Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS140716.roa
File: AS140716.roa (raw, json)
Hash identifier: bSgr1JGgO5sUOmzokul9nLh2gAYKr+/KoYFDQRHHfWg=
Subject key identifier: A7:96:A2:1B:6E:FE:17:11:04:BA:9A:E6:3A:7C:B4:B4:11:8F:4B:BA
Certificate issuer: /CN=A9143CB30000/serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925
Certificate serial: 632ED34BD12EEC168F2260605FF7D55E44375464
Authority key identifier: 8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS140716.roa
Signing time: Tue 02 Jun 2026 10:46:20 +0000
ROA not before: Tue 02 Jun 2026 10:41:20 +0000
ROA not after: Tue 01 Jun 2027 10:46:20 +0000
asID: 140716
IP address blocks: 112.81.130.0/23 maxlen: 23
112.81.144.0/22 maxlen: 22
112.81.150.0/23 maxlen: 23
112.81.244.0/22 maxlen: 22
122.97.248.0/23 maxlen: 23
122.193.120.0/23 maxlen: 23
122.193.128.0/23 maxlen: 23
122.193.130.0/23 maxlen: 23
122.193.136.0/23 maxlen: 23
122.193.158.0/23 maxlen: 23
122.193.168.0/23 maxlen: 23
122.193.204.0/23 maxlen: 23
153.35.10.0/23 maxlen: 23
153.35.50.0/23 maxlen: 23
153.35.52.0/23 maxlen: 23
153.35.76.0/23 maxlen: 23
153.35.78.0/23 maxlen: 23
153.35.92.0/22 maxlen: 22
153.35.100.0/23 maxlen: 23
153.35.116.0/22 maxlen: 22
153.35.120.0/23 maxlen: 23
153.35.122.0/23 maxlen: 23
153.35.172.0/23 maxlen: 23
153.35.174.0/23 maxlen: 23
2408:8000:a018::/48 maxlen: 48
2408:873d:2000::/37 maxlen: 37
2408:873d:2800::/37 maxlen: 37
2408:873d:2801::/48 maxlen: 48
2408:883a:700::/41 maxlen: 41
2408:883a:780::/42 maxlen: 42
2408:883a:8700::/41 maxlen: 41
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl
rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 00:24:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:2e:d3:4b:d1:2e:ec:16:8f:22:60:60:5f:f7:d5:5e:44:37:54:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB30000, serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925
Validity
Not Before: Jun 2 10:41:20 2026 GMT
Not After : Jun 1 10:46:20 2027 GMT
Subject: CN=A796A21B6EFE171104BA9AE63A7CB4B4118F4BBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:53:c0:b5:1f:81:d0:35:bd:b3:ad:1c:8c:69:
b1:6b:99:85:c4:65:44:ca:46:d0:9b:77:5d:12:26:
99:e2:a5:b0:dd:14:b5:1f:2d:6c:be:13:6c:cd:48:
0e:ca:83:0a:70:06:dc:f5:35:5c:10:ea:46:d1:73:
b1:9d:f2:39:7a:6b:15:1b:a6:25:03:df:d8:bb:9b:
d8:3b:24:c9:3b:30:7e:c8:79:7e:d0:2c:86:08:9a:
58:fd:6c:88:7f:38:51:83:93:2c:37:9b:88:31:a2:
62:d3:ac:0f:dc:80:34:50:9b:e7:b1:13:f2:c5:e2:
fd:8c:0a:fe:fc:16:6d:5b:e3:62:a0:9f:e0:67:f4:
e4:69:fe:ec:53:5b:cf:a9:9c:a9:33:a5:4f:fe:51:
e7:3b:9d:1f:a3:db:f4:b5:5a:e7:42:d6:c9:4f:26:
e6:41:06:e0:8b:57:69:ea:b2:72:b8:b3:cd:70:0b:
3d:5d:2e:a6:e9:c4:d5:f5:aa:10:4f:7e:13:fd:c8:
07:4b:e6:3e:9b:fb:8f:82:04:0a:7e:d9:0b:04:2e:
0a:1a:0f:7b:be:32:6c:ab:36:56:01:43:2a:ab:a0:
a6:1c:b2:2f:2b:8b:04:a8:ee:5a:bc:42:d8:45:62:
f4:7b:ca:8e:8c:44:02:f2:c2:62:1e:ff:1f:f6:d4:
95:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:96:A2:1B:6E:FE:17:11:04:BA:9A:E6:3A:7C:B4:B4:11:8F:4B:BA
X509v3 Authority Key Identifier:
keyid:8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS140716.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
112.81.130.0/23
112.81.144.0/22
112.81.150.0/23
