Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS139887.roa
File: AS139887.roa (raw, json)
Hash identifier: tULgQajVsRmQxqBqSAEwji18e4UyGK0lpaoJh6p1+ag=
Subject key identifier: 97:BF:1F:EB:8F:D2:0A:E7:A2:21:0E:E6:27:A6:AC:05:BC:7A:19:90
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 170A849932FB089893338F14449EF02B0F28F362
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS139887.roa
Signing time: Wed 03 Jun 2026 17:39:02 +0000
ROA not before: Wed 03 Jun 2026 17:34:02 +0000
ROA not after: Wed 02 Jun 2027 17:39:02 +0000
asID: 139887
IP address blocks: 58.58.81.0/24 maxlen: 24
122.5.53.0/24 maxlen: 24
122.5.54.0/24 maxlen: 24
122.5.59.0/24 maxlen: 24
122.5.60.0/24 maxlen: 24
150.138.32.0/20 maxlen: 20
219.146.131.0/24 maxlen: 24
222.173.195.0/24 maxlen: 24
240e:e:d000::/37 maxlen: 37
240e:947::/36 maxlen: 36
240e:947:2000::/40 maxlen: 40
240e:947:3000::/36 maxlen: 36
240e:947:4000::/36 maxlen: 36
240e:947:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:0a:84:99:32:fb:08:98:93:33:8f:14:44:9e:f0:2b:0f:28:f3:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: Jun 3 17:34:02 2026 GMT
Not After : Jun 2 17:39:02 2027 GMT
Subject: CN=97BF1FEB8FD20AE7A2210EE627A6AC05BC7A1990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:5f:3e:3a:71:73:92:f1:f1:14:44:8e:58:18:
ed:2e:d9:b3:e9:51:10:70:1a:94:81:50:bd:87:60:
49:b2:75:b1:c0:82:f0:15:a4:51:a7:d0:51:e8:57:
8d:77:b5:45:fa:04:21:a4:d9:28:1c:ce:b8:ac:fb:
35:8f:b2:0b:68:bd:1c:b2:0c:88:5a:e8:0e:27:87:
49:7d:a2:13:2c:45:61:d8:a4:06:6c:5b:a5:66:73:
26:a2:21:24:0e:cd:cf:4e:4c:dc:d1:37:69:fb:aa:
10:4d:52:69:d1:f3:9f:9f:d5:b8:93:ad:16:1e:f5:
af:e8:e0:d0:8c:b6:81:20:d7:75:dd:bc:a9:c5:11:
ba:bf:aa:63:1d:f0:b0:8f:e0:42:9c:de:66:34:73:
f2:0f:39:34:a4:fe:29:cc:09:10:8d:38:59:e5:5f:
55:72:c3:11:2b:d6:b1:e7:98:4a:dd:d8:2d:38:5e:
10:b9:a7:6a:57:2e:44:72:bb:bb:3e:54:0b:0d:eb:
e4:cf:ba:89:87:2a:06:30:b7:3d:1a:cc:69:b8:75:
12:b6:a2:bd:cd:24:39:1c:7d:a0:17:d1:f2:cf:d8:
cf:a1:ca:44:0d:e8:84:71:bc:2f:37:0e:53:14:84:
47:f8:36:e2:08:b7:a5:05:a2:34:d8:f0:c4:e8:bb:
0e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:BF:1F:EB:8F:D2:0A:E7:A2:21:0E:E6:27:A6:AC:05:BC:7A:19:90
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS139887.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
58.58.81.0/24
122.5.53.0-122.5.54.255
122.5.59.0-122.5.60.255
150.138.32.0/20
219.146.131.0/24
