Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TCXEpJN5qCKYTtQPjnMqwEp1MXs.roa
File: TCXEpJN5qCKYTtQPjnMqwEp1MXs.roa (raw, json)
Hash identifier: b00WeMlbobDYkk4jweuDMnEa2nUzNdgDx8TgB2Ujs3k=
Subject key identifier: 4C:25:C4:A4:93:79:A8:22:98:4E:D4:0F:8E:73:2A:C0:4A:75:31:7B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 632A
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TCXEpJN5qCKYTtQPjnMqwEp1MXs.roa
Signing time: Thu 22 May 2025 12:40:53 +0000
ROA not before: Thu 22 May 2025 12:40:53 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25386 (0x632a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 22 12:40:53 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=4C25C4A49379A822984ED40F8E732AC04A75317B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3a:53:92:19:26:66:67:f1:2c:63:61:91:7f:
b0:c7:dd:9a:4f:b1:47:14:94:b5:ca:47:e5:ee:b8:
ee:db:f2:83:34:6b:c3:d0:31:9d:1e:04:70:5c:16:
bd:3e:5a:78:38:db:eb:8f:8b:6d:9d:e9:5d:43:cc:
c5:78:05:57:40:41:0a:de:17:89:39:47:2f:fa:a3:
a0:c8:c0:c5:96:50:96:d7:a6:88:fe:97:de:04:3e:
51:bf:8c:92:c1:54:3d:bb:0e:f0:a3:12:35:1b:f2:
c8:68:14:44:68:d9:ff:b9:7f:62:ef:ea:af:f8:6c:
cb:0e:e6:dd:2c:5d:4a:3a:57:d9:9e:62:2d:31:d5:
f3:68:51:05:f5:c0:94:47:14:0b:30:de:6a:6b:60:
2b:c0:8c:02:c6:ca:8a:d9:37:a2:d6:69:22:49:2b:
93:27:76:19:a0:35:2a:f0:ad:24:c0:82:8c:7c:de:
16:2b:2d:c2:5c:b5:26:34:e4:cd:4a:19:92:3e:58:
57:d4:36:9e:84:00:ef:b7:ba:b0:09:b8:db:be:36:
f7:10:b1:ae:ff:61:14:c6:9d:13:dc:19:45:a3:b0:
e4:f3:69:b6:05:07:c0:67:2c:36:36:39:9c:ff:4e:
95:f2:72:0e:e4:e9:77:d5:bf:cf:dd:a0:cc:47:77:
53:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:25:C4:A4:93:79:A8:22:98:4E:D4:0F:8E:73:2A:C0:4A:75:31:7B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TCXEpJN5qCKYTtQPjnMqwEp1MXs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
80:d1:5f:0b:1b:14:93:50:08:96:7d:5c:87:cb:db:fe:a9:9d:
ca:47:54:f3:68:e0:08:a6:a9:b7:0a:fa:a6:81:78:44:af:a2:
39:7b:15:51:4c:58:3a:9d:6f:f3:49:4b:1c:f0:3b:a7:ac:9d:
ad:2d:b7:50:15:ea:8e:57:73:ec:46:1a:76:51:b4:92:c9:fc:
bc:e2:29:e7:12:48:b9:df:7c:36:c4:ed:50:73:7e:3b:33:d9:
87:81:3c:20:09:0e:1e:31:4a:9d:d4:e2:b7:23:10:18:4b:c0:
aa:d5:f5:81:26:36:b8:e2:9a:b2:aa:f2:0a:49:17:8c:4a:bc:
f9:23:9b:fe:63:7c:c6:f7:c8:66:33:2b:68:af:f6:59:2a:2e:
d1:5e:9c:fd:f9:c2:3a:58:2a:ac:13:32:91:0e:ad:43:6e:41:
91:52:63:bf:e2:c2:a6:da:d5:90:e0:db:8c:8b:b5:6e:94:b3:
e9:3d:29:42:7d:e4:1a:f3:d9:05:4f:d9:f0:b5:53:c2:08:6a:
dc:56:e2:45:d9:f9:a2:1c:c5:1f:f8:d5:aa:7a:85:9f:36:cc:
44:3f:04:f1:a9:a9:23:34:7d:50:d7:d4:c0:69:1e:43:80:f1:
11:54:40:38:e0:4e:41:87:11:27:15:91:dc:32:75:ed:ee:78:
c2:70:d8:6f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYyowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjIx
MjQwNTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDRDMjVDNEE0OTM3OUE4
MjI5ODRFRDQwRjhFNzMyQUMwNEE3NTMxN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPOlOSGSZmZ/EsY2GRf7DH3ZpPsUcUlLXKR+XuuO7b8oM0a8PQ
MZ0eBHBcFr0+Wng42+uPi22d6V1DzMV4BVdAQQreF4k5Ry/6o6DIwMWWUJbXpoj+
l94EPlG/jJLBVD27DvCjEjUb8shoFERo2f+5f2Lv6q/4bMsO5t0sXUo6V9meYi0x
1fNoUQX1wJRHFAsw3mprYCvAjALGyorZN6LWaSJJK5MndhmgNSrwrSTAgox83hYr
LcJctSY05M1KGZI+WFfUNp6EAO+3urAJuNu+NvcQsa7/YRTGnRPcGUWjsOTzabYF
B8BnLDY2OZz/TpXycg7k6XfVv8/doMxHd1NfAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUTCXEpJN5qCKYTtQPjnMqwEp1MXswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1RDWEVwSk41cUNLWVR0
UVBqbk1xd0VwMU1Ycy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCA0V8L
GxSTUAiWfVyHy9v+qZ3KR1TzaOAIpqm3CvqmgXhEr6I5exVRTFg6nW/zSUsc8Dun
rJ2tLbdQFeqOV3PsRhp2UbSSyfy84innEki533w2xO1Qc347M9mHgTwgCQ4eMUqd
1OK3IxAYS8Cq1fWBJja44pqyqvIKSReMSrz5I5v+Y3zG98hmMytor/ZZKi7RXpz9
+cI6WCqsEzKRDq1DbkGRUmO/4sKm2tWQ4NuMi7VulLPpPSlCfeQa89kFT9nwtVPC
CGrcVuJF2fmiHMUf+NWqeoWfNsxEPwTxqakjNH1Q19TAaR5DgPERVEA44E5BhxEn
FZHcMnXt7njCcNhv
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:05:53 2025 by rpki-client