Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS58772.roa
File: AS58772.roa (raw, json)
Hash identifier: 8cN+Vd7QfvMgiRJTrHFF2FBLMd5s/YnOHB46VtVUz3k=
Subject key identifier: 99:A5:08:FE:D0:A9:1D:F0:BE:90:68:A3:3B:21:68:99:25:62:26:FC
Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Certificate serial: 356D1BCEB439928D9256AC332D481F7F731A8394
Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS58772.roa
Signing time: Wed 10 Jun 2026 16:35:13 +0000
ROA not before: Wed 10 Jun 2026 16:30:13 +0000
ROA not after: Wed 09 Jun 2027 16:35:13 +0000
asID: 58772
IP address blocks: 27.156.26.0/23 maxlen: 23
110.80.144.0/20 maxlen: 20
110.80.144.0/23 maxlen: 23
110.80.157.0/24 maxlen: 24
117.24.160.0/20 maxlen: 20
117.24.166.0/24 maxlen: 24
124.72.128.0/21 maxlen: 21
124.72.136.0/22 maxlen: 22
182.44.64.0/19 maxlen: 19
182.44.64.0/23 maxlen: 23
203.55.128.0/23 maxlen: 23
240e:108:1185::/48 maxlen: 48
240e:264:a000::/36 maxlen: 36
240e:964:5000::/37 maxlen: 37
240e:964:5400::/46 maxlen: 46
240e:964:a800::/38 maxlen: 38
240e:964:d400::/39 maxlen: 39
240e:964:f400::/39 maxlen: 39
240e:965:5000::/37 maxlen: 37
240e:965:a800::/38 maxlen: 38
240e:965:d400::/39 maxlen: 39
240e:965:f400::/39 maxlen: 39
240e:966:5000::/37 maxlen: 37
240e:966:a800::/38 maxlen: 38
240e:966:d400::/39 maxlen: 39
240e:966:f400::/39 maxlen: 39
240e:967:5000::/37 maxlen: 37
240e:967:a800::/38 maxlen: 38
240e:967:d400::/39 maxlen: 39
240e:967:f400::/39 maxlen: 39
240e:980:8530::/48 maxlen: 48
240e:982:8500::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 14 Jun 2026 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:6d:1b:ce:b4:39:92:8d:92:56:ac:33:2d:48:1f:7f:73:1a:83:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E
Validity
Not Before: Jun 10 16:30:13 2026 GMT
Not After : Jun 9 16:35:13 2027 GMT
Subject: CN=99A508FED0A91DF0BE9068A33B216899256226FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:71:c0:32:df:cf:bd:c3:68:ba:5d:b6:7a:01:
9d:83:23:06:2a:68:41:9b:c3:21:7a:c2:a4:7b:11:
1c:ad:a0:ae:3e:ae:14:c6:81:cd:b7:8f:9e:e0:35:
1c:22:5d:5e:93:d6:5b:41:b6:82:fa:63:e2:36:50:
dd:48:d1:5e:74:18:a3:74:88:26:d2:64:0d:af:bf:
f9:b7:7f:03:df:b4:a1:54:47:5f:b6:3d:e4:b9:b6:
40:13:65:92:3b:ac:a4:48:d1:94:a8:bf:16:16:a4:
16:2a:40:65:b0:93:07:08:d7:f3:ed:ac:23:a5:26:
6d:8d:7c:c6:99:ee:eb:51:79:71:51:a2:e5:13:20:
48:d3:61:24:6f:a9:b2:4a:34:1c:9d:8f:90:f8:9d:
9e:9d:7e:0f:ee:96:34:a0:a4:5c:f3:7f:36:83:d1:
9d:3b:fd:81:90:2c:c6:40:c6:be:a1:ac:3d:fa:28:
bd:8c:31:ac:17:ca:26:c1:40:6e:c8:a0:41:ac:85:
e5:94:8b:04:9c:27:bf:22:28:c9:39:57:63:07:a4:
97:33:f3:5e:19:6b:6e:46:53:3b:b2:4e:b3:ce:50:
61:00:b1:90:6e:fc:07:8e:a8:e2:61:9e:e6:bb:08:
fc:51:4b:f4:46:0c:c7:b7:ae:ee:4b:ff:4d:e1:16:
98:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A5:08:FE:D0:A9:1D:F0:BE:90:68:A3:3B:21:68:99:25:62:26:FC
X509v3 Authority Key Identifier:
keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS58772.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.156.26.0/23
110.80.144.0/20
117.24.160.0/20
124.72.128.0-124.72.139.255
182.44.64.0/19
203.55.128.0/23
IPv6:
240e:108:1185::/48
240e:264:a000::/36
