Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065588553129525251/0/AS204765.roa
File: AS204765.roa (raw, json)
Hash identifier: n+2XnPEXhze2jHO96KFlgy+odMSorwtluoLICV+jLdc=
Subject key identifier: CD:B5:23:0E:83:99:8F:E4:9C:4C:89:5C:14:27:80:12:96:0F:42:04
Certificate issuer: /CN=E893434A32058DAFE9758FDA7B36659444C9EF8E
Certificate serial: 421B530B9FAB947A999B70E15B7016B49944CC2F
Authority key identifier: E8:93:43:4A:32:05:8D:AF:E9:75:8F:DA:7B:36:65:94:44:C9:EF:8E
Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/E893434A32058DAFE9758FDA7B36659444C9EF8E.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065588553129525251/0/AS204765.roa
Signing time: Wed 10 Jun 2026 08:03:37 +0000
ROA not before: Wed 10 Jun 2026 07:58:37 +0000
ROA not after: Wed 09 Jun 2027 08:03:37 +0000
asID: 204765
IP address blocks: 101.232.192.0/22 maxlen: 24
101.232.196.0/22 maxlen: 24
101.232.208.0/22 maxlen: 24
101.232.216.0/22 maxlen: 24
101.232.228.0/22 maxlen: 24
101.232.244.0/22 maxlen: 24
101.232.248.0/22 maxlen: 24
101.232.252.0/22 maxlen: 24
119.59.136.0/22 maxlen: 24
119.59.140.0/22 maxlen: 24
119.59.144.0/22 maxlen: 24
119.59.148.0/22 maxlen: 24
119.59.152.0/22 maxlen: 24
119.59.156.0/22 maxlen: 24
119.59.160.0/22 maxlen: 24
119.59.164.0/22 maxlen: 24
119.59.168.0/22 maxlen: 24
119.59.172.0/22 maxlen: 24
119.59.176.0/22 maxlen: 24
119.59.180.0/22 maxlen: 24
119.59.184.0/22 maxlen: 24
119.59.188.0/22 maxlen: 24
119.59.192.0/22 maxlen: 24
119.59.196.0/22 maxlen: 24
119.59.200.0/22 maxlen: 24
119.59.204.0/22 maxlen: 24
119.59.208.0/22 maxlen: 24
119.59.212.0/22 maxlen: 24
119.59.216.0/22 maxlen: 24
119.59.220.0/22 maxlen: 24
119.59.224.0/22 maxlen: 24
119.59.228.0/22 maxlen: 24
119.59.232.0/22 maxlen: 24
119.59.236.0/22 maxlen: 24
119.59.240.0/22 maxlen: 24
119.59.244.0/22 maxlen: 24
119.59.248.0/22 maxlen: 24
119.59.252.0/22 maxlen: 24
123.98.8.0/22 maxlen: 24
123.98.12.0/22 maxlen: 24
123.98.16.0/22 maxlen: 24
123.98.20.0/22 maxlen: 24
123.98.24.0/22 maxlen: 24
123.98.28.0/22 maxlen: 24
123.98.32.0/22 maxlen: 24
123.98.40.0/22 maxlen: 24
123.98.44.0/22 maxlen: 24
123.98.48.0/22 maxlen: 24
123.98.52.0/22 maxlen: 24
123.98.56.0/22 maxlen: 24
123.98.60.0/22 maxlen: 24
123.98.64.0/22 maxlen: 24
123.98.68.0/22 maxlen: 24
123.98.72.0/22 maxlen: 24
123.98.76.0/22 maxlen: 24
123.98.80.0/22 maxlen: 24
123.98.84.0/22 maxlen: 24
123.98.88.0/22 maxlen: 24
123.98.92.0/22 maxlen: 24
123.98.96.0/22 maxlen: 24
123.98.100.0/22 maxlen: 24
123.98.104.0/22 maxlen: 24
123.98.108.0/22 maxlen: 24
123.98.112.0/22 maxlen: 24
123.98.116.0/22 maxlen: 24
123.98.120.0/22 maxlen: 24
123.98.124.0/22 maxlen: 24
211.149.40.0/22 maxlen: 24
211.149.44.0/22 maxlen: 24
