Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS134770.roa
File: AS134770.roa (raw, json)
Hash identifier: /VB4Wuo5SIv1r4EgGNEVZXMxAUCaZA4VdtlbxcErdLw=
Subject key identifier: 39:F1:A1:64:ED:47:D8:2E:B5:61:AF:26:F6:4C:A7:8D:52:DE:6A:50
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 01A1228CA4BF4A4CD4359406E55A61CD54BFCB36
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS134770.roa
Signing time: Sat 30 May 2026 16:11:40 +0000
ROA not before: Sat 30 May 2026 16:06:40 +0000
ROA not after: Sat 29 May 2027 16:11:40 +0000
asID: 134770
IP address blocks: 58.211.215.0/24 maxlen: 24
61.155.134.0/24 maxlen: 24
61.155.135.0/24 maxlen: 24
61.155.139.0/24 maxlen: 24
61.155.171.0/24 maxlen: 24
61.160.174.0/24 maxlen: 24
61.160.175.0/24 maxlen: 24
61.160.179.0/24 maxlen: 24
114.219.141.0/24 maxlen: 24
117.81.94.0/24 maxlen: 24
117.81.175.0/24 maxlen: 24
121.228.171.0/24 maxlen: 24
121.228.173.0/24 maxlen: 24
121.228.174.0/24 maxlen: 24
121.228.176.0/24 maxlen: 24
121.228.177.0/24 maxlen: 24
121.228.178.0/24 maxlen: 24
121.228.179.0/24 maxlen: 24
121.228.180.0/24 maxlen: 24
121.228.181.0/24 maxlen: 24
121.228.182.0/24 maxlen: 24
121.228.183.0/24 maxlen: 24
121.228.184.0/24 maxlen: 24
180.97.79.0/24 maxlen: 24
180.97.93.0/24 maxlen: 24
180.97.94.0/24 maxlen: 24
180.97.95.0/24 maxlen: 24
180.101.80.0/22 maxlen: 22
180.101.84.0/23 maxlen: 23
180.101.86.0/24 maxlen: 24
180.101.210.0/24 maxlen: 24
180.101.211.0/24 maxlen: 24
180.101.212.0/22 maxlen: 22
180.101.216.0/24 maxlen: 24
218.94.231.0/24 maxlen: 24
218.94.232.0/24 maxlen: 24
221.224.84.0/24 maxlen: 24
221.224.105.0/24 maxlen: 24
221.224.139.0/24 maxlen: 24
221.224.220.0/24 maxlen: 24
240e:1a:150::/44 maxlen: 44
240e:e9:6800::/37 maxlen: 37
240e:979:e00::/40 maxlen: 40
240e:979:1e00::/40 maxlen: 40
240e:979:2e00::/40 maxlen: 40
240e:979:3e00::/40 maxlen: 40
240e:979:4e00::/40 maxlen: 40
240e:979:5e00::/40 maxlen: 40
240e:979:6e00::/40 maxlen: 40
240e:979:7e00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:a1:22:8c:a4:bf:4a:4c:d4:35:94:06:e5:5a:61:cd:54:bf:cb:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: May 30 16:06:40 2026 GMT
Not After : May 29 16:11:40 2027 GMT
Subject: CN=39F1A164ED47D82EB561AF26F64CA78D52DE6A50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3a:60:d5:b7:38:3e:f2:e9:43:40:6b:66:61:
e8:2e:e2:98:fb:bb:b3:c8:92:18:af:d2:68:3b:de:
a4:70:fa:31:b7:1d:cc:92:be:77:7d:4f:21:c8:a1:
a4:83:28:db:86:d6:32:f6:fd:17:35:49:f5:45:f5:
28:90:53:ff:ef:46:69:c0:18:e1:79:d6:19:0a:03:
c9:ed:df:d0:04:85:73:25:1b:07:c4:a4:d9:84:8e:
a8:a4:0a:6f:73:ed:b7:ae:b8:2a:40:99:94:50:cb:
1a:7f:6c:2a:ee:86:09:00:19:8c:43:07:c8:18:b0:
4a:4e:fa:c6:24:58:e3:fd:06:aa:f7:9e:c5:15:77:
34:28:87:93:17:c3:eb:79:3b:c8:d3:36:3c:38:83:
61:bc:d2:d6:6a:43:74:cb:43:cc:1b:c8:58:9b:33:
1a:64:b6:c2:36:b8:66:6e:cb:72:55:94:6d:16:1e:
78:21:81:b6:62:50:5f:9a:07:16:b5:f3:db:e3:2e:
ea:20:e1:8e:aa:b0:a2:3d:bb:8c:c1:53:95:be:1f:
2f:ae:76:b5:76:15:77:0f:77:92:27:46:5d:86:ce:
d7:27:56:df:f7:80:73:0a:95:90:d7:8e:05:f9:78:
d2:e5:f7:6e:ef:99:a3:db:21:aa:1a:bc:a7:ae:27:
67:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:F1:A1:64:ED:47:D8:2E:B5:61:AF:26:F6:4C:A7:8D:52:DE:6A:50
