Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8UnzHP3emVFu7L2JJfxsrnImMR8.roa
File: 8UnzHP3emVFu7L2JJfxsrnImMR8.roa (raw, json)
Hash identifier: kknillXiSIE4oQoMvH2WWeM7eDfGHCJeSXU+umomiyE=
Subject key identifier: F1:49:F3:1C:FD:DE:99:51:6E:EC:BD:89:25:FC:6C:AE:72:26:31:1F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 66BA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8UnzHP3emVFu7L2JJfxsrnImMR8.roa
Signing time: Sun 01 Jun 2025 00:43:33 +0000
ROA not before: Sun 01 Jun 2025 00:43:33 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26298 (0x66ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 1 00:43:33 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=F149F31CFDDE99516EECBD8925FC6CAE7226311F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:84:cf:b1:53:ed:47:9b:0d:a1:75:96:2a:12:
b8:01:b1:81:b8:52:ba:b4:6b:62:ad:6d:14:b1:bb:
9f:11:34:f9:78:36:62:af:a3:f6:5e:7a:1f:d3:fb:
dc:d9:fe:35:62:48:ef:fe:17:97:c4:e7:ec:7a:d4:
1c:32:14:3d:c5:ee:fe:30:45:f0:f2:2c:55:64:ca:
ef:6c:6c:8f:55:e3:5a:5f:96:7f:5b:3c:d2:7e:63:
97:c6:ba:d7:f9:d8:b6:e4:22:65:c5:a5:38:a6:37:
47:5b:77:e3:6f:b7:5d:2a:21:16:df:e7:02:96:2a:
a0:92:0a:77:39:10:ff:8b:7e:d8:4a:81:94:f8:c9:
c0:04:3d:b8:62:ca:78:cf:25:ef:42:c1:90:b8:03:
52:42:80:d6:98:cc:cd:4d:be:a7:50:16:f3:b7:97:
ae:4e:a2:0e:bd:22:9d:b1:55:bd:0f:98:fe:da:b5:
b1:0c:b0:1e:9f:28:44:bc:9c:9e:e9:f2:e0:8e:9e:
df:73:72:9a:c3:f1:70:28:49:75:bc:e2:3d:99:e2:
91:fa:b2:74:ec:e9:42:d3:9c:7e:83:fb:44:00:38:
bb:9e:53:3f:2a:2d:21:f5:00:06:e5:2d:f0:37:66:
54:5f:8a:dc:54:d2:16:dd:31:3a:d9:10:ac:51:65:
21:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:49:F3:1C:FD:DE:99:51:6E:EC:BD:89:25:FC:6C:AE:72:26:31:1F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8UnzHP3emVFu7L2JJfxsrnImMR8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
3a:95:42:06:dc:55:fd:3f:bd:c9:09:43:d9:32:e7:70:97:d7:
5b:da:8d:89:c7:d6:71:89:d6:ed:96:01:64:21:c7:1a:45:62:
58:84:c0:c5:09:ea:0c:31:f7:e3:d3:42:95:ef:ed:4a:b6:f5:
c3:09:e3:3e:b1:8a:ea:87:ae:84:75:89:55:d8:bf:65:02:94:
73:d5:d9:3e:3a:2d:ab:4f:7b:55:77:1d:3a:a6:8a:19:77:54:
a4:d8:c7:29:10:0c:11:ef:2c:0d:00:47:97:b3:1d:11:a4:fb:
44:10:c3:cd:39:4b:ee:a7:52:09:76:2e:59:a1:e9:fd:fa:23:
d2:4d:82:26:42:8a:71:a7:f7:c9:a8:40:06:0a:ae:1f:03:f5:
fa:30:91:f4:61:b8:df:e5:32:bf:1e:ab:2c:fe:52:73:4a:27:
16:1f:29:56:93:78:75:16:0f:62:0a:b2:25:fa:72:a1:3a:9b:
e0:dd:90:17:5b:07:f0:a2:42:eb:de:91:b8:65:6d:13:74:51:
b9:80:f8:f5:38:fe:8f:6f:6f:ca:60:07:21:d0:72:67:81:18:
b5:b8:88:62:07:67:b6:14:34:ad:9f:b8:35:eb:30:20:0b:6d:
6b:4b:a3:6d:59:a9:e7:48:0f:54:b0:c6:2d:8b:8f:9b:ca:3f:
6c:8a:c8:dd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZrowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDEw
MDQzMzNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEYxNDlGMzFDRkRERTk5
NTE2RUVDQkQ4OTI1RkM2Q0FFNzIyNjMxMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+hM+xU+1Hmw2hdZYqErgBsYG4Urq0a2KtbRSxu58RNPl4NmKv
o/Zeeh/T+9zZ/jViSO/+F5fE5+x61BwyFD3F7v4wRfDyLFVkyu9sbI9V41pfln9b
PNJ+Y5fGutf52LbkImXFpTimN0dbd+Nvt10qIRbf5wKWKqCSCnc5EP+LfthKgZT4
ycAEPbhiynjPJe9CwZC4A1JCgNaYzM1NvqdQFvO3l65Oog69Ip2xVb0PmP7atbEM
sB6fKES8nJ7p8uCOnt9zcprD8XAoSXW84j2Z4pH6snTs6ULTnH6D+0QAOLueUz8q
LSH1AAblLfA3ZlRfitxU0hbdMTrZEKxRZSHdAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU8UnzHP3emVFu7L2JJfxsrnImMR8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzhVbnpIUDNlbVZGdTdM
MkpKZnhzcm5JbU1SOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQA6lUIG
3FX9P73JCUPZMudwl9db2o2Jx9ZxidbtlgFkIccaRWJYhMDFCeoMMffj00KV7+1K
tvXDCeM+sYrqh66EdYlV2L9lApRz1dk+Oi2rT3tVdx06pooZd1Sk2McpEAwR7ywN
AEeXsx0RpPtEEMPNOUvup1IJdi5Zoen9+iPSTYImQopxp/fJqEAGCq4fA/X6MJH0
Ybjf5TK/Hqss/lJzSicWHylWk3h1Fg9iCrIl+nKhOpvg3ZAXWwfwokLr3pG4ZW0T
dFG5gPj1OP6Pb2/KYAch0HJngRi1uIhiB2e2FDStn7g16zAgC21rS6NtWannSA9U
sMYti4+byj9sisjd
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:01:37 2025 by rpki-client