Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065576199948271619/0/AS37965.roa
File: AS37965.roa (raw, json)
Hash identifier: Zd1CUN8SymdcYUZfg2FVfBZud46ZTvu+Aztzdvce9Hg=
Subject key identifier: C9:17:AC:84:B0:A9:CF:49:4F:A6:A0:A3:F0:0A:09:E8:E1:F6:60:AC
Certificate issuer: /CN=A51408E97010BDB44146281B8A78BCFA4E0E4C5E
Certificate serial: 39815065E319D61C80AE88AEDD7C04272701392B
Authority key identifier: A5:14:08:E9:70:10:BD:B4:41:46:28:1B:8A:78:BC:FA:4E:0E:4C:5E
Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A51408E97010BDB44146281B8A78BCFA4E0E4C5E.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065576199948271619/0/AS37965.roa
Signing time: Fri 17 Apr 2026 01:48:11 +0000
ROA not before: Fri 17 Apr 2026 01:43:11 +0000
ROA not after: Fri 16 Apr 2027 01:48:11 +0000
asID: 37965
IP address blocks: 222.126.128.0/17 maxlen: 17
222.126.128.0/23 maxlen: 23
222.126.130.0/23 maxlen: 23
222.126.132.0/23 maxlen: 23
222.126.138.0/24 maxlen: 24
222.126.140.0/23 maxlen: 23
222.126.141.0/24 maxlen: 24
222.126.142.0/23 maxlen: 23
222.126.144.0/24 maxlen: 24
222.126.146.0/23 maxlen: 23
222.126.147.0/24 maxlen: 24
222.126.148.0/23 maxlen: 23
222.126.150.0/23 maxlen: 23
222.126.150.0/24 maxlen: 24
222.126.152.0/23 maxlen: 23
222.126.154.0/23 maxlen: 23
222.126.156.0/23 maxlen: 23
222.126.158.0/23 maxlen: 23
222.126.160.0/23 maxlen: 23
222.126.162.0/23 maxlen: 23
222.126.164.0/23 maxlen: 23
222.126.164.0/24 maxlen: 24
222.126.166.0/23 maxlen: 23
222.126.168.0/23 maxlen: 23
222.126.170.0/23 maxlen: 23
222.126.170.0/24 maxlen: 24
222.126.171.0/24 maxlen: 24
222.126.172.0/23 maxlen: 23
222.126.173.0/24 maxlen: 24
222.126.174.0/23 maxlen: 23
222.126.174.0/24 maxlen: 24
222.126.176.0/23 maxlen: 23
222.126.178.0/23 maxlen: 23
222.126.179.0/24 maxlen: 24
222.126.180.0/23 maxlen: 23
222.126.180.0/24 maxlen: 24
222.126.181.0/24 maxlen: 24
222.126.182.0/23 maxlen: 23
222.126.182.0/24 maxlen: 24
222.126.183.0/24 maxlen: 24
222.126.184.0/23 maxlen: 23
222.126.186.0/23 maxlen: 23
222.126.188.0/23 maxlen: 23
222.126.192.0/23 maxlen: 23
222.126.194.0/23 maxlen: 23
222.126.196.0/23 maxlen: 23
222.126.200.0/23 maxlen: 23
222.126.202.0/23 maxlen: 23
222.126.208.0/23 maxlen: 23
222.126.212.0/23 maxlen: 23
222.126.214.0/23 maxlen: 23
222.126.216.0/23 maxlen: 23
222.126.216.0/24 maxlen: 24
222.126.228.0/23 maxlen: 23
222.126.234.0/23 maxlen: 23
222.126.236.0/23 maxlen: 23
222.126.236.0/24 maxlen: 24
222.126.238.0/23 maxlen: 23
222.126.239.0/24 maxlen: 24
222.126.240.0/23 maxlen: 23
222.126.241.0/24 maxlen: 24
222.126.242.0/23 maxlen: 23
