Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS140308.roa
File: AS140308.roa (raw, json)
Hash identifier: FTpu5tSkG5/KSyakj1Prl/woN8g0eLhV4aJftJlYTt0=
Subject key identifier: BA:85:2C:FF:9E:D3:1E:5C:21:54:05:78:21:23:C2:D7:27:C0:45:39
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 282A5493ABF27660D136279EEDAAB72E4F92E4F0
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS140308.roa
Signing time: Tue 02 Jun 2026 16:24:36 +0000
ROA not before: Tue 02 Jun 2026 16:19:36 +0000
ROA not after: Tue 01 Jun 2027 16:24:36 +0000
asID: 140308
IP address blocks: 14.21.24.0/22 maxlen: 22
14.21.112.0/24 maxlen: 24
14.121.13.0/24 maxlen: 24
14.147.216.0/24 maxlen: 24
14.148.48.0/20 maxlen: 20
14.215.208.0/22 maxlen: 22
59.35.0.0/19 maxlen: 19
59.35.32.0/19 maxlen: 19
59.35.58.0/24 maxlen: 24
59.35.59.0/24 maxlen: 24
59.35.64.0/19 maxlen: 19
59.35.96.0/21 maxlen: 21
59.35.104.0/21 maxlen: 21
59.35.112.0/21 maxlen: 21
59.35.216.0/21 maxlen: 21
59.35.224.0/21 maxlen: 21
59.35.232.0/21 maxlen: 21
59.35.240.0/21 maxlen: 21
59.35.248.0/21 maxlen: 21
61.141.0.0/22 maxlen: 22
61.141.1.0/24 maxlen: 24
61.141.4.0/24 maxlen: 24
61.141.6.0/23 maxlen: 23
61.141.8.0/21 maxlen: 21
61.141.16.0/20 maxlen: 20
61.141.33.0/24 maxlen: 24
61.141.34.0/23 maxlen: 23
61.141.63.0/24 maxlen: 24
61.143.184.0/21 maxlen: 21
113.64.0.0/20 maxlen: 20
113.100.224.0/20 maxlen: 20
113.100.240.0/21 maxlen: 21
113.100.248.0/22 maxlen: 22
113.100.252.0/22 maxlen: 22
113.103.48.0/20 maxlen: 20
113.106.168.0/21 maxlen: 21
113.106.224.0/21 maxlen: 21
113.106.232.0/21 maxlen: 21
113.106.240.0/21 maxlen: 21
116.19.36.0/23 maxlen: 23
116.19.144.0/24 maxlen: 24
116.26.0.0/17 maxlen: 17
116.26.128.0/19 maxlen: 19
116.26.160.0/20 maxlen: 20
116.26.176.0/20 maxlen: 20
116.31.128.0/18 maxlen: 18
116.31.176.0/20 maxlen: 20
119.121.191.0/24 maxlen: 24
119.121.192.0/23 maxlen: 23
119.121.194.0/24 maxlen: 24
121.10.190.0/23 maxlen: 23
121.10.192.0/20 maxlen: 20
121.10.208.0/21 maxlen: 21
121.10.216.0/21 maxlen: 21
121.10.224.0/21 maxlen: 21
121.11.16.0/20 maxlen: 20
125.94.152.0/21 maxlen: 21
125.94.160.0/20 maxlen: 20
125.94.176.0/22 maxlen: 22
125.94.180.0/22 maxlen: 22
125.94.184.0/21 maxlen: 21
183.4.0.0/18 maxlen: 18
