Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS140717.roa
File: AS140717.roa (raw, json)
Hash identifier: Z4j/PKl5JdzPb2DCk9dQFBgRN8BBEFROC3WyFUMMj1Q=
Subject key identifier: 8A:26:31:C1:9F:16:B7:8D:24:AF:B8:77:50:DF:53:C3:8A:FA:EF:A5
Certificate issuer: /CN=A9143CB30000/serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925
Certificate serial: 020B5909ACAB670D0F354B1AAB1B0A0AF77272E6
Authority key identifier: 8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS140717.roa
Signing time: Mon 01 Jun 2026 03:35:42 +0000
ROA not before: Mon 01 Jun 2026 03:30:42 +0000
ROA not after: Mon 31 May 2027 03:35:42 +0000
asID: 140717
IP address blocks: 58.240.182.0/23 maxlen: 23
112.80.22.0/23 maxlen: 23
112.81.84.0/22 maxlen: 22
112.81.88.0/22 maxlen: 22
112.81.92.0/23 maxlen: 23
112.86.56.0/22 maxlen: 22
112.87.168.0/22 maxlen: 22
112.87.172.0/22 maxlen: 22
153.37.232.0/23 maxlen: 23
153.37.235.0/24 maxlen: 24
153.37.236.0/22 maxlen: 22
221.6.175.0/24 maxlen: 24
2408:8000:a017::/48 maxlen: 48
2408:873d:1000::/37 maxlen: 37
2408:873d:1800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl
rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 00:24:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:0b:59:09:ac:ab:67:0d:0f:35:4b:1a:ab:1b:0a:0a:f7:72:72:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143CB30000, serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925
Validity
Not Before: Jun 1 03:30:42 2026 GMT
Not After : May 31 03:35:42 2027 GMT
Subject: CN=8A2631C19F16B78D24AFB87750DF53C38AFAEFA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:50:92:b2:d9:df:a5:3f:08:db:ed:b0:65:85:
f8:8d:a0:c6:ce:b3:c3:72:2e:b6:cf:a2:0b:62:d8:
a9:9d:49:60:23:f2:44:1d:4f:e6:c7:e9:a5:84:5f:
1f:31:19:ab:33:02:a5:42:06:1c:8d:b7:0a:28:63:
cf:01:df:87:15:2e:f4:8b:06:2e:16:1d:0c:b4:b2:
60:8a:77:d9:b5:03:9c:2a:1f:1c:03:ab:fa:ec:80:
80:51:34:54:88:95:1c:d6:af:59:cc:12:26:22:e2:
f3:08:69:3a:93:c0:c8:b4:ff:4d:0b:5b:87:57:3f:
06:00:6a:86:92:35:ae:c0:9b:b3:c9:13:a0:4b:8f:
da:b1:02:62:46:8c:c7:ab:18:0b:a7:e9:04:c9:c2:
5d:1c:6e:db:b1:05:b1:f2:fa:70:39:13:d0:dd:f3:
87:ca:73:79:b6:26:5f:a9:57:cc:54:b6:94:93:d9:
51:57:84:81:6d:58:ad:f9:88:91:4b:2a:aa:66:e6:
ee:3f:ab:6e:7f:74:cc:bf:6c:dd:3c:11:6c:fa:24:
45:67:f4:4c:cc:c9:4f:c3:b5:ad:3c:32:6c:bc:b5:
28:b9:e8:9c:50:02:bd:cd:63:d9:f1:bc:ae:90:db:
72:25:56:cc:25:2f:02:66:ef:f3:15:bf:0c:d2:f5:
da:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:26:31:C1:9F:16:B7:8D:24:AF:B8:77:50:DF:53:C3:8A:FA:EF:A5
X509v3 Authority Key Identifier:
keyid:8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS140717.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
58.240.182.0/23
112.80.22.0/23
112.81.84.0-112.81.93.255
112.86.56.0/22
112.87.168.0/21
153.37.232.0/23
