Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS151823.roa
File: AS151823.roa (raw, json)
Hash identifier: JKV65V/OaY+Hm2ierwsCF5E4yYUmYU+nyfHAsaUsXJM=
Subject key identifier: 20:6A:EF:C2:64:06:42:9D:FF:85:22:BC:61:EB:E9:8B:B2:F0:98:9F
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 1EB40D1FFF07F356B24EF81D4C2A857FF9A55B2E
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS151823.roa
Signing time: Mon 01 Jun 2026 16:41:13 +0000
ROA not before: Mon 01 Jun 2026 16:36:13 +0000
ROA not after: Mon 31 May 2027 16:41:13 +0000
asID: 151823
IP address blocks: 175.12.0.0/18 maxlen: 18
175.12.58.0/24 maxlen: 24
175.12.59.0/24 maxlen: 24
175.12.60.0/24 maxlen: 24
175.12.61.0/24 maxlen: 24
175.12.62.0/24 maxlen: 24
175.12.63.0/24 maxlen: 24
175.12.64.0/18 maxlen: 18
175.12.64.0/22 maxlen: 22
175.12.96.0/22 maxlen: 22
175.12.105.0/24 maxlen: 24
175.12.106.0/24 maxlen: 24
175.12.107.0/24 maxlen: 24
175.12.108.0/24 maxlen: 24
175.12.109.0/24 maxlen: 24
220.169.208.0/24 maxlen: 24
220.169.209.0/24 maxlen: 24
240e:106:aa00::/39 maxlen: 39
240e:96a:4000::/36 maxlen: 36
240e:982:9b00::/40 maxlen: 40
240e:982:9d00::/40 maxlen: 40
240e:982:9e00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:b4:0d:1f:ff:07:f3:56:b2:4e:f8:1d:4c:2a:85:7f:f9:a5:5b:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: Jun 1 16:36:13 2026 GMT
Not After : May 31 16:41:13 2027 GMT
Subject: CN=206AEFC26406429DFF8522BC61EBE98BB2F0989F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9f:c1:b9:31:a3:01:15:e8:9c:79:a6:a9:ad:
44:ea:5f:7d:41:1c:38:4a:0f:cc:37:e1:6b:b4:fb:
31:92:83:5b:4b:f9:9b:52:df:7b:9e:c8:b2:82:bc:
58:7e:22:e0:8c:c1:30:63:6c:23:b4:93:63:69:1d:
a2:a6:9e:6f:ad:0e:3c:15:ee:d8:f5:ed:9c:08:b6:
46:6f:ad:5c:ff:e6:18:62:83:c4:9f:81:e0:8f:5b:
7e:3c:84:6d:e0:ec:86:ce:ae:a0:69:a4:97:e4:a2:
b3:fa:59:26:08:84:b7:c2:b0:f8:a6:49:f1:28:b2:
c2:b6:d5:24:e2:f8:bf:2b:e2:dd:99:47:76:55:6f:
88:69:e1:bc:2a:6c:16:f0:f7:0e:8d:af:cd:98:70:
4f:1d:fb:c6:86:07:8b:4d:bb:3f:69:c0:30:65:79:
16:95:c7:06:81:2e:ca:93:c5:b1:cf:71:29:51:a5:
d7:81:3a:bf:38:7a:d2:cb:3b:0a:83:10:a0:f0:b7:
22:2a:ed:4a:ed:ca:0b:ea:99:6e:4c:98:67:8b:f6:
17:a0:3c:b8:b6:a1:e6:7a:a1:bd:3a:67:91:70:fa:
54:5b:4d:41:e3:24:bc:f3:ea:15:64:b0:58:a0:2b:
c5:ef:c8:c5:4a:91:fb:ae:20:4a:6b:de:2d:5a:77:
7b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:6A:EF:C2:64:06:42:9D:FF:85:22:BC:61:EB:E9:8B:B2:F0:98:9F
