Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS136195.roa
File: AS136195.roa (raw, json)
Hash identifier: qW1eKV53NG98242w5CXNeAkpld1Ygq9YjPOgkyvT6WE=
Subject key identifier: 13:23:C0:7E:F2:3F:52:B3:27:9D:1D:9D:70:E6:D6:66:37:EA:A6:27
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 1926AAA45FDCD87D76E0399C626FDC5DAEADB916
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS136195.roa
Signing time: Wed 03 Jun 2026 17:39:02 +0000
ROA not before: Wed 03 Jun 2026 17:34:02 +0000
ROA not after: Wed 02 Jun 2027 17:39:02 +0000
asID: 136195
IP address blocks: 150.138.99.0/24 maxlen: 24
150.138.112.0/21 maxlen: 21
150.138.126.0/23 maxlen: 23
150.138.135.0/24 maxlen: 24
150.139.128.0/19 maxlen: 19
150.139.192.0/19 maxlen: 19
182.40.32.0/20 maxlen: 20
182.40.96.0/20 maxlen: 20
182.40.96.0/24 maxlen: 24
182.40.97.0/24 maxlen: 24
182.40.98.0/24 maxlen: 24
182.40.99.0/24 maxlen: 24
182.40.102.0/24 maxlen: 24
182.40.103.0/24 maxlen: 24
182.40.104.0/24 maxlen: 24
182.40.105.0/24 maxlen: 24
182.40.106.0/24 maxlen: 24
182.40.107.0/24 maxlen: 24
182.40.108.0/24 maxlen: 24
182.40.109.0/24 maxlen: 24
182.40.160.0/21 maxlen: 21
182.40.192.0/19 maxlen: 19
240e:e:b800::/37 maxlen: 37
240e:108:4e::/48 maxlen: 48
240e:108:86::/48 maxlen: 48
240e:108:1100::/48 maxlen: 48
240e:108:1101::/48 maxlen: 48
240e:244:200::/40 maxlen: 40
240e:244:300::/40 maxlen: 40
240e:945::/36 maxlen: 36
240e:945:4400::/40 maxlen: 40
240e:980:4e00::/40 maxlen: 40
240e:980:8600::/40 maxlen: 40
240e:982::/40 maxlen: 40
240e:982:100::/40 maxlen: 40
240e:982:200::/40 maxlen: 40
240e:982:300::/40 maxlen: 40
240e:983:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:26:aa:a4:5f:dc:d8:7d:76:e0:39:9c:62:6f:dc:5d:ae:ad:b9:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: Jun 3 17:34:02 2026 GMT
Not After : Jun 2 17:39:02 2027 GMT
Subject: CN=1323C07EF23F52B3279D1D9D70E6D66637EAA627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5d:71:6e:3a:85:7a:0d:e3:28:02:ea:58:75:
ef:a7:cb:3f:67:1b:a2:d4:b7:69:29:06:dd:be:b7:
8b:10:cc:f6:23:66:99:03:f5:c9:83:64:c4:d8:27:
b3:cd:de:0d:f4:3c:26:bd:e6:fa:88:42:be:5e:ed:
3c:ba:7d:a6:dc:20:ae:c4:bc:ed:40:45:71:42:33:
5f:45:42:2e:dc:30:86:00:49:f6:d0:63:78:59:74:
e6:c1:a0:57:25:da:aa:61:aa:86:a7:8b:ea:d0:68:
82:eb:90:c0:7f:4a:b7:e9:05:dd:35:d0:db:26:3a:
9f:8b:83:09:e8:47:a8:4a:80:c2:d7:ac:7b:18:84:
84:40:32:60:73:10:29:31:cb:1b:2c:5b:fc:6a:9d:
da:6f:1f:35:b6:55:4e:8a:0d:b4:51:01:17:ac:6f:
ff:b1:7f:33:a1:4a:c8:a2:22:e7:ec:be:c9:c9:ad:
e1:84:ae:12:c6:22:f8:cb:91:e2:63:53:0c:7e:fc:
e8:4a:f3:db:31:94:89:45:ee:a4:96:d0:6d:de:4c:
4b:5a:18:c6:7b:d5:24:4f:76:1d:01:af:51:d9:21:
89:59:c9:0a:18:cd:b0:87:cb:0b:e0:7b:c4:ca:90:
0a:6d:6b:2f:35:fd:62:b8:b4:eb:76:58:d7:2d:bb:
81:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:23:C0:7E:F2:3F:52:B3:27:9D:1D:9D:70:E6:D6:66:37:EA:A6:27
