Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS139203.roa
File: AS139203.roa (raw, json)
Hash identifier: kiM/YGjXZm1QsADwVVJuSWnvKEGZpyy5FmUVHYawYn0=
Subject key identifier: 03:07:82:2B:E1:C9:D2:17:0B:2F:E9:B9:49:98:57:EF:99:A6:BD:B9
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 4CF912BE20B09D9459D17F7803CF24CD6350B2AB
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS139203.roa
Signing time: Thu 28 May 2026 16:10:08 +0000
ROA not before: Thu 28 May 2026 16:05:08 +0000
ROA not after: Thu 27 May 2027 16:10:08 +0000
asID: 139203
IP address blocks: 58.42.2.0/24 maxlen: 24
58.42.5.0/24 maxlen: 24
58.42.8.0/21 maxlen: 21
58.42.9.0/24 maxlen: 24
58.42.10.0/24 maxlen: 24
58.42.14.0/24 maxlen: 24
58.42.15.0/24 maxlen: 24
58.42.48.0/20 maxlen: 20
106.108.56.0/21 maxlen: 21
106.108.72.0/21 maxlen: 21
106.108.88.0/21 maxlen: 21
111.123.53.0/24 maxlen: 24
111.123.54.0/24 maxlen: 24
111.123.55.0/24 maxlen: 24
111.123.56.0/21 maxlen: 21
111.124.64.0/20 maxlen: 20
111.124.76.0/24 maxlen: 24
111.124.144.0/24 maxlen: 24
111.124.192.0/19 maxlen: 19
119.0.64.0/19 maxlen: 19
240e:103:8b00::/44 maxlen: 44
240e:938:a00::/44 maxlen: 44
240e:938:a03::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:f9:12:be:20:b0:9d:94:59:d1:7f:78:03:cf:24:cd:63:50:b2:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: May 28 16:05:08 2026 GMT
Not After : May 27 16:10:08 2027 GMT
Subject: CN=0307822BE1C9D2170B2FE9B9499857EF99A6BDB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1a:43:82:4f:f8:ea:ee:cb:6a:21:e0:c0:3a:
6e:df:72:3d:f2:61:88:33:70:51:a5:5a:9f:ba:62:
17:53:8f:5b:62:a1:cf:38:52:b4:1f:33:99:a8:88:
1e:56:c2:b6:e8:2c:44:b6:d0:4f:bd:f4:41:f3:d3:
e6:7f:0d:c8:97:ba:de:1a:0a:e4:9d:ae:36:20:40:
2e:0d:94:73:8e:e0:60:85:a1:87:e9:0d:2d:22:50:
78:64:15:b5:5e:74:a9:5e:9b:e8:b2:2c:05:de:c5:
45:ec:c4:f7:42:75:c9:d5:4f:1a:4c:87:94:2e:45:
a4:78:6b:21:b0:32:1f:b2:fa:48:2c:fd:ad:08:c1:
c5:f9:27:6c:2d:8c:ac:0c:0a:fb:fc:d4:e3:16:f2:
cd:7c:48:5e:4a:df:64:7a:fa:a3:bb:91:01:7a:04:
5c:70:cf:67:04:37:ab:7a:dc:1a:10:8d:79:e8:ef:
26:84:68:61:c9:c1:79:9a:94:73:f0:db:e5:36:43:
ca:82:1f:9f:e9:1d:df:73:4d:6b:93:60:bb:f4:27:
e2:3c:31:7b:e6:d5:f6:4b:5f:73:c0:03:8f:46:aa:
76:03:ff:13:8f:d0:1c:b5:aa:59:8e:d2:a0:ee:76:
a0:3a:dd:55:0b:12:cb:8e:4b:74:7a:5f:55:eb:45:
99:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:07:82:2B:E1:C9:D2:17:0B:2F:E9:B9:49:98:57:EF:99:A6:BD:B9
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS139203.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
