Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS149837.roa
File: AS149837.roa (raw, json)
Hash identifier: FK95Esm0awDvMNjZaT+B1LBU/47DbqS6iU8ImrO8xis=
Subject key identifier: 3A:65:84:97:71:78:B6:24:BF:C0:DF:89:3A:AE:22:8C:A1:14:6D:E7
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 21CA000AE12ACACC8A41FC3D0F612C0B33B34314
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS149837.roa
Signing time: Tue 02 Jun 2026 16:09:46 +0000
ROA not before: Tue 02 Jun 2026 16:04:46 +0000
ROA not after: Tue 01 Jun 2027 16:09:46 +0000
asID: 149837
IP address blocks: 59.63.192.0/22 maxlen: 22
59.63.200.0/21 maxlen: 21
106.227.64.0/19 maxlen: 19
106.227.68.0/24 maxlen: 24
106.227.74.0/24 maxlen: 24
111.74.96.0/21 maxlen: 21
111.79.108.0/22 maxlen: 22
117.21.56.0/21 maxlen: 21
240e:13:8800::/37 maxlen: 37
240e:960:d00::/40 maxlen: 40
240e:960:e00::/40 maxlen: 40
240e:982:7500::/40 maxlen: 40
240e:982:7600::/40 maxlen: 40
240e:982:7700::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:ca:00:0a:e1:2a:ca:cc:8a:41:fc:3d:0f:61:2c:0b:33:b3:43:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: Jun 2 16:04:46 2026 GMT
Not After : Jun 1 16:09:46 2027 GMT
Subject: CN=3A6584977178B624BFC0DF893AAE228CA1146DE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:49:ab:3b:b3:00:74:ab:47:36:6b:07:9c:65:
62:95:d1:66:5d:0a:91:ca:5c:b2:42:c5:f2:54:b1:
ea:14:e6:43:a0:28:58:cd:e0:44:b7:53:e6:1d:58:
e5:f2:38:3a:04:fe:af:a4:99:60:c2:2e:82:93:81:
1b:16:72:a9:11:19:1e:a4:37:e0:c0:87:e9:71:ee:
fc:ef:13:63:84:19:01:ec:72:df:f7:8f:d1:55:7e:
95:76:fd:10:25:7b:be:31:ff:fc:6a:23:3c:4b:55:
b4:db:3a:58:dd:b2:ca:fa:cb:50:b9:78:70:53:5f:
6e:ed:64:5e:80:03:c2:f0:b1:19:10:70:e6:dd:37:
5e:a7:96:e1:0b:25:07:a5:4a:81:f4:06:1a:bf:b8:
d7:c0:05:c2:0e:53:f8:b4:5e:9c:de:47:4f:5e:58:
c7:6c:02:fd:3e:e6:e3:38:fb:5f:bf:fe:d1:cd:00:
6c:d5:e1:19:7f:00:1e:83:8a:e6:9d:bd:9a:e0:76:
b2:4a:52:76:ce:02:8e:68:cd:9a:be:1a:c9:86:81:
b2:d3:6e:35:ff:6c:f6:43:5b:72:19:eb:56:4b:ad:
80:9a:07:ce:cc:7f:81:2f:34:fc:6d:81:f4:84:63:
f5:2e:1f:81:30:d1:21:ca:23:69:92:7c:fd:9c:a3:
5d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:65:84:97:71:78:B6:24:BF:C0:DF:89:3A:AE:22:8C:A1:14:6D:E7
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS149837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
59.63.192.0/22
59.63.200.0/21
106.227.64.0/19
111.74.96.0/21
111.79.108.0/22
117.21.56.0/21
