Route Origin Authorization
$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1094872834095775747/0/AS138407.roa
File: AS138407.roa (raw, json)
Hash identifier: PYX6daE1G5y9ji7q0unNa87hic3gqwqz6BAymxPl7SM=
Subject key identifier: 97:93:43:FC:85:9B:65:82:D4:DD:16:B1:CC:9C:CC:9A:FC:0F:06:D8
Certificate issuer: /CN=A91D5F3D0000/serialNumber=DBB23C7EE492212EA858B78E1C66BF2298E5ACD4
Certificate serial: 778F659C5BD526B6AE271D5203DD81C7BB78E149
Authority key identifier: DB:B2:3C:7E:E4:92:21:2E:A8:58:B7:8E:1C:66:BF:22:98:E5:AC:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/27I8fuSSIS6oWLeOHGa_IpjlrNQ.cer
Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1094872834095775747/0/AS138407.roa
Signing time: Thu 07 May 2026 01:46:41 +0000
ROA not before: Thu 07 May 2026 01:41:41 +0000
ROA not after: Thu 06 May 2027 01:46:41 +0000
asID: 138407
IP address blocks: 2409:806a:3000::/48 maxlen: 48
2409:806a:b020::/44 maxlen: 44
2409:8c6a:1412::/48 maxlen: 48
2409:8c6a:1e12::/48 maxlen: 48
2409:8c6a:3a10::/44 maxlen: 44
2409:8c6a:4c00::/40 maxlen: 40
2409:8c6a:5c12::/48 maxlen: 48
2409:8c6a:6c12::/48 maxlen: 48
2409:8c6a:6f10::/44 maxlen: 44
2409:8c6a:7812::/48 maxlen: 48
2409:8c6a:9812::/48 maxlen: 48
2409:8c6a:b010::/44 maxlen: 44
2409:8c6a:b011::/48 maxlen: 48
2409:8c6a:b012::/48 maxlen: 48
2409:8c6a:b020::/44 maxlen: 44
2409:8c6a:b021::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rps.cnnic.cn/repo/A1094872834095775747/0/DBB23C7EE492212EA858B78E1C66BF2298E5ACD4.crl
rsync://rpki-rps.cnnic.cn/repo/A1094872834095775747/0/DBB23C7EE492212EA858B78E1C66BF2298E5ACD4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/27I8fuSSIS6oWLeOHGa_IpjlrNQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 14 May 2026 10:37:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:8f:65:9c:5b:d5:26:b6:ae:27:1d:52:03:dd:81:c7:bb:78:e1:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D5F3D0000, serialNumber=DBB23C7EE492212EA858B78E1C66BF2298E5ACD4
Validity
Not Before: May 7 01:41:41 2026 GMT
Not After : May 6 01:46:41 2027 GMT
Subject: CN=979343FC859B6582D4DD16B1CC9CCC9AFC0F06D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:99:2d:72:c2:b2:15:0d:b0:17:4c:4b:93:f1:
a8:4b:b3:e6:9f:3c:2b:d9:7f:ff:b1:b8:2c:41:0c:
31:d4:78:d7:81:a9:f3:f9:b9:ce:34:99:b6:36:0a:
30:75:a7:05:9b:67:6c:69:ce:ac:bd:33:2f:b7:59:
a8:f4:4b:52:33:3c:be:7a:67:b2:1c:ef:29:a0:dd:
73:a6:93:2c:34:36:14:46:35:82:e4:4b:f6:04:a1:
26:a9:eb:43:c9:7b:ac:f2:6d:2d:c7:b0:8f:36:24:
63:e1:07:54:99:3e:e8:83:93:09:66:89:45:d6:5a:
a3:51:ec:78:5f:c4:ed:af:e7:ce:41:ae:63:00:d8:
31:bd:6b:a6:37:0c:eb:89:7f:d5:97:b4:d9:03:35:
cb:b0:25:44:ed:6b:11:03:e1:00:4b:d8:2f:16:67:
b1:84:2e:cb:77:11:99:3d:eb:3b:00:9a:aa:f2:4e:
71:f1:c2:31:b9:e3:f6:51:ca:d7:b8:67:96:b3:56:
6f:01:d8:9c:b8:3a:29:14:ff:ed:2c:8e:48:d3:be:
f0:53:e9:72:f2:d5:58:15:29:81:5b:ba:79:fe:ed:
ba:54:34:c9:e0:39:54:3e:23:a2:29:c7:b4:7e:91:
24:81:d6:b4:6d:07:bb:52:d4:4e:30:f7:5f:17:78:
73:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:93:43:FC:85:9B:65:82:D4:DD:16:B1:CC:9C:CC:9A:FC:0F:06:D8
X509v3 Authority Key Identifier:
keyid:DB:B2:3C:7E:E4:92:21:2E:A8:58:B7:8E:1C:66:BF:22:98:E5:AC:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.cnnic.cn/repo/A1094872834095775747/0/DBB23C7EE492212EA858B78E1C66BF2298E5ACD4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/27I8fuSSIS6oWLeOHGa_IpjlrNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1094872834095775747/0/AS138407.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2409:806a:3000::/48