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS134770.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
58.211.215.0/24
61.155.134.0/23
61.155.139.0/24
61.155.171.0/24
61.160.174.0/23
61.160.179.0/24
114.219.141.0/24
117.81.94.0/24
117.81.175.0/24
121.228.171.0/24
121.228.173.0-121.228.174.255
121.228.176.0-121.228.184.255
180.97.79.0/24
180.97.93.0-180.97.95.255
180.101.80.0-180.101.86.255
180.101.210.0-180.101.216.255
218.94.231.0-218.94.232.255
221.224.84.0/24
221.224.105.0/24
221.224.139.0/24
221.224.220.0/24
IPv6:
240e:1a:150::/44
240e:e9:6800::/37
240e:979:e00::/40
240e:979:1e00::/40
240e:979:2e00::/40
240e:979:3e00::/40
240e:979:4e00::/40
240e:979:5e00::/40
240e:979:6e00::/40
240e:979:7e00::/40
Signature Algorithm: sha256WithRSAEncryption
9e:c2:e0:e7:55:4e:81:f1:2a:8c:5d:e3:d3:35:1c:55:3f:34:
7f:b2:3b:00:32:f4:f7:54:b8:b8:de:c1:6a:bf:4a:f9:a7:70:
30:a9:26:90:ca:5b:73:78:66:07:d7:c6:17:85:d6:d5:dc:0b:
fe:f6:8d:8d:73:5b:7e:5a:fb:55:7c:16:b3:92:b9:63:2a:68:
21:d2:67:61:aa:9d:ef:55:1d:8f:44:fd:24:c5:cc:bb:07:de:
88:b3:1c:de:c1:2e:54:ca:7f:d2:37:9c:fa:7e:b3:70:f5:83:
2e:39:9e:77:93:8a:81:72:31:59:3d:c7:c2:aa:11:91:a5:b4:
05:1f:bb:e5:70:62:4a:45:96:d7:43:df:d3:aa:21:72:63:53:
2f:1b:42:fb:6d:74:08:eb:2c:a5:69:8a:94:8f:a3:f2:db:fc:
d2:64:2a:7b:8f:b1:ac:0e:dc:20:c9:6e:7a:db:e5:24:a1:09:
a6:c3:cb:5d:63:ca:73:6e:e4:59:4e:73:ec:a7:0b:88:1a:0a:
f6:1f:46:d6:46:fe:fb:d6:91:e4:3e:57:dd:30:9e:13:33:6d:
f9:64:ee:60:13:86:77:53:57:18:04:1a:d5:a2:02:25:13:f9:
39:62:48:a4:b6:d8:7a:4f:d4:8d:49:7c:ae:93:3f:f0:9c:7c:
e7:9f:5d:39
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUAaEijKS/SkzUNZQG5VphzVS/yzYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDUzMDE2MDY0MFoX
DTI3MDUyOTE2MTE0MFowMzExMC8GA1UEAxMoMzlGMUExNjRFRDQ3RDgyRUI1NjFB
RjI2RjY0Q0E3OEQ1MkRFNkE1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALY6YNW3OD7y6UNAa2Zh6C7imPu7s8iSGK/SaDvepHD6MbcdzJK+d31PIcih
pIMo24bWMvb9FzVJ9UX1KJBT/+9GacAY4XnWGQoDye3f0ASFcyUbB8Sk2YSOqKQK
b3Ptt664KkCZlFDLGn9sKu6GCQAZjEMHyBiwSk76xiRY4/0GqveexRV3NCiHkxfD
63k7yNM2PDiDYbzS1mpDdMtDzBvIWJszGmS2wja4Zm7LclWUbRYeeCGBtmJQX5oH
FrXz2+Mu6iDhjqqwoj27jMFTlb4fL652tXYVdw93kidGXYbO1ydW3/eAcwqVkNeO
Bfl40uX3bu+Zo9shqhq8p64nZ3ECAwEAAaOCAu0wggLpMB0GA1UdDgQWBBQ58aFk
7UfYLrVhryb2TKeNUt5qUDAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTM0NzcwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIIBJgYIKwYBBQUHAQcBAf8EggEVMIIBETCBtQQCAAEwga4DBAA609cDBAE9m4YD
BAA9m4sDBAA9m6sDBAE9oK4DBAA9oLMDBABy240DBAB1UV4DBAB1Ua8DBAB55Ksw
DAMEAHnkrQMEAHnkrjAMAwQEeeSwAwQAeeS4AwQAtGFPMAwDBAC0YV0DBAW0YUAw
DAMEBLRlUAMEALRlVjAMAwQBtGXSAwQAtGXYMAwDBADaXucDBADaXugDBADd4FQD
BADd4GkDBADd4IsDBADd4NwwVwQCAAIwUQMHBCQOABoBUAMGAyQOAOloAwYAJA4J
eQ4DBgAkDgl5HgMGACQOCXkuAwYAJA4JeT4DBgAkDgl5TgMGACQOCXleAwYAJA4J
eW4DBgAkDgl5fjANBgkqhkiG9w0BAQsFAAOCAQEAnsLg51VOgfEqjF3j0zUcVT80
f7I7ADL091S4uN7Bar9K+adwMKkmkMpbc3hmB9fGF4XW1dwL/vaNjXNbflr7VXwW
s5K5YypoIdJnYaqd71Udj0T9JMXMuwfeiLMc3sEuVMp/0jec+n6zcPWDLjmed5OK
gXIxWT3HwqoRkaW0BR+75XBiSkWW10Pf06ohcmNTLxtC+210COsspWmKlI+j8tv8
0mQqe4+xrA7cIMluetvlJKEJpsPLXWPKc27kWU5z7KcLiBoK9h9G1kb++9aR5D5X
3TCeEzNt+WTuYBOGd1NXGAQa1aICJRP5OWJIpLbYek/UjUl8rpM/8Jx8559dOQ==
-----END CERTIFICATE-----
Generated at Sun Jun 14 01:22:39 2026 by rpki-client