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS151823.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.12.0.0/17
220.169.208.0/23
IPv6:
240e:106:aa00::/39
240e:96a:4000::/36
240e:982:9b00::/40
240e:982:9d00::-240e:982:9eff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
02:85:c5:9b:75:7b:e6:06:5b:eb:9f:f9:22:ec:8b:5d:2c:54:
b6:64:0c:9a:d7:f5:d9:5a:db:e0:ef:57:c6:ba:50:54:40:ba:
c2:c3:c2:da:e2:eb:18:6d:1a:aa:eb:0e:04:f2:bf:38:04:81:
4b:df:7a:36:4a:1f:61:9f:5d:05:11:c0:9e:14:b6:12:38:45:
72:e1:05:70:60:a7:1c:2e:14:a6:21:e0:95:7e:0d:b2:a2:29:
c4:d6:71:ac:e1:1d:e7:b0:b7:a5:fb:b5:a5:ab:cc:36:06:39:
cb:7f:70:bc:31:25:f9:31:83:51:3e:64:58:4c:f0:2f:99:43:
dd:fe:55:24:42:fb:7e:a6:6c:52:d3:96:37:59:19:9d:9c:69:
17:05:bc:c9:ba:c5:1f:ac:1f:30:45:44:2c:de:4b:78:d4:22:
1f:e1:17:cd:d1:99:67:c3:e1:2e:e8:4e:ba:11:aa:3c:6c:90:
21:c5:74:6f:84:ca:c9:20:6b:22:9b:72:c9:1f:22:2e:64:b8:
95:dc:31:86:bf:99:e3:e0:70:77:5d:80:26:d1:92:64:4e:4c:
21:00:d6:8d:75:99:82:c9:09:de:47:38:0d:28:88:90:37:03:
17:ff:52:5d:64:c7:f5:a7:42:85:b4:fe:e6:0b:9b:a7:5a:d9:
85:c3:9d:49
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUHrQNH/8H81ayTvgdTCqFf/mlWy4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYwMTE2MzYxM1oX
DTI3MDUzMTE2NDExM1owMzExMC8GA1UEAxMoMjA2QUVGQzI2NDA2NDI5REZGODUy
MkJDNjFFQkU5OEJCMkYwOTg5RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJqfwbkxowEV6Jx5pqmtROpffUEcOEoPzDfha7T7MZKDW0v5m1Lfe57IsoK8
WH4i4IzBMGNsI7STY2kdoqaeb60OPBXu2PXtnAi2Rm+tXP/mGGKDxJ+B4I9bfjyE
beDshs6uoGmkl+Sis/pZJgiEt8Kw+KZJ8SiywrbVJOL4vyvi3ZlHdlVviGnhvCps
FvD3Do2vzZhwTx37xoYHi027P2nAMGV5FpXHBoEuypPFsc9xKVGl14E6vzh60ss7
CoMQoPC3IirtSu3KC+qZbkyYZ4v2F6A8uLah5nqhvTpnkXD6VFtNQeMkvPPqFWSw
WKArxe/IxUqR+64gSmveLVp3e5kCAwEAAaOCAhwwggIYMB0GA1UdDgQWBBQgau/C
ZAZCnf+FIrxh6+mLsvCYnzAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTMTUxODIzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MFcGCCsGAQUFBwEHAQH/BEgwRjASBAIAATAMAwQHrwwAAwQB3KnQMDAEAgACMCoD
BgEkDgEGqgMGBCQOCWpAAwYAJA4JgpswEAMGACQOCYKdAwYAJA4Jgp4wDQYJKoZI
hvcNAQELBQADggEBAAKFxZt1e+YGW+uf+SLsi10sVLZkDJrX9dla2+DvV8a6UFRA
usLDwtri6xhtGqrrDgTyvzgEgUvfejZKH2GfXQURwJ4UthI4RXLhBXBgpxwuFKYh
4JV+DbKiKcTWcazhHeewt6X7taWrzDYGOct/cLwxJfkxg1E+ZFhM8C+ZQ93+VSRC
+36mbFLTljdZGZ2caRcFvMm6xR+sHzBFRCzeS3jUIh/hF83RmWfD4S7oTroRqjxs
kCHFdG+EyskgayKbcskfIi5kuJXcMYa/mePgcHddgCbRkmROTCEA1o11mYLJCd5H
OA0oiJA3Axf/Ul1kx/WnQoW0/uYLm6da2YXDnUk=
-----END CERTIFICATE-----
Generated at Sun Jun 14 06:30:56 2026 by rpki-client