Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Sy535WYNVfgtTUcaqExde9opnYY.roa
File: Sy535WYNVfgtTUcaqExde9opnYY.roa (raw, json)
Hash identifier: uLaHnozlZFWEXiM1s/THTZiqeaAZrMkuIrH2AypZdUU=
Subject key identifier: 4B:2E:77:E5:66:0D:55:F8:2D:4D:47:1A:A8:4C:5D:7B:DA:29:9D:86
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 61FE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Sy535WYNVfgtTUcaqExde9opnYY.roa
Signing time: Mon 19 May 2025 09:40:34 +0000
ROA not before: Mon 19 May 2025 09:40:34 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25086 (0x61fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 19 09:40:34 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=4B2E77E5660D55F82D4D471AA84C5D7BDA299D86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:09:34:56:5e:c2:80:82:1f:a6:66:a5:7b:e2:
0f:68:db:73:1d:05:1a:f1:15:ac:e5:41:6d:cc:86:
34:9f:b3:a2:41:40:ec:90:a5:72:0a:64:59:2e:bb:
6b:7b:81:d5:fe:ac:ea:58:79:78:7b:ad:82:3b:ed:
18:5e:4c:b7:c1:d6:c1:a2:57:ef:16:9a:31:d0:7a:
d1:db:f2:15:28:ec:20:c3:47:b1:0e:91:45:44:82:
7f:c5:62:24:c4:e0:05:a7:cc:0b:9d:9d:01:e2:5b:
d9:7d:4d:b6:fb:30:aa:44:f2:c1:ec:83:5e:eb:b0:
51:c9:5c:3b:54:a6:c8:45:31:d1:4b:9b:21:af:99:
b1:e5:a0:c4:c3:7d:57:52:d6:5e:6d:83:6c:6a:fa:
fa:f8:d8:43:e7:c5:0d:e1:b3:1c:49:3c:30:05:14:
04:3f:8a:15:05:db:ac:b6:c0:bf:04:ea:2b:bd:e7:
3e:3b:c4:3f:83:7b:53:9c:3e:03:dc:7c:cb:2c:81:
0b:da:a3:3c:88:cf:75:5d:71:0d:ff:7c:96:f3:ef:
12:0a:49:75:1f:ac:61:f9:2b:3e:65:f8:c3:f3:d3:
23:de:4c:32:8f:29:70:bd:d0:94:d4:a7:f1:16:f2:
05:bb:11:fb:2a:12:29:93:a9:c9:a4:e2:f3:23:af:
d6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:2E:77:E5:66:0D:55:F8:2D:4D:47:1A:A8:4C:5D:7B:DA:29:9D:86
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Sy535WYNVfgtTUcaqExde9opnYY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
9d:f6:6a:b9:27:1c:7f:19:4b:9b:34:15:9a:56:ac:65:76:0f:
42:aa:95:49:31:f0:a1:0e:9e:49:10:7a:1d:f8:e5:e6:de:08:
d6:92:fb:13:9b:94:20:0d:aa:c5:5a:42:fe:77:43:39:a6:ed:
25:41:d5:c5:38:d5:a5:5c:c4:7b:f2:dd:a9:17:10:cd:30:d7:
17:a3:07:d4:52:8b:51:8c:b3:da:d4:e5:03:8f:ac:6e:75:d3:
da:e2:a6:02:35:ce:8b:45:ee:4f:20:09:8a:92:05:8e:b3:6f:
1a:e3:f9:8d:b7:90:42:5f:d1:90:85:67:e4:bb:a2:03:45:85:
bd:15:a8:35:5d:53:1d:a6:b3:bb:23:06:ea:93:67:80:57:c9:
e7:dc:6e:58:e4:7b:af:eb:87:16:71:20:54:ff:38:c7:2f:6f:
7d:d4:86:da:aa:1e:70:b7:a3:83:f3:a4:2a:2b:f5:b7:b5:55:
86:d9:06:86:72:9a:c8:96:79:7e:54:52:5b:1e:02:9b:97:69:
1b:bb:88:aa:9d:6b:31:15:4d:e2:b8:84:e4:7e:cc:9b:71:05:
8c:ff:eb:ad:76:57:19:9f:c7:8a:4c:22:bf:ce:16:3f:d5:59:
5c:6a:2e:1a:04:52:3a:e7:56:77:ed:f5:52:d4:5a:1e:b6:34:
53:53:c9:cc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYf4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTkw
OTQwMzRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDRCMkU3N0U1NjYwRDU1
RjgyRDRENDcxQUE4NEM1RDdCREEyOTlEODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8CTRWXsKAgh+mZqV74g9o23MdBRrxFazlQW3MhjSfs6JBQOyQ
pXIKZFkuu2t7gdX+rOpYeXh7rYI77RheTLfB1sGiV+8WmjHQetHb8hUo7CDDR7EO
kUVEgn/FYiTE4AWnzAudnQHiW9l9Tbb7MKpE8sHsg17rsFHJXDtUpshFMdFLmyGv
mbHloMTDfVdS1l5tg2xq+vr42EPnxQ3hsxxJPDAFFAQ/ihUF26y2wL8E6iu95z47
xD+De1OcPgPcfMssgQvaozyIz3VdcQ3/fJbz7xIKSXUfrGH5Kz5l+MPz0yPeTDKP
KXC90JTUp/EW8gW7EfsqEimTqcmk4vMjr9bjAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUSy535WYNVfgtTUcaqExde9opnYYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1N5NTM1V1lOVmZndFRV
Y2FxRXhkZTlvcG5ZWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCd9mq5
Jxx/GUubNBWaVqxldg9CqpVJMfChDp5JEHod+OXm3gjWkvsTm5QgDarFWkL+d0M5
pu0lQdXFONWlXMR78t2pFxDNMNcXowfUUotRjLPa1OUDj6xuddPa4qYCNc6LRe5P
IAmKkgWOs28a4/mNt5BCX9GQhWfku6IDRYW9Fag1XVMdprO7Iwbqk2eAV8nn3G5Y
5Huv64cWcSBU/zjHL2991Ibaqh5wt6OD86QqK/W3tVWG2QaGcprIlnl+VFJbHgKb
l2kbu4iqnWsxFU3iuITkfsybcQWM/+utdlcZn8eKTCK/zhY/1Vlcai4aBFI651Z3
7fVS1FoetjRTU8nM
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:03:56 2025 by rpki-client