:
f5:0c:33:73:c3:cb:46:83:b5:fd:b5:2d:11:ea:ad:
0f:86:9f:6f:02:ab:d5:b1:30:8a:a2:56:b4:a7:50:
29:c9:1f:01:d4:aa:7f:3a:ed:59:23:df:65:53:ef:
53:87:1a:55:c5:15:7d:60:d9:73:d6:6b:18:f0:3b:
a8:2d:27:05:ec:05:c3:7b:27:7a:f9:f1:74:8f:0f:
23:bf:32:8f:87:94:45:c7:c8:51:48:13:6a:ec:a3:
1f:54:e1:ba:0b:45:5a:bd:42:d3:fd:1a:5f:dd:9a:
51:f6:4d:2a:6c:9a:64:ff:53:11:01:96:36:2e:ca:
d0:2c:ad:88:12:cc:f1:73:c3:fa:53:18:1f:21:41:
64:24:9f:16:f2:8f:77:ad:13:e4:c3:e7:80:4f:dc:
94:4d:0e:8e:52:5c:3c:dd:a5:a2:ef:61:9d:14:1e:
d9:10:93:8c:19:00:f8:b7:66:42:9f:19:09:06:c4:
73:04:d4:58:6d:f3:52:7c:cb:94:82:5e:42:13:b0:
35:d0:af:20:8b:ec:05:35:ed:ac:bd:e7:66:e0:b9:
b8:6b:9e:91:6e:e3:95:2c:cd:9e:b9:8a:02:a4:d0:
76:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:18:AB:33:1C:DA:57:A2:DF:EC:E7:88:6B:9F:C1:79:5B:9B:6E:BA
X509v3 Authority Key Identifier:
keyid:01:82:D4:CD:0C:6D:21:DC:2C:29:6E:D2:60:6A:70:D7:96:D5:BB:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1113654806364422163/0/0182D4CD0C6D21DC2C296ED2606A70D796D5BBB9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AYLUzQxtIdwsKW7SYGpw15bVu7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1113654806364422163/0/AS59045.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
118.191.128.0/19
118.191.192.0/23
118.191.208.0/24
118.191.216.0/22
118.191.223.0-118.191.224.255
118.191.240.0-118.191.251.255
Signature Algorithm: sha256WithRSAEncryption
10:ef:f8:82:51:bf:c1:e6:5b:5b:3c:3e:10:85:b3:6e:c9:00:
3f:93:c0:4b:21:ed:44:2c:d2:ea:f9:f5:92:25:74:2b:65:65:
99:3f:f8:a6:5b:9d:6b:59:4e:b3:39:09:b5:36:d5:25:1a:e2:
4b:f6:8b:b5:42:b5:7d:45:22:99:fc:8c:9d:98:a2:5a:ae:41:
33:b0:c4:43:5d:8b:b3:2c:b6:4c:92:eb:ea:7b:96:84:cd:0f:
e3:57:20:09:ea:ff:f2:5d:69:45:90:48:44:11:3f:b1:47:78:
bb:ba:ce:0b:48:f7:d1:f4:75:c1:e7:c3:cb:5b:55:40:8e:1e:
10:4c:b6:bc:f4:40:95:e9:eb:03:08:72:e7:ee:85:19:9b:66:
c9:21:f6:bc:66:ee:10:5e:97:a7:58:d4:50:85:b3:af:5c:c7:
10:7d:95:48:20:05:45:c2:52:0e:e7:7d:2e:fa:f1:4f:f0:eb:
81:88:4f:1e:23:c4:4e:0d:07:8b:62:03:72:b7:73:9f:b7:d5:
1b:7e:8d:8c:c1:0a:ac:78:56:60:14:4b:b5:5a:75:f9:89:1f:
8a:1b:fa:b5:88:3d:76:aa:d3:73:4e:b5:b9:d0:5c:dd:2a:74:
3b:8e:62:a3:a3:e0:7e:87:56:23:4f:02:e3:5e:ca:af:7b:da:
f9:c5:8e:03
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUTI6YGBuyqXPmlJNTYtAulqIjldEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTM3MEYwMDAwMTEwLwYDVQQFEygwMTgyRDRDRDBD
NkQyMURDMkMyOTZFRDI2MDZBNzBENzk2RDVCQkI5MB4XDTI2MDYxMTA4MjMxN1oX
DTI3MDYxMDA4MjgxN1owMzExMC8GA1UEAxMoNDIxOEFCMzMxQ0RBNTdBMkRGRUNF
Nzg4NkI5RkMxNzk1QjlCNkVCQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJNriUiJLica41fIl1VnYDhQmuA4Xpjk8RaDd8f/9Qwzc8PLRoO1/bUtEeqt
D4afbwKr1bEwiqJWtKdQKckfAdSqfzrtWSPfZVPvU4caVcUVfWDZc9ZrGPA7qC0n
BewFw3snevnxdI8PI78yj4eURcfIUUgTauyjH1ThugtFWr1C0/0aX92aUfZNKmya
ZP9TEQGWNi7K0CytiBLM8XPD+lMYHyFBZCSfFvKPd60T5MPngE/clE0OjlJcPN2l
ou9hnRQe2RCTjBkA+LdmQp8ZCQbEcwTUWG3zUnzLlIJeQhOwNdCvIIvsBTXtrL3n
ZuC5uGuekW7jlSzNnrmKAqTQdjECAwEAAaOCAhEwggINMB0GA1UdDgQWBBRCGKsz
HNpXot/s54hrn8F5W5tuujAfBgNVHSMEGDAWgBQBgtTNDG0h3CwpbtJganDXltW7
uTAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMTEzNjU0ODA2MzY0NDIyMTYzLzAvMDE4MkQ0
Q0QwQzZEMjFEQzJDMjk2RUQyNjA2QTcwRDc5NkQ1QkJCOS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvQVlMVXpReHRJ
ZHdzS1c3U1lHcHcxNWJWdTdrLmNlcjBdBggrBgEFBQcBCwRRME8wTQYIKwYBBQUH
MAuGQXJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTExMzY1NDgwNjM2
NDQyMjE2My8wL0FTNTkwNDUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
TQYIKwYBBQUHAQcBAf8EPjA8MDoEAgABMDQDBAV2v4ADBAF2v8ADBAB2v9ADBAJ2
v9gwDAMEAHa/3wMEAHa/4DAMAwQEdr/wAwQCdr/4MA0GCSqGSIb3DQEBCwUAA4IB
AQAQ7/iCUb/B5ltbPD4QhbNuyQA/k8BLIe1ELNLq+fWSJXQrZWWZP/imW51rWU6z
OQm1NtUlGuJL9ou1QrV9RSKZ/IydmKJarkEzsMRDXYuzLLZMkuvqe5aEzQ/jVyAJ
6v/yXWlFkEhEET+xR3i7us4LSPfR9HXB58PLW1VAjh4QTLa89ECV6esDCHLn7oUZ
m2bJIfa8Zu4QXpenWNRQhbOvXMcQfZVIIAVFwlIO530u+vFP8OuBiE8eI8RODQeL
YgNyt3Oft9Ubfo2MwQqseFZgFEu1WnX5iR+KG/q1iD12qtNzTrW50FzdKnQ7jmKj
o+B+h1YjTwLjXsqve9r5xY4D
-----END CERTIFICATE-----
Generated at Fri Jun 12 04:32:39 2026 by rpki-client