222.126.243.0/24 maxlen: 24
222.126.244.0/23 maxlen: 23
222.126.244.0/24 maxlen: 24
222.126.246.0/23 maxlen: 23
222.126.248.0/23 maxlen: 23
222.126.248.0/24 maxlen: 24
222.126.249.0/24 maxlen: 24
222.126.250.0/23 maxlen: 23
222.126.254.0/23 maxlen: 23
222.126.255.0/24 maxlen: 24
2401:2a00:f000::/43 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065576199948271619/0/A51408E97010BDB44146281B8A78BCFA4E0E4C5E.crl
rsync://rpki-rps.cnnic.cn/repo/A1065576199948271619/0/A51408E97010BDB44146281B8A78BCFA4E0E4C5E.mft
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A51408E97010BDB44146281B8A78BCFA4E0E4C5E.cer
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 18 Apr 2026 17:12:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:81:50:65:e3:19:d6:1c:80:ae:88:ae:dd:7c:04:27:27:01:39:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A51408E97010BDB44146281B8A78BCFA4E0E4C5E
Validity
Not Before: Apr 17 01:43:11 2026 GMT
Not After : Apr 16 01:48:11 2027 GMT
Subject: CN=C917AC84B0A9CF494FA6A0A3F00A09E8E1F660AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3a:f0:69:26:19:b3:1f:8a:a2:6e:57:c3:4c:
7a:11:c2:b8:68:53:24:d9:79:04:a1:7b:97:9a:b2:
82:50:a4:38:dc:47:7c:5d:e7:75:85:2e:f6:2b:64:
21:46:3b:e5:28:b1:a1:f4:a0:ca:5c:04:c6:21:9f:
7d:94:ef:0f:2e:de:9d:d4:ca:2b:b8:f7:43:04:25:
00:5f:9a:82:12:08:e2:ad:f7:c0:67:64:0c:ea:74:
8f:82:a9:ce:e9:07:65:51:a6:c7:b0:0f:6c:9a:d0:
20:8b:bb:04:16:b8:63:92:13:6b:aa:fd:3a:73:4a:
b2:96:70:6f:c5:94:28:11:d3:b9:d6:9c:71:2e:4e:
68:84:b2:9e:15:45:7f:7c:cb:8c:17:9c:e3:a4:c0:
78:ef:f7:61:a4:fc:d3:6f:6d:06:97:37:e3:8f:38:
f1:00:25:05:78:c7:05:77:52:71:24:72:c9:48:72:
66:eb:d9:77:53:a8:47:10:0e:25:3b:c8:57:db:23:
77:e2:4e:bb:c8:08:6a:27:ed:91:d2:92:14:ce:03:
f4:95:aa:76:3f:3d:fb:4e:86:de:d0:a4:a5:0f:7b:
7e:8d:fa:85:b6:ef:4f:c1:bd:9d:51:9a:e0:7a:ce:
a5:af:cf:6e:df:4a:3c:21:56:0f:13:d6:cb:aa:2c:
70:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:17:AC:84:B0:A9:CF:49:4F:A6:A0:A3:F0:0A:09:E8:E1:F6:60:AC
X509v3 Authority Key Identifier:
keyid:A5:14:08:E9:70:10:BD:B4:41:46:28:1B:8A:78:BC:FA:4E:0E:4C:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1065576199948271619/0/A51408E97010BDB44146281B8A78BCFA4E0E4C5E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A51408E97010BDB44146281B8A78BCFA4E0E4C5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065576199948271619/0/AS37965.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
222.126.128.0/17
IPv6:
2401:2a00:f000::/43
Signature Algorithm: sha256WithRSAEncryption
5b:da:12:95:4c:20:b6:21:55:2e:c1:23:a2:0d:64:e1:b9:9e:
