Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS136959.roa
File: AS136959.roa (raw, json)
Hash identifier: lAFFdAP8NSHUkSJL6fUdH6xBrCM1Jd4YjBS0ZuEFEjU=
Subject key identifier: 11:AE:1F:8B:C0:88:62:6A:98:32:D4:1B:C6:31:CC:2D:B3:15:1C:3B
Certificate issuer: /CN=A9143CB30000/serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925
Certificate serial: 5D6E33036F8B2A8580F8A46A955E29303B656889
Authority key identifier: 8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS136959.roa
Signing time: Wed 03 Jun 2026 14:39:54 +0000
ROA not before: Wed 03 Jun 2026 14:34:54 +0000
ROA not after: Wed 02 Jun 2027 14:39:54 +0000
asID: 136959
IP address blocks: 27.36.113.0/24 maxlen: 24
27.36.118.0/24 maxlen: 24
27.36.119.0/24 maxlen: 24
27.36.120.0/24 maxlen: 24
27.36.121.0/24 maxlen: 24
27.36.123.0/24 maxlen: 24
27.36.124.0/24 maxlen: 24
27.36.125.0/24 maxlen: 24
27.36.126.0/24 maxlen: 24
27.36.127.0/24 maxlen: 24
27.45.150.0/24 maxlen: 24
27.45.151.0/24 maxlen: 24
27.45.160.0/24 maxlen: 24
27.45.161.0/24 maxlen: 24
27.45.164.0/24 maxlen: 24
27.45.165.0/24 maxlen: 24
27.45.166.0/24 maxlen: 24
27.45.167.0/24 maxlen: 24
58.255.175.0/24 maxlen: 24
112.90.152.0/24 maxlen: 24
112.90.153.0/24 maxlen: 24
112.90.154.0/24 maxlen: 24
112.90.155.0/24 maxlen: 24
112.90.156.0/24 maxlen: 24
112.90.157.0/24 maxlen: 24
112.93.112.0/24 maxlen: 24
112.93.114.0/24 maxlen: 24
112.93.115.0/24 maxlen: 24
112.96.82.0/24 maxlen: 24
112.96.83.0/24 maxlen: 24
120.80.84.0/24 maxlen: 24
120.80.85.0/24 maxlen: 24
120.83.13.0/24 maxlen: 24
120.83.144.0/24 maxlen: 24
120.83.146.0/24 maxlen: 24
120.83.182.0/24 maxlen: 24
120.83.183.0/24 maxlen: 24
122.13.168.0/24 maxlen: 24
122.13.170.0/24 maxlen: 24
122.13.171.0/24 maxlen: 24
122.13.172.0/24 maxlen: 24
122.13.173.0/24 maxlen: 24
122.13.175.0/24 maxlen: 24
122.13.254.0/24 maxlen: 24
163.142.152.0/24 maxlen: 24
163.142.153.0/24 maxlen: 24
163.142.154.0/24 maxlen: 24
163.142.155.0/24 maxlen: 24
163.142.156.0/24 maxlen: 24
163.142.157.0/24 maxlen: 24
163.142.158.0/24 maxlen: 24
163.142.159.0/24 maxlen: 24
163.177.153.0/24 maxlen: 24
163.177.154.0/24 maxlen: 24
163.177.155.0/24 maxlen: 24
163.177.156.0/24 maxlen: 24
163.177.157.0/24 maxlen: 24
163.177.158.0/24 maxlen: 24
163.177.159.0/24 maxlen: 24
221.4.146.0/24 maxlen: 24
221.4.154.0/24 maxlen: 24
221.4.159.0/24 maxlen: 24
221.5.35.0/24 maxlen: 24
221.5.96.0/24 maxlen: 24
221.5.97.0/24 maxlen: 24
221.5.102.0/24 maxlen: 24
221.5.103.0/24 maxlen: 24
221.5.107.0/24 maxlen: 24
2408:8459:4c80::/44 maxlen: 44
2408:8459:4c90::/44 maxlen: 44
2408:8459:4ca0::/44 maxlen: 44
2408:8459:4cb0::/44 maxlen: 44
2408:8459:4e80::/44 maxlen: 44
2408:8459:4e90::/44 maxlen: 44
2408:8459:4ea0::/44 maxlen: 44
2408:8459:4eb0::/44 maxlen: 44
