Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hPkrABF6mdE0aIXHpqB5ihHI-0c.roa
File: hPkrABF6mdE0aIXHpqB5ihHI-0c.roa (raw, json)
Hash identifier: Ikmsk2bYrKdNGWzP0eaMTCaxkpy5iFK3+l9ffkWoJaE=
Subject key identifier: 84:F9:2B:00:11:7A:99:D1:34:68:85:C7:A6:A0:79:8A:11:C8:FB:47
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6510
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hPkrABF6mdE0aIXHpqB5ihHI-0c.roa
Signing time: Tue 27 May 2025 14:11:29 +0000
ROA not before: Tue 27 May 2025 14:11:29 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25872 (0x6510)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 27 14:11:29 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=84F92B00117A99D1346885C7A6A0798A11C8FB47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b9:00:08:55:67:bc:57:db:14:c6:2a:23:eb:
95:11:07:4b:13:6d:fa:6c:41:41:0f:5c:1d:30:09:
4c:42:fe:fb:94:0c:9d:72:72:34:93:c2:a2:21:69:
e7:3a:19:f2:c8:1e:19:ae:46:50:cd:4a:63:55:75:
66:40:11:50:83:3e:e9:f1:e8:32:78:6b:c2:8f:ab:
89:8c:4d:38:67:5a:50:e7:42:c4:fb:27:25:e9:07:
75:29:b5:41:2a:dd:de:f8:05:0c:c7:ea:2c:0c:8a:
82:3e:57:99:8c:db:63:d3:82:c5:28:4a:db:cf:7d:
67:bc:c5:f9:dd:a3:73:78:ec:39:8f:8c:77:b0:44:
d3:5a:46:6f:b4:fd:d0:1a:49:e9:e2:08:cb:e8:84:
cd:53:b5:d6:dd:8a:ce:41:87:ae:df:85:ca:fb:a0:
c5:b1:7e:3e:20:1a:a4:8f:d7:28:a0:62:02:dd:22:
cd:39:bc:a7:ee:99:41:cb:58:70:d3:53:15:43:5f:
d2:6c:2e:34:1b:b6:78:63:7a:7a:f6:c6:24:ce:60:
16:f1:8d:2d:a8:1c:