Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/M96XDH2woEVlUaaqr9S7cksZD_I.roa
File: M96XDH2woEVlUaaqr9S7cksZD_I.roa (raw, json)
Hash identifier: RxlXGuCB/RC0Rfqk9dRqj5DBWkMTpf/QHPv2NpzTzFA=
Subject key identifier: 33:DE:97:0C:7D:B0:A0:45:65:51:A6:AA:AF:D4:BB:72:4B:19:0F:F2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 64DC
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/M96XDH2woEVlUaaqr9S7cksZD_I.roa
Signing time: Tue 27 May 2025 01:11:09 +0000
ROA not before: Tue 27 May 2025 01:11:09 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25820 (0x64dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 27 01:11:09 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=33DE970C7DB0A0456551A6AAAFD4BB724B190FF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:42:8d:52:96:aa:87:2c:24:4b:fe:5f:a7:d9:
46:4c:eb:25:22:06:1e:e9:c3:b7:de:61:d6:18:60:
a2:2c:67:43:51:68:cf:e2:b4:89:e2:d3:18:b3:02:
98:d9:41:62:80:79:8c:6e:38:ae:4b:a4:98:aa:58:
47:a0:7a:e0:48:9a:a6:46:a8:df:67:ba:1e:b9:18:
9f:b7:24:71:86:57:24:91:64:74:09:69:b9:7a:d7:
14:b9:7b:29:da:8f:30:82:40:99:a1:53:30:d0:b2:
96:ad:6a:6c:84:26:32:bc:fc:2c:30:a1:d9:73:bf:
79:7f:33:f7:30:2f:d2:c1:df:3a:48:45:26:54:8e:
36:ed:a5:0e:8f:1b:08:5b:0e:7b:ea:3a:f8:1e:13:
a2:73:f3:eb:08:d0:96:1c:e1:74:f7:28:c5:26:c4:
df:cc:77:ee:bb:ba:27:4e:f4:a6:4c:aa:db:ef:c5:
d4:1f:f5:31:5b:8d:af:4b:b6:03:77:b9:c1:7d:32:
28:b6:02:35:a4:50:65:e4:1a:55:84:29:1b:4c:75:
99:fe:33:66:1a:35:31:4b:dc:84:66:d4:12:6d:1b:
ce:c7:f4:6e:1a:a3:8a:0a:b1:1f:1b:3e:6e:b0:4f:
49:b8:a4:bf:e3:19:d6:7b:ec:cb:6a:d6:eb:59:62:
11:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:DE:97:0C:7D:B0:A0:45:65:51:A6:AA:AF:D4:BB:72:4B:19:0F:F2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/M96XDH2woEVlUaaqr9S7cksZD_I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
66:ba:41:5b:28:f6:93:5a:15:ac:55:d0:69:80:74:fb:42:af:
82:8c:c6:3c:9a:31:38:36:2b:17:3e:b1:3c:64:40:be:26:33:
82:6b:84:d8:0f:88:a8:ea:cf:ff:93:43:06:aa:c9:38:fb:96:
f6:c7:1e:c1:22:9f:ed:27:52:ac:8f:c8:a2:bd:23:63:84:c8:
b3:c0:4e:3b:76:63:ce:55:60:f2:23:50:6a:71:8e:59:80:31:
f7:89:9a:5f:69:b5:5e:17:0f:8c:74:ca:de:8e:b4:4b:47:3f:
a6:e5:77:16:14:53:20:1d:d0:7c:ef:07:57:37:74:43:d3:f8:
35:08:04:3d:0a:ce:dd:e4:c6:ea:0b:3d:8e:65:7c:a9:87:5f:
cb:d0:0d:21:c5:86:8b:ca:b6:62:ec:d4:54:48:3d:ca:a4:30:
eb:b4:a1:81:9e:af:94:28:ba:85:c9:a7:89:de:98:da:4a:7f:
e5:c6:f6:12:8d:cf:e7:0f:a5:5c:e5:f2:65:a1:92:c4:6a:47:
e2:3c:ef:dd:9c:8e:a7:5c:13:e5:d1:d2:e9:e8:ef:82:02:2f:
17:6e:24:7a:13:fb:1e:e2:f5:ae:65:2d:25:83:2d:0d:eb:aa:
a3:78:17:8f:f6:73:f9:f2:c7:27:47:8e:31:90:18:fc:e6:65:
fd:85:56:0e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZNwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1Mjcw
MTExMDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDMzREU5NzBDN0RCMEEw
NDU2NTUxQTZBQUFGRDRCQjcyNEIxOTBGRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9Qo1SlqqHLCRL/l+n2UZM6yUiBh7pw7feYdYYYKIsZ0NRaM/i
tIni0xizApjZQWKAeYxuOK5LpJiqWEegeuBImqZGqN9nuh65GJ+3JHGGVySRZHQJ
abl61xS5eynajzCCQJmhUzDQspatamyEJjK8/Cwwodlzv3l/M/cwL9LB3zpIRSZU
jjbtpQ6PGwhbDnvqOvgeE6Jz8+sI0JYc4XT3KMUmxN/Md+67uidO9KZMqtvvxdQf
9TFbja9LtgN3ucF9Mii2AjWkUGXkGlWEKRtMdZn+M2YaNTFL3IRm1BJtG87H9G4a
o4oKsR8bPm6wT0m4pL/jGdZ77Mtq1utZYhEDAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUM96XDH2woEVlUaaqr9S7cksZD/IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L005NlhESDJ3b0VWbFVh
YXFyOVM3Y2tzWkRfSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBmukFb
KPaTWhWsVdBpgHT7Qq+CjMY8mjE4NisXPrE8ZEC+JjOCa4TYD4io6s//k0MGqsk4
+5b2xx7BIp/tJ1Ksj8iivSNjhMizwE47dmPOVWDyI1BqcY5ZgDH3iZpfabVeFw+M
dMrejrRLRz+m5XcWFFMgHdB87wdXN3RD0/g1CAQ9Cs7d5MbqCz2OZXyph1/L0A0h
xYaLyrZi7NRUSD3KpDDrtKGBnq+UKLqFyaeJ3pjaSn/lxvYSjc/nD6Vc5fJloZLE
akfiPO/dnI6nXBPl0dLp6O+CAi8XbiR6E/se4vWuZS0lgy0N66qjeBeP9nP58scn
R44xkBj85mX9hVYO
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:00:32 2025 by rpki-client