IPv6:
240e:13:8800::/37
240e:960:d00::-240e:960:eff:ffff:ffff:ffff:ffff:ffff
240e:982:7500::-240e:982:7703:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0e:76:07:be:8b:43:89:9d:bb:b1:48:4e:6f:5f:f3:58:c5:6c:
a0:31:9a:69:a0:66:f7:58:4e:bf:f1:cd:95:f2:ab:63:d2:8f:
90:6b:61:81:a3:43:6a:e4:fd:fb:56:3e:41:ba:f5:e1:b5:b3:
47:6b:3f:d7:ee:2a:40:d3:19:a8:d1:11:6c:29:b6:cf:f2:fb:
1b:fc:66:f7:4e:93:37:53:b3:99:cf:e5:e3:9f:09:e7:89:69:
ff:58:70:d2:c0:34:f2:30:f6:6b:aa:27:b9:ad:99:23:51:75:
eb:16:81:3a:f1:f8:bd:4f:28:d8:17:7b:eb:a8:48:fd:ad:4e:
b1:ef:52:aa:76:e9:85:3b:b6:08:64:f5:68:e3:3c:9f:1d:31:
8a:b8:20:ec:8e:dc:9d:39:77:c9:05:c8:f5:b4:fb:eb:78:2c:
0a:35:ef:81:45:2c:ad:44:f7:75:73:6a:04:a6:ce:db:11:61:
70:78:59:9b:ad:be:e6:57:e7:bb:0d:a4:e8:7b:fe:79:eb:b3:
fd:21:58:9c:cd:ab:c0:fa:93:4e:7b:d6:62:19:a6:e9:18:69:
d4:0a:8d:fc:90:00:6c:d9:c0:88:37:b3:75:db:ff:16:4c:57:
b2:aa:a6:41:b5:89:cf:bf:51:12:b1:c9:8b:0f:18:b0:40:0f:
55:dc:f9:1f
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIUIcoACuEqysyKQfw9D2EsCzOzQxQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYwMjE2MDQ0NloX
DTI3MDYwMTE2MDk0NlowMzExMC8GA1UEAxMoM0E2NTg0OTc3MTc4QjYyNEJGQzBE
Rjg5M0FBRTIyOENBMTE0NkRFNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJRJqzuzAHSrRzZrB5xlYpXRZl0KkcpcskLF8lSx6hTmQ6AoWM3gRLdT5h1Y
5fI4OgT+r6SZYMIugpOBGxZyqREZHqQ34MCH6XHu/O8TY4QZAexy3/eP0VV+lXb9
ECV7vjH//GojPEtVtNs6WN2yyvrLULl4cFNfbu1kXoADwvCxGRBw5t03XqeW4Qsl
B6VKgfQGGr+418AFwg5T+LRenN5HT15Yx2wC/T7m4zj7X7/+0c0AbNXhGX8AHoOK
5p29muB2skpSds4CjmjNmr4ayYaBstNuNf9s9kNbchnrVkutgJoHzsx/gS80/G2B
9IRj9S4fgTDRIcojaZJ8/ZyjXT8CAwEAAaOCAjcwggIzMB0GA1UdDgQWBBQ6ZYSX
cXi2JL/A34k6riKMoRRt5zAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTQ5ODM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MHIGCCsGAQUFBwEHAQH/BGMwYTAqBAIAATAkAwQCOz/AAwQDOz/IAwQFauNAAwQD
b0pgAwQCb09sAwQDdRU4MDMEAgACMC0DBgMkDgATiDAQAwYAJA4JYA0DBgAkDglg
DjARAwYAJA4JgnUDBwIkDgmCdwAwDQYJKoZIhvcNAQELBQADggEBAA52B76LQ4md
u7FITm9f81jFbKAxmmmgZvdYTr/xzZXyq2PSj5BrYYGjQ2rk/ftWPkG69eG1s0dr
P9fuKkDTGajREWwpts/y+xv8ZvdOkzdTs5nP5eOfCeeJaf9YcNLANPIw9muqJ7mt
mSNRdesWgTrx+L1PKNgXe+uoSP2tTrHvUqp26YU7tghk9WjjPJ8dMYq4IOyO3J05
d8kFyPW0++t4LAo174FFLK1E93VzagSmztsRYXB4WZutvuZX57sNpOh7/nnrs/0h
WJzNq8D6k0571mIZpukYadQKjfyQAGzZwIg3s3Xb/xZMV7KqpkG1ic+/URKxyYsP
GLBAD1Xc+R8=
-----END CERTIFICATE-----
Generated at Sun Jun 14 05:17:38 2026 by rpki-client