Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1091985366321201154/0/AS134762.roa
File: AS134762.roa (raw, json)
Hash identifier: eSYTzkJ8JGMz0GlshaE/rwlFL4yUx+ZzZxHFoXYyPiw=
Subject key identifier: AE:57:35:7D:13:67:15:56:D1:6D:48:F1:A7:92:FC:90:45:AC:AF:35
Certificate issuer: /CN=89EA1A4A8D747274C368553DCBDC64DF11309CAC
Certificate serial: 342DC2FACA656FF6F1A21B39F1A59084D21E0869
Authority key identifier: 89:EA:1A:4A:8D:74:72:74:C3:68:55:3D:CB:DC:64:DF:11:30:9C:AC
Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/89EA1A4A8D747274C368553DCBDC64DF11309CAC.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1091985366321201154/0/AS134762.roa
Signing time: Thu 16 Apr 2026 08:07:31 +0000
ROA not before: Thu 16 Apr 2026 08:02:31 +0000
ROA not after: Thu 15 Apr 2027 08:07:31 +0000
asID: 134762
IP address blocks: 43.226.32.0/20 maxlen: 20
43.226.32.0/24 maxlen: 24
43.226.33.0/24 maxlen: 24
43.226.34.0/24 maxlen: 24
43.226.35.0/24 maxlen: 24
43.226.36.0/24 maxlen: 24
43.226.37.0/24 maxlen: 24
43.226.38.0/24 maxlen: 24
43.226.39.0/24 maxlen: 24
43.226.40.0/24 maxlen: 24
43.226.41.0/24 maxlen: 24
43.226.42.0/24 maxlen: 24
43.226.43.0/24 maxlen: 24
43.226.44.0/24 maxlen: 24
43.226.45.0/24 maxlen: 24
43.226.46.0/24 maxlen: 24
43.226.47.0/24 maxlen: 24
43.226.50.0/23 maxlen: 23
43.226.50.0/24 maxlen: 24
43.226.51.0/24 maxlen: 24
43.226.53.0/24 maxlen: 24
43.226.54.0/24 maxlen: 24
43.226.64.0/21 maxlen: 21
43.226.64.0/24 maxlen: 24
43.226.65.0/24 maxlen: 24
43.226.66.0/24 maxlen: 24
43.226.67.0/24 maxlen: 24
43.226.68.0/24 maxlen: 24
43.226.69.0/24 maxlen: 24
43.226.70.0/24 maxlen: 24
43.226.71.0/24 maxlen: 24
43.226.76.0/23 maxlen: 23
43.226.76.0/24 maxlen: 24
43.226.77.0/24 maxlen: 24
43.226.144.0/20 maxlen: 20
43.226.144.0/24 maxlen: 24
43.226.145.0/24 maxlen: 24
43.226.146.0/24 maxlen: 24
43.226.147.0/24 maxlen: 24
43.226.148.0/24 maxlen: 24
43.226.149.0/24 maxlen: 24
43.226.150.0/24 maxlen: 24
43.226.151.0/24 maxlen: 24
43.226.152.0/24 maxlen: 24
43.226.153.0/24 maxlen: 24
43.226.154.0/24 maxlen: 24
43.226.155.0/24 maxlen: 24
43.226.156.0/24 maxlen: 24
43.226.157.0/24 maxlen: 24
43.226.158.0/24 maxlen: 24
43.226.159.0/24 maxlen: 24
43.227.64.0/22 maxlen: 22
43.227.64.0/24 maxlen: 24
43.227.65.0/24 maxlen: 24
43.227.66.0/24 maxlen: 24
43.227.67.0/24 maxlen: 24
103.45.172.0/22 maxlen: 22
103.45.172.0/24 maxlen: 24
103.45.173.0/24 maxlen: 24
103.45.174.0/24 maxlen: 24
103.45.175.0/24 maxlen: 24
103.45.176.0/20 maxlen: 20
103.45.176.0/24 maxlen: 24
103.45.177.0/24 maxlen: 24
103.45.178.0/24 maxlen: 24
103.45.179.0/24 maxlen: 24
103.45.180.0/24 maxlen: 24
103.45.181.0/24 maxlen: 24
103.45.182.0/24 maxlen: 24
103.45.183.0/24 maxlen: 24
103.45.184.0/24 maxlen: 24