9a:e4:39:67:73:1a:fd:54:ca:7c:bb:86:cd:cc:3d:c8:7c:33:
f5:69:00:23:a3:24:f6:7f:53:1e:a0:36:8c:7f:cf:ac:57:91:
79:e4:3b:bc:20:8e:79:8e:0c:2c:42:9a:00:dc:1b:8e:ea:b4:
db:be:90:d5:02:90:52:5c:32:09:a2:c6:e5:7e:f3:b9:c4:8a:
79:77:81:90:23:a4:68:cd:53:78:dd:3d:d5:f1:26:13:7c:87:
a6:70:42:bf:c3:e4:e0:83:ed:1d:ae:14:0a:db:b4:be:bd:a3:
1e:d9:41:85:6d:a5:f9:01:86:06:aa:d0:9a:cd:62:27:31:81:
55:27:e9:2b:68:b7:26:b2:21:bb:0a:7d:46:a2:55:00:7b:0b:
97:89:6f:a8:bb:8f:ea:13:3f:f7:06:cc:0d:c0:dd:35:d3:45:
8a:af:4b:5b:ab:b8:58:57:d2:80:21:3e:63:0b:88:bc:73:92:
34:21:c8:59:cb:4b:bd:ae:9e:9a:6d:6c:1d:ec:10:3e:80:45:
a2:94:bc:04:ac:dc:87:6d:ec:84:c1:ac:e0:cd:50:c6:cc:41:
de:2c:f3:ee:7e:8c:e1:d3:bf:4b:76:e6:54:1f:e9:9a:be:5c:
9c:e3:2f:0d
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgIUOYFQZeMZ1hyAroiu3XwEJycBOSswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTUxNDA4RTk3MDEwQkRCNDQxNDYyODFCOEE3OEJDRkE0
RTBFNEM1RTAeFw0yNjA0MTcwMTQzMTFaFw0yNzA0MTYwMTQ4MTFaMDMxMTAvBgNV
BAMTKEM5MTdBQzg0QjBBOUNGNDk0RkE2QTBBM0YwMEEwOUU4RTFGNjYwQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBOvBpJhmzH4qiblfDTHoRwrho
UyTZeQShe5easoJQpDjcR3xd53WFLvYrZCFGO+UosaH0oMpcBMYhn32U7w8u3p3U
yiu490MEJQBfmoISCOKt98BnZAzqdI+Cqc7pB2VRpsewD2ya0CCLuwQWuGOSE2uq
/TpzSrKWcG/FlCgR07nWnHEuTmiEsp4VRX98y4wXnOOkwHjv92Gk/NNvbQaXN+OP
OPEAJQV4xwV3UnEkcslIcmbr2XdTqEcQDiU7yFfbI3fiTrvICGon7ZHSkhTOA/SV
qnY/PftOht7QpKUPe36N+oW270/BvZ1RmuB6zqWvz27fSjwhVg8T1suqLHB5AgMB
AAGjggH0MIIB8DAdBgNVHQ4EFgQUyReshLCpz0lPpqCj8AoJ6OH2YKwwHwYDVR0j
BBgwFoAUpRQI6XAQvbRBRigbini8+k4OTF4wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud
HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2
NTU3NjE5OTk0ODI3MTYxOS8wL0E1MTQwOEU5NzAxMEJEQjQ0MTQ2MjgxQjhBNzhC
Q0ZBNEUwRTRDNUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5
bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1
LzEvQTUxNDA4RTk3MDEwQkRCNDQxNDYyODFCOEE3OEJDRkE0RTBFNEM1RS5jZXIw
XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu
bmljLmNuL3JlcG8vQTEwNjU1NzYxOTk5NDgyNzE2MTkvMC9BUzM3OTY1LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIA
ATAGAwQH3n6AMA8EAgACMAkDBwUkASoA8AAwDQYJKoZIhvcNAQELBQADggEBAFva
EpVMILYhVS7BI6INZOG5nprkOWdzGv1Uyny7hs3MPch8M/VpACOjJPZ/Ux6gNox/
z6xXkXnkO7wgjnmODCxCmgDcG47qtNu+kNUCkFJcMgmixuV+87nEinl3gZAjpGjN
U3jdPdXxJhN8h6ZwQr/D5OCD7R2uFArbtL69ox7ZQYVtpfkBhgaq0JrNYicxgVUn
6StotyayIbsKfUaiVQB7C5eJb6i7j+oTP/cGzA3A3TXTRYqvS1uruFhX0oAhPmML
iLxzkjQhyFnLS72unpptbB3sED6ARaKUvASs3Idt7ITBrODNUMbMQd4s8+5+jOHT
v0t25lQf6Zq+XJzjLw0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 22:11:32 2026 by rpki-client