Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LRjB6yOGkfqlKQjX7rncyCPzJxM.roa
File: LRjB6yOGkfqlKQjX7rncyCPzJxM.roa (raw, json)
Hash identifier: 92ncsDooDRmqEQKwbFBKAXjurilhRk624uZ/TPs6kDY=
Subject key identifier: 2D:18:C1:EB:23:86:91:FA:A5:29:08:D7:EE:B9:DC:C8:23:F3:27:13
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 658E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LRjB6yOGkfqlKQjX7rncyCPzJxM.roa
Signing time: Wed 28 May 2025 21:41:33 +0000
ROA not before: Wed 28 May 2025 21:41:33 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25998 (0x658e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 28 21:41:33 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=2D18C1EB238691FAA52908D7EEB9DCC823F32713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8e:b0:4d:50:4d:ff:c8:30:d8:65:30:28:5f:
67:e0:8a:6d:8d:0d:9d:88:64:e6:33:cc:fa:a3:c5:
b3:d2:a9:d4:a8:68:62:92:45:95:2a:63:be:62:b7:
86:16:92:10:eb:be:6a:35:cb:ea:c5:d9:b1:01:c7:
56:d8:37:38:c3:4d:a9:bb:72:b3:57:28:6d:b1:23:
ca:fd:23:a2:3b:2e:f7:9c:ea:94:0e:37:76:e1:f0:
64:41:28:88:50:98:82:10:59:75:e1:3a:04:e4:2f:
10:fc:64:4f:00:8a:c0:5f:f7:82:89:ad:22:9d:99:
64:74:de:3f:cc:2e:0e:55:c8:55:da:ec:8d:83:5d:
16:0c:37:3e:35:11:b5:28:00:e4:9b:13:3a:0e:76:
ac:04:99:e6:14:f1:a8:e9:0b:68:03:6a:e5:46:0e:
90:f0:a0:e6:63:6d:0d:96:6a:ee:9f:7e:98:e0:5f:
9a:45:20:3d:d3:60:7b:92:72:f7:a3:72:cd:9d:ba:
b8:a9:01:a7:d5:e6:f4:cb:0b:c0:b2:70:da:cf:c8:
a4:5d:2a:5c:0e:e6:26:7a:20:6a:db:39:b4:88:bf:
ea:ff:a8:32:f0:9d:e8:fd:e8:3a:70:af:7c:a8:fd:
f0:14:b5:07:97:29:af:59:32:af:b4:3d:cc:95:67:
9a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:18:C1:EB:23:86:91:FA:A5:29:08:D7:EE:B9:DC:C8:23:F3:27:13
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LRjB6yOGkfqlKQjX7rncyCPzJxM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
43:4a:ad:60:2f:ee:3b:f3:6b:c0:fc:9e:b2:07:80:b9:a4:a6:
44:68:bf:aa:99:96:fe:23:b6:76:55:63:b4:db:a5:b6:ba:02:
4e:01:cc:46:23:c0:5f:56:94:25:34:67:f9:9d:1a:21:5d:9c:
15:66:fe:65:68:af:72:81:8e:3e:27:3c:41:7d:e8:ac:d3:ec:
d8:bf:ed:b2:fd:c4:e2:e5:98:f8:6e:0d:0c:a2:41:61:3d:8a:
45:df:ee:1c:b7:42:b3:b4:bf:01:83:ff:98:79:1f:2d:70:41:
85:d1:55:d3:b7:83:b3:7f:d8:36:1d:cb:9c:89:1b:0a:a0:19:
55:ee:f1:e1:fd:f2:26:d7:a7:60:25:c9:33:11:90:13:82:96:
df:93:8d:09:b9:2a:96:58:47:54:cd:ef:5e:2d:ed:c3:c3:e8:
28:44:8d:78:cd:94:88:66:72:b9:d4:bb:96:fd:51:71:07:22:
29:4d:c8:41:cc:f1:00:63:7d:a2:52:1e:d7:6b:11:0f:b2:1d:
6d:e4:78:20:c4:bf:e0:4c:1b:3f:08:e9:c3:82:eb:de:9a:fd:
0b:df:e9:00:2a:ed:14:23:f1:ba:1f:a1:d6:fc:c4:19:5a:e8:
45:59:44:f4:fb:b2:30:9f:11:1e:eb:b7:86:e6:aa:54:99:97:
12:8f:4a:aa
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZY4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1Mjgy
MTQxMzNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDJEMThDMUVCMjM4Njkx
RkFBNTI5MDhEN0VFQjlEQ0M4MjNGMzI3MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpjrBNUE3/yDDYZTAoX2fgim2NDZ2IZOYzzPqjxbPSqdSoaGKS
RZUqY75it4YWkhDrvmo1y+rF2bEBx1bYNzjDTam7crNXKG2xI8r9I6I7Lvec6pQO
N3bh8GRBKIhQmIIQWXXhOgTkLxD8ZE8AisBf94KJrSKdmWR03j/MLg5VyFXa7I2D
XRYMNz41EbUoAOSbEzoOdqwEmeYU8ajpC2gDauVGDpDwoOZjbQ2Wau6ffpjgX5pF
ID3TYHuScvejcs2duripAafV5vTLC8CycNrPyKRdKlwO5iZ6IGrbObSIv+r/qDLw
nej96Dpwr3yo/fAUtQeXKa9ZMq+0PcyVZ5rjAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQULRjB6yOGkfqlKQjX7rncyCPzJxMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xSakI2eU9Ha2ZxbEtR
alg3cm5jeUNQekp4TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBDSq1g
L+4782vA/J6yB4C5pKZEaL+qmZb+I7Z2VWO026W2ugJOAcxGI8BfVpQlNGf5nRoh
XZwVZv5laK9ygY4+JzxBfeis0+zYv+2y/cTi5Zj4bg0MokFhPYpF3+4ct0KztL8B
g/+YeR8tcEGF0VXTt4Ozf9g2HcuciRsKoBlV7vHh/fIm16dgJckzEZATgpbfk40J
uSqWWEdUze9eLe3Dw+goRI14zZSIZnK51LuW/VFxByIpTchBzPEAY32iUh7XaxEP
sh1t5HggxL/gTBs/COnDguvemv0L3+kAKu0UI/G6H6HW/MQZWuhFWUT0+7IwnxEe
67eG5qpUmZcSj0qq
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:01:30 2025 by rpki-client