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS136195.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.138.99.0/24
150.138.112.0/21
150.138.126.0/23
150.138.135.0/24
150.139.128.0/19
150.139.192.0/19
182.40.32.0/20
182.40.96.0/20
182.40.160.0/21
182.40.192.0/19
IPv6:
240e:e:b800::/37
240e:108:4e::/48
240e:108:86::/48
240e:108:1100::/47
240e:244:200::/39
240e:945::/36
240e:945:4400::/40
240e:980:4e00::/40
240e:980:8600::/40
240e:982::/38
240e:983:1000::/48
Signature Algorithm: sha256WithRSAEncryption
0c:57:3a:21:cf:70:79:54:c1:36:c0:32:90:6e:a6:ce:9c:1d:
70:0c:3e:f2:58:dc:f9:95:94:e4:0f:7e:3f:94:1a:ae:4b:6a:
13:a7:15:70:51:99:9b:59:fa:2a:e8:b4:1f:4f:ec:38:0f:dd:
91:c5:d8:e6:26:7a:4c:13:f2:68:43:91:90:a7:ed:ac:a0:76:
76:31:9f:0d:12:0b:8c:a0:29:88:4e:06:1e:39:db:c7:8c:e3:
b4:0b:49:fc:16:10:d2:93:06:94:02:fb:cc:36:df:0f:b6:75:
3f:2f:7e:d4:de:27:5a:3f:7c:53:49:9b:41:e5:39:32:fe:b8:
f4:85:ce:aa:77:f8:b5:8a:33:2c:44:65:c4:80:c2:67:f3:9b:
3c:39:89:ca:7d:95:ef:52:cd:3c:db:75:a8:f1:f1:dd:c8:66:
c5:49:a8:0a:d7:82:62:ec:79:28:49:16:af:7d:67:2b:45:00:
64:0a:56:5c:ee:1c:ad:d6:ea:df:2a:d8:0a:a5:79:74:6b:65:
7a:fb:34:a3:c0:2f:70:ba:c5:b8:89:e5:30:25:9f:19:0e:d5:
8c:19:13:80:c9:a7:a5:be:6a:36:99:64:58:d9:a0:37:fe:93:
d0:31:3a:f9:d5:79:4b:c1:12:93:72:7f:fe:59:d8:5b:04:54:
03:90:a4:b4
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIUGSaqpF/c2H124DmcYm/cXa6tuRYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYwMzE3MzQwMloX
DTI3MDYwMjE3MzkwMlowMzExMC8GA1UEAxMoMTMyM0MwN0VGMjNGNTJCMzI3OUQx
RDlENzBFNkQ2NjYzN0VBQTYyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMBdcW46hXoN4ygC6lh176fLP2cbotS3aSkG3b63ixDM9iNmmQP1yYNkxNgn
s83eDfQ8Jr3m+ohCvl7tPLp9ptwgrsS87UBFcUIzX0VCLtwwhgBJ9tBjeFl05sGg
VyXaqmGqhqeL6tBoguuQwH9Kt+kF3TXQ2yY6n4uDCehHqEqAwtesexiEhEAyYHMQ
KTHLGyxb/Gqd2m8fNbZVTooNtFEBF6xv/7F/M6FKyKIi5+y+ycmt4YSuEsYi+MuR
4mNTDH786Erz2zGUiUXupJbQbd5MS1oYxnvVJE92HQGvUdkhiVnJChjNsIfLC+B7
xMqQCm1rLzX9Yri063ZY1y27gQkCAwEAAaOCAoEwggJ9MB0GA1UdDgQWBBQTI8B+
8j9SsyedHZ1w5tZmN+qmJzAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTM2MTk1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIG7BggrBgEFBQcBBwEB/wSBqzCBqDBCBAIAATA8AwQAlopjAwQDlopwAwQBlop+
AwQAloqHAwQFlouAAwQFlovAAwQEtiggAwQEtihgAwQDtiigAwQFtijAMGIEAgAC
MFwDBgMkDgAOuAMHACQOAQgATgMHACQOAQgAhgMHASQOAQgRAAMGASQOAkQCAwYE
JA4JRQADBgAkDglFRAMGACQOCYBOAwYAJA4JgIYDBgIkDgmCAAMHACQOCYMQADAN
BgkqhkiG9w0BAQsFAAOCAQEADFc6Ic9weVTBNsAykG6mzpwdcAw+8ljc+ZWU5A9+
P5QarktqE6cVcFGZm1n6Kui0H0/sOA/dkcXY5iZ6TBPyaEORkKftrKB2djGfDRIL
jKApiE4GHjnbx4zjtAtJ/BYQ0pMGlAL7zDbfD7Z1Py9+1N4nWj98U0mbQeU5Mv64
9IXOqnf4tYozLERlxIDCZ/ObPDmJyn2V71LNPNt1qPHx3chmxUmoCteCYux5KEkW
r31nK0UAZApWXO4crdbq3yrYCqV5dGtlevs0o8AvcLrFuInlMCWfGQ7VjBkTgMmn
pb5qNplkWNmgN/6T0DE6+dV5S8ESk3J//lnYWwRUA5CktA==
-----END CERTIFICATE-----
Generated at Sun Jun 14 01:22:30 2026 by rpki-client