Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096704593695342593/0/AS138421.roa
File: AS138421.roa (raw, json)
Hash identifier: 5ND/7QQXhG5GrpwNCR/XvKensdmSw98ilszf6FnekGU=
Subject key identifier: 63:4A:13:D9:6F:AC:AB:11:C9:B6:7B:60:28:D6:92:A3:BB:7D:55:29
Certificate issuer: /CN=A9143CB30000/serialNumber=EACB7B50F338DF2794EBA3F618C7233B2283E644
Certificate serial: 192CDDD11610E345267D497F112A8F52CB72D3C6
Authority key identifier: EA:CB:7B:50:F3:38:DF:27:94:EB:A3:F6:18:C7:23:3B:22:83:E6:44
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6st7UPM43yeU66P2GMcjOyKD5kQ.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/0/AS138421.roa
Signing time: Tue 09 Jun 2026 08:20:45 +0000
ROA not before: Tue 09 Jun 2026 08:15:45 +0000
ROA not after: Tue 08 Jun 2027 08:20:45 +0000
asID: 138421
IP address blocks: 139.227.231.0/24 maxlen: 24
140.206.167.0/24 maxlen: 24
140.206.200.0/22 maxlen: 22
140.206.200.0/24 maxlen: 24
140.206.201.0/24 maxlen: 24
140.206.202.0/24 maxlen: 24
140.206.203.0/24 maxlen: 24
140.206.204.0/24 maxlen: 24
140.206.208.0/23 maxlen: 23
140.206.211.0/24 maxlen: 24
140.206.212.0/22 maxlen: 22
140.206.212.0/24 maxlen: 24
140.206.213.0/24 maxlen: 24
140.206.216.0/22 maxlen: 22
140.206.219.0/24 maxlen: 24
140.206.228.0/24 maxlen: 24
140.206.229.0/24 maxlen: 24
140.206.230.0/24 maxlen: 24
140.206.231.0/24 maxlen: 24
140.206.232.0/24 maxlen: 24
140.206.234.0/24 maxlen: 24
140.206.238.0/24 maxlen: 24
140.206.240.0/22 maxlen: 22
140.206.244.0/24 maxlen: 24
140.206.247.0/24 maxlen: 24
140.207.69.0/24 maxlen: 24
140.207.70.0/24 maxlen: 24
140.207.72.0/24 maxlen: 24
140.207.73.0/24 maxlen: 24
140.207.130.0/24 maxlen: 24
140.207.131.0/24 maxlen: 24
140.207.134.0/24 maxlen: 24
140.207.135.0/24 maxlen: 24
140.207.138.0/23 maxlen: 23
140.207.140.0/23 maxlen: 23
140.207.208.0/24 maxlen: 24
140.207.209.0/24 maxlen: 24
140.207.210.0/24 maxlen: 24
140.207.211.0/24 maxlen: 24
140.207.212.0/24 maxlen: 24
140.207.213.0/24 maxlen: 24
140.207.214.0/24 maxlen: 24
140.207.215.0/24 maxlen: 24
140.207.216.0/22 maxlen: 22
140.207.216.0/24 maxlen: 24
140.207.217.0/24 maxlen: 24
140.207.218.0/24 maxlen: 24
140.207.219.0/24 maxlen: 24
140.207.220.0/22 maxlen: 22
140.207.220.0/24 maxlen: 24
140.207.233.0/24 maxlen: 24
140.207.235.0/24 maxlen: 24
140.207.237.0/24 maxlen: 24
140.207.238.0/23 maxlen: 23
140.207.240.0/23 maxlen: 23
140.207.241.0/24 maxlen: 24
140.207.244.0/23 maxlen: 23
140.207.245.0/24 maxlen: 24
140.207.246.0/24 maxlen: 24
140.207.248.0/23 maxlen: 23
140.207.249.0/24 maxlen: 24
140.207.251.0/24 maxlen: 24
140.207.252.0/22 maxlen: 22
140.207.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/0/EACB7B50F338DF2794EBA3F618C7233B2283E644.crl
rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/0/EACB7B50F338DF2794EBA3F618C7233B2283E644.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6st7UPM43yeU66P2GMcjOyKD5kQ.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 01:46:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:2c:dd:d1:16:10:e3:45:26:7d:49:7f:11:2a:8f:52:cb:72:d3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB30000, serialNumber=EACB7B50F338DF2794EBA3F618C7233B2283E644
Validity
Not Before: Jun 9 08:15:45 2026 GMT
Not After : Jun 8 08:20:45 2027 GMT
Subject: CN=634A13D96FACAB11C9B67B6028D692A3BB7D5529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:96:3b:c1:31:5a:45:d3:9f:c9:14:a7:b5:7f:
6f:1c:67:79:1f:de:fe:b2:aa:69:3c:6e:83:e0:0a:
fd:70:27:1b:3a:c1:fd:ac:c6:e1:5b:e7:cd:b4:e4:
6e:81:73:65:76:ef:6b:65:40:7f:1a:fe:93:33:12:
53:34:e7:36:9b:81:a9:d8:77:af:ed:be:f5:fa:b9:
e9:d1:a7:20:80:46:94:c7:0b:0c:0c:5f:81:81:83:
aa:37:a5:80:ab:d6:fd:c7:f7:d3:82:b6:bf:27:57:
ce:4d:31:96:34:bc:3c:03:b5:e0:58:06:16:2a:15:
1f:59:ff:89:f2:4a:a4:df:cb:1e:9d:74:80:15:b6:
9e:46:05:89:97:53:b3:ad:73:2f:04:75:15:ea:c2:
c0:58:84:eb:9d:1c:1e:39:28:2d:e1:4e:e4:9a:0e:
ce:5b:72:1c:e8:25:bc:65:03:e3:20:05:24:78:5e:
8d:48:b3:a7:31:28:ce:b1:90:3d:28:50:9c:d7:bd:
f2:ea:f6:7e:a2:cd:18:d7:91:00:9f:2c:fa:df:ad:
2d:c3:5f:80:8a:a2:2e:74:79:44:79:74:7a:01:30:
7e:34:77:90:92:cc:40:5a:c2:2c:c2:59:d6:fb:81:
67:5d:0e:c6:a2:17:08:67:86:1b:ec:b2:b7:c8:5c:
ad:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:4A:13:D9:6F:AC:AB:11:C9:B6:7B:60:28:D6:92:A3:BB:7D:55:29
X509v3 Authority Key Identifier:
keyid:EA:CB:7B:50:F3:38:DF:27:94:EB:A3:F6:18:C7:23:3B:22:83:E6:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/0/EACB7B50F338DF2794EBA3F618C7233B2283E644.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/6st7UPM43yeU66P2GMcjOyKD5kQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/0/AS138421.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.227.231.0/24
140.206.167.0/24
140.206.200.0-140.206.204.255
140.206.208.0/23
140.206.211.0-140.206.219.255
140.206.228.0-140.206.232.255
140.206.234.0/24
140.206.238.0/24
140.206.240.0-140.206.244.255
140.206.247.0/24
140.207.69.0-140.207.70.255
140.207.72.0/23
140.207.130.0/23
140.207.134.0/23
140.207.138.0-140.207.141.255
140.207.208.0/20
140.207.233.0/24
140.207.235.0/24
140.207.237.0-140.207.241.255
140.207.244.0-140.207.246.255
140.207.248.0/23
140.207.251.0-140.207.255.255
Signature Algorithm: sha256WithRSAEncryption
6c:ea:36:71:9a:37:eb:da:1b:67:59:b1:d4:c4:22:96:f5:4d:
12:d6:92:ab:6a:28:06:5e:69:97:f2:a5:bf:84:5e:7c:09:82:
