Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS140527.roa
File: AS140527.roa (raw, json)
Hash identifier: rvYAGb+PUxAUYUaFVCGxRx+2vaM8yVoBEus2s5odprU=
Subject key identifier: 67:B0:68:4B:49:81:61:4E:89:24:09:28:AC:19:2B:CC:76:EC:8C:A0
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 7F1D3B6967668664A831A0CECFB8A796874ED840
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS140527.roa
Signing time: Wed 10 Jun 2026 16:06:56 +0000
ROA not before: Wed 10 Jun 2026 16:01:56 +0000
ROA not after: Wed 09 Jun 2027 16:06:56 +0000
asID: 140527
IP address blocks: 60.167.160.0/19 maxlen: 19
60.167.176.0/20 maxlen: 20
60.167.186.0/24 maxlen: 24
61.190.106.0/24 maxlen: 24
114.96.64.0/19 maxlen: 19
114.96.96.0/19 maxlen: 19
114.98.176.0/21 maxlen: 21
114.98.178.0/24 maxlen: 24
114.98.224.0/20 maxlen: 20
114.107.224.0/19 maxlen: 19
117.66.236.0/22 maxlen: 22
117.66.240.0/22 maxlen: 22
117.68.64.0/21 maxlen: 21
117.68.72.0/21 maxlen: 21
117.68.80.0/20 maxlen: 20
117.68.96.0/20 maxlen: 20
117.68.112.0/20 maxlen: 20
223.240.64.0/18 maxlen: 18
223.242.32.0/21 maxlen: 21
223.242.40.0/21 maxlen: 21
223.247.128.0/19 maxlen: 19
223.247.142.0/24 maxlen: 24
223.247.143.0/24 maxlen: 24
223.247.176.0/20 maxlen: 20
223.247.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:1d:3b:69:67:66:86:64:a8:31:a0:ce:cf:b8:a7:96:87:4e:d8:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: Jun 10 16:01:56 2026 GMT
Not After : Jun 9 16:06:56 2027 GMT
Subject: CN=67B0684B4981614E89240928AC192BCC76EC8CA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:1a:ea:53:c2:52:a7:68:1e:1b:64:58:70:60:
76:52:a4:65:0c:b0:d7:75:45:17:d8:e2:11:63:27:
c7:53:da:fe:71:4d:3c:b7:45:ea:0e:01:61:5f:bf:
71:85:4e:e3:7f:01:f9:58:af:cb:aa:ba:d0:b7:71:
bb:56:c1:20:98:f4:eb:26:a5:f6:60:a1:11:77:ac:
cb:29:cc:a1:5c:30:dc:6a:27:a5:b0:14:37:7d:48:
ac:ec:22:bb:a3:d6:af:74:92:00:2b:8a:f6:77:bc:
3b:c7:8e:33:f3:e1:dd:a3:64:56:ae:22:19:84:b2:
65:f3:e7:d0:16:4f:01:9a:dd:63:b9:3a:fb:3b:6f:
e3:63:3a:df:41:4c:94:be:c5:81:e3:dc:c5:23:8a:
96:9e:93:37:30:34:95:e2:19:53:19:7f:61:c4:d4:
e9:24:f0:27:71:90:85:fb:60:b5:54:a5:8d:00:6a:
02:04:80:82:8f:c4:ad:cb:aa:0b:f3:2e:0d:ff:1b:
9a:73:b4:e5:fb:d5:29:5c:9a:e4:03:af:8c:12:ca:
df:5c:ea:0e:bc:15:28:81:bd:56:9a:e8:31:5d:71:
3b:47:70:20:9c:3b:10:b1:d9:e7:e6:1d:3d:3f:96:
70:e9:f5:98:4b:df:e3:17:1b:5b:8f:8c:18:95:54:
8c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:B0:68:4B:49:81:61:4E:89:24:09:28:AC:19:2B:CC:76:EC:8C:A0
