Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CG4ki-5HXaq6AJAL1kdVV70y5ek.roa
File: CG4ki-5HXaq6AJAL1kdVV70y5ek.roa (raw, json)
Hash identifier: QnodZqvVP/jU179DhNOrZCkMkN6pkO/9NebA8BRGqwU=
Subject key identifier: 08:6E:24:8B:EE:47:5D:AA:BA:00:90:0B:D6:47:55:57:BD:32:E5:E9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6628
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CG4ki-5HXaq6AJAL1kdVV70y5ek.roa
Signing time: Fri 30 May 2025 12:12:53 +0000
ROA not before: Fri 30 May 2025 12:12:53 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26152 (0x6628)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 30 12:12:53 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=086E248BEE475DAABA00900BD6475557BD32E5E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bd:7d:c3:48:ef:46:28:79:cd:44:16:08:b9:
d1:16:d7:96:b3:1f:6e:6f:3a:3c:fa:72:06:e8:15:
da:c1:f2:ba:51:51:bd:ce:7b:d3:de:9c:9f:69:b4:
8d:8b:00:af:2f:33:e8:0c:32:79:87:5b:1e:4f:d1:
96:78:52:a5:ec:b1:b1:db:13:e1:93:3b:2d:fd:42:
1f:91:93:6a:c8:cc:97:12:66:c3:fa:c1:97:14:e7:
4b:db:77:23:4a:f2:fa:2b:b0:23:7d:74:41:54:54:
a5:01:5e:85:9b:76:44:19:89:8a:c8:7f:4a:d8:5c:
e3:b1:b7:0e:2d:b1:3d:ee:a1:5c:83:8b:15:06:56:
94:25:b2:a7:bc:47:84:20:09:28:11:66:4f:53:94:
f8:ea:5d:41:59:5f:54:bc:39:dd:22:6d:56:12:63:
7a:0f:6c:8e:7f:38:83:ae:34:d4:f4:eb:8a:a6:3c:
f0:da:8f:f2:c0:4c:55:04:37:90:ac:83:7c:f9:ff:
a9:e9:54:cb:ae:ea:10:c6:7b:07:76:e2:64:a1:c2:
75:b1:32:08:14:48:10:81:4d:9c:61:81:01:9c:bd:
b6:67:7a:ad:64:f7:b0:15:15:69:f7:3b:2c:99:4e:
bb:65:f5:a6:15:58:57:8c:02:0c:1c:92:7d:65:b0:
66:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6E:24:8B:EE:47:5D:AA:BA:00:90:0B:D6:47:55:57:BD:32:E5:E9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CG4ki-5HXaq6AJAL1kdVV70y5ek.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
89:dc:46:40:a8:1a:2e:c6:a5:e4:0f:80:08:11:aa:1d:1d:ee:
e3:b3:b0:d0:1d:9a:98:29:1c:eb:9a:42:f5:c1:8c:96:5a:c9:
40:5f:39:ec:f3:41:91:fc:df:da:c6:e6:5b:73:15:e7:49:70:
e8:58:f7:ef:a8:ac:10:e9:c5:79:35:f7:c7:d6:ba:6c:6f:a5:
d9:f5:7b:bd:9e:31:6c:19:58:f3:8c:6d:42:56:25:17:01:2f:
03:f2:06:3a:85:fa:b4:6c:fb:34:05:82:10:76:0e:04:04:04:
aa:02:7a:c4:33:11:e8:83:d4:dd:40:42:9a:f4:74:c2:1e:a4:
f3:bc:d9:39:41:e8:85:19:1d:6b:a4:a1:d5:8f:cb:9b:26:53:
bf:ed:08:6d:15:49:fc:38:47:f5:13:21:2e:2d:66:da:a7:9a:
f3:6c:28:2e:40:df:90:70:33:af:14:08:f2:a5:7e:6a:d6:f1:
94:b1:d4:18:34:8c:c8:2c:af:8f:a9:8c:ca:b1:60:73:28:78:
c3:50:e2:f0:91:af:6b:5f:53:59:64:26:23:e2:df:c0:03:03:
63:d1:5c:1c:a4:33:9c:8c:a9:b9:cc:d4:fd:42:fa:01:04:9a:
1c:97:c3:65:b2:0a:c0:58:d2:42:8a:24:fe:34:08:53:0e:c8:
1c:d7:d1:8f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZigwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MzAx
MjEyNTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDA4NkUyNDhCRUU0NzVE
QUFCQTAwOTAwQkQ2NDc1NTU3QkQzMkU1RTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9vX3DSO9GKHnNRBYIudEW15azH25vOjz6cgboFdrB8rpRUb3O
e9PenJ9ptI2LAK8vM+gMMnmHWx5P0ZZ4UqXssbHbE+GTOy39Qh+Rk2rIzJcSZsP6
wZcU50vbdyNK8vorsCN9dEFUVKUBXoWbdkQZiYrIf0rYXOOxtw4tsT3uoVyDixUG
VpQlsqe8R4QgCSgRZk9TlPjqXUFZX1S8Od0ibVYSY3oPbI5/OIOuNNT064qmPPDa
j/LATFUEN5Csg3z5/6npVMuu6hDGewd24mShwnWxMggUSBCBTZxhgQGcvbZneq1k
97AVFWn3OyyZTrtl9aYVWFeMAgwckn1lsGYdAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUCG4ki+5HXaq6AJAL1kdVV70y5ekwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NHNGtpLTVIWGFxNkFK
QUwxa2RWVjcweTVlay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCJ3EZA
qBouxqXkD4AIEaodHe7js7DQHZqYKRzrmkL1wYyWWslAXzns80GR/N/axuZbcxXn
SXDoWPfvqKwQ6cV5NffH1rpsb6XZ9Xu9njFsGVjzjG1CViUXAS8D8gY6hfq0bPs0
BYIQdg4EBASqAnrEMxHog9TdQEKa9HTCHqTzvNk5QeiFGR1rpKHVj8ubJlO/7Qht
FUn8OEf1EyEuLWbap5rzbCguQN+QcDOvFAjypX5q1vGUsdQYNIzILK+PqYzKsWBz
KHjDUOLwka9rX1NZZCYj4t/AAwNj0VwcpDOcjKm5zNT9QvoBBJocl8NlsgrAWNJC
iiT+NAhTDsgc19GP
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:05:05 2025 by rpki-client