112.81.244.0/22
122.97.248.0/23
122.193.120.0/23
122.193.128.0/22
122.193.136.0/23
122.193.158.0/23
122.193.168.0/23
122.193.204.0/23
153.35.10.0/23
153.35.50.0-153.35.53.255
153.35.76.0/22
153.35.92.0/22
153.35.100.0/23
153.35.116.0-153.35.123.255
153.35.172.0/22
IPv6:
2408:8000:a018::/48
2408:873d:2000::/36
2408:883a:700::-2408:883a:7bf:ffff:ffff:ffff:ffff:ffff
2408:883a:8700::/41
Signature Algorithm: sha256WithRSAEncryption
78:96:9e:9d:cd:aa:19:8d:00:6e:92:cd:b9:8a:85:99:80:dc:
94:11:1d:8b:cc:e0:0e:0f:c0:23:77:8d:41:81:7a:b9:d9:a1:
79:2c:fc:6b:9e:22:1a:59:0f:aa:04:4d:42:78:07:6f:5f:64:
9d:4d:73:ba:78:6b:7e:79:85:18:b6:5d:5b:16:f6:d2:a9:e8:
c2:8a:c0:71:4b:8d:e2:aa:a5:67:3d:af:e0:ba:27:5a:bf:87:
aa:a2:1c:c8:b0:49:b8:1d:f0:57:0b:75:7c:89:f0:3b:ce:69:
79:e9:8b:ce:9c:02:65:b5:b0:e5:a1:fc:a7:a9:f5:8e:9d:a9:
3c:29:93:6e:ba:5b:c4:3b:5f:55:22:b7:66:9e:01:e9:ef:27:
6f:53:65:3b:61:60:19:91:02:66:45:1f:ff:0f:df:5a:d1:5d:
7b:a4:d8:62:22:5b:9f:e7:31:f8:7e:57:08:f7:29:07:f1:55:
cb:76:8c:85:ff:27:c6:e2:56:50:73:aa:8e:94:44:61:3e:e6:
e9:77:90:a7:9e:ee:02:80:15:da:96:11:00:8b:cf:33:1e:a7:
1f:5f:d2:b2:8a:a8:a2:62:28:0c:bc:10:79:18:e8:21:7a:3a:
f3:d5:ca:62:76:ab:47:90:26:f1:09:3e:a8:56:da:eb:72:fa:
40:31:80:c5
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIUYy7TS9Eu7BaPImBgX/fVXkQ3VGQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNDNDQjMwMDAwMTEwLwYDVQQFEyg4QTFCNEU0QTYz
Mjk1RjE4QjRGMDZGRkY2QUQwMkMzMTY1QkY5OTI1MB4XDTI2MDYwMjEwNDEyMFoX
DTI3MDYwMTEwNDYyMFowMzExMC8GA1UEAxMoQTc5NkEyMUI2RUZFMTcxMTA0QkE5
QUU2M0E3Q0I0QjQxMThGNEJCQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpTwLUfgdA1vbOtHIxpsWuZhcRlRMpG0Jt3XRImmeKlsN0UtR8tbL4TbM1I
DsqDCnAG3PU1XBDqRtFzsZ3yOXprFRumJQPf2Lub2DskyTswfsh5ftAshgiaWP1s
iH84UYOTLDebiDGiYtOsD9yANFCb57ET8sXi/YwK/vwWbVvjYqCf4Gf05Gn+7FNb
z6mcqTOlT/5R5zudH6Pb9LVa50LWyU8m5kEG4ItXaeqycrizzXALPV0upunE1fWq
EE9+E/3IB0vmPpv7j4IECn7ZCwQuChoPe74ybKs2VgFDKqugphyyLyuLBKjuWrxC
2EVi9HvKjoxEAvLCYh7/H/bUlQkCAwEAAaOCApMwggKPMB0GA1UdDgQWBBSnlqIb
bv4XEQS6muY6fLS0EY9LujAfBgNVHSMEGDAWgBSKG05KYylfGLTwb/9q0CwxZb+Z
JTAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk2NzA0NTkzNjk1MzQyNTkzLzEvOEExQjRF
NEE2MzI5NUYxOEI0RjA2RkZGNkFEMDJDMzE2NUJGOTkyNS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvaWh0T1NtTXBY
eGkwOEdfX2F0QXNNV1dfbVNVLmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NjcwNDU5MzY5
NTM0MjU5My8xL0FTMTQwNzE2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIHNBggrBgEFBQcBBwEB/wSBvTCBujCBggQCAAEwfAMEAXBRggMEAnBRkAMEAXBR
lgMEAnBR9AMEAXph+AMEAXrBeAMEAnrBgAMEAXrBiAMEAXrBngMEAXrBqAMEAXrB
zAMEAZkjCjAMAwQBmSMyAwQBmSM0AwQCmSNMAwQCmSNcAwQBmSNkMAwDBAKZI3QD
BAKZI3gDBAKZI6wwMwQCAAIwLQMHACQIgACgGAMGBCQIhz0gMBEDBgAkCIg6BwMH
BiQIiDoHgAMHByQIiDqHADANBgkqhkiG9w0BAQsFAAOCAQEAeJaenc2qGY0AbpLN
uYqFmYDclBEdi8zgDg/AI3eNQYF6udmheSz8a54iGlkPqgRNQngHb19knU1zunhr
fnmFGLZdWxb20qnoworAcUuN4qqlZz2v4LonWr+HqqIcyLBJuB3wVwt1fInwO85p
eemLzpwCZbWw5aH8p6n1jp2pPCmTbrpbxDtfVSK3Zp4B6e8nb1NlO2FgGZECZkUf
/w/fWtFde6TYYiJbn+cx+H5XCPcpB/FVy3aMhf8nxuJWUHOqjpREYT7m6XeQp57u
AoAV2pYRAIvPMx6nH1/SsoqoomIoDLwQeRjoIXo689XKYnarR5Am8Qk+qFba63L6
QDGAxQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:17:14 2026 by rpki-client