Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/RIJbEaufozoLKK8wg2uKZJybwuU.roa
File: RIJbEaufozoLKK8wg2uKZJybwuU.roa (raw, json)
Hash identifier: UfDLN+5ar8NocaQY1KQZAnBVrMiateEQfiCS6xCj0m4=
Subject key identifier: 44:82:5B:11:AB:9F:A3:3A:0B:28:AF:30:83:6B:8A:64:9C:9B:C2:E5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 61F0
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RIJbEaufozoLKK8wg2uKZJybwuU.roa
Signing time: Mon 19 May 2025 06:10:34 +0000
ROA not before: Mon 19 May 2025 06:10:34 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25072 (0x61f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 19 06:10:34 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=44825B11AB9FA33A0B28AF30836B8A649C9BC2E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a2:ec:b9:38:60:0c:b1:db:5d:ed:10:fc:43:
61:90:fd:76:05:cd:68:7c:47:cf:1f:42:bb:50:8c:
db:09:cb:70:9b:95:86:9b:71:e2:09:c7:7d:f1:96:
e4:6e:14:e4:2b:0e:11:c9:69:fc:14:1b:51:ed:62:
a3:c6:35:47:e8:00:fb:49:10:aa:f9:a8:67:d4:33:
26:dd:93:fc:3e:e8:3c:02:a6:90:41:4f:e1:d9:9d:
f6:7a:19:dc:3f:ee:a8:ad:e7:b5:80:7e:e9:8d:cb:
f1:7a:c8:26:15:f1:a2:13:b3:2c:63:10:2e:4c:29:
65:fd:3d:2e:fe:e9:60:f3:1f:83:cd:e1:b5:ce:82:
41:78:73:e7:32:c0:b8:f4:fc:92:cd:c9:3b:57:a3:
30:6f:72:11:78:87:70:9a:e7:3c:2f:65:78:34:80:
49:46:b3:1b:20:9e:19:f4:3c:7b:a4:69:f1:61:f0:
93:59:57:a5:16:df:20:d8:9c:93:1c:4a:0f:a0:22:
89:79:52:98:84:e1:37:8a:84:91:bd:33:b9:6a:b8:
a8:f6:99:43:65:b3:35:96:d3:92:23:28:db:1a:30:
e4:cf:2c:65:6d:c9:40:5b:13:b3:85:be:91:63:76:
73:9b:50:08:c1:1b:5b:6d:fb:fb:0d:48:fb:fa:95:
1a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:82:5B:11:AB:9F:A3:3A:0B:28:AF:30:83:6B:8A:64:9C:9B:C2:E5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RIJbEaufozoLKK8wg2uKZJybwuU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
a1:bb:25:10:bf:48:83:29:51:9a:af:f9:5d:ba:b9:01:99:41:
f4:48:eb:41:9d:c8:db:2a:3f:ec:6b:5e:bc:c5:ee:6b:58:21:
57:9f:d2:b8:9a:ea:11:b9:70:3d:75:50:0c:ac:c4:a6:5c:29:
44:7f:07:ba:c6:e0:86:7e:90:82:44:53:a6:a4:db:53:d0:c9:
b5:39:e6:4a:d3:9a:bc:38:12:32:8c:cb:da:99:92:91:9a:3f:
e1:0b:5b:b3:bd:5a:b3:8f:fe:c7:ee:a4:09:34:6c:29:22:74:
7a:f4:fa:19:a6:bb:d6:f0:99:84:5e:e1:ff:1b:8b:18:ba:6a:
0b:88:51:4a:2d:67:7e:23:f2:76:43:ff:41:8a:a4:52:bc:af:
c8:8e:7b:3a:56:60:9b:d1:34:d7:7b:1f:a7:f4:58:5f:90:88:
eb:6f:25:a0:68:b5:da:0c:e4:e2:6c:2d:a6:3a:e5:0d:3b:41:
c7:60:53:a2:49:2c:c0:25:3c:eb:9c:98:6a:74:18:e2:79:fa:
f3:62:2a:27:9c:b4:4e:a5:7b:cf:68:5b:a6:24:e4:9f:68:f9:
0c:5c:0e:1c:51:81:12:1c:80:bf:30:a3:7b:83:89:63:c3:d2:
53:f2:6a:aa:fb:09:5b:43:c7:ff:65:0a:6b:bd:c4:5c:ae:3c:
db:03:b2:c6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYfAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTkw
NjEwMzRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ0ODI1QjExQUI5RkEz
M0EwQjI4QUYzMDgzNkI4QTY0OUM5QkMyRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBouy5OGAMsdtd7RD8Q2GQ/XYFzWh8R88fQrtQjNsJy3CblYab
ceIJx33xluRuFOQrDhHJafwUG1HtYqPGNUfoAPtJEKr5qGfUMybdk/w+6DwCppBB
T+HZnfZ6Gdw/7qit57WAfumNy/F6yCYV8aITsyxjEC5MKWX9PS7+6WDzH4PN4bXO
gkF4c+cywLj0/JLNyTtXozBvchF4h3Ca5zwvZXg0gElGsxsgnhn0PHukafFh8JNZ
V6UW3yDYnJMcSg+gIol5UpiE4TeKhJG9M7lquKj2mUNlszWW05IjKNsaMOTPLGVt
yUBbE7OFvpFjdnObUAjBG1tt+/sNSPv6lRr1AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQURIJbEaufozoLKK8wg2uKZJybwuUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JJSmJFYXVmb3pvTEtL
OHdnMnVLWkp5Ynd1VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQChuyUQ
v0iDKVGar/ldurkBmUH0SOtBncjbKj/sa168xe5rWCFXn9K4muoRuXA9dVAMrMSm
XClEfwe6xuCGfpCCRFOmpNtT0Mm1OeZK05q8OBIyjMvamZKRmj/hC1uzvVqzj/7H
7qQJNGwpInR69PoZprvW8JmEXuH/G4sYumoLiFFKLWd+I/J2Q/9BiqRSvK/Ijns6
VmCb0TTXex+n9FhfkIjrbyWgaLXaDOTibC2mOuUNO0HHYFOiSSzAJTzrnJhqdBji
efrzYionnLROpXvPaFumJOSfaPkMXA4cUYESHIC/MKN7g4ljw9JT8mqq+wlbQ8f/
ZQprvcRcrjzbA7LG
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:33:21 2025 by rpki-client