Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GeoZIiIKrGaLCXIXdCoR0wNGavg.roa
File: GeoZIiIKrGaLCXIXdCoR0wNGavg.roa (raw, json)
Hash identifier: 0TiYm5N9rwbp3BXSqE0ZpzqL5zbvTIbyQNN5VQO0mmA=
Subject key identifier: 19:EA:19:22:22:0A:AC:66:8B:09:72:17:74:2A:11:D3:03:46:6A:F8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 65F8
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GeoZIiIKrGaLCXIXdCoR0wNGavg.roa
Signing time: Fri 30 May 2025 00:11:28 +0000
ROA not before: Fri 30 May 2025 00:11:28 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26104 (0x65f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 30 00:11:28 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=19EA1922220AAC668B097217742A11D303466AF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1e:e6:f7:1b:97:d2:d3:a3:c7:f9:87:3d:b7:
82:ae:38:f4:b5:d4:fb:f3:4e:28:e3:a8:a8:bc:87:
09:a1:db:db:ff:f7:c5:7a:91:ae:54:58:62:0f:e2:
a8:d5:8e:11:dc:d8:4f:e3:b2:7d:66:d5:7a:9c:2a:
98:14:14:08:22:96:ac:bc:91:39:a9:36:4a:f5:a7:
80:d4:e8:f5:40:24:82:40:6a:f6:59:7b:4a:5d:2a:
2e:46:ba:6d:37:71:80:f5:38:4c:f6:4b:dd:6f:3b:
1f:32:43:ec:3c:46:bf:27:fc:54:7d:97:6e:72:10:
c9:3c:95:aa:b5:28:33:ea:ec:f9:f0:1b:6e:de:bf:
78:a2:6c:e0:4f:b8:96:60:bb:9e:85:06:d3:76:6f:
5c:b8:fc:09:88:e2:6d:ae:97:5a:d6:af:91:0b:e8:
a3:10:34:1b:54:bf:c9:b1:d5:fe:7b:7d:ad:2e:af:
31:e4:8b:d4:95:3b:cb:95:82:9d:aa:24:f7:2e:7e:
fc:de:50:95:67:db:6d:80:70:28:45:49:f9:cd:46:
2a:22:30:4d:e5:6c:1b:35:ab:22:20:34:69:62:96:
70:5d:d4:84:73:c0:71:6f:36:f8:b2:f4:01:c2:ee:
57:7f:5e:c0:86:d1:75:f1:2d:0c:a5:cf:d9:f7:68:
17:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:EA:19:22:22:0A:AC:66:8B:09:72:17:74:2A:11:D3:03:46:6A:F8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GeoZIiIKrGaLCXIXdCoR0wNGavg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
70:7b:a9:7a:a2:a6:ef:a9:68:b0:f7:c8:85:71:f6:99:dc:c7:
10:7c:f4:50:24:6c:85:09:9f:c5:89:fe:97:7b:8c:cd:bd:6e:
30:de:c7:15:7c:48:e6:11:22:81:fe:6b:b3:c9:61:47:7e:0e:
9f:bb:d5:52:03:d0:b7:f5:e1:69:48:0a:eb:02:3e:73:a2:92:
32:58:38:a1:01:be:e2:7d:c4:47:60:55:60:20:81:76:c3:7e:
2a:2e:bd:02:bf:24:41:8f:af:c4:7b:8e:15:b6:ce:03:dc:3f:
73:ff:9a:2f:74:3c:4f:f6:d0:19:d7:ed:11:0c:3a:35:b0:c0:
5a:f2:93:44:f9:e0:3c:0f:99:f1:ff:7d:ae:0c:4a:4d:61:1f:
ae:b9:ef:69:7a:6a:77:14:b8:d0:6e:28:b1:03:b5:eb:1b:36:
98:74:db:b4:12:34:b7:ba:11:ca:a4:7f:a8:45:a7:25:76:54:
73:f6:c1:7c:20:98:3c:6c:6d:39:37:e4:f9:f9:1a:d4:86:34:
80:07:ea:a7:cc:1e:f1:c3:94:02:0b:ae:33:2b:03:18:60:73:
dc:22:6f:d0:c9:fc:fa:21:e6:d5:69:89:26:2e:92:39:28:65:
83:63:a3:5a:84:94:a1:29:60:e0:0e:df:38:87:f7:be:9e:2c:
b4:25:22:e2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZfgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MzAw
MDExMjhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDE5RUExOTIyMjIwQUFD
NjY4QjA5NzIxNzc0MkExMUQzMDM0NjZBRjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNHub3G5fS06PH+Yc9t4KuOPS11PvzTijjqKi8hwmh29v/98V6
ka5UWGIP4qjVjhHc2E/jsn1m1XqcKpgUFAgilqy8kTmpNkr1p4DU6PVAJIJAavZZ
e0pdKi5Gum03cYD1OEz2S91vOx8yQ+w8Rr8n/FR9l25yEMk8laq1KDPq7PnwG27e
v3iibOBPuJZgu56FBtN2b1y4/AmI4m2ul1rWr5EL6KMQNBtUv8mx1f57fa0urzHk
i9SVO8uVgp2qJPcufvzeUJVn222AcChFSfnNRioiME3lbBs1qyIgNGlilnBd1IRz
wHFvNviy9AHC7ld/XsCG0XXxLQylz9n3aBctAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUGeoZIiIKrGaLCXIXdCoR0wNGavgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dlb1pJaUlLckdhTENY
SVhkQ29SMHdOR2F2Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBwe6l6
oqbvqWiw98iFcfaZ3McQfPRQJGyFCZ/Fif6Xe4zNvW4w3scVfEjmESKB/muzyWFH
fg6fu9VSA9C39eFpSArrAj5zopIyWDihAb7ifcRHYFVgIIF2w34qLr0CvyRBj6/E
e44Vts4D3D9z/5ovdDxP9tAZ1+0RDDo1sMBa8pNE+eA8D5nx/32uDEpNYR+uue9p
emp3FLjQbiixA7XrGzaYdNu0EjS3uhHKpH+oRacldlRz9sF8IJg8bG05N+T5+RrU
hjSAB+qnzB7xw5QCC64zKwMYYHPcIm/Qyfz6IebVaYkmLpI5KGWDY6NahJShKWDg
Dt84h/e+niy0JSLi
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:04:02 2025 by rpki-client