103.45.185.0/24 maxlen: 24
103.45.186.0/24 maxlen: 24
103.45.187.0/24 maxlen: 24
103.45.188.0/24 maxlen: 24
103.45.189.0/24 maxlen: 24
103.45.190.0/24 maxlen: 24
103.45.191.0/24 maxlen: 24
103.45.248.0/22 maxlen: 22
103.45.248.0/24 maxlen: 24
103.45.249.0/24 maxlen: 24
103.45.250.0/24 maxlen: 24
103.45.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1091985366321201154/0/89EA1A4A8D747274C368553DCBDC64DF11309CAC.crl
rsync://rpki-rps.cnnic.cn/repo/A1091985366321201154/0/89EA1A4A8D747274C368553DCBDC64DF11309CAC.mft
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/89EA1A4A8D747274C368553DCBDC64DF11309CAC.cer
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl
rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 19 Apr 2026 18:13:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:2d:c2:fa:ca:65:6f:f6:f1:a2:1b:39:f1:a5:90:84:d2:1e:08:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89EA1A4A8D747274C368553DCBDC64DF11309CAC
Validity
Not Before: Apr 16 08:02:31 2026 GMT
Not After : Apr 15 08:07:31 2027 GMT
Subject: CN=AE57357D13671556D16D48F1A792FC9045ACAF35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:11:07:c5:73:d2:36:1f:f7:6f:5f:61:b0:ed:
27:d5:41:22:e0:c0:c3:0b:c6:f9:23:e3:9c:c2:5d:
9c:00:a8:c8:73:55:df:3a:8f:77:d0:93:69:45:8d:
14:1d:cd:74:f7:23:ee:31:39:29:77:e3:8c:81:f7:
c2:6b:5d:79:7f:07:94:e7:b5:8e:de:2f:37:5c:32:
c5:3c:11:b1:96:a9:35:c8:81:1d:14:59:40:6e:d5:
71:d6:0c:32:52:cb:37:b3:a5:cb:27:70:94:5c:0c:
f5:e3:b0:32:7c:75:84:20:d9:c2:07:5f:47:81:af:
9e:9a:ae:44:2e:e3:d9:9c:0d:48:e7:0d:93:43:5c:
e3:7a:dc:7e:ac:09:be:18:83:d6:4d:10:86:fe:07:
49:96:e0:fd:95:90:c0:a7:6a:de:95:b1:d3:9e:86:
bf:b2:b5:14:4a:29:52:69:cf:f2:4d:0c:ef:b7:16:
94:c9:6c:a8:83:04:d8:f6:98:f0:f8:bb:79:de:a1:
1f:86:dd:e1:df:e3:79:eb:c8:e5:ed:61:e4:68:46:
30:ca:92:52:b9:59:35:5a:9b:6c:e2:bf:69:dc:a3:
bf:bf:b4:4d:ff:9a:47:3c:c8:44:70:9b:86:b5:a3:
0d:e5:23:49:b8:9a:41:35:fd:20:de:b8:1f:76:04:
96:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:57:35:7D:13:67:15:56:D1:6D:48:F1:A7:92:FC:90:45:AC:AF:35
X509v3 Authority Key Identifier:
keyid:89:EA:1A:4A:8D:74:72:74:C3:68:55:3D:CB:DC:64:DF:11:30:9C:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1091985366321201154/0/89EA1A4A8D747274C368553DCBDC64DF11309CAC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/89EA1A4A8D747274C368553DCBDC64DF11309CAC.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1091985366321201154/0/AS134762.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.226.32.0/20
43.226.50.0/23
43.226.53.0-43.226.54.255
43.226.64.0/21
43.226.76.0/23
43.226.144.0/20
43.227.64.0/22
103.45.172.0-103.45.191.255
103.45.248.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:4f:19:34:9e:dc:b9:07:6c:b3:29:7d:a6:21:16:01:08:6c:
85:1f:ef:c4:b9:cb:dd:52:cf:e9:ee:6e:9e:35:c3:af:03:21:
2c:3d:d3:9b:06:1e:30:0e:82:75:63:8b:e4:a8:ac:05:e0:02:
56:9d:41:b3:91:75:cd:cc:62:b2:7b:e5:bd:3c:f4:e3:15:f3:
e8:f6:92:3c:23:14:5c:6a:c4:59:ef:79:96:e3:ae:fa:40:b2:
9a:51:a5:62:8f:c9:7f:fe:fb:49:e5:fe:5b:19:52:9c:25:4d:
e3:42:dc:97:84:ac:65:2b:f7:ab:98:f1:03:94:9f:73:d0:a8:
a1:be:de:60:b4:0d:6e:30:79:d3:b6:94:20:76:79:6a:dc:35:
c1:c4:a9:d9:3d:5a:57:c4:3d:c6:72:bf:c2:2f:98:fa:f6:76:
95:b8:89:31:43:13:33:75:88:b6:7d:e1:69:62:b9:d3:b8:a5:
54:fa:e9:85:0d:b0:69:b3:1b:5f:14:d6:a7:1e:ac:c6:3e:0d:
1b:6c:71:a5:da:53:6f:5e:4e:e5:44:4e:9d:2e:86:68:a6:fc:
bc:39:e1:46:3d:5f:63:ed:61:39:52:6a:c3:c2:38:51:04:72:
9e:0c:df:fb:23:5a:af:13:71:2e:d5:5b:58:00:e9:0e:ec:21:
56:1d:32:31
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIUNC3C+splb/bxohs58aWQhNIeCGkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODlFQTFBNEE4RDc0NzI3NEMzNjg1NTNEQ0JEQzY0REYx
MTMwOUNBQzAeFw0yNjA0MTYwODAyMzFaFw0yNzA0MTUwODA3MzFaMDMxMTAvBgNV
BAMTKEFFNTczNTdEMTM2NzE1NTZEMTZENDhGMUE3OTJGQzkwNDVBQ0FGMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8EQfFc9I2H/dvX2Gw7SfVQSLg
wMMLxvkj45zCXZwAqMhzVd86j3fQk2lFjRQdzXT3I+4xOSl344yB98JrXXl/B5Tn
tY7eLzdcMsU8EbGWqTXIgR0UWUBu1XHWDDJSyzezpcsncJRcDPXjsDJ8dYQg2cIH
X0eBr56arkQu49mcDUjnDZNDXON63H6sCb4Yg9ZNEIb+B0mW4P2VkMCnat6VsdOe
hr+ytRRKKVJpz/JNDO+3FpTJbKiDBNj2mPD4u3neoR+G3eHf43nryOXtYeRoRjDK
klK5WTVam2ziv2nco7+/tE3/mkc8yERwm4a1ow3lI0m4mkE1/SDeuB92BJYLAgMB
AAGjggIkMIICIDAdBgNVHQ4EFgQUrlc1fRNnFVbRbUjxp5L8kEWsrzUwHwYDVR0j
BBgwFoAUieoaSo10cnTDaFU9y9xk3xEwnKwwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud
HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5
MTk4NTM2NjMyMTIwMTE1NC8wLzg5RUExQTRBOEQ3NDcyNzRDMzY4NTUzRENCREM2
NERGMTEzMDlDQUMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5
bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1
LzEvODlFQTFBNEE4RDc0NzI3NEMzNjg1NTNEQ0JEQzY0REYxMTMwOUNBQy5jZXIw
XgYIKwYBBQUHAQsEUjBQME4GCCsGAQUFBzALhkJyc3luYzovL3Jwa2ktcnBzLmNu
bmljLmNuL3JlcG8vQTEwOTE5ODUzNjYzMjEyMDExNTQvMC9BUzEzNDc2Mi5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBggrBgEFBQcBBwEB/wRQME4wTAQC
AAEwRgMEBCviIAMEASviMjAMAwQAK+I1AwQAK+I2AwQDK+JAAwQBK+JMAwQEK+KQ
AwQCK+NAMAwDBAJnLawDBAZnLYADBAJnLfgwDQYJKoZIhvcNAQELBQADggEBAKJP
GTSe3LkHbLMpfaYhFgEIbIUf78S5y91Sz+nubp41w68DISw905sGHjAOgnVji+So
rAXgAladQbORdc3MYrJ75b089OMV8+j2kjwjFFxqxFnveZbjrvpAsppRpWKPyX/+
+0nl/lsZUpwlTeNC3JeErGUr96uY8QOUn3PQqKG+3mC0DW4wedO2lCB2eWrcNcHE
qdk9WlfEPcZyv8IvmPr2dpW4iTFDEzN1iLZ94WliudO4pVT66YUNsGmzG18U1qce
rMY+DRtscaXaU29eTuVETp0uhmim/Lw54UY9X2PtYTlSasPCOFEEcp4M3/sjWq8T
cS7VW1gA6Q7sIVYdMjE=
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:42:42 2026 by rpki-client