183.7.0.0/18 maxlen: 18
183.7.64.0/19 maxlen: 19
183.7.96.0/19 maxlen: 19
183.7.128.0/19 maxlen: 19
183.7.160.0/20 maxlen: 20
183.7.176.0/21 maxlen: 21
183.7.184.0/22 maxlen: 22
183.7.192.0/18 maxlen: 18
183.10.80.0/20 maxlen: 20
183.10.96.0/21 maxlen: 21
183.10.104.0/22 maxlen: 22
183.44.208.0/20 maxlen: 20
183.44.224.0/20 maxlen: 20
183.44.240.0/20 maxlen: 20
183.47.32.0/21 maxlen: 21
183.50.0.0/21 maxlen: 21
183.50.8.0/21 maxlen: 21
183.50.16.0/21 maxlen: 21
183.50.24.0/21 maxlen: 21
183.50.32.0/19 maxlen: 19
183.57.0.0/22 maxlen: 22
183.57.4.0/22 maxlen: 22
183.57.8.0/22 maxlen: 22
183.57.181.0/24 maxlen: 24
183.59.24.0/22 maxlen: 22
183.59.216.0/22 maxlen: 22
202.96.144.0/23 maxlen: 23
202.103.171.0/24 maxlen: 24
202.104.232.0/22 maxlen: 22
202.104.243.0/24 maxlen: 24
202.104.244.0/22 maxlen: 22
202.105.224.0/22 maxlen: 22
202.105.248.0/23 maxlen: 23
202.105.250.0/24 maxlen: 24
218.16.184.0/21 maxlen: 21
218.16.192.0/20 maxlen: 20
218.16.208.0/21 maxlen: 21
218.16.216.0/22 maxlen: 22
218.16.220.0/23 maxlen: 23
218.16.222.0/24 maxlen: 24
218.16.230.0/23 maxlen: 23
218.16.232.0/21 maxlen: 21
218.16.240.0/20 maxlen: 20
219.128.143.0/24 maxlen: 24
219.128.168.0/22 maxlen: 22
219.128.168.0/23 maxlen: 23
219.128.172.0/23 maxlen: 23
219.128.188.0/24 maxlen: 24
219.128.204.0/22 maxlen: 22
219.131.112.0/22 maxlen: 22
219.131.120.0/22 maxlen: 22
240e:108:404b::/48 maxlen: 48
240e:108:484b::/48 maxlen: 48
240e:6b8:1020::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:2a:54:93:ab:f2:76:60:d1:36:27:9e:ed:aa:b7:2e:4f:92:e4:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: Jun 2 16:19:36 2026 GMT
Not After : Jun 1 16:24:36 2027 GMT
Subject: CN=BA852CFF9ED31E5C215405782123C2D727C04539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:89:77:a1:63:7d:e1:c5:55:6c:58:1d:48:6b:
5f:c4:af:62:1b:37:4f:89:01:a2:a2:b5:e5:52:f4:
a8:28:97:30:f0:f8:9d:b2:7e:61:dd:2b:cd:cc:ae:
c1:59:f7:76:42:30:4c:8f:be:cc:aa:fe:83:45:9e:
72:73:2e:8b:7e:fc:85:3e:b5:0d:72:54:e6:7e:87:
78:60:c8:67:8b:f5:5c:78:fd:46:e5:4a:4c:06:2d:
f2:cd:34:70:f2:40:b1:85:93:0c:ec:ea:b8:34:5e:
e3:a8:44:15:a3:97:c2:33:b9:0e:2e:aa:2a:76:1c:
70:fd:78:2f:06:72:0d:84:05:67:6e:3d:53:d3:f9:
5c:95:cc:65:18:6d:48:fe:f3:f2:b2:f4:db:5e:5b:
50:a3:66:62:23:0b:b7:e6:17:b5:de:db:c9:01:cc:
61:89:11:fc:3c:5f:d0:1d:03:81:47:14:38:a0:1d:
70:9f:ce:49:ea:7c:ae:7c:53:7b:58:35:54:a4:1d:
c1:f7:f8:74:b6:53:f5:ea:f1:35:c8:da:40:48:91:
d9:1e:24:4b:c9:4b:67:e6:80:23:40:63:27:da:6e:
b2:81:86:37:ea:6d:4f:92:f2:32:05:b8:ed:4f:f5:
0c:72:d9:e7:d3:7e:8f:13:f0:e1:1c:ea:35:1a:92:
0b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:85:2C:FF:9E:D3:1E:5C:21:54:05:78:21:23:C2:D7:27:C0:45:39
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS140308.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.21.24.0/22
14.21.112.0/24
14.121.13.0/24
14.147.216.0/24
14.148.48.0/20
14.215.208.0/22
59.35.0.0-59.35.119.255
59.35.216.0-59.35.255.255
61.141.0.0-61.141.4.255
61.141.6.0-61.141.31.255
61.141.33.0-61.141.35.255
61.141.63.0/24
61.143.184.0/21
113.64.0.0/20
113.100.224.0/19
113.103.48.0/20
113.106.168.0/21
113.106.224.0-113.106.247.255
116.19.36.0/23
116.19.144.0/24
116.26.0.0-116.26.191.255
116.31.128.0/18
119.121.191.0-119.121.194.255
121.10.190.0-121.10.231.255
121.11.16.0/20
125.94.152.0-125.94.191.255
183.4.0.0/18
183.7.0.0-183.7.187.255
183.7.192.0/18
183.10.80.0-183.10.107.255
183.44.208.0-183.44.255.255
183.47.32.0/21
183.50.0.0/18
183.57.0.0-183.57.11.255
183.57.181.0/24
183.59.24.0/22
183.59.216.0/22
202.96.144.0/23
202.103.171.0/24
202.104.232.0/22
202.104.243.0-202.104.247.255
202.105.224.0/22
202.105.248.0-202.105.250.255
218.16.184.0-218.16.222.255
218.16.230.0-218.16.255.255
219.128.143.0/24
219.128.168.0-219.128.173.255
219.128.188.0/24
219.128.204.0/22
219.131.112.0/22
219.131.120.0/22
IPv6:
240e:108:404b::/48
240e:108:484b::/48
240e:6b8:1020::/44
Signature Algorithm: sha256WithRSAEncryption
07:4d:6b:1e:75:a9:c5:e9:58:32:ec:b5:03:c6:e4:5a:db:6b:
a3:01:8a:38:35:11:6f:22:6a:80:0c:95:cd:43:e8:72:97:b5:
98:c7:20:ff:05:ea:c9:e3:11:71:87:56:84:e8:84:94:35:95:
98:4f:a6:fe:6f:9a:1f:1f:92:d0:2e:46:5e:1f:02:da:a9:1b:
9c:d5:70:3f:52:e5:4b:a7:ee:87:52:e4:0e:88:ab:40:18:79:
7d:4e:25:f4:c6:84:14:ca:76:3d:a0:b4:de:2d:84:36:92:af:
06:2e:77:6a:f5:c7:15:36:fe:fc:69:db:0e:5d:77:8f:51:73:
34:49:eb:c8:42:21:21:67:bf:85:22:5c:17:08:33:98:2c:fb:
e3:b9:3b:0c:f6:f8:58:0f:f3:67:ce:69:63:d0:70:b9:5c:66:
13:4c:b4:36:c1:b7:39:62:ce:16:2e:d0:40:4c:02:d4:c6:2c:
d0:63:0a:36:e1:97:69:cb:bb:43:db:74:ad:49:94:42:40:3f:
d4:60:2c:60:8a:6e:69:fc:70:f5:ca:1d:56:ba:3e:8a:94:ef:
5f:d9:63:67:a3:50:76:b4:e0:10:12:db:22:b0:dc:1b:45:8c:
70:7e:7e:70:e2:b3:50:f2:42:7e:c4:ed:6b:05:d1:53:55:81:
8f:82:5f:f4
-----BEGIN CERTIFICATE-----
MIIG2jCCBcKgAwIBAgIUKCpUk6vydmDRNiee7aq3Lk+S5PAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYwMjE2MTkzNloX
DTI3MDYwMTE2MjQzNlowMzExMC8GA1UEAxMoQkE4NTJDRkY5RUQzMUU1QzIxNTQw
NTc4MjEyM0MyRDcyN0MwNDUzOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOGJd6FjfeHFVWxYHUhrX8SvYhs3T4kBoqK15VL0qCiXMPD4nbJ+Yd0rzcyu
wVn3dkIwTI++zKr+g0WecnMui378hT61DXJU5n6HeGDIZ4v1XHj9RuVKTAYt8s00
cPJAsYWTDOzquDRe46hEFaOXwjO5Di6qKnYccP14LwZyDYQFZ249U9P5XJXMZRht
SP7z8rL0215bUKNmYiMLt+YXtd7byQHMYYkR/Dxf0B0DgUcUOKAdcJ/OSep8rnxT
e1g1VKQdwff4dLZT9erxNcjaQEiR2R4kS8lLZ+aAI0BjJ9pusoGGN+ptT5LyMgW4
7U/1DHLZ59N+jxPw4RzqNRqSC9kCAwEAAaOCA80wggPJMB0GA1UdDgQWBBS6hSz/
ntMeXCFUBXghI8LXJ8BFOTAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTQwMzA4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIICBgYIKwYBBQUHAQcBAf8EggH1MIIB8TCCAcoEAgABMIIBwgMEAg4VGAMEAA4V
cAMEAA55DQMEAA6T2AMEBA6UMAMEAg7X0DALAwMAOyMDBAM7I3AwCwMEAzsj2AMD
AjsgMAsDAwA9jQMEAD2NBDAMAwQBPY0GAwQFPY0AMAwDBAA9jSEDBAI9jSADBAA9
jT8DBAM9j7gDBARxQAADBAVxZOADBARxZzADBANxaqgwDAMEBXFq4AMEA3Fq8AME
AXQTJAMEAHQTkDALAwMBdBoDBAZ0GoADBAZ0H4AwDAMEAHd5vwMEAHd5wjAMAwQB
eQq+AwQDeQrgAwQEeQsQMAwDBAN9XpgDBAZ9XoADBAa3BAAwCwMDALcHAwQCtwe4
AwQGtwfAMAwDBAS3ClADBAK3CmgwCwMEBLcs0AMDALcsAwQDty8gAwQGtzIAMAsD
AwC3OQMEArc5CAMEALc5tQMEArc7GAMEArc72AMEAcpgkAMEAMpnqwMEAspo6DAM
AwQAymjzAwQDymjwAwQCymngMAwDBAPKafgDBADKafowDAMEA9oQuAMEANoQ3jAL
AwQB2hDmAwMA2hADBADbgI8wDAMEA9uAqAMEAduArAMEANuAvAMEAtuAzAMEAtuD
cAMEAtuDeDAhBAIAAjAbAwcAJA4BCEBLAwcAJA4BCEhLAwcEJA4GuBAgMA0GCSqG
SIb3DQEBCwUAA4IBAQAHTWsedanF6Vgy7LUDxuRa22ujAYo4NRFvImqADJXNQ+hy
l7WYxyD/BerJ4xFxh1aE6ISUNZWYT6b+b5ofH5LQLkZeHwLaqRuc1XA/UuVLp+6H
UuQOiKtAGHl9TiX0xoQUynY9oLTeLYQ2kq8GLndq9ccVNv78adsOXXePUXM0SevI
QiEhZ7+FIlwXCDOYLPvjuTsM9vhYD/Nnzmlj0HC5XGYTTLQ2wbc5Ys4WLtBATALU
xizQYwo24Zdpy7tD23StSZRCQD/UYCxgim5p/HD1yh1Wuj6KlO9f2WNno1B2tOAQ
EtsisNwbRYxwfn5w4rNQ8kJ+xO1rBdFTVYGPgl/0
-----END CERTIFICATE-----
Generated at Sun Jun 14 05:17:44 2026 by rpki-client