222.173.195.0/24
IPv6:
240e:e:d000::/37
240e:947::/36
240e:947:2000::/40
240e:947:3000::-240e:947:5fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
74:55:30:40:87:09:ad:81:ea:24:e2:23:80:6e:94:fb:2b:c1:
87:57:6d:ab:d2:b0:b8:35:0e:53:c7:bf:0a:2e:1a:78:eb:7a:
41:59:3b:4b:37:43:38:65:21:99:4b:39:44:d0:81:4d:c0:95:
73:f5:5e:da:99:1f:aa:96:b4:17:fa:5d:8b:53:e6:bd:6a:d6:
8d:70:b4:f3:bc:4b:a8:11:81:4a:d9:f1:0d:36:ff:27:d2:e9:
c6:95:49:cb:1f:b2:10:2c:12:fc:62:d3:b4:41:8e:1e:9c:79:
a0:5b:a7:8a:73:4d:a9:e6:dd:c6:1a:e9:ee:24:7a:75:18:8b:
05:d2:7d:db:13:5d:5e:fb:d6:71:60:29:da:f9:36:5e:61:7c:
c3:ff:c9:4c:d0:c0:02:05:2c:54:9c:28:91:d4:4d:36:06:0e:
e1:95:43:51:b9:f9:6c:a6:9f:b5:ed:a0:77:23:50:47:4c:d6:
9c:ba:f6:80:a3:a9:dd:be:41:24:a9:a1:75:50:cd:be:3f:97:
01:c1:53:69:4f:1e:a8:06:d0:33:8b:7a:ae:db:90:32:65:59:
a4:fa:74:8f:40:12:bb:3a:7e:dc:76:05:d1:bf:3b:db:09:05:
7a:c1:d7:2f:5c:e7:0d:c5:70:17:e6:a9:c1:ca:13:53:bd:e3:
52:77:90:91
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUFwqEmTL7CJiTM48URJ7wKw8o82IwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYwMzE3MzQwMloX
DTI3MDYwMjE3MzkwMlowMzExMC8GA1UEAxMoOTdCRjFGRUI4RkQyMEFFN0EyMjEw
RUU2MjdBNkFDMDVCQzdBMTk5MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPVfPjpxc5Lx8RREjlgY7S7Zs+lREHAalIFQvYdgSbJ1scCC8BWkUafQUehX
jXe1RfoEIaTZKBzOuKz7NY+yC2i9HLIMiFroDieHSX2iEyxFYdikBmxbpWZzJqIh
JA7Nz05M3NE3afuqEE1SadHzn5/VuJOtFh71r+jg0Iy2gSDXdd28qcURur+qYx3w
sI/gQpzeZjRz8g85NKT+KcwJEI04WeVfVXLDESvWseeYSt3YLTheELmnalcuRHK7
uz5UCw3r5M+6iYcqBjC3PRrMabh1Eraivc0kORx9oBfR8s/Yz6HKRA3ohHG8LzcO
UxSER/g24gi3pQWiNNjwxOi7DqcCAwEAAaOCAkQwggJAMB0GA1UdDgQWBBSXvx/r
j9IK56IhDuYnpqwFvHoZkDAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTM5ODg3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MH8GCCsGAQUFBwEHAQH/BHAwbjA6BAIAATA0AwQAOjpRMAwDBAB6BTUDBAB6BTYw
DAMEAHoFOwMEAHoFPAMEBJaKIAMEANuSgwMEAN6twzAwBAIAAjAqAwYDJA4ADtAD
BgQkDglHAAMGACQOCUcgMBADBgQkDglHMAMGBSQOCUdAMA0GCSqGSIb3DQEBCwUA
A4IBAQB0VTBAhwmtgeok4iOAbpT7K8GHV22r0rC4NQ5Tx78KLhp463pBWTtLN0M4
ZSGZSzlE0IFNwJVz9V7amR+qlrQX+l2LU+a9ataNcLTzvEuoEYFK2fENNv8n0unG
lUnLH7IQLBL8YtO0QY4enHmgW6eKc02p5t3GGunuJHp1GIsF0n3bE11e+9ZxYCna
+TZeYXzD/8lM0MACBSxUnCiR1E02Bg7hlUNRuflspp+17aB3I1BHTNacuvaAo6nd
vkEkqaF1UM2+P5cBwVNpTx6oBtAzi3qu25AyZVmk+nSPQBK7On7cdgXRvzvbCQV6
wdcvXOcNxXAX5qnByhNTveNSd5CR
-----END CERTIFICATE-----
Generated at Sun Jun 14 01:22:28 2026 by rpki-client