Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_SR6zZCIzOSGrs41sOY9esVfQGk.roa
File: _SR6zZCIzOSGrs41sOY9esVfQGk.roa (raw, json)
Hash identifier: guPreP9dGfZq3QEOYO71l6Zn2ol4FLRTqveiceX9xCk=
Subject key identifier: FD:24:7A:CD:90:88:CC:E4:86:AE:CE:35:B0:E6:3D:7A:C5:5F:40:69
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 62F8
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_SR6zZCIzOSGrs41sOY9esVfQGk.roa
Signing time: Thu 22 May 2025 00:11:43 +0000
ROA not before: Thu 22 May 2025 00:11:43 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25336 (0x62f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 22 00:11:43 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=FD247ACD9088CCE486AECE35B0E63D7AC55F4069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:82:6b:72:63:29:63:ec:7a:2f:75:6a:92:e5:
05:3e:2d:45:91:f5:8b:2d:cf:1a:b0:f4:c0:a9:00:
cc:55:22:ad:1e:3f:9f:32:77:70:9c:34:94:07:35:
a0:53:e3:04:08:61:ab:0c:6d:55:4e:dd:63:16:e1:
cb:0d:df:79:56:11:ec:d6:2d:e7:7d:65:88:1b:73:
a9:25:a2:01:42:f1:96:58:04:84:87:84:be:9e:51:
33:eb:99:c5:dd:2c:c4:2c:9a:e7:27:6b:3b:75:0c:
33:f7:91:44:62:be:25:00:2c:2d:c7:99:85:46:fc:
55:2e:0e:7d:1f:06:11:28:c3:1c:66:68:bc:aa:fd:
2b:8d:d7:ec:c3:bc:7f:43:4c:e3:26:e3:a1:01:0c:
c2:bf:31:86:cc:5c:16:b8:4c:16:5d:05:03:71:1c:
a5:f8:93:64:b7:ed:ac:99:eb:7b:8b:e9:d9:7c:47:
09:e4:d6:86:64:f8:fa:5f:89:9f:55:20:a2:31:2c:
61:1f:19:bc:22:45:41:9c:49:d0:78:ce:5c:1e:42:
02:dd:d8:60:c5:f7:3e:08:10:6f:90:d4:a1:c1:16:
e1:4b:8a:f3:79:c9:06:3f:f5:83:9c:18:49:1e:de:
9d:86:10:0c:ac:5f:e9:8f:07:27:1c:85:08:dd:d5:
d0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:24:7A:CD:90:88:CC:E4:86:AE:CE:35:B0:E6:3D:7A:C5:5F:40:69
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_SR6zZCIzOSGrs41sOY9esVfQGk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
99:e6:67:af:63:29:21:ce:ce:99:b7:8c:54:1e:03:e8:95:95:
53:8c:1c:c7:93:c8:7f:b4:ec:73:bc:50:71:f2:d6:5b:80:da:
6b:40:85:b4:74:1e:e1:e7:13:dd:03:82:55:d7:7b:ec:2c:1d:
13:c5:22:2a:2b:bb:9f:81:83:35:79:40:49:9b:d1:77:b5:d0:
60:f5:51:96:a8:61:eb:95:a3:24:4b:e5:fd:c9:f3:18:2c:08:
25:d5:75:48:71:b7:d5:31:3d:1d:a7:fb:a7:d1:a6:e1:bd:fd:
01:97:10:8b:7b:27:c8:57:e1:07:df:5b:7b:e2:39:96:37:ff:
12:0d:26:76:9b:3c:dd:ac:9f:75:62:fa:7f:a0:40:ff:52:61:
a9:5d:b4:e8:35:b8:a9:b2:be:98:6a:10:1c:89:29:43:45:f6:
7e:da:97:34:b4:f9:5e:03:5d:bf:19:96:02:10:dd:e2:7f:fc:
d4:6e:d9:f0:a3:0f:e9:d4:de:1b:7a:0a:9f:21:ec:e8:56:48:
92:58:33:31:f5:dd:5f:6b:b0:42:50:58:5b:36:fd:0f:e7:fe:
13:1f:5d:a4:2d:a1:a6:d3:0d:41:52:38:4d:49:b1:5f:3d:12:
54:2a:26:7b:b8:33:41:a3:d4:ae:a5:56:54:1d:1f:d1:74:f8:
45:0d:6e:74
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYvgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjIw
MDExNDNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEZEMjQ3QUNEOTA4OEND
RTQ4NkFFQ0UzNUIwRTYzRDdBQzU1RjQwNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOgmtyYylj7HovdWqS5QU+LUWR9Ystzxqw9MCpAMxVIq0eP58y
d3CcNJQHNaBT4wQIYasMbVVO3WMW4csN33lWEezWLed9ZYgbc6klogFC8ZZYBISH
hL6eUTPrmcXdLMQsmucnazt1DDP3kURiviUALC3HmYVG/FUuDn0fBhEowxxmaLyq
/SuN1+zDvH9DTOMm46EBDMK/MYbMXBa4TBZdBQNxHKX4k2S37ayZ63uL6dl8Rwnk
1oZk+PpfiZ9VIKIxLGEfGbwiRUGcSdB4zlweQgLd2GDF9z4IEG+Q1KHBFuFLivN5
yQY/9YOcGEke3p2GEAysX+mPBycchQjd1dCjAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU/SR6zZCIzOSGrs41sOY9esVfQGkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19TUjZ6WkNJek9TR3Jz
NDFzT1k5ZXNWZlFHay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCZ5mev
Yykhzs6Zt4xUHgPolZVTjBzHk8h/tOxzvFBx8tZbgNprQIW0dB7h5xPdA4JV13vs
LB0TxSIqK7ufgYM1eUBJm9F3tdBg9VGWqGHrlaMkS+X9yfMYLAgl1XVIcbfVMT0d
p/un0abhvf0BlxCLeyfIV+EH31t74jmWN/8SDSZ2mzzdrJ91Yvp/oED/UmGpXbTo
Nbipsr6YahAciSlDRfZ+2pc0tPleA12/GZYCEN3if/zUbtnwow/p1N4begqfIezo
VkiSWDMx9d1fa7BCUFhbNv0P5/4TH12kLaGm0w1BUjhNSbFfPRJUKiZ7uDNBo9Su
pVZUHR/RdPhFDW50
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:58:29 2025 by rpki-client