b5:eb:e9:28:56:a6:95:87:26:08:ee:b8:a9:f6:52:f6:bd:b4:
d3:8a:39:d3:34:a5:19:34:00:06:26:fe:96:c2:e6:8e:7c:9f:
53:44:07:df:f1:5d:69:92:fc:bf:b4:db:fe:59:d3:83:ef:7c:
5b:e6:e7:72:33:18:da:f0:65:11:bb:a8:62:25:b0:5f:53:d2:
11:a4:29:d2:ed:71:e5:70:2e:34:0b:d6:4e:b4:a2:4f:88:29:
f2:84:76:e3:98:e2:16:20:11:1e:bb:a5:75:77:5f:54:ef:18:
3f:0b:6c:cb:7d:a7:51:04:c9:6d:b1:91:a7:d9:e5:50:78:ee:
30:f7:a3:6e:72:70:ef:c6:16:21:e4:8a:44:74:fb:d3:08:7d:
c0:37:f5:bf:d9:f8:64:88:8b:ec:c3:28:1f:b7:f2:83:aa:13:
41:66:0d:7b:49:c7:da:0c:cc:ac:39:8f:49:a2:fd:75:bd:95:
5e:4e:e8:4d:bc:8b:c9:03:e7:88:42:9a:5f:6f:e3:b0:a6:78:
17:12:ec:a5:b4:c5:cf:4c:32:52:50:fe:84:dc:2d:73:d5:8e:
49:24:44:3e
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIUGSzd0RYQ40UmfUl/ESqPUsty08YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNDNDQjMwMDAwMTEwLwYDVQQFEyhFQUNCN0I1MEYz
MzhERjI3OTRFQkEzRjYxOEM3MjMzQjIyODNFNjQ0MB4XDTI2MDYwOTA4MTU0NVoX
DTI3MDYwODA4MjA0NVowMzExMC8GA1UEAxMoNjM0QTEzRDk2RkFDQUIxMUM5QjY3
QjYwMjhENjkyQTNCQjdENTUyOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSWO8ExWkXTn8kUp7V/bxxneR/e/rKqaTxug+AK/XAnGzrB/azG4VvnzbTk
boFzZXbva2VAfxr+kzMSUzTnNpuBqdh3r+2+9fq56dGnIIBGlMcLDAxfgYGDqjel
gKvW/cf304K2vydXzk0xljS8PAO14FgGFioVH1n/ifJKpN/LHp10gBW2nkYFiZdT
s61zLwR1FerCwFiE650cHjkoLeFO5JoOzltyHOglvGUD4yAFJHhejUizpzEozrGQ
PShQnNe98ur2fqLNGNeRAJ8s+t+tLcNfgIqiLnR5RHl0egEwfjR3kJLMQFrCLMJZ
1vuBZ10OxqIXCGeGG+yyt8hcrdMCAwEAAaOCAq4wggKqMB0GA1UdDgQWBBRjShPZ
b6yrEcm2e2Ao1pKju31VKTAfBgNVHSMEGDAWgBTqy3tQ8zjfJ5Tro/YYxyM7IoPm
RDAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk2NzA0NTkzNjk1MzQyNTkzLzAvRUFDQjdC
NTBGMzM4REYyNzk0RUJBM0Y2MThDNzIzM0IyMjgzRTY0NC5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvNnN0N1VQTTQz
eWVVNjZQMkdNY2pPeUtENWtRLmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NjcwNDU5MzY5
NTM0MjU5My8wL0FTMTM4NDIxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIHoBggrBgEFBQcBBwEB/wSB2DCB1TCB0gQCAAEwgcsDBACL4+cDBACMzqcwDAME
A4zOyAMEAIzOzAMEAYzO0DAMAwQAjM7TAwQCjM7YMAwDBAKMzuQDBACMzugDBACM
zuoDBACMzu4wDAMEBIzO8AMEAIzO9AMEAIzO9zAMAwQAjM9FAwQAjM9GAwQBjM9I
AwQBjM+CAwQBjM+GMAwDBAGMz4oDBAGMz4wDBASMz9ADBACMz+kDBACMz+swDAME
AIzP7QMEAYzP8DAMAwQCjM/0AwQAjM/2AwQBjM/4MAsDBACMz/sDAwSMwDANBgkq
hkiG9w0BAQsFAAOCAQEAbOo2cZo369obZ1mx1MQilvVNEtaSq2ooBl5pl/Klv4Re
fAmCtevpKFamlYcmCO64qfZS9r2004o50zSlGTQABib+lsLmjnyfU0QH3/FdaZL8
v7Tb/lnTg+98W+bncjMY2vBlEbuoYiWwX1PSEaQp0u1x5XAuNAvWTrSiT4gp8oR2
45jiFiARHruldXdfVO8YPwtsy32nUQTJbbGRp9nlUHjuMPejbnJw78YWIeSKRHT7
0wh9wDf1v9n4ZIiL7MMoH7fyg6oTQWYNe0nH2gzMrDmPSaL9db2VXk7oTbyLyQPn
iEKaX2/jsKZ4FxLspbTFz0wyUlD+hNwtc9WOSSREPg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 15:16:32 2026 by rpki-client