Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS140553.roa
File: AS140553.roa (raw, json)
Hash identifier: UZUlF+KVvp8K6eKsNBOY4PF4Ri2tycy5Svp5a254IGY=
Subject key identifier: 3A:0F:98:2E:91:C4:71:C0:15:33:46:65:51:9E:5B:CA:B9:6E:FD:CB
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 5538F89FB2A71FC478E345A8F42A049FD2A0D198
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS140553.roa
Signing time: Tue 09 Jun 2026 16:30:40 +0000
ROA not before: Tue 09 Jun 2026 16:25:40 +0000
ROA not after: Tue 08 Jun 2027 16:30:40 +0000
asID: 140553
IP address blocks: 36.107.96.0/21 maxlen: 21
36.107.96.0/22 maxlen: 22
36.107.100.0/22 maxlen: 22
36.109.139.0/24 maxlen: 24
36.109.144.0/20 maxlen: 20
36.109.144.0/21 maxlen: 21
36.109.152.0/21 maxlen: 21
36.109.176.0/21 maxlen: 21
36.109.176.0/22 maxlen: 22
36.109.180.0/22 maxlen: 22
36.109.200.0/21 maxlen: 21
36.109.200.0/22 maxlen: 22
36.109.204.0/22 maxlen: 22
49.112.224.0/21 maxlen: 21
49.112.234.0/24 maxlen: 24
49.115.90.0/23 maxlen: 23
49.115.90.0/24 maxlen: 24
49.115.91.0/24 maxlen: 24
49.115.214.0/23 maxlen: 23
49.115.214.0/24 maxlen: 24
49.115.215.0/24 maxlen: 24
49.116.128.0/20 maxlen: 20
106.123.144.0/20 maxlen: 20
106.123.160.0/19 maxlen: 19
106.124.48.0/22 maxlen: 22
106.124.48.0/23 maxlen: 23
106.124.50.0/23 maxlen: 23
106.124.234.0/24 maxlen: 24
110.154.16.0/20 maxlen: 20
110.154.16.0/22 maxlen: 22
110.154.20.0/22 maxlen: 22
110.154.24.0/22 maxlen: 22
110.154.28.0/22 maxlen: 22
110.154.64.0/20 maxlen: 20
110.154.80.0/20 maxlen: 20
110.155.112.0/20 maxlen: 20
110.155.112.0/21 maxlen: 21
110.155.120.0/21 maxlen: 21
110.155.200.0/21 maxlen: 21
110.156.88.0/22 maxlen: 22
110.156.92.0/22 maxlen: 22
110.156.192.0/21 maxlen: 21
110.156.192.0/22 maxlen: 22
110.156.196.0/22 maxlen: 22
110.156.200.0/22 maxlen: 22
110.156.200.0/23 maxlen: 23
110.156.202.0/23 maxlen: 23
110.156.204.0/23 maxlen: 23
110.156.204.0/24 maxlen: 24
110.156.205.0/24 maxlen: 24
110.156.208.0/22 maxlen: 22
110.156.208.0/23 maxlen: 23
110.156.210.0/23 maxlen: 23
110.156.212.0/23 maxlen: 23
110.156.212.0/24 maxlen: 24
110.156.213.0/24 maxlen: 24
110.156.216.0/21 maxlen: 21
110.156.216.0/22 maxlen: 22
110.156.220.0/22 maxlen: 22
110.156.224.0/21 maxlen: 21
110.156.224.0/22 maxlen: 22
110.156.228.0/22 maxlen: 22
110.156.232.0/22 maxlen: 22
110.156.232.0/23 maxlen: 23
110.156.234.0/23 maxlen: 23
110.156.236.0/23 maxlen: 23
110.156.236.0/24 maxlen: 24
110.156.237.0/24 maxlen: 24
110.156.240.0/22 maxlen: 22
110.156.240.0/23 maxlen: 23
110.156.242.0/23 maxlen: 23