58.42.2.0/24
58.42.5.0/24
58.42.8.0/21
58.42.48.0/20
106.108.56.0/21
106.108.72.0/21
106.108.88.0/21
111.123.53.0-111.123.63.255
111.124.64.0/20
111.124.144.0/24
111.124.192.0/19
119.0.64.0/19
IPv6:
240e:103:8b00::/44
240e:938:a00::/44
Signature Algorithm: sha256WithRSAEncryption
13:13:d8:d0:c2:fe:9f:fc:a5:75:7e:9f:a7:37:de:42:64:c4:
7f:a7:b5:77:d6:11:a0:21:53:24:d7:4c:70:61:9d:80:1b:da:
eb:19:9e:91:ca:c4:41:9b:53:d6:48:06:db:df:34:b8:1d:5c:
a1:06:d0:aa:8d:b4:d5:0b:23:d6:27:76:89:a8:8d:03:e7:6f:
66:71:34:30:37:8c:50:9f:b6:67:4f:d7:c6:2d:81:e0:99:a1:
5c:ae:56:d0:bd:95:76:64:97:31:64:8f:f4:3e:6a:be:7d:da:
39:04:e4:d4:06:58:d8:b7:0d:ab:a3:c4:5a:a5:b2:8b:45:f9:
03:c1:34:b9:fb:ba:3d:87:2b:c0:17:6b:26:87:18:54:4c:85:
bf:28:31:23:9e:24:38:4e:e9:0b:f3:de:cb:35:dc:a7:d4:de:
21:a4:d7:db:be:14:33:3c:fe:92:22:88:54:18:d7:d4:de:d1:
9f:63:6e:a8:6e:12:08:c4:f4:34:66:01:fe:4d:7b:e5:ac:fe:
68:16:a8:34:f7:5e:b1:b4:96:fc:e2:50:0e:52:10:5b:48:bf:
a8:36:7b:9f:a4:f5:15:72:96:45:51:1b:07:d7:c2:6f:ef:3a:
c0:c5:c8:ef:19:51:d7:7b:65:2c:16:b3:ba:dc:a9:91:f4:35:
82:79:65:e0
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIUTPkSviCwnZRZ0X94A88kzWNQsqswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDUyODE2MDUwOFoX
DTI3MDUyNzE2MTAwOFowMzExMC8GA1UEAxMoMDMwNzgyMkJFMUM5RDIxNzBCMkZF
OUI5NDk5ODU3RUY5OUE2QkRCOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYaQ4JP+Oruy2oh4MA6bt9yPfJhiDNwUaVan7piF1OPW2KhzzhStB8zmaiI
HlbCtugsRLbQT730QfPT5n8NyJe63hoK5J2uNiBALg2Uc47gYIWhh+kNLSJQeGQV
tV50qV6b6LIsBd7FRezE90J1ydVPGkyHlC5FpHhrIbAyH7L6SCz9rQjBxfknbC2M
rAwK+/zU4xbyzXxIXkrfZHr6o7uRAXoEXHDPZwQ3q3rcGhCNeejvJoRoYcnBeZqU
c/Db5TZDyoIfn+kd33NNa5Ngu/Qn4jwxe+bV9ktfc8ADj0aqdgP/E4/QHLWqWY7S
oO52oDrdVQsSy45LdHpfVetFmbkCAwEAAaOCAkkwggJFMB0GA1UdDgQWBBQDB4Ir
4cnSFwsv6blJmFfvmaa9uTAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTM5MjAzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIGDBggrBgEFBQcBBwEB/wR0MHIwVgQCAAEwUAMEADoqAgMEADoqBQMEAzoqCAME
BDoqMAMEA2psOAMEA2psSAMEA2psWDAMAwQAb3s1AwQGb3sAAwQEb3xAAwQAb3yQ
AwQFb3zAAwQFdwBAMBgEAgACMBIDBwQkDgEDiwADBwQkDgk4CgAwDQYJKoZIhvcN
AQELBQADggEBABMT2NDC/p/8pXV+n6c33kJkxH+ntXfWEaAhUyTXTHBhnYAb2usZ
npHKxEGbU9ZIBtvfNLgdXKEG0KqNtNULI9YndomojQPnb2ZxNDA3jFCftmdP18Yt
geCZoVyuVtC9lXZklzFkj/Q+ar592jkE5NQGWNi3DaujxFqlsotF+QPBNLn7uj2H
K8AXayaHGFRMhb8oMSOeJDhO6Qvz3ss13KfU3iGk19u+FDM8/pIiiFQY19Te0Z9j
bqhuEgjE9DRmAf5Ne+Ws/mgWqDT3XrG0lvziUA5SEFtIv6g2e5+k9RVylkVRGwfX
wm/vOsDFyO8ZUdd7ZSwWs7rcqZH0NYJ5ZeA=
-----END CERTIFICATE-----
Generated at Sun Jun 14 01:22:33 2026 by rpki-client