Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS131285.roa
File: AS131285.roa (raw, json)
Hash identifier: bLt5YVJMJicdCDw+xyVv7mnQ/NoNQPS34FUcK1q7Euc=
Subject key identifier: 90:D5:CA:8B:64:77:B8:06:6A:93:DC:85:A0:9C:09:6A:A1:0C:B8:AC
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 18EBE01A0E4281C8AE67A100F17D16F082FCAA2C
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS131285.roa
Signing time: Thu 04 Jun 2026 16:14:55 +0000
ROA not before: Thu 04 Jun 2026 16:09:55 +0000
ROA not after: Thu 03 Jun 2027 16:14:55 +0000
asID: 131285
IP address blocks: 111.181.0.0/16 maxlen: 16
111.181.0.0/17 maxlen: 17
111.181.128.0/17 maxlen: 17
111.181.160.0/19 maxlen: 19
111.181.222.0/23 maxlen: 23
111.181.222.0/24 maxlen: 24
111.181.223.0/24 maxlen: 24
111.181.224.0/20 maxlen: 20
111.183.0.0/16 maxlen: 16
111.183.0.0/17 maxlen: 17
111.183.128.0/17 maxlen: 17
111.183.160.0/19 maxlen: 19
111.183.222.0/23 maxlen: 23
111.183.222.0/24 maxlen: 24
111.183.223.0/24 maxlen: 24
111.183.224.0/20 maxlen: 20
240e:25d::/36 maxlen: 36
240e:25d::/37 maxlen: 37
240e:25d:800::/37 maxlen: 37
240e:45c::/32 maxlen: 32
240e:45c::/33 maxlen: 33
240e:45c:8000::/33 maxlen: 33
240e:45d::/32 maxlen: 32
240e:45d::/33 maxlen: 33
240e:45d:8000::/33 maxlen: 33
240e:45f:fffc::/46 maxlen: 46
240e:85c::/44 maxlen: 44
240e:85c::/45 maxlen: 45
240e:85c:8::/45 maxlen: 45
240e:85c:10::/47 maxlen: 47
240e:85c:40::/44 maxlen: 44
240e:85c:40::/45 maxlen: 45
240e:85c:48::/45 maxlen: 45
240e:85c:50::/47 maxlen: 47
240e:85c:80::/47 maxlen: 47
240e:85c:82::/47 maxlen: 47
240e:85d::/44 maxlen: 44
240e:85d::/45 maxlen: 45
240e:85d:8::/45 maxlen: 45
240e:85d:10::/44 maxlen: 44
240e:85d:10::/45 maxlen: 45
240e:85d:18::/45 maxlen: 45
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:eb:e0:1a:0e:42:81:c8:ae:67:a1:00:f1:7d:16:f0:82:fc:aa:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: Jun 4 16:09:55 2026 GMT
Not After : Jun 3 16:14:55 2027 GMT
Subject: CN=90D5CA8B6477B8066A93DC85A09C096AA10CB8AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:94:92:13:e0:3d:7a:0a:e7:4c:14:58:c1:d7:
51:75:63:a2:8a:90:66:89:3c:2d:69:e6:38:79:10:
1a:2a:a6:c6:49:df:cb:a2:12:ee:79:aa:16:f6:86:
6f:3c:73:f1:ee:ad:4e:53:0f:97:ab:5f:bc:3d:09:
de:25:6e:d8:a9:34:35:a4:f7:89:ea:07:a1:5a:51:
d5:2e:2a:e4:4b:9e:96:79:35:f2:23:5a:b7:77:15:
7b:31:b5:15:5e:be:ef:92:cf:54:4a:f1:2a:3b:59:
8b:1e:08:5b:e1:21:9e:7b:19:a1:d6:bf:fd:6a:28:
ce:b7:dc:d2:c7:5d:09:9e:53:38:dd:94:a7:b2:26:
86:f2:28:89:29:bd:63:db:40:45:1d:83:1b:74:3f:
53:3d:cd:e1:94:60:90:5e:13:82:41:28:a1:b7:73:
53:54:94:be:b3:f0:d4:bc:b3:33:14:7a:2b:c4:24:
e2:27:eb:09:c6:e1:db:1a:75:84:29:31:49:5d:fe:
7a:2d:80:e4:93:aa:42:60:11:fb:32:d7:aa:88:e5:
10:93:d5:bc:08:a6:04:7f:67:44:10:8a:ed:62:6a:
c6:aa:28:6e:ba:f5:33:11:93:d9:a1:38:1b:e1:e0:
