Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS132147.roa
File: AS132147.roa (raw, json)
Hash identifier: USWRH2UAQ5OTHpCXasWFKtyen0fZ1A+KIG4rCLVNxLU=
Subject key identifier: C3:D6:F4:D3:50:74:58:B8:22:6E:78:02:2A:EA:8A:B9:A9:C1:FA:39
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 6C08ACC2B27073E38C7FD4B89718A158CE948514
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS132147.roa
Signing time: Tue 26 May 2026 16:04:15 +0000
ROA not before: Tue 26 May 2026 15:59:15 +0000
ROA not after: Tue 25 May 2027 16:04:15 +0000
asID: 132147
IP address blocks: 1.71.16.0/20 maxlen: 20
1.71.64.0/20 maxlen: 20
1.71.144.0/21 maxlen: 21
1.71.152.0/21 maxlen: 21
1.71.160.0/21 maxlen: 21
59.49.40.0/21 maxlen: 21
59.49.80.0/20 maxlen: 20
59.49.117.0/24 maxlen: 24
240e:4:e000::/40 maxlen: 40
240e:924::/36 maxlen: 36
240e:925::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:08:ac:c2:b2:70:73:e3:8c:7f:d4:b8:97:18:a1:58:ce:94:85:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: May 26 15:59:15 2026 GMT
Not After : May 25 16:04:15 2027 GMT
Subject: CN=C3D6F4D3507458B8226E78022AEA8AB9A9C1FA39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:14:41:49:ae:42:cb:48:f5:60:39:7f:ce:f6:
c1:2a:9d:53:dd:5b:00:7f:9d:06:5d:49:43:b2:ff:
ca:e0:70:42:d3:b5:c4:fb:89:28:6b:1c:3d:b2:aa:
85:1b:11:bd:e7:ba:90:e9:f7:91:35:b2:83:02:eb:
45:88:7b:4e:43:6a:87:ff:9a:2e:81:30:c0:e6:89:
6a:57:44:25:77:76:73:bf:8f:9b:cb:ca:22:d6:cb:
d1:fb:04:cb:b1:0c:1a:56:9d:de:47:a7:dc:e1:12:
d8:f1:0f:41:5d:8b:6b:21:69:58:45:de:bc:6e:53:
b3:7b:3c:77:9d:d8:5d:cb:0f:be:58:ed:88:2c:b6:
0a:2c:d2:2e:2d:32:74:83:98:5d:d4:d1:03:42:ab:
ca:78:dc:1d:9b:42:af:f2:43:b4:35:22:51:ad:6b:
cd:8a:65:30:aa:45:f5:14:b8:65:10:a3:66:f8:1c:
61:e6:45:f8:58:0c:d4:39:4b:f8:68:0b:14:15:76:
5a:d0:c2:d6:b0:cd:dc:ec:4a:b3:0f:6d:62:7f:85:
cc:df:82:79:a3:8d:94:e0:65:b8:b6:52:f3:4f:c4:
23:41:21:0e:da:2f:42:d8:d5:5a:a2:ba:79:d8:e1:
d9:97:99:72:00:0a:df:e3:80:4c:57:2c:40:e5:d5:
89:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D6:F4:D3:50:74:58:B8:22:6E:78:02:2A:EA:8A:B9:A9:C1:FA:39
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS132147.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
1.71.16.0/20
1.71.64.0/20
1.71.144.0-1.71.167.255
59.49.40.0/21
59.49.80.0/20
59.49.117.0/24
IPv6:
240e:4:e000::/40
240e:924::/36
240e:925::/36
Signature Algorithm: sha256WithRSAEncryption
3d:e3:d2:ce:7a:f3:19:4a:a7:47:4c:6e:06:9f:06:1d:d0:00:
5d:8b:0f:66:14:a6:99:38:35:e4:51:36:de:f5:74:f4:ff:d1:
3f:c5:64:74:93:d7:e3:8c:76:25:18:46:e7:8f:91:4c:37:84:
40:97:1c:20:dd:93:19:f9:f6:16:37:76:5c:02:46:66:bd:c2:
b1:66:b0:54:ec:bd:27:8e:5d:1b:7f:bb:74:f2:7b:75:b0:10:
89:7e:cd:f3:9a:e4:c3:c8:df:7c:c7:f2:70:f3:1d:33:d1:cc:
79:fc:4a:25:63:95:2d:d9:ee:b7:62:ec:7f:1e:5c:31:2e:6a:
fb:0c:1a:58:f2:02:b6:ee:67:4b:b9:37:83:16:09:d2:6c:01:
50:e5:d7:e6:f1:a6:82:ad:d8:1e:33:f0:e2:d9:66:33:b8:cd:
d5:53:92:59:f9:63:75:c5:db:91:01:65:83:c5:fa:b7:2f:36:
49:52:5d:e0:8f:f3:a7:e3:4c:68:f2:33:40:cd:ad:76:08:4b:
da:0b:00:11:96:01:23:27:26:b0:60:5f:9f:c4:ab:8d:7e:b1:
f0:47:f6:11:9b:89:2d:89:75:7a:0b:3e:2c:53:49:11:de:fc:
a7:12:76:22:8f:07:35:74:73:cf:21:e3:3e:f5:c2:aa:34:11:
d5:16:6d:28
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUbAiswrJwc+OMf9S4lxihWM6UhRQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDUyNjE1NTkxNVoX
DTI3MDUyNTE2MDQxNVowMzExMC8GA1UEAxMoQzNENkY0RDM1MDc0NThCODIyNkU3
ODAyMkFFQThBQjlBOUMxRkEzOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0UQUmuQstI9WA5f872wSqdU91bAH+dBl1JQ7L/yuBwQtO1xPuJKGscPbKq
hRsRvee6kOn3kTWygwLrRYh7TkNqh/+aLoEwwOaJaldEJXd2c7+Pm8vKItbL0fsE
y7EMGlad3ken3OES2PEPQV2LayFpWEXevG5Ts3s8d53YXcsPvljtiCy2CizSLi0y
dIOYXdTRA0KrynjcHZtCr/JDtDUiUa1rzYplMKpF9RS4ZRCjZvgcYeZF+FgM1DlL
+GgLFBV2WtDC1rDN3OxKsw9tYn+FzN+CeaONlOBluLZS80/EI0EhDtovQtjVWqK6
edjh2ZeZcgAK3+OATFcsQOXVia0CAwEAAaOCAiowggImMB0GA1UdDgQWBBTD1vTT
UHRYuCJueAIq6oq5qcH6OTAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTMyMTQ3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MGUGCCsGAQUFBwEHAQH/BFYwVDAyBAIAATAsAwQEAUcQAwQEAUdAMAwDBAQBR5AD
BAMBR6ADBAM7MSgDBAQ7MVADBAA7MXUwHgQCAAIwGAMGACQOAATgAwYEJA4JJAAD
BgQkDgklADANBgkqhkiG9w0BAQsFAAOCAQEAPePSznrzGUqnR0xuBp8GHdAAXYsP
ZhSmmTg15FE23vV09P/RP8VkdJPX44x2JRhG54+RTDeEQJccIN2TGfn2Fjd2XAJG
Zr3CsWawVOy9J45dG3+7dPJ7dbAQiX7N85rkw8jffMfycPMdM9HMefxKJWOVLdnu
t2Lsfx5cMS5q+wwaWPICtu5nS7k3gxYJ0mwBUOXX5vGmgq3YHjPw4tlmM7jN1VOS
WfljdcXbkQFlg8X6ty82SVJd4I/zp+NMaPIzQM2tdghL2gsAEZYBIycmsGBfn8Sr
jX6x8Ef2EZuJLYl1egs+LFNJEd78pxJ2Io8HNXRzzyHjPvXCqjQR1RZtKA==
-----END CERTIFICATE-----
Generated at Sun Jun 14 05:17:38 2026 by rpki-client