Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dC4CsEaHVCsvwljPkocjNERExcc.roa
File: dC4CsEaHVCsvwljPkocjNERExcc.roa (raw, json)
Hash identifier: cr03wawBkLzB8KQnmcaODomXfLAZ3BAQgktRP/+QKfg=
Subject key identifier: 74:2E:02:B0:46:87:54:2B:2F:C2:58:CF:92:87:23:34:44:44:C5:C7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 66F2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dC4CsEaHVCsvwljPkocjNERExcc.roa
Signing time: Sun 01 Jun 2025 14:41:38 +0000
ROA not before: Sun 01 Jun 2025 14:41:38 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26354 (0x66f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 1 14:41:38 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=742E02B04687542B2FC258CF928723344444C5C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:55:03:f9:71:80:9a:ac:ae:3c:0a:00:ac:57:
5a:28:b8:b3:70:75:4c:f7:e4:98:15:e3:17:34:df:
4a:1f:01:07:82:c7:b7:3d:ba:1e:b2:06:3d:ae:c5:
5b:83:ff:c2:78:fb:9e:23:81:71:b2:61:1c:3a:98:
3f:ba:13:45:3d:7d:e1:35:77:9b:15:c9:49:ab:21:
0a:8a:68:69:29:29:16:52:5f:f8:84:7b:44:38:63:
7f:4b:36:aa:39:77:45:32:c1:b3:f2:8b:27:f1:15:
05:af:c8:d5:c7:42:e0:73:0b:73:89:36:17:a2:9a:
9d:24:a1:de:27:14:ce:26:99:ba:da:72:db:5f:8d:
f3:d7:99:68:82:12:f1:a0:6f:a1:a3:d8:38:76:55:
8c:7b:ba:d6:0b:50:53:8e:9d:85:61:1d:4e:e0:e7:
c9:df:b7:48:d1:e0:03:18:39:74:b3:57:92:4f:54:
f6:3c:55:54:c1:22:f9:8b:7d:de:ed:36:88:d6:e6:
e4:dd:3e:8a:c6:c0:a4:04:25:36:d6:61:bc:26:30:
3c:00:dd:b9:e2:57:a4:28:05:14:41:57:ee:df:2a:
0f:3a:6a:c1:09:1e:8a:a0:89:c6:b5:8c:2a:f6:31:
a6:be:ab:24:b4:3a:a6:44:31:6c:87:95:c2:a4:32:
9d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:2E:02:B0:46:87:54:2B:2F:C2:58:CF:92:87:23:34:44:44:C5:C7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dC4CsEaHVCsvwljPkocjNERExcc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
66:17:ad:38:59:be:a8:20:f0:08:dd:fe:77:c7:fc:12:85:a5:
e7:79:39:3d:80:50:8d:17:40:c7:3a:a9:c8:cf:46:fe:51:a8:
ce:32:31:9f:1d:56:c5:7d:7c:b3:3c:88:4a:40:c1:96:bc:28:
68:45:47:55:3b:d8:a7:57:dc:30:71:de:01:93:0c:28:83:74:
6e:b6:71:12:cf:ed:33:90:e4:75:6f:42:25:54:6d:db:a7:99:
38:eb:43:8c:36:9a:bc:99:c9:6c:d4:85:62:6d:4a:81:3c:88:
6a:97:76:45:80:41:9d:3e:a1:e8:51:94:c3:ca:c7:ae:3f:c5:
e7:7d:cb:ef:4d:ec:fc:c2:2f:c3:7a:4f:2f:d0:ba:2f:4a:40:
3f:84:39:ce:39:2c:a2:ad:0d:dc:b1:27:09:fe:60:0d:c4:f1:
dc:8b:1b:3b:6d:31:f0:96:28:98:63:85:66:53:a9:bc:8d:1e:
6b:1e:d3:d1:94:c5:32:0c:32:8a:b1:78:78:46:a4:d0:fb:42:
22:cd:3a:60:cd:52:06:7e:70:49:9b:dc:89:45:da:d0:8c:ee:
ac:3a:50:4d:ef:b5:30:ec:b5:04:d5:77:28:d4:59:a4:03:d5:
b1:e7:d8:75:4b:73:f7:53:37:1c:1d:cc:31:62:8a:9c:ba:a2:
1a:f6:8d:50
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZvIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDEx
NDQxMzhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDc0MkUwMkIwNDY4NzU0
MkIyRkMyNThDRjkyODcyMzM0NDQ0NEM1QzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjVQP5cYCarK48CgCsV1oouLNwdUz35JgV4xc030ofAQeCx7c9
uh6yBj2uxVuD/8J4+54jgXGyYRw6mD+6E0U9feE1d5sVyUmrIQqKaGkpKRZSX/iE
e0Q4Y39LNqo5d0UywbPyiyfxFQWvyNXHQuBzC3OJNheimp0kod4nFM4mmbracttf
jfPXmWiCEvGgb6Gj2Dh2VYx7utYLUFOOnYVhHU7g58nft0jR4AMYOXSzV5JPVPY8
VVTBIvmLfd7tNojW5uTdPorGwKQEJTbWYbwmMDwA3bniV6QoBRRBV+7fKg86asEJ
Hoqgica1jCr2Maa+qyS0OqZEMWyHlcKkMp23AgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUdC4CsEaHVCsvwljPkocjNERExccwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RDNENzRWFIVkNzdnds
alBrb2NqTkVSRXhjYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBmF604
Wb6oIPAI3f53x/wShaXneTk9gFCNF0DHOqnIz0b+UajOMjGfHVbFfXyzPIhKQMGW
vChoRUdVO9inV9wwcd4Bkwwog3RutnESz+0zkOR1b0IlVG3bp5k460OMNpq8mcls
1IVibUqBPIhql3ZFgEGdPqHoUZTDyseuP8XnfcvvTez8wi/Dek8v0LovSkA/hDnO
OSyirQ3csScJ/mANxPHcixs7bTHwliiYY4VmU6m8jR5rHtPRlMUyDDKKsXh4RqTQ
+0IizTpgzVIGfnBJm9yJRdrQjO6sOlBN77Uw7LUE1Xco1FmkA9Wx59h1S3P3Uzcc
HcwxYoqcuqIa9o1Q
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:01:39 2025 by rpki-client