110.156.244.0/23 maxlen: 23
110.156.244.0/24 maxlen: 24
110.156.245.0/24 maxlen: 24
110.156.248.0/21 maxlen: 21
110.156.248.0/22 maxlen: 22
110.156.252.0/22 maxlen: 22
110.157.48.0/21 maxlen: 21
110.157.48.0/22 maxlen: 22
110.157.52.0/22 maxlen: 22
110.157.64.0/18 maxlen: 18
110.157.64.0/19 maxlen: 19
110.157.96.0/19 maxlen: 19
222.81.112.0/22 maxlen: 22
222.81.112.0/23 maxlen: 23
222.81.114.0/23 maxlen: 23
222.81.116.0/24 maxlen: 24
222.81.117.0/24 maxlen: 24
240e:449::/32 maxlen: 32
240e:449:ffff::/48 maxlen: 48
240e:848::/44 maxlen: 44
240e:848:40::/44 maxlen: 44
240e:848:80::/44 maxlen: 44
240e:848:90::/44 maxlen: 44
240e:849::/44 maxlen: 44
240e:849:10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:38:f8:9f:b2:a7:1f:c4:78:e3:45:a8:f4:2a:04:9f:d2:a0:d1:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: Jun 9 16:25:40 2026 GMT
Not After : Jun 8 16:30:40 2027 GMT
Subject: CN=3A0F982E91C471C015334665519E5BCAB96EFDCB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:06:7b:d4:7f:c8:ef:04:c1:7a:eb:0e:ac:f1:
dd:d3:a8:9d:1e:4c:de:0b:41:d5:e8:4f:25:e2:ee:
26:14:5d:9b:4f:18:7c:7e:4d:f7:fa:fa:83:e9:2b:
44:d0:23:5d:f4:3f:a1:30:ba:69:c1:55:a0:73:89:
bb:c9:a4:02:9f:d4:d4:77:1d:dc:d4:fa:10:db:5e:
96:21:e8:8a:90:c9:cd:9f:39:52:98:ad:a4:0d:6b:
7e:1e:dd:ee:58:12:11:40:46:d7:8e:b2:c9:67:f3:
a0:75:96:cf:05:6b:bc:48:76:2b:12:5a:33:30:2b:
30:98:4c:fc:78:88:56:49:81:91:ab:f7:df:b7:1b:
61:47:5e:18:4e:b2:46:18:39:d9:90:82:bd:16:a1:
6d:7a:e1:0c:12:f0:44:c9:35:ca:f3:df:c7:96:cc:
e2:ea:c8:08:91:cb:ae:67:bf:3d:37:dd:c1:a9:99:
71:20:f6:dc:ce:f6:56:8b:d8:9e:13:0b:02:8f:3f:
aa:6b:0d:a6:6b:4e:fb:30:27:28:ce:e6:69:5c:8c:
79:44:3e:41:83:42:e0:06:95:4f:88:e6:6b:c7:87:
35:f4:f6:a4:3f:06:64:cb:c5:84:78:ab:3f:13:40:
56:10:6c:0f:f4:1a:eb:5a:83:2a:5c:8d:f7:67:91:
2c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0F:98:2E:91:C4:71:C0:15:33:46:65:51:9E:5B:CA:B9:6E:FD:CB
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS140553.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.107.96.0/21
36.109.139.0/24
36.109.144.0/20
36.109.176.0/21
36.109.200.0/21
49.112.224.0/21
49.112.234.0/24
49.115.90.0/23
49.115.214.0/23
49.116.128.0/20
106.123.144.0-106.123.191.255
106.124.48.0/22
106.124.234.0/24
110.154.16.0/20
110.154.64.0/19
110.155.112.0/20
110.155.200.0/21
110.156.88.0/21
110.156.192.0-110.156.205.255
110.156.208.0-110.156.213.255
110.156.216.0-110.156.237.255
110.156.240.0-110.156.245.255
110.156.248.0/21
110.157.48.0/21
110.157.64.0/18
222.81.112.0-222.81.117.255
IPv6:
240e:449::/32
240e:848::/44
240e:848:40::/44
240e:848:80::/43
240e:849::/43
Signature Algorithm: sha256WithRSAEncryption
07:65:28:1a:98:4b:66:d6:6a:63:31:79:11:df:c6:45:bb:7c:
48:36:10:b0:73:21:52:76:64:98:ab:13:d1:33:de:e8:0e:d9:
4a:6b:3d:e4:00:63:8b:32:f2:a2:a2:17:81:6a:4b:b6:db:b8:
5f:d5:99:3e:af:fa:5d:e0:1e:fc:7d:74:92:15:bd:6e:4d:8d:
33:ac:62:b7:d7:4c:30:89:a5:68:22:9e:77:2c:c6:b0:5c:05:
88:c2:d3:7e:ed:6f:c0:c2:f2:97:1a:05:13:d7:7d:a5:b7:20:
95:ff:79:b3:3f:75:74:8d:fe:e4:86:af:dd:20:13:2c:a3:48:
c7:03:2e:37:fa:8d:a4:e2:f5:dd:41:ac:b8:3f:a6:07:23:27:
4a:a2:8e:13:98:6d:34:28:08:04:de:1f:90:70:91:1b:7d:b4:
49:fe:e7:37:58:68:1f:6f:6e:51:3d:67:e1:dc:81:e9:cf:54:
d1:e3:46:d2:97:f9:7f:a2:b6:b1:12:bb:c9:93:3f:8f:76:ad:
80:fd:c6:56:26:6e:ff:87:93:c8:61:43:84:fd:df:b6:a5:ee:
65:0d:b0:58:3a:0d:24:6f:be:14:6b:91:31:1a:5a:88:6d:06:
fb:58:a4:65:3d:34:cc:a8:a0:71:36:e5:01:1e:71:31:a1:be:
77:ef:ed:9a
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgIUVTj4n7KnH8R440Wo9CoEn9Kg0ZgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYwOTE2MjU0MFoX
DTI3MDYwODE2MzA0MFowMzExMC8GA1UEAxMoM0EwRjk4MkU5MUM0NzFDMDE1MzM0
NjY1NTE5RTVCQ0FCOTZFRkRDQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYGe9R/yO8EwXrrDqzx3dOonR5M3gtB1ehPJeLuJhRdm08YfH5N9/r6g+kr
RNAjXfQ/oTC6acFVoHOJu8mkAp/U1Hcd3NT6ENteliHoipDJzZ85UpitpA1rfh7d
7lgSEUBG146yyWfzoHWWzwVrvEh2KxJaMzArMJhM/HiIVkmBkav337cbYUdeGE6y
Rhg52ZCCvRahbXrhDBLwRMk1yvPfx5bM4urICJHLrme/PTfdwamZcSD23M72VovY
nhMLAo8/qmsNpmtO+zAnKM7maVyMeUQ+QYNC4AaVT4jma8eHNfT2pD8GZMvFhHir
PxNAVhBsD/Qa61qDKlyN92eRLPsCAwEAAaOCAuUwggLhMB0GA1UdDgQWBBQ6D5gu
kcRxwBUzRmVRnlvKuW79yzAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTQwNTUzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCB0wQCAAEwgcwDBAMka2ADBAAkbYsD
BAQkbZADBAMkbbADBAMkbcgDBAMxcOADBAAxcOoDBAExc1oDBAExc9YDBAQxdIAw
DAMEBGp7kAMEBmp7gAMEAmp8MAMEAGp86gMEBG6aEAMEBW6aQAMEBG6bcAMEA26b
yAMEA26cWDAMAwQGbpzAAwQBbpzMMAwDBARunNADBAFunNQwDAMEA26c2AMEAW6c
7DAMAwQEbpzwAwQBbpz0AwQDbpz4AwQDbp0wAwQGbp1AMAwDBATeUXADBAHeUXQw
MQQCAAIwKwMFACQOBEkDBwQkDghIAAADBwQkDghIAEADBwUkDghIAIADBwUkDghJ
AAAwDQYJKoZIhvcNAQELBQADggEBAAdlKBqYS2bWamMxeRHfxkW7fEg2ELBzIVJ2
ZJirE9Ez3ugO2UprPeQAY4sy8qKiF4FqS7bbuF/VmT6v+l3gHvx9dJIVvW5NjTOs
YrfXTDCJpWginncsxrBcBYjC037tb8DC8pcaBRPXfaW3IJX/ebM/dXSN/uSGr90g
EyyjSMcDLjf6jaTi9d1BrLg/pgcjJ0qijhOYbTQoCATeH5BwkRt9tEn+5zdYaB9v
blE9Z+HcgenPVNHjRtKX+X+itrESu8mTP492rYD9xlYmbv+Hk8hhQ4T937al7mUN
sFg6DSRvvhRrkTEaWohtBvtYpGU9NMyooHE25QEecTGhvnfv7Zo=
-----END CERTIFICATE-----
Generated at Sun Jun 14 01:22:37 2026 by rpki-client