211.149.48.0/22 maxlen: 24
211.149.56.0/22 maxlen: 24
211.149.60.0/22 maxlen: 24
211.149.72.0/22 maxlen: 24
211.149.76.0/22 maxlen: 24
211.149.88.0/22 maxlen: 24
211.149.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065588553129525251/0/E893434A32058DAFE9758FDA7B36659444C9EF8E.crl
rsync://rpki-rps.cnnic.cn/repo/A1065588553129525251/0/E893434A32058DAFE9758FDA7B36659444C9EF8E.mft
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/E893434A32058DAFE9758FDA7B36659444C9EF8E.cer
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 19:25:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:1b:53:0b:9f:ab:94:7a:99:9b:70:e1:5b:70:16:b4:99:44:cc:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E893434A32058DAFE9758FDA7B36659444C9EF8E
Validity
Not Before: Jun 10 07:58:37 2026 GMT
Not After : Jun 9 08:03:37 2027 GMT
Subject: CN=CDB5230E83998FE49C4C895C14278012960F4204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:da:61:5f:74:80:5b:da:d9:a5:ea:fa:67:1b:
2b:bd:48:8a:ac:58:a9:ad:2b:bd:ea:07:85:31:bf:
a3:d6:0d:eb:32:32:ab:70:c5:8c:6d:61:c1:14:a3:
c1:0f:40:80:ec:83:e5:0f:07:a1:e8:9b:96:24:97:
2f:61:61:9b:ea:ed:05:7c:da:9d:49:fb:a9:c6:57:
d0:20:25:95:de:f2:53:aa:9c:c6:01:96:e3:77:63:
84:02:ec:0d:4b:92:02:58:ac:21:e3:0b:df:39:5d:
bd:aa:1a:b4:fa:81:1c:07:66:0a:a4:d7:73:20:cc:
2a:87:f0:87:d9:c4:a2:f1:f7:c7:bd:12:20:5b:83:
39:eb:38:bb:16:2a:91:f6:94:b6:9d:f7:fb:0a:12:
81:0c:98:fa:c7:01:a3:c8:6f:3a:c2:65:38:ad:d0:
9c:f7:68:75:05:75:6f:4e:3d:2b:23:77:db:8d:3d:
ac:ac:71:f4:ca:19:69:b2:91:3f:af:ac:66:68:cd:
b9:9b:46:3c:87:f1:96:f1:af:57:e5:83:37:54:e4:
7c:51:57:69:22:4e:50:29:6e:b7:93:15:96:ce:1d:
0f:71:87:0e:c7:fb:b7:62:e2:9f:ec:5f:f0:61:3b:
73:98:8f:88:5d:a0:21:a4:f5:eb:0f:27:40:58:a0:
3b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B5:23:0E:83:99:8F:E4:9C:4C:89:5C:14:27:80:12:96:0F:42:04
X509v3 Authority Key Identifier:
keyid:E8:93:43:4A:32:05:8D:AF:E9:75:8F:DA:7B:36:65:94:44:C9:EF:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1065588553129525251/0/E893434A32058DAFE9758FDA7B36659444C9EF8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/E893434A32058DAFE9758FDA7B36659444C9EF8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065588553129525251/0/AS204765.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
101.232.192.0/21
101.232.208.0/22
101.232.216.0/22
101.232.228.0/22
101.232.244.0-101.232.255.255
119.59.136.0-119.59.255.255
123.98.8.0-123.98.35.255
123.98.40.0-123.98.127.255
211.149.40.0-211.149.51.255
211.149.56.0/21
211.149.72.0/21
211.149.88.0/21
Signature Algorithm: sha256WithRSAEncryption
aa:e1:49:e6:f2:51:fc:21:1c:44:81:95:34:7a:ec:f6:b5:d8:
4b:36:98:b2:8f:c2:f4:aa:44:77:05:7b:62:57:65:56:eb:78:
b0:8c:34:db:6e:1f:bc:bc:64:73:ce:8b:f2:86:35:ad:cf:9d:
05:1b:8d:31:2c:4b:45:09:36:76:7c:60:28:01:09:15:65:cb:
dd:28:b7:fd:26:5a:e8:51:eb:e9:a1:53:59:80:bd:44:a2:4d:
8a:46:d6:f2:4d:8d:2c:4b:2b:3c:58:f5:7b:69:eb:07:95:fc:
a7:77:5e:a6:80:83:03:31:28:66:6d:62:64:06:04:ae:ab:d2:
ac:96:3a:30:27:38:ce:0c:78:2b:98:de:28:37:01:33:e8:bd:
88:cf:ff:51:6a:25:89:f0:fd:87:c2:c1:95:a2:2a:39:b8:d4:
9c:42:b9:86:bb:45:24:e6:dd:b0:ea:9f:65:2e:42:b3:6b:cb:
b1:cb:48:7d:55:ca:60:82:1b:a7:3e:d3:53:4c:8a:f9:6e:93:
7e:7f:e8:b0:03:1a:4f:d5:fa:69:fd:e8:f1:92:f2:88:67:0d:
b7:ce:ee:49:5f:12:a7:80:e4:0f:7d:12:4e:78:5b:f0:f0:96:
ed:96:7a:2a:4e:4b:62:ef:41:b0:67:d0:e6:1d:92:6a:c6:18:
0d:ed:1b:3d
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUQhtTC5+rlHqZm3DhW3AWtJlEzC8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTg5MzQzNEEzMjA1OERBRkU5NzU4RkRBN0IzNjY1OTQ0
NEM5RUY4RTAeFw0yNjA2MTAwNzU4MzdaFw0yNzA2MDkwODAzMzdaMDMxMTAvBgNV
BAMTKENEQjUyMzBFODM5OThGRTQ5QzRDODk1QzE0Mjc4MDEyOTYwRjQyMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO2mFfdIBb2tml6vpnGyu9SIqs
WKmtK73qB4Uxv6PWDesyMqtwxYxtYcEUo8EPQIDsg+UPB6Hom5Ykly9hYZvq7QV8
2p1J+6nGV9AgJZXe8lOqnMYBluN3Y4QC7A1LkgJYrCHjC985Xb2qGrT6gRwHZgqk
13MgzCqH8IfZxKLx98e9EiBbgznrOLsWKpH2lLad9/sKEoEMmPrHAaPIbzrCZTit
0Jz3aHUFdW9OPSsjd9uNPayscfTKGWmykT+vrGZozbmbRjyH8Zbxr1flgzdU5HxR
V2kiTlApbreTFZbOHQ9xhw7H+7di4p/sX/BhO3OYj4hdoCGk9esPJ0BYoDvFAgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUzbUjDoOZj+ScTIlcFCeAEpYPQgQwHwYDVR0j
BBgwFoAU6JNDSjIFja/pdY/aezZllETJ744wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud
HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2
NTU4ODU1MzEyOTUyNTI1MS8wL0U4OTM0MzRBMzIwNThEQUZFOTc1OEZEQTdCMzY2
NTk0NDRDOUVGOEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5
bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1
LzEvRTg5MzQzNEEzMjA1OERBRkU5NzU4RkRBN0IzNjY1OTQ0NEM5RUY4RS5jZXIw
XgYIKwYBBQUHAQsEUjBQME4GCCsGAQUFBzALhkJyc3luYzovL3Jwa2ktcnBzLmNu
bmljLmNuL3JlcG8vQTEwNjU1ODg1NTMxMjk1MjUyNTEvMC9BUzIwNDc2NS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBhwYIKwYBBQUHAQcBAf8EeDB2MHQE
AgABMG4DBANl6MADBAJl6NADBAJl6NgDBAJl6OQwCwMEAmXo9AMDAGXoMAsDBAN3
O4gDAwJ3ODAMAwQDe2IIAwQCe2IgMAwDBAN7YigDBAd7YgAwDAMEA9OVKAMEAtOV
MAMEA9OVOAMEA9OVSAMEA9OVWDANBgkqhkiG9w0BAQsFAAOCAQEAquFJ5vJR/CEc
RIGVNHrs9rXYSzaYso/C9KpEdwV7YldlVut4sIw0224fvLxkc86L8oY1rc+dBRuN
MSxLRQk2dnxgKAEJFWXL3Si3/SZa6FHr6aFTWYC9RKJNikbW8k2NLEsrPFj1e2nr
B5X8p3depoCDAzEoZm1iZAYErqvSrJY6MCc4zgx4K5jeKDcBM+i9iM//UWolifD9
h8LBlaIqObjUnEK5hrtFJObdsOqfZS5Cs2vLsctIfVXKYIIbpz7TU0yK+W6Tfn/o
sAMaT9X6af3o8ZLyiGcNt87uSV8Sp4DkD30STnhb8PCW7ZZ6Kk5LYu9BsGfQ5h2S
asYYDe0bPQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:37:11 2026 by rpki-client