Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS138169.roa
File: AS138169.roa (raw, json)
Hash identifier: +OkVYdkYv5Ysn2xIvTPwsHkcBTOrI1gl5fCjs4hijks=
Subject key identifier: E7:CA:B2:1A:41:14:38:6C:07:8C:E3:7E:39:C5:91:95:3E:AB:B1:40
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 71504BBCF4A3DAA99CA114D1B8771C1DF4F90AA3
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS138169.roa
Signing time: Thu 11 Jun 2026 16:06:34 +0000
ROA not before: Thu 11 Jun 2026 16:01:34 +0000
ROA not after: Thu 10 Jun 2027 16:06:34 +0000
asID: 138169
IP address blocks: 106.127.128.0/21 maxlen: 21
113.12.80.0/22 maxlen: 22
113.12.84.0/24 maxlen: 24
113.13.16.0/23 maxlen: 23
113.17.140.0/23 maxlen: 23
113.17.168.0/23 maxlen: 23
113.17.170.0/23 maxlen: 23
113.17.172.0/24 maxlen: 24
113.17.173.0/24 maxlen: 24
113.17.174.0/23 maxlen: 23
113.17.184.0/23 maxlen: 23
116.1.239.0/24 maxlen: 24
116.8.116.0/24 maxlen: 24
116.8.119.0/24 maxlen: 24
116.10.125.0/24 maxlen: 24
116.10.184.0/24 maxlen: 24
116.10.185.0/24 maxlen: 24
116.10.186.0/24 maxlen: 24
116.10.187.0/24 maxlen: 24
116.10.188.0/24 maxlen: 24
116.10.189.0/24 maxlen: 24
116.10.190.0/24 maxlen: 24
116.10.191.0/24 maxlen: 24
116.11.252.0/23 maxlen: 23
116.11.254.0/24 maxlen: 24
116.11.255.0/24 maxlen: 24
116.252.178.0/23 maxlen: 23
116.252.180.0/23 maxlen: 23
116.252.183.0/24 maxlen: 24
116.252.184.0/24 maxlen: 24
116.252.187.0/24 maxlen: 24
116.253.189.0/24 maxlen: 24
116.253.190.0/24 maxlen: 24
116.253.191.0/24 maxlen: 24
124.226.64.0/22 maxlen: 22
171.105.16.0/20 maxlen: 20
171.105.56.0/21 maxlen: 21
171.105.184.0/21 maxlen: 21
171.105.192.0/21 maxlen: 21
171.105.216.0/21 maxlen: 21
171.105.224.0/20 maxlen: 20
171.107.78.0/24 maxlen: 24
171.107.80.0/24 maxlen: 24
171.107.81.0/24 maxlen: 24
171.107.82.0/24 maxlen: 24
171.107.83.0/24 maxlen: 24
171.107.84.0/22 maxlen: 22
171.107.184.0/22 maxlen: 22
171.107.188.0/22 maxlen: 22
171.108.208.0/20 maxlen: 20
171.109.96.0/20 maxlen: 20
171.111.152.0/24 maxlen: 24
171.111.153.0/24 maxlen: 24
171.111.154.0/24 maxlen: 24
171.111.155.0/24 maxlen: 24
171.111.156.0/24 maxlen: 24
171.111.157.0/24 maxlen: 24
171.111.158.0/24 maxlen: 24
171.111.159.0/24 maxlen: 24
171.111.192.0/21 maxlen: 21
171.111.216.0/21 maxlen: 21
180.137.254.0/23 maxlen: 23
180.138.248.0/23 maxlen: 23
180.138.250.0/23 maxlen: 23
218.65.131.0/24 maxlen: 24
218.65.134.0/24 maxlen: 24
218.65.171.0/24 maxlen: 24
219.159.84.0/22 maxlen: 22
219.159.249.0/24 maxlen: 24
222.216.188.0/23 maxlen: 23
222.216.190.0/23 maxlen: 23
222.216.228.0/22 maxlen: 22
240e:49:5000::/37 maxlen: 37