62:63:fd:5d:15:c5:e7:24:f2:d3:e6:21:37:da:35:
e6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D5:CA:8B:64:77:B8:06:6A:93:DC:85:A0:9C:09:6A:A1:0C:B8:AC
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS131285.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
111.181.0.0/16
111.183.0.0/16
IPv6:
240e:25d::/36
240e:45c::/31
240e:45f:fffc::/46
240e:85c::-240e:85c:11:ffff:ffff:ffff:ffff:ffff
240e:85c:40::-240e:85c:51:ffff:ffff:ffff:ffff:ffff
240e:85c:80::/46
240e:85d::/43
Signature Algorithm: sha256WithRSAEncryption
49:f9:b5:69:48:f6:fd:54:48:94:47:78:61:e6:ad:24:68:2a:
27:40:84:b9:ed:1e:c4:56:4e:fc:f9:ee:d5:cd:de:6f:4e:77:
b6:2d:94:b3:ec:9a:9c:ae:02:16:83:d5:aa:9e:55:3a:89:94:
da:b1:bc:dc:b8:bf:41:70:b2:c6:8c:a9:3e:ab:e4:bd:83:42:
7c:29:91:42:d1:70:c2:28:57:cb:4f:e1:63:52:88:cd:f2:1c:
7b:48:ff:9a:9b:8a:81:b8:fc:a4:70:da:79:92:49:56:67:c0:
de:65:f6:1e:31:b5:53:6c:ca:fc:f8:9e:ae:64:2b:c7:a1:15:
43:45:e1:6e:9a:a9:27:a9:41:f6:57:11:56:c4:1d:c9:eb:7a:
1f:02:27:6f:8a:98:22:de:81:b0:93:b6:8a:15:e1:72:83:11:
0d:44:96:ba:7d:94:7b:1a:bd:ed:95:88:09:00:32:d6:1f:7e:
dd:13:6a:4d:48:20:13:19:e9:e6:56:ff:2a:2d:90:c1:f9:ef:
91:ff:59:15:12:d2:17:ab:ea:bf:3c:12:30:8b:e3:26:82:87:
38:03:b5:fa:f0:8c:31:d5:18:4a:7e:ac:41:68:65:b3:8c:03:
31:bf:a8:9c:2e:ce:7a:70:d6:cf:1d:4f:ff:92:0a:67:bc:9a:
81:3d:f7:dc
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIUGOvgGg5CgciuZ6EA8X0W8IL8qiwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYwNDE2MDk1NVoX
DTI3MDYwMzE2MTQ1NVowMzExMC8GA1UEAxMoOTBENUNBOEI2NDc3QjgwNjZBOTNE
Qzg1QTA5QzA5NkFBMTBDQjhBQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM6UkhPgPXoK50wUWMHXUXVjooqQZok8LWnmOHkQGiqmxknfy6IS7nmqFvaG
bzxz8e6tTlMPl6tfvD0J3iVu2Kk0NaT3ieoHoVpR1S4q5Euelnk18iNat3cVezG1
FV6+75LPVErxKjtZix4IW+EhnnsZoda//Woozrfc0sddCZ5TON2Up7ImhvIoiSm9
Y9tARR2DG3Q/Uz3N4ZRgkF4TgkEoobdzU1SUvrPw1LyzMxR6K8Qk4ifrCcbh2xp1
hCkxSV3+ei2A5JOqQmAR+zLXqojlEJPVvAimBH9nRBCK7WJqxqoobrr1MxGT2aE4
G+HgYmP9XRXF5yTy0+YhN9o15jkCAwEAAaOCAkAwggI8MB0GA1UdDgQWBBSQ1cqL
ZHe4BmqT3IWgnAlqoQy4rDAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTMxMjg1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MHsGCCsGAQUFBwEHAQH/BGwwajAQBAIAATAKAwMAb7UDAwBvtzBWBAIAAjBQAwYE
JA4CXQADBQEkDgRcAwcCJA4EX//8MBADBQIkDghcAwcBJA4IXAAQMBIDBwYkDghc
AEADBwEkDghcAFADBwIkDghcAIADBwUkDghdAAAwDQYJKoZIhvcNAQELBQADggEB
AEn5tWlI9v1USJRHeGHmrSRoKidAhLntHsRWTvz57tXN3m9Od7YtlLPsmpyuAhaD
1aqeVTqJlNqxvNy4v0FwssaMqT6r5L2DQnwpkULRcMIoV8tP4WNSiM3yHHtI/5qb
ioG4/KRw2nmSSVZnwN5l9h4xtVNsyvz4nq5kK8ehFUNF4W6aqSepQfZXEVbEHcnr
eh8CJ2+KmCLegbCTtooV4XKDEQ1Elrp9lHsave2ViAkAMtYfft0Tak1IIBMZ6eZW
/yotkMH575H/WRUS0her6r88EjCL4yaChzgDtfrwjDHVGEp+rEFoZbOMAzG/qJwu
znpw1s8dT/+SCme8moE999w=
-----END CERTIFICATE-----
Generated at Sun Jun 14 05:17:39 2026 by rpki-client