2408:8459:5080::/44 maxlen: 44
2408:8459:5090::/44 maxlen: 44
2408:8459:50a0::/44 maxlen: 44
2408:8459:50b0::/44 maxlen: 44
2408:8459:5280::/44 maxlen: 44
2408:8459:5290::/44 maxlen: 44
2408:8459:52a0::/44 maxlen: 44
2408:8459:52b0::/44 maxlen: 44
2408:8459:5480::/44 maxlen: 44
2408:8459:5490::/44 maxlen: 44
2408:8459:54a0::/44 maxlen: 44
2408:8459:54b0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl
rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 00:24:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:6e:33:03:6f:8b:2a:85:80:f8:a4:6a:95:5e:29:30:3b:65:68:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB30000, serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925
Validity
Not Before: Jun 3 14:34:54 2026 GMT
Not After : Jun 2 14:39:54 2027 GMT
Subject: CN=11AE1F8BC088626A9832D41BC631CC2DB3151C3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7b:92:1d:78:75:16:ac:4a:b3:e9:e6:f5:6b:
e7:50:59:96:cc:d9:9d:11:2e:2f:b8:3a:8c:50:b0:
7a:5f:84:dd:cd:c3:8b:f4:f6:06:f5:bf:c9:ad:0a:
e1:58:e7:34:23:e8:38:4c:a8:55:54:da:f2:6f:86:
d1:59:90:1b:81:11:4b:71:3c:9c:2b:a3:cc:fa:b2:
3b:35:c0:22:63:20:25:6a:f1:3d:96:9d:43:1e:63:
8e:a7:62:2f:2f:e8:44:5f:88:77:ec:e1:7e:4f:4a:
7f:31:af:e8:1a:6c:52:e1:86:fa:b2:f8:10:1d:65:
9d:25:23:74:65:22:40:53:43:0e:a9:4e:fa:43:0c:
7d:fa:9b:81:c1:82:75:bc:dc:a0:9f:1e:5e:ea:c4:
5e:ba:5b:19:67:cd:8e:5d:c6:39:49:92:36:b8:d6:
06:bd:87:64:2c:40:f0:40:d7:f0:98:c5:11:89:f9:
75:82:80:24:e9:62:60:43:9c:5d:a0:ec:21:5c:c3:
70:11:7e:c3:b5:2c:22:01:87:67:cc:a1:02:3b:00:
2c:ad:ef:04:ba:4d:c8:fb:31:69:df:fd:e6:7b:dc:
ba:cb:c1:24:5f:56:35:a8:ca:e6:13:b2:d6:f3:81:
24:80:7f:7a:b1:df:65:30:ac:d2:fe:a9:ae:34:df:
b3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:AE:1F:8B:C0:88:62:6A:98:32:D4:1B:C6:31:CC:2D:B3:15:1C:3B
X509v3 Authority Key Identifier:
keyid:8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS136959.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.36.113.0/24
27.36.118.0-27.36.121.255
27.36.123.0-27.36.127.255
27.45.150.0/23
27.45.160.0/23
27.45.164.0/22
58.255.175.0/24
112.90.152.0-112.90.157.255
112.93.112.0/24
112.93.114.0/23
112.96.82.0/23
120.80.84.0/23
120.83.13.0/24
120.83.144.0/24
120.83.146.0/24
120.83.182.0/23
122.13.168.0/24
122.13.170.0-122.13.173.255
122.13.175.0/24
122.13.254.0/24
163.142.152.0/21
163.177.153.0-163.177.159.255
221.4.146.0/24
221.4.154.0/24
221.4.159.0/24
221.5.35.0/24
221.5.96.0/23
221.5.102.0/23
221.5.107.0/24
IPv6:
2408:8459:4c80::/42
2408:8459:4e80::/42
2408:8459:5080::/42
2408:8459:5280::/42
2408:8459:5480::/42
Signature Algorithm: sha256WithRSAEncryption
a0:59:ef:4d:3b:bc:ba:bc:98:3b:74:7e:9d:ba:33:9a:80:c9:
10:11:4f:6e:2c:96:13:01:fa:b8:8c:79:34:7b:d4:15:f9:53:
d6:64:05:ef:62:fe:65:dc:7b:7d:d0:e2:ba:80:d5:f8:f1:9a:
9d:06:ff:d8:02:9a:46:3e:04:8d:3b:4b:68:ee:fd:34:b2:82:
7c:af:47:63:a5:22:3a:68:de:48:d9:26:b5:00:93:07:c8:e7:
f9:34:ce:2f:4b:2c:5f:02:a1:cd:e4:87:4d:26:06:98:db:90:
b8:68:35:c1:16:d3:39:39:8f:b7:d2:03:8b:8b:c3:88:83:d0:
47:c4:4a:1a:5a:b0:33:26:d6:23:03:62:b8:4f:7f:9b:0a:d9:
9e:77:17:73:a3:d4:30:50:15:17:e6:2a:17:85:fb:b9:d2:f5:
d4:d7:c4:50:9c:ef:8f:f7:2e:42:ed:aa:47:ab:b1:e7:6e:6e:
65:95:a7:63:3b:16:df:ff:b8:3d:f6:fb:cc:d6:5a:99:02:2d:
00:18:f9:9d:d9:47:7c:52:47:d5:fe:76:d2:5e:fe:56:93:f2:
18:77:86:8b:32:e4:79:0f:d0:ec:de:bb:78:1d:c3:8f:70:6c:
5b:c0:bc:8f:19:f7:01:a1:f7:72:32:e9:2c:c0:23:68:20:88:
3a:55:99:53
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIUXW4zA2+LKoWA+KRqlV4pMDtlaIkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNDNDQjMwMDAwMTEwLwYDVQQFEyg4QTFCNEU0QTYz
Mjk1RjE4QjRGMDZGRkY2QUQwMkMzMTY1QkY5OTI1MB4XDTI2MDYwMzE0MzQ1NFoX
DTI3MDYwMjE0Mzk1NFowMzExMC8GA1UEAxMoMTFBRTFGOEJDMDg4NjI2QTk4MzJE
NDFCQzYzMUNDMkRCMzE1MUMzQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALt7kh14dRasSrPp5vVr51BZlszZnREuL7g6jFCwel+E3c3Di/T2BvW/ya0K
4VjnNCPoOEyoVVTa8m+G0VmQG4ERS3E8nCujzPqyOzXAImMgJWrxPZadQx5jjqdi
Ly/oRF+Id+zhfk9KfzGv6BpsUuGG+rL4EB1lnSUjdGUiQFNDDqlO+kMMffqbgcGC
dbzcoJ8eXurEXrpbGWfNjl3GOUmSNrjWBr2HZCxA8EDX8JjFEYn5dYKAJOliYEOc
XaDsIVzDcBF+w7UsIgGHZ8yhAjsALK3vBLpNyPsxad/95nvcusvBJF9WNajK5hOy
1vOBJIB/erHfZTCs0v6prjTfs8sCAwEAAaOCAvEwggLtMB0GA1UdDgQWBBQRrh+L
wIhiapgy1BvGMcwtsxUcOzAfBgNVHSMEGDAWgBSKG05KYylfGLTwb/9q0CwxZb+Z
JTAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk2NzA0NTkzNjk1MzQyNTkzLzEvOEExQjRF
NEE2MzI5NUYxOEI0RjA2RkZGNkFEMDJDMzE2NUJGOTkyNS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvaWh0T1NtTXBY
eGkwOEdfX2F0QXNNV1dfbVNVLmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NjcwNDU5MzY5
NTM0MjU5My8xL0FTMTM2OTU5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIIBKgYIKwYBBQUHAQcBAf8EggEZMIIBFTCB3QQCAAEwgdYDBAAbJHEwDAMEARsk
dgMEARskeDAMAwQAGyR7AwQHGyQAAwQBGy2WAwQBGy2gAwQCGy2kAwQAOv+vMAwD
BANwWpgDBAFwWpwDBABwXXADBAFwXXIDBAFwYFIDBAF4UFQDBAB4Uw0DBAB4U5AD
BAB4U5IDBAF4U7YDBAB6DagwDAMEAXoNqgMEAXoNrAMEAHoNrwMEAHoN/gMEA6OO
mDAMAwQAo7GZAwQFo7GAAwQA3QSSAwQA3QSaAwQA3QSfAwQA3QUjAwQB3QVgAwQB
3QVmAwQA3QVrMDMEAgACMC0DBwYkCIRZTIADBwYkCIRZToADBwYkCIRZUIADBwYk
CIRZUoADBwYkCIRZVIAwDQYJKoZIhvcNAQELBQADggEBAKBZ7007vLq8mDt0fp26
M5qAyRART24slhMB+riMeTR71BX5U9ZkBe9i/mXce33Q4rqA1fjxmp0G/9gCmkY+
BI07S2ju/TSygnyvR2OlIjpo3kjZJrUAkwfI5/k0zi9LLF8Coc3kh00mBpjbkLho
NcEW0zk5j7fSA4uLw4iD0EfEShpasDMm1iMDYrhPf5sK2Z53F3Oj1DBQFRfmKheF
+7nS9dTXxFCc74/3LkLtqkersedubmWVp2M7Ft//uD32+8zWWpkCLQAY+Z3ZR3xS
R9X+dtJe/laT8hh3hosy5HkP0Ozeu3gdw49wbFvAvI8Z9wGh93Iy6SzAI2ggiDpV
mVM=
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:17:12 2026 by rpki-client