Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS134763.roa
File: AS134763.roa (raw, json)
Hash identifier: 2k1SdIG4PRNpkpCpEEocdhGn4s+Z93gNFEeavsCVJBU=
Subject key identifier: FA:5E:3F:C2:9F:6E:29:C7:2D:E8:BE:00:5D:12:82:4B:BD:EA:95:06
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 07D14DE694FDD158F8F6E4AD22E7346413004A60
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS134763.roa
Signing time: Tue 26 May 2026 18:09:33 +0000
ROA not before: Tue 26 May 2026 18:04:33 +0000
ROA not after: Tue 25 May 2027 18:09:33 +0000
asID: 134763
IP address blocks: 14.17.64.0/19 maxlen: 19
14.22.12.0/22 maxlen: 22
14.22.36.0/22 maxlen: 22
14.22.40.0/22 maxlen: 22
14.22.44.0/22 maxlen: 22
14.152.80.0/20 maxlen: 20
59.36.96.0/21 maxlen: 21
59.36.103.0/24 maxlen: 24
59.36.107.0/24 maxlen: 24
59.36.108.0/24 maxlen: 24
59.38.96.0/21 maxlen: 21
59.38.112.0/21 maxlen: 21
61.141.48.0/23 maxlen: 23
113.96.254.0/24 maxlen: 24
113.105.136.0/21 maxlen: 21
113.105.144.0/20 maxlen: 20
113.105.160.0/20 maxlen: 20
113.113.112.0/21 maxlen: 21
113.113.114.0/24 maxlen: 24
113.113.115.0/24 maxlen: 24
119.147.96.0/21 maxlen: 21
119.147.104.0/21 maxlen: 21
119.147.112.0/21 maxlen: 21
119.147.120.0/21 maxlen: 21
119.147.128.0/21 maxlen: 21
119.147.144.0/20 maxlen: 20
121.12.104.0/21 maxlen: 21
121.12.112.0/20 maxlen: 20
121.12.168.0/21 maxlen: 21
121.14.128.0/21 maxlen: 21
121.14.136.0/22 maxlen: 22
121.14.140.0/22 maxlen: 22
121.14.144.0/22 maxlen: 22
121.14.148.0/22 maxlen: 22
121.14.152.0/21 maxlen: 21
183.2.192.0/20 maxlen: 20
183.6.224.0/20 maxlen: 20
183.60.128.0/20 maxlen: 20
183.60.144.0/21 maxlen: 21
183.60.152.0/21 maxlen: 21
183.60.160.0/21 maxlen: 21
183.60.168.0/21 maxlen: 21
183.60.224.0/21 maxlen: 21
183.61.160.0/19 maxlen: 19
183.61.224.0/19 maxlen: 19
218.16.117.0/24 maxlen: 24
218.16.118.0/23 maxlen: 23
218.16.120.0/21 maxlen: 21
219.128.210.0/24 maxlen: 24
219.128.213.0/24 maxlen: 24
240e:1f:7000::/36 maxlen: 36
240e:1f:7000::/43 maxlen: 43
240e:1f:7020::/43 maxlen: 43
240e:1f:7040::/43 maxlen: 43
240e:1f:7060::/43 maxlen: 43
240e:1f:7080::/43 maxlen: 43
240e:1f:70a0::/43 maxlen: 43
240e:1f:70c0::/43 maxlen: 43
240e:1f:70e0::/43 maxlen: 43
240e:1f:7800::/37 maxlen: 37
240e:ff:9000::/36 maxlen: 36
240e:108:11e3::/48 maxlen: 48
240e:97d::/36 maxlen: 36
240e:97d:c::/48 maxlen: 48