2409:806a:b020::/44
2409:8c6a:1412::/48
2409:8c6a:1e12::/48
2409:8c6a:3a10::/44
2409:8c6a:4c00::/40
2409:8c6a:5c12::/48
2409:8c6a:6c12::/48
2409:8c6a:6f10::/44
2409:8c6a:7812::/48
2409:8c6a:9812::/48
2409:8c6a:b010::-2409:8c6a:b02f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
74:1b:ea:26:92:2c:a8:21:7b:37:50:64:b8:2a:21:e1:1d:ea:
0c:71:6c:5a:3e:d4:d2:ac:98:25:58:3e:fa:3c:d6:03:1a:4d:
f1:8f:15:e8:66:c0:82:68:e5:c2:2b:d8:44:18:ce:c9:02:54:
f7:cb:bc:36:12:12:26:0d:65:73:80:8d:bb:5d:5d:a2:27:14:
78:1a:5d:02:94:bc:51:a1:d4:fe:8c:f2:04:25:16:58:57:b9:
86:3e:67:2e:d3:12:a6:61:c1:c9:24:7c:4f:be:2b:73:2b:f8:
d9:a3:bc:44:47:63:4a:17:b7:e1:64:23:8b:bb:38:a3:f2:47:
4c:03:f9:eb:99:46:d5:84:70:8f:1e:0c:3a:26:fe:b9:4a:c2:
e0:de:41:ef:aa:cc:95:60:bb:e3:38:64:0a:4e:75:11:5c:4f:
71:67:83:6a:1e:0a:63:0f:2d:91:e3:28:d4:ad:0a:aa:5e:61:
e6:31:a2:e6:91:9a:84:ca:4f:7d:b2:8e:19:70:3e:11:0e:c5:
c1:86:c8:11:c7:1b:db:90:24:94:44:82:c9:77:af:81:0b:15:
47:77:04:6c:ff:0e:63:24:a3:18:c7:56:11:0f:f0:be:5f:60:
c5:c4:77:43:d9:44:ef:f0:ef:3a:93:cc:18:f7:db:23:30:06:
47:ca:5e:e2
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgIUd49lnFvVJrauJx1SA92Bx7t44UkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRDVGM0QwMDAwMTEwLwYDVQQFEyhEQkIyM0M3RUU0
OTIyMTJFQTg1OEI3OEUxQzY2QkYyMjk4RTVBQ0Q0MB4XDTI2MDUwNzAxNDE0MVoX
DTI3MDUwNjAxNDY0MVowMzExMC8GA1UEAxMoOTc5MzQzRkM4NTlCNjU4MkQ0REQx
NkIxQ0M5Q0NDOUFGQzBGMDZEODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOSZLXLCshUNsBdMS5PxqEuz5p88K9l//7G4LEEMMdR414Gp8/m5zjSZtjYK
MHWnBZtnbGnOrL0zL7dZqPRLUjM8vnpnshzvKaDdc6aTLDQ2FEY1guRL9gShJqnr
Q8l7rPJtLcewjzYkY+EHVJk+6IOTCWaJRdZao1HseF/E7a/nzkGuYwDYMb1rpjcM
64l/1Ze02QM1y7AlRO1rEQPhAEvYLxZnsYQuy3cRmT3rOwCaqvJOcfHCMbnj9lHK
17hnlrNWbwHYnLg6KRT/7SyOSNO+8FPpcvLVWBUpgVu6ef7tulQ0yeA5VD4joinH
tH6RJIHWtG0Hu1LUTjD3Xxd4cw0CAwEAAaOCAlYwggJSMB0GA1UdDgQWBBSXk0P8
hZtlgtTdFrHMnMya/A8G2DAfBgNVHSMEGDAWgBTbsjx+5JIhLqhYt44cZr8imOWs
1DAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp
LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk0ODcyODM0MDk1Nzc1NzQ3LzAvREJCMjND
N0VFNDkyMjEyRUE4NThCNzhFMUM2NkJGMjI5OEU1QUNENC5jcmwwfgYIKwYBBQUH
AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z
aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvMjdJOGZ1U1NJ
UzZvV0xlT0hHYV9JcGpsck5RLmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH
MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NDg3MjgzNDA5
NTc3NTc0Ny8wL0FTMTM4NDA3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgACMHYDBwAkCYBqMAADBwQkCYBqsCAD
BwAkCYxqFBIDBwAkCYxqHhIDBwQkCYxqOhADBgAkCYxqTAMHACQJjGpcEgMHACQJ
jGpsEgMHBCQJjGpvEAMHACQJjGp4EgMHACQJjGqYEjASAwcEJAmMarAQAwcEJAmM
arAgMA0GCSqGSIb3DQEBCwUAA4IBAQB0G+omkiyoIXs3UGS4KiHhHeoMcWxaPtTS
rJglWD76PNYDGk3xjxXoZsCCaOXCK9hEGM7JAlT3y7w2EhImDWVzgI27XV2iJxR4
Gl0ClLxRodT+jPIEJRZYV7mGPmcu0xKmYcHJJHxPvitzK/jZo7xER2NKF7fhZCOL
uzij8kdMA/nrmUbVhHCPHgw6Jv65SsLg3kHvqsyVYLvjOGQKTnURXE9xZ4NqHgpj
Dy2R4yjUrQqqXmHmMaLmkZqEyk99so4ZcD4RDsXBhsgRxxvbkCSURILJd6+BCxVH
dwRs/w5jJKMYx1YRD/C+X2DFxHdD2UTv8O86k8wY99sjMAZHyl7i
-----END CERTIFICATE-----
Generated at Wed May 13 12:25:45 2026 by rpki-client