Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/WiMfNwgNkGfnMAFDMSBSpw83MH0.roa
File: WiMfNwgNkGfnMAFDMSBSpw83MH0.roa (raw, json)
Hash identifier: e1PfvfmOumxSAJDIb/a1zPROSnkH6mTZmFjgpoavWuQ=
Subject key identifier: 5A:23:1F:37:08:0D:90:67:E7:30:01:43:31:20:52:A7:0F:37:30:7D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 63AE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WiMfNwgNkGfnMAFDMSBSpw83MH0.roa
Signing time: Fri 23 May 2025 21:40:53 +0000
ROA not before: Fri 23 May 2025 21:40:53 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25518 (0x63ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 23 21:40:53 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=5A231F37080D9067E7300143312052A70F37307D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:75:79:4d:d1:95:5c:89:20:82:45:08:8f:4b:
85:4f:2a:7e:7c:d3:e4:cf:ef:88:84:03:c5:91:96:
56:41:09:73:f9:21:53:96:60:16:0a:7f:c5:73:78:
7a:45:a2:70:c1:a1:fa:ce:dd:4d:5f:f2:80:9f:17:
6a:b8:6f:0f:c1:90:2b:88:41:e0:3d:52:e3:a1:13:
34:6c:71:ad:5b:24:9c:a1:85:2a:b6:80:d5:4f:60:
94:25:73:c0:4e:60:38:ad:5c:21:c1:7c:74:e7:6e:
5e:eb:65:dc:2f:dd:94:8b:28:c9:fa:bf:da:73:66:
ba:1f:75:3c:60:6b:f8:9d:23:15:08:f4:df:e5:1c:
80:bc:f3:a4:4c:a2:c2:24:f6:bd:6a:db:f7:c7:18:
ed:4d:11:dc:ba:68:00:c3:f5:c9:38:24:fa:ec:26:
d1:69:ff:5b:dc:d2:4a:3d:48:bc:9e:1d:3c:b0:0d:
6f:32:78:34:f9:05:25:68:4e:e9:4e:26:26:bc:a4:
43:de:e2:c6:c6:14:f9:9b:ed:30:7f:43:20:ac:6b:
70:6d:db:b5:7f:6c:5f:35:4d:b1:6a:41:a0:14:8e:
f2:57:5d:7e:83:9f:21:09:80:bf:8f:f7:8e:8f:df:
50:ef:48:2b:fa:61:3d:22:9f:8e:ac:a4:bf:60:25:
39:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:23:1F:37:08:0D:90:67:E7:30:01:43:31:20:52:A7:0F:37:30:7D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/WiMfNwgNkGfnMAFDMSBSpw83MH0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
73:a9:11:13:c5:5b:7e:6f:06:9e:e4:75:11:1d:f6:2e:2f:44:
3b:83:14:a6:d9:72:0f:11:25:ef:0d:04:30:95:9a:21:ea:bf:
bf:5b:b0:a8:4b:26:11:78:6d:87:db:11:2a:df:b2:29:84:7a:
72:88:2a:cd:b6:c9:7b:a9:99:c6:5b:0f:dc:87:8b:c3:cc:ef:
c0:6e:94:d1:59:ab:80:15:53:f4:fb:3d:c4:17:8e:e0:cd:cd:
4d:2b:ec:2d:e1:c9:af:b5:f7:b2:cf:2e:d4:f2:a2:93:40:79:
32:6e:4b:7f:f2:16:9f:e5:d2:51:b5:7a:bb:c1:ac:02:e0:3d:
f3:3c:ea:22:f3:3b:b0:03:d2:d6:70:1d:74:27:05:89:f7:7c:
20:a4:59:2a:17:26:f7:be:c3:3d:30:ff:3c:e8:f1:75:f1:da:
32:32:33:9d:67:bd:c5:d4:de:29:b7:a4:af:66:2a:18:6f:22:
50:4e:5c:58:71:bd:b6:c7:33:32:c8:c1:06:a2:2f:0c:9c:33:
6c:26:04:9f:c3:cc:40:dc:38:ab:d9:2e:83:ec:54:57:fc:25:
fa:16:36:43:7f:c5:dc:ab:ec:71:8b:3d:f3:46:8b:59:55:8d:
1a:e9:be:43:0c:e9:28:3b:97:62:ce:d0:08:c1:7c:de:72:21:
87:1a:a3:36
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICY64wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjMy
MTQwNTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVBMjMxRjM3MDgwRDkw
NjdFNzMwMDE0MzMxMjA1MkE3MEYzNzMwN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGdXlN0ZVciSCCRQiPS4VPKn580+TP74iEA8WRllZBCXP5IVOW
YBYKf8VzeHpFonDBofrO3U1f8oCfF2q4bw/BkCuIQeA9UuOhEzRsca1bJJyhhSq2
gNVPYJQlc8BOYDitXCHBfHTnbl7rZdwv3ZSLKMn6v9pzZrofdTxga/idIxUI9N/l
HIC886RMosIk9r1q2/fHGO1NEdy6aADD9ck4JPrsJtFp/1vc0ko9SLyeHTywDW8y
eDT5BSVoTulOJia8pEPe4sbGFPmb7TB/QyCsa3Bt27V/bF81TbFqQaAUjvJXXX6D
nyEJgL+P946P31DvSCv6YT0in46spL9gJTlFAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUWiMfNwgNkGfnMAFDMSBSpw83MH0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1dpTWZOd2dOa0dmbk1B
RkRNU0JTcHc4M01IMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBzqRET
xVt+bwae5HURHfYuL0Q7gxSm2XIPESXvDQQwlZoh6r+/W7CoSyYReG2H2xEq37Ip
hHpyiCrNtsl7qZnGWw/ch4vDzO/AbpTRWauAFVP0+z3EF47gzc1NK+wt4cmvtfey
zy7U8qKTQHkybkt/8haf5dJRtXq7wawC4D3zPOoi8zuwA9LWcB10JwWJ93wgpFkq
Fyb3vsM9MP886PF18doyMjOdZ73F1N4pt6SvZioYbyJQTlxYcb22xzMyyMEGoi8M
nDNsJgSfw8xA3Dir2S6D7FRX/CX6FjZDf8Xcq+xxiz3zRotZVY0a6b5DDOkoO5di
ztAIwXzeciGHGqM2
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:57:57 2025 by rpki-client