240e:a5:4000::/37 maxlen: 37
240e:250:200::/40 maxlen: 40
240e:250:2a00::/40 maxlen: 40
240e:950:800::/38 maxlen: 38
240e:951:2c00::/38 maxlen: 38
240e:982:3201::/48 maxlen: 48
240e:982:320f::/48 maxlen: 48
240e:982:3400::/40 maxlen: 40
240e:982:3500::/40 maxlen: 40
240e:982:3601::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:50:4b:bc:f4:a3:da:a9:9c:a1:14:d1:b8:77:1c:1d:f4:f9:0a:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: Jun 11 16:01:34 2026 GMT
Not After : Jun 10 16:06:34 2027 GMT
Subject: CN=E7CAB21A4114386C078CE37E39C591953EABB140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:3e:d0:e5:da:a2:e4:a8:a7:19:20:fb:57:5c:
7e:d5:c2:c6:f5:73:79:70:66:02:12:5f:10:f5:b3:
72:26:8c:f5:fe:55:60:d7:40:aa:04:e5:94:cc:e1:
e6:dd:ca:6d:3b:5f:50:26:88:46:b4:d5:54:cf:e8:
f0:77:48:27:af:e9:f9:a1:7c:28:85:a2:35:28:07:
f8:8c:c1:1e:55:4d:15:16:01:cd:a4:99:12:56:13:
98:8d:de:fd:7d:85:1f:10:2b:c4:49:30:bc:c7:4d:
0b:a7:50:ce:68:ec:d8:b8:81:9e:5e:29:f2:50:38:
0f:2a:69:0a:c9:6b:60:4e:15:df:c7:87:f8:80:a0:
de:e3:60:55:96:b8:bf:78:a9:d9:3d:ed:88:99:7b:
4a:6b:8b:9a:bd:96:76:8e:8a:a7:81:e5:ff:91:64:
ae:51:36:dd:44:a1:2f:3e:e3:1f:03:2c:da:bb:96:
73:8f:7a:a5:76:09:5d:da:88:63:4c:b5:57:ee:4a:
81:80:7e:52:73:fb:b4:47:23:b5:95:ed:8a:80:02:
59:00:09:74:16:9d:b1:47:d6:57:3d:d7:5c:7f:c8:
68:bc:d5:8a:06:b4:7a:28:7a:34:d8:ec:6a:43:7f:
40:05:eb:73:37:c9:25:c0:c6:9b:39:d5:d5:be:6c:
07:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:CA:B2:1A:41:14:38:6C:07:8C:E3:7E:39:C5:91:95:3E:AB:B1:40
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS138169.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
106.127.128.0/21
113.12.80.0-113.12.84.255
113.13.16.0/23
113.17.140.0/23
113.17.168.0/21
113.17.184.0/23
116.1.239.0/24
116.8.116.0/24
116.8.119.0/24
116.10.125.0/24
116.10.184.0/21
116.11.252.0/22
116.252.178.0-116.252.181.255
116.252.183.0-116.252.184.255
116.252.187.0/24
116.253.189.0-116.253.191.255
124.226.64.0/22
171.105.16.0/20
171.105.56.0/21
171.105.184.0-171.105.199.255
171.105.216.0-171.105.239.255
171.107.78.0/24
171.107.80.0/21
171.107.184.0/21
171.108.208.0/20
171.109.96.0/20
171.111.152.0/21
171.111.192.0/21
171.111.216.0/21
180.137.254.0/23
180.138.248.0/22
218.65.131.0/24
218.65.134.0/24
218.65.171.0/24
219.159.84.0/22
219.159.249.0/24
222.216.188.0/22
222.216.228.0/22
IPv6:
240e:49:5000::/37
240e:a5:4000::/37
240e:250:200::/40
240e:250:2a00::/40
240e:950:800::/38
240e:951:2c00::/38
240e:982:3201::/48
240e:982:320f::/48
240e:982:3400::/39
240e:982:3601::/48
Signature Algorithm: sha256WithRSAEncryption