240e:964:5000::/37
240e:964:a800::/38
240e:964:d400::/39
240e:964:f400::/39
240e:965:5000::/37
240e:965:a800::/38
240e:965:d400::/39
240e:965:f400::/39
240e:966:5000::/37
240e:966:a800::/38
240e:966:d400::/39
240e:966:f400::/39
240e:967:5000::/37
240e:967:a800::/38
240e:967:d400::/39
240e:967:f400::/39
240e:980:8530::/48
240e:982:8500::/40
Signature Algorithm: sha256WithRSAEncryption
59:65:42:fc:69:d5:c7:eb:fc:d4:94:73:37:00:1f:db:64:f6:
01:86:5c:b4:76:59:93:3b:62:37:cf:ab:3b:d6:e1:7d:54:84:
a5:9a:25:56:e9:2a:36:24:7a:19:74:55:96:6f:67:cc:b4:d1:
ad:5d:e8:01:c9:ac:16:38:f0:a7:89:a0:6c:ef:f8:13:5a:41:
c6:2c:fc:07:fe:ec:fc:e3:ec:38:78:df:b0:9e:f6:6a:f4:77:
fa:f1:59:91:e8:16:46:7c:f9:2f:ea:01:7e:89:9d:8c:1f:ec:
f5:38:ff:da:80:05:4a:bb:e9:b4:a5:5f:41:2b:5e:24:08:2d:
75:27:2f:14:1d:8d:b5:33:f4:a6:c2:fc:25:4b:a6:60:54:0a:
cc:f3:51:22:3d:69:91:4b:f3:23:1c:27:cc:ae:05:76:bd:af:
6e:e8:f4:f7:22:b5:02:1a:f6:b3:59:72:c4:43:65:34:0e:b7:
5b:d1:63:e7:e0:48:7e:dd:94:e5:46:0c:d5:44:9b:5d:71:0e:
09:c4:57:78:2c:9e:47:6a:74:b6:36:47:3d:c5:7b:8e:7d:30:
11:07:5f:97:29:67:0e:eb:fa:06:2b:ec:e3:51:26:0b:cc:16:
4e:c4:56:ba:71:34:81:2e:f0:4a:ea:a1:78:69:da:d5:d2:6c:
e7:09:d5:42
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUNW0bzrQ5ko2SVqwzLUgff3Mag5QwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz
NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYxMDE2MzAxM1oX
DTI3MDYwOTE2MzUxM1owMzExMC8GA1UEAxMoOTlBNTA4RkVEMEE5MURGMEJFOTA2
OEEzM0IyMTY4OTkyNTYyMjZGQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxxwDLfz73DaLpdtnoBnYMjBipoQZvDIXrCpHsRHK2grj6uFMaBzbePnuA1
HCJdXpPWW0G2gvpj4jZQ3UjRXnQYo3SIJtJkDa+/+bd/A9+0oVRHX7Y95Lm2QBNl
kjuspEjRlKi/FhakFipAZbCTBwjX8+2sI6UmbY18xpnu61F5cVGi5RMgSNNhJG+p
sko0HJ2PkPidnp1+D+6WNKCkXPN/NoPRnTv9gZAsxkDGvqGsPfoovYwxrBfKJsFA
bsigQayF5ZSLBJwnvyIoyTlXYweklzPzXhlrbkZTO7JOs85QYQCxkG78B46o4mGe
5rsI/FFL9EYMx7eu7kv/TeEWmOUCAwEAAaOCArgwggK0MB0GA1UdDgQWBBSZpQj+
0Kkd8L6QaKM7IWiZJWIm/DAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ
HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx
ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw
Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBdBggrBgEFBQcBCwRRME8wTQYIKwYBBQUH
MAuGQXJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw
NTk3NjgzNS8xL0FTNTg3NzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
gfMGCCsGAQUFBwEHAQH/BIHjMIHgMDIEAgABMCwDBAEbnBoDBARuUJADBAR1GKAw
DAMEB3xIgAMEAnxIiAMEBbYsQAMEAcs3gDCBqQQCAAIwgaIDBwAkDgEIEYUDBgQk
DgJkoAMGAyQOCWRQAwYCJA4JZKgDBgEkDglk1AMGASQOCWT0AwYDJA4JZVADBgIk
DgllqAMGASQOCWXUAwYBJA4JZfQDBgMkDglmUAMGAiQOCWaoAwYBJA4JZtQDBgEk
Dglm9AMGAyQOCWdQAwYCJA4JZ6gDBgEkDgln1AMGASQOCWf0AwcAJA4JgIUwAwYA
JA4JgoUwDQYJKoZIhvcNAQELBQADggEBAFllQvxp1cfr/NSUczcAH9tk9gGGXLR2
WZM7YjfPqzvW4X1UhKWaJVbpKjYkehl0VZZvZ8y00a1d6AHJrBY48KeJoGzv+BNa
QcYs/Af+7Pzj7Dh437Ce9mr0d/rxWZHoFkZ8+S/qAX6JnYwf7PU4/9qABUq76bSl
X0ErXiQILXUnLxQdjbUz9KbC/CVLpmBUCszzUSI9aZFL8yMcJ8yuBXa9r27o9Pci
tQIa9rNZcsRDZTQOt1vRY+fgSH7dlOVGDNVEm11xDgnEV3gsnkdqdLY2Rz3Fe459
MBEHX5cpZw7r+gYr7ONRJgvMFk7EVrpxNIEu8ErqoXhp2tXSbOcJ1UI=
-----END CERTIFICATE-----
Generated at Sun Jun 14 05:17:45 2026 by rpki-client