Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS132153.roa
File: AS132153.roa (raw, json)
Hash identifier: xS3EfABbXC5ilBo6/HI1++ve87BkTaeaT7V4J4AFbwQ=
Subject key identifier: 31:54:FC:7F:AD:D1:71:DF:93:A6:12:F2:6D:D7:D2:3B:57:61:3F:67
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 3636DF79EA0CE190CD77FF84F02C9CCCE9E2A2C6
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS132153.roa
Signing time: Tue 26 May 2026 16:04:15 +0000
ROA not before: Tue 26 May 2026 15:59:15 +0000
ROA not after: Tue 25 May 2027 16:04:15 +0000
asID: 132153
IP address blocks: 113.25.244.0/24 maxlen: 24
223.15.224.0/21 maxlen: 21
223.15.232.0/21 maxlen: 21
223.15.240.0/21 maxlen: 21
223.15.248.0/22 maxlen: 22
240e:108:1080::/48 maxlen: 48
240e:924:4000::/36 maxlen: 36
240e:925:3000::/36 maxlen: 36
240e:981:8000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:36:df:79:ea:0c:e1:90:cd:77:ff:84:f0:2c:9c:cc:e9:e2:a2:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: May 26 15:59:15 2026 GMT
Not After : May 25 16:04:15 2027 GMT
Subject: CN=3154FC7FADD171DF93A612F26DD7D23B57613F67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:98:2e:a0:51:6c:28:63:85:a8:30:c3:3b:cd:
5a:bb:e9:e3:9d:10:92:c1:3a:c2:8d:81:18:3b:6c:
4e:e4:0c:d7:c9:b0:1a:71:46:90:22:e6:fd:c9:79:
77:cf:a5:be:61:23:cb:51:09:ba:7f:db:76:54:31:
8d:10:7d:e9:74:83:18:78:0a:24:06:3b:6c:bc:eb:
55:f1:5a:42:e1:a8:9a:c0:ff:9e:ee:3f:4c:ec:19:
53:8a:d6:7a:01:8d:5b:db:eb:6c:2b:6f:2d:d5:f3:
24:0d:83:16:86:a5:99:a8:c6:12:9f:3d:48:04:11:
75:1d:5d:2d:7b:0a:02:e2:a9:1e:b6:51:d0:69:39:
7d:74:ff:42:ec:20:1c:4f:19:09:63:9d:df:93:97:
7a:57:5a:1b:5b:43:7f:55:a9:0b:6f:84:3e:15:11:
af:2b:a6:7b:c4:99:7c:4b:72:3e:98:46:45:85:2c:
df:67:66:b3:a7:e0:12:c2:4d:a1:f9:48:02:2d:6a:
0f:e2:88:1d:1f:7c:00:ab:9e:cf:b8:7c:0b:1f:8d:
8b:20:fa:4d:93:2a:59:e7:a7:08:38:60:47:32:70:
69:ad:43:07:e1:0f:1d:66:e2:80:68:39:94:2c:ca:
bc:3a:fc:53:e8:9b:8a:18:e1:02:85:74:d6:b6:ad:
dd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:54:FC:7F:AD:D1:71:DF:93:A6:12:F2:6D:D7:D2:3B:57:61:3F:67
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS132153.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
113.25.244.0/24
223.15.224.0-223.15.251.255
IPv6:
240e:108:1080::/48
240e:924:4000::/36