153.37.235.0-153.37.239.255
221.6.175.0/24
IPv6:
2408:8000:a017::/48
2408:873d:1000::/36
Signature Algorithm: sha256WithRSAEncryption
14:5c:eb:85:eb:6b:a7:1b:82:97:5c:f3:6e:7c:3a:f6:5a:51:
f1:9c:f7:1c:89:c9:2b:4c:35:c1:8f:21:ba:84:72:71:6a:c1:
f9:75:38:26:40:07:c8:34:be:e9:56:56:41:22:69:be:ae:7c:
87:f2:18:56:b9:9c:c8:c3:f4:1e:cb:79:0f:11:01:82:91:97:
a4:70:c8:cf:7c:dc:d8:b3:9c:41:48:d4:02:54:14:69:58:1f:
ed:d1:2d:77:09:4d:53:35:43:f0:20:9a:bf:98:5f:73:2c:ec:
c1:12:ce:2f:59:51:70:d2:73:0a:0a:b3:1c:ce:55:75:79:2f:
1f:7f:f2:f3:8a:0c:3b:df:ce:02:d3:e2:be:c6:e9:09:b0:c2:
a9:2e:fd:99:18:a9:2f:47:29:b7:35:45:61:86:ae:06:19:31:
c8:8f:e0:e1:a0:ea:47:de:f3:0e:fc:0f:a4:39:e1:0d:fd:e0:
bf:8e:3b:16:45:04:02:8e:eb:13:13:45:aa:54:d7:bf:79:23:
5b:66:7f:4d:f8:b1:94:ba:53:7d:f6:49:7d:21:de:8e:d3:23:
3d:a8:52:a3:f7:54:76:72:b1:ec:dd:87:a8:b4:f8:75:56:46:
c0:27:81:98:ff:88:2c:c2:19:dd:97:6d:f9:01:82:d8:f9:34:
1d:06:dd:94
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIUAgtZCayrZw0PNUsaqxsKCvdycuYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNDNDQjMwMDAwMTEwLwYDVQQFEyg4QTFCNEU0QTYz
Mjk1RjE4QjRGMDZGRkY2QUQwMkMzMTY1QkY5OTI1MB4XDTI2MDYwMTAzMzA0MloX
DTI3MDUzMTAzMzU0MlowMzExMC8GA1UEAxMoOEEyNjMxQzE5RjE2Qjc4RDI0QUZC
ODc3NTBERjUzQzM4QUZBRUZBNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlQkrLZ36U/CNvtsGWF+I2gxs6zw3Iuts+iC2LYqZ1JYCPyRB1P5sfppYRf
HzEZqzMCpUIGHI23CihjzwHfhxUu9IsGLhYdDLSyYIp32bUDnCofHAOr+uyAgFE0
VIiVHNavWcwSJiLi8whpOpPAyLT/TQtbh1c/BgBqhpI1rsCbs8kToEuP2rECYkaM
x6sYC6fpBMnCXRxu27EFsfL6cDkT0N3zh8pzebYmX6lXzFS2lJPZUVeEgW1YrfmI
kUsqqmbm7j+rbn90zL9s3TwRbPokRWf0TMzJT8O1rTwybLy1KLnonFACvc1j2fG8
rpDbciVWzCUvAmbv8xW/DNL12p0CAwEAAaOCAjcwggIzMB0GA1UdDgQWBBSKJjHB
nxa3jSSvuHdQ31PDivrvpTAfBgNVHSMEGDAWgBSKG05KYylfGLTwb/9q0CwxZb+Z
JTAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk2NzA0NTkzNjk1MzQyNTkzLzEvOEExQjRF
NEE2MzI5NUYxOEI0RjA2RkZGNkFEMDJDMzE2NUJGOTkyNS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvaWh0T1NtTXBY
eGkwOEdfX2F0QXNNV1dfbVNVLmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NjcwNDU5MzY5
NTM0MjU5My8xL0FTMTQwNzE3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MHIGCCsGAQUFBwEHAQH/BGMwYTBGBAIAATBAAwQBOvC2AwQBcFAWMAwDBAJwUVQD
BAFwUVwDBAJwVjgDBANwV6gDBAGZJegwDAMEAJkl6wMEBJkl4AMEAN0GrzAXBAIA
AjARAwcAJAiAAKAXAwYEJAiHPRAwDQYJKoZIhvcNAQELBQADggEBABRc64Xra6cb
gpdc8258OvZaUfGc9xyJyStMNcGPIbqEcnFqwfl1OCZAB8g0vulWVkEiab6ufIfy
GFa5nMjD9B7LeQ8RAYKRl6RwyM983NiznEFI1AJUFGlYH+3RLXcJTVM1Q/Agmr+Y
X3Ms7MESzi9ZUXDScwoKsxzOVXV5Lx9/8vOKDDvfzgLT4r7G6Qmwwqku/ZkYqS9H
Kbc1RWGGrgYZMciP4OGg6kfe8w78D6Q54Q394L+OOxZFBAKO6xMTRapU1795I1tm
f034sZS6U332SX0h3o7TIz2oUqP3VHZysezdh6i0+HVWRsAngZj/iCzCGd2XbfkB
gtj5NB0G3ZQ=
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:17:13 2026 by rpki-client