42:ae:87:49:74:d2:53:c0:09:95:4b:b4:00:ee:41:4e:ae:18:
13:65:60:39:93:5a:c9:23:3d:26:15:99:38:c3:13:2a:79:61:
70:b9:a0:4a:e8:b7:69:02:75:51:1d:b5:3c:44:09:8f:ef:4c:
f0:20:00:7c:95:6a:5f:1d:d0:16:9f:ef:43:f1:df:18:de:e8:
7a:c0:f5:10:0a:2f:b0:b8:f2:67:66:02:33:16:9a:85:a3:01:
bf:14:6e:39:9e:f1:7f:71:0e:d0:9a:c7:d9:40:5a:80:1a:4d:
ba:95:6e:cf:bc:30:2d:e8:13:d2:df:35:b4:0c:bf:26:e5:40:
bd:62:08:b0:db:88:15:7a:ea:2b:6a:10:1e:a6:21:1e:25:88:
66:70:36:50:c3:80:80:29:56:d3:62:35:1f:97:ca:25:c5:05:
f4:aa:58:0e:a6:4f:15:9c:2e:52:54:da:d2:7c:3e:4f:2d:10:
9f:e4:b9:c4:e9:28:83:d7:c5:54:a7:b7:d0:aa:fb:b3:56:1a:
f7:92:87:eb:03:bc:9d:fb:3c:25:89:5a:92:3d:c6:05:b3:5e:
16:21:db:b9:91:28:2e:00:37:70:ab:a0:f9:be:b9:55:13:3d:
5d:f7:9d:6c:3e:e7:19:2a:72:58:3d:75:68:fb:8f:8a:fc:92:
fd:8a:34:de
-----BEGIN CERTIFICATE-----
MIIGZDCCBUygAwIBAgIUcVBLvPSj2qmcoRTRuHccHfT5CqMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYxMTE2MDEzNFoX
DTI3MDYxMDE2MDYzNFowMzExMC8GA1UEAxMoRTdDQUIyMUE0MTE0Mzg2QzA3OENF
MzdFMzlDNTkxOTUzRUFCQjE0MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPE+0OXaouSopxkg+1dcftXCxvVzeXBmAhJfEPWzciaM9f5VYNdAqgTllMzh
5t3KbTtfUCaIRrTVVM/o8HdIJ6/p+aF8KIWiNSgH+IzBHlVNFRYBzaSZElYTmI3e
/X2FHxArxEkwvMdNC6dQzmjs2LiBnl4p8lA4DyppCslrYE4V38eH+ICg3uNgVZa4
v3ip2T3tiJl7SmuLmr2Wdo6Kp4Hl/5FkrlE23UShLz7jHwMs2ruWc496pXYJXdqI
Y0y1V+5KgYB+UnP7tEcjtZXtioACWQAJdBadsUfWVz3XXH/IaLzViga0eih6NNjs
akN/QAXrczfJJcDGmznV1b5sB8ECAwEAAaOCA1cwggNTMB0GA1UdDgQWBBTnyrIa
QRQ4bAeM4345xZGVPquxQDAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTM4MTY5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIIBkAYIKwYBBQUHAQcBAf8EggF/MIIBezCCARwEAgABMIIBFAMEA2p/gDAMAwQE
cQxQAwQAcQxUAwQBcQ0QAwQBcRGMAwQDcRGoAwQBcRG4AwQAdAHvAwQAdAh0AwQA
dAh3AwQAdAp9AwQDdAq4AwQCdAv8MAwDBAF0/LIDBAF0/LQwDAMEAHT8twMEAHT8
uAMEAHT8uzAMAwQAdP29AwQGdP2AAwQCfOJAAwQEq2kQAwQDq2k4MAwDBAOrabgD
BAOracAwDAMEA6tp2AMEBKtp4AMEAKtrTgMEA6trUAMEA6truAMEBKts0AMEBKtt
YAMEA6tvmAMEA6tvwAMEA6tv2AMEAbSJ/gMEArSK+AMEANpBgwMEANpBhgMEANpB
qwMEAtufVAMEANuf+QMEAt7YvAMEAt7Y5DBZBAIAAjBTAwYDJA4ASVADBgMkDgCl
QAMGACQOAlACAwYAJA4CUCoDBgIkDglQCAMGAiQOCVEsAwcAJA4JgjIBAwcAJA4J
gjIPAwYBJA4JgjQDBwAkDgmCNgEwDQYJKoZIhvcNAQELBQADggEBAEKuh0l00lPA
CZVLtADuQU6uGBNlYDmTWskjPSYVmTjDEyp5YXC5oErot2kCdVEdtTxECY/vTPAg
AHyVal8d0Baf70Px3xje6HrA9RAKL7C48mdmAjMWmoWjAb8Ubjme8X9xDtCax9lA
WoAaTbqVbs+8MC3oE9LfNbQMvyblQL1iCLDbiBV66itqEB6mIR4liGZwNlDDgIAp
VtNiNR+XyiXFBfSqWA6mTxWcLlJU2tJ8Pk8tEJ/kucTpKIPXxVSnt9Cq+7NWGveS
h+sDvJ37PCWJWpI9xgWzXhYh27mRKC4AN3CroPm+uVUTPV33nWw+5xkqclg9dWj7
j4r8kv2KNN4=
-----END CERTIFICATE-----
Generated at Sun Jun 14 01:22:41 2026 by rpki-client