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS140527.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
60.167.160.0/19
61.190.106.0/24
114.96.64.0/18
114.98.176.0/21
114.98.224.0/20
114.107.224.0/19
117.66.236.0-117.66.243.255
117.68.64.0/18
223.240.64.0/18
223.242.32.0/20
223.247.128.0/19
223.247.176.0-223.247.223.255
Signature Algorithm: sha256WithRSAEncryption
04:b2:40:21:db:0f:c1:fd:4b:78:1c:92:4c:3f:22:29:e0:62:
5c:4a:2e:b4:cb:bc:3d:15:39:05:92:fe:d2:a3:ab:a1:1a:77:
1a:dc:ed:f8:79:47:2d:b0:39:74:ee:e1:44:cf:3d:6e:65:9f:
57:1d:45:7e:6e:f1:a0:49:ec:57:9e:96:82:34:9f:8c:e6:0a:
fa:ea:c5:fc:8a:13:af:4c:c8:9c:86:92:38:c4:59:63:8e:12:
5d:3b:c1:15:53:d4:c3:49:a8:46:27:24:aa:71:61:87:bc:87:
48:e0:60:11:24:e0:70:c0:a1:ec:56:c7:38:a4:d4:f6:3a:bd:
05:59:dc:1d:db:35:a2:d9:ae:c6:2b:da:74:a8:56:0d:3c:d2:
52:81:84:bd:3f:a5:19:25:98:33:5a:5d:24:7f:90:e5:6c:d2:
ea:f0:76:82:f4:e0:ee:a0:0f:5a:31:57:38:3f:ea:8c:38:ee:
be:60:09:79:8f:a3:2f:0f:a8:7e:76:cf:6f:df:9d:3a:23:f2:
76:52:d0:3c:18:89:84:98:94:16:24:e4:c5:a3:d2:ed:eb:79:
17:8e:6b:ec:56:92:70:1c:ca:9e:5a:de:9c:fd:54:3d:79:43:
5c:2a:bf:7c:d3:cf:c6:b2:08:7c:c5:56:e4:52:13:57:6e:cf:
ec:14:06:83
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUfx07aWdmhmSoMaDOz7inlodO2EAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYxMDE2MDE1NloX
DTI3MDYwOTE2MDY1NlowMzExMC8GA1UEAxMoNjdCMDY4NEI0OTgxNjE0RTg5MjQw
OTI4QUMxOTJCQ0M3NkVDOENBMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOUa6lPCUqdoHhtkWHBgdlKkZQyw13VFF9jiEWMnx1Pa/nFNPLdF6g4BYV+/
cYVO438B+Vivy6q60Ldxu1bBIJj06yal9mChEXesyynMoVww3GonpbAUN31IrOwi
u6PWr3SSACuK9ne8O8eOM/Ph3aNkVq4iGYSyZfPn0BZPAZrdY7k6+ztv42M630FM
lL7FgePcxSOKlp6TNzA0leIZUxl/YcTU6STwJ3GQhftgtVSljQBqAgSAgo/Ercuq
C/MuDf8bmnO05fvVKVya5AOvjBLK31zqDrwVKIG9VproMV1xO0dwIJw7ELHZ5+Yd
PT+WcOn1mEvf4xcbW4+MGJVUjG8CAwEAAaOCAjYwggIyMB0GA1UdDgQWBBRnsGhL
SYFhTokkCSisGSvMduyMoDAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTQwNTI3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQFPKegAwQAPb5qAwQGcmBAAwQD
cmKwAwQEcmLgAwQFcmvgMAwDBAJ1QuwDBAJ1QvADBAZ1READBAbf8EADBATf8iAD
BAXf94AwDAMEBN/3sAMEBd/3wDANBgkqhkiG9w0BAQsFAAOCAQEABLJAIdsPwf1L
eBySTD8iKeBiXEoutMu8PRU5BZL+0qOroRp3Gtzt+HlHLbA5dO7hRM89bmWfVx1F
fm7xoEnsV56WgjSfjOYK+urF/IoTr0zInIaSOMRZY44SXTvBFVPUw0moRickqnFh
h7yHSOBgESTgcMCh7FbHOKTU9jq9BVncHds1otmuxivadKhWDTzSUoGEvT+lGSWY
M1pdJH+Q5WzS6vB2gvTg7qAPWjFXOD/qjDjuvmAJeY+jLw+ofnbPb9+dOiPydlLQ
PBiJhJiUFiTkxaPS7et5F45r7FaScBzKnlrenP1UPXlDXCq/fNPPxrIIfMVW5FIT
V27P7BQGgw==
-----END CERTIFICATE-----
Generated at Sun Jun 14 01:22:35 2026 by rpki-client