240e:925:3000::/36
240e:981:8000::/40
Signature Algorithm: sha256WithRSAEncryption
55:3c:c8:4d:69:09:dd:a8:bd:05:08:d4:3b:ad:04:65:69:e2:
82:fc:90:b3:18:ad:d9:36:c3:6f:9c:6c:5e:52:55:23:66:6f:
ea:d3:90:e0:0e:d3:d2:bf:c3:ed:4b:b0:2a:a0:fd:77:8d:04:
0d:a9:62:b6:22:44:a7:c2:5c:28:0c:ea:93:e6:28:59:a2:e6:
57:77:85:ab:bd:07:da:e5:de:d2:41:7e:1d:53:dc:b0:6b:41:
a6:c2:f7:f7:c5:a0:d0:82:db:ff:68:d0:76:c1:fc:b8:37:93:
3c:78:8f:d8:46:ce:65:e2:16:e1:42:6e:f6:cf:69:80:02:57:
70:31:64:63:ba:63:4a:43:f9:01:02:f4:d8:2f:47:21:9b:24:
4a:12:f5:06:1d:21:69:64:e4:fd:a9:e6:b7:6f:80:9a:4f:c3:
70:6d:24:06:98:b8:88:38:f2:f9:3a:38:0a:e1:ac:46:12:3c:
11:e2:91:ef:8e:8f:c1:89:69:0f:59:83:1c:7e:7d:d6:99:fe:
6b:7e:fd:10:e3:be:49:4e:61:41:8a:a9:1e:a8:55:0c:d0:e5:
86:73:02:d8:23:ea:d0:5d:f3:7b:b7:8e:f1:82:ed:f3:76:c1:
f9:e2:37:6b:48:9a:dc:1f:07:2a:10:d6:5b:e0:a0:b8:f5:24:
0c:f5:68:3d
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUNjbfeeoM4ZDNd/+E8CyczOniosYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDUyNjE1NTkxNVoX
DTI3MDUyNTE2MDQxNVowMzExMC8GA1UEAxMoMzE1NEZDN0ZBREQxNzFERjkzQTYx
MkYyNkREN0QyM0I1NzYxM0Y2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2YLqBRbChjhagwwzvNWrvp450QksE6wo2BGDtsTuQM18mwGnFGkCLm/cl5
d8+lvmEjy1EJun/bdlQxjRB96XSDGHgKJAY7bLzrVfFaQuGomsD/nu4/TOwZU4rW
egGNW9vrbCtvLdXzJA2DFoalmajGEp89SAQRdR1dLXsKAuKpHrZR0Gk5fXT/Quwg
HE8ZCWOd35OXeldaG1tDf1WpC2+EPhURryume8SZfEtyPphGRYUs32dms6fgEsJN
oflIAi1qD+KIHR98AKuez7h8Cx+NiyD6TZMqWeenCDhgRzJwaa1DB+EPHWbigGg5
lCzKvDr8U+ibihjhAoV01rat3fUCAwEAAaOCAhswggIXMB0GA1UdDgQWBBQxVPx/
rdFx35OmEvJt19I7V2E/ZzAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTMyMTUzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MFYGCCsGAQUFBwEHAQH/BEcwRTAaBAIAATAUAwQAcRn0MAwDBAXfD+ADBALfD/gw
JwQCAAIwIQMHACQOAQgQgAMGBCQOCSRAAwYEJA4JJTADBgAkDgmBgDANBgkqhkiG
9w0BAQsFAAOCAQEAVTzITWkJ3ai9BQjUO60EZWnigvyQsxit2TbDb5xsXlJVI2Zv
6tOQ4A7T0r/D7UuwKqD9d40EDalitiJEp8JcKAzqk+YoWaLmV3eFq70H2uXe0kF+
HVPcsGtBpsL398Wg0ILb/2jQdsH8uDeTPHiP2EbOZeIW4UJu9s9pgAJXcDFkY7pj
SkP5AQL02C9HIZskShL1Bh0haWTk/anmt2+Amk/DcG0kBpi4iDjy+To4CuGsRhI8
EeKR746PwYlpD1mDHH591pn+a379EOO+SU5hQYqpHqhVDNDlhnMC2CPq0F3ze7eO
8YLt83bB+eI3a0ia3B8HKhDWW+CguPUkDPVoPQ==
-----END CERTIFICATE-----
Generated at Sun Jun 14 01:22:44 2026 by rpki-client