240e:97d:d::/48 maxlen: 48
240e:97d:e::/48 maxlen: 48
240e:97d:f::/48 maxlen: 48
240e:97d:16::/48 maxlen: 48
240e:97d:17::/48 maxlen: 48
240e:97d:1e::/48 maxlen: 48
240e:97d:1f::/48 maxlen: 48
240e:982:e300::/40 maxlen: 40
240e:983:1e02::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:d1:4d:e6:94:fd:d1:58:f8:f6:e4:ad:22:e7:34:64:13:00:4a:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: May 26 18:04:33 2026 GMT
Not After : May 25 18:09:33 2027 GMT
Subject: CN=FA5E3FC29F6E29C72DE8BE005D12824BBDEA9506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a4:7c:4c:fa:8f:89:e3:bc:a3:ef:14:2f:85:
33:9c:7f:ee:64:48:cc:f0:58:52:fd:a4:9a:d2:12:
f9:49:fe:6e:20:b9:83:a0:59:b5:c7:3c:db:9d:8e:
78:f1:2a:97:89:6c:40:37:46:d6:c9:4f:c5:0e:ba:
4b:6a:f7:2d:85:64:f4:e9:4d:0a:25:3d:1f:03:70:
4a:94:87:de:22:0e:4a:03:42:17:75:b2:31:cd:6d:
81:8c:50:27:fa:c3:21:f3:6d:a3:d8:e4:68:c9:58:
96:29:b6:92:83:40:91:2e:83:a7:d5:9a:ed:9d:cf:
20:e3:4f:38:39:b6:5f:bf:ec:52:4a:fc:5f:bb:07:
ce:76:8b:85:61:91:d0:12:cd:88:3b:8e:f8:ef:ae:
3a:f2:ed:6a:d1:c7:02:a2:8e:99:e0:c9:c3:6d:53:
9b:c3:55:f5:9f:54:76:6f:13:2d:09:6f:f3:6b:c2:
75:66:34:8e:ad:5a:8b:13:8c:8b:93:0c:8c:32:99:
e0:98:d9:96:dd:14:05:88:26:1f:4b:4b:0c:eb:a0:
ac:22:35:da:c1:d0:13:27:81:ae:99:95:b0:4f:83:
f1:17:e8:ea:db:e3:21:83:1b:cd:98:64:ea:7f:d5:
f7:23:e2:64:30:fb:94:5b:57:e6:6c:3e:76:99:a0:
dc:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5E:3F:C2:9F:6E:29:C7:2D:E8:BE:00:5D:12:82:4B:BD:EA:95:06
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS134763.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.17.64.0/19
14.22.12.0/22
14.22.36.0-14.22.47.255
14.152.80.0/20
59.36.96.0/21
59.36.107.0-59.36.108.255
59.38.96.0/21
59.38.112.0/21
61.141.48.0/23
113.96.254.0/24
113.105.136.0-113.105.175.255
113.113.112.0/21
119.147.96.0-119.147.135.255
119.147.144.0/20
121.12.104.0-121.12.127.255
121.12.168.0/21
121.14.128.0/19
183.2.192.0/20
183.6.224.0/20
183.60.128.0-183.60.175.255
183.60.224.0/21
183.61.160.0/19
183.61.224.0/19
218.16.117.0-218.16.127.255
219.128.210.0/24
219.128.213.0/24
IPv6:
240e:1f:7000::/36
240e:ff:9000::/36
240e:108:11e3::/48
240e:97d::/36
240e:982:e300::/40
240e:983:1e02::/48
Signature Algorithm: sha256WithRSAEncryption
1d:cd:18:8e:5d:dc:f4:32:00:28:84:cd:5d:dd:68:ed:00:cc:
c1:0d:9e:24:00:fb:c0:bc:f1:55:7a:bd:b4:46:3a:52:84:22:
68:db:2b:a0:a8:e0:d9:f4:9c:57:af:32:0a:16:69:9b:10:91:
c3:64:bb:15:3f:0b:8a:6d:29:dc:d3:a2:b6:cb:a7:92:5a:9c:
7e:28:85:d5:3e:f3:a6:0d:86:63:b8:0f:e3:9c:f2:b7:46:fb:
de:8a:1d:b6:aa:47:ec:09:23:89:85:15:e7:c6:6c:c6:7d:6f:
29:ce:e9:b9:81:c2:04:2d:97:3c:49:54:19:ef:d8:e8:2f:25:
23:84:23:81:76:ec:48:ec:30:36:43:61:1b:cd:ed:76:6e:df:
aa:4c:90:7d:ee:4d:9b:b1:04:bb:f7:e6:0d:76:bc:aa:df:54:
9f:1e:0d:22:45:f2:ab:56:34:c5:78:d7:43:89:f3:9b:9b:0a:
21:7f:84:ee:37:8c:43:1d:4a:6a:34:86:28:ae:8a:01:27:6a:
87:9e:de:9a:b1:95:f4:8b:7c:bb:d3:c9:cd:70:e6:c4:ff:3e:
c8:4b:a5:15:22:95:fe:4a:10:c7:6d:82:cb:3d:d2:f5:cd:9a:
78:e4:82:2c:80:4d:2a:a2:37:af:2f:54:82:d5:f3:e7:c4:2e:
31:e1:24:e7
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgIUB9FN5pT90Vj49uStIuc0ZBMASmAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDUyNjE4MDQzM1oX
DTI3MDUyNTE4MDkzM1owMzExMC8GA1UEAxMoRkE1RTNGQzI5RjZFMjlDNzJERThC
RTAwNUQxMjgyNEJCREVBOTUwNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANekfEz6j4njvKPvFC+FM5x/7mRIzPBYUv2kmtIS+Un+biC5g6BZtcc8252O
ePEql4lsQDdG1slPxQ66S2r3LYVk9OlNCiU9HwNwSpSH3iIOSgNCF3WyMc1tgYxQ
J/rDIfNto9jkaMlYlim2koNAkS6Dp9Wa7Z3PIONPODm2X7/sUkr8X7sHznaLhWGR
0BLNiDuO+O+uOvLtatHHAqKOmeDJw21Tm8NV9Z9Udm8TLQlv82vCdWY0jq1aixOM
i5MMjDKZ4JjZlt0UBYgmH0tLDOugrCI12sHQEyeBrpmVsE+D8Rfo6tvjIYMbzZhk
6n/V9yPiZDD7lFtX5mw+dpmg3M0CAwEAAaOCAvQwggLwMB0GA1UdDgQWBBT6Xj/C
n24pxy3ovgBdEoJLveqVBjAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTM0NzYzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCB2wQCAAEwgdQDBAUOEUADBAIOFgww
DAMEAg4WJAMEBA4WIAMEBA6YUAMEAzskYDAMAwQAOyRrAwQAOyRsAwQDOyZgAwQD
OyZwAwQBPY0wAwQAcWD+MAwDBANxaYgDBARxaaADBANxcXAwDAMEBXeTYAMEA3eT
gAMEBHeTkDAMAwQDeQxoAwQHeQwAAwQDeQyoAwQFeQ6AAwQEtwLAAwQEtwbgMAwD
BAe3PIADBAS3PKADBAO3POADBAW3PaADBAW3PeAwDAMEANoQdQMEB9oQAAMEANuA
0gMEANuA1TA4BAIAAjAyAwYEJA4AH3ADBgQkDgD/kAMHACQOAQgR4wMGBCQOCX0A
AwYAJA4JguMDBwAkDgmDHgIwDQYJKoZIhvcNAQELBQADggEBAB3NGI5d3PQyACiE
zV3daO0AzMENniQA+8C88VV6vbRGOlKEImjbK6Co4Nn0nFevMgoWaZsQkcNkuxU/
C4ptKdzTorbLp5JanH4ohdU+86YNhmO4D+Oc8rdG+96KHbaqR+wJI4mFFefGbMZ9
bynO6bmBwgQtlzxJVBnv2OgvJSOEI4F27EjsMDZDYRvN7XZu36pMkH3uTZuxBLv3
5g12vKrfVJ8eDSJF8qtWNMV410OJ85ubCiF/hO43jEMdSmo0hiiuigEnaoee3pqx
lfSLfLvTyc1w5sT/PshLpRUilf5KEMdtgss90vXNmnjkgiyATSqiN68vVILV8+fE
LjHhJOc=
-----END CERTIFICATE-----
Generated at Sun Jun 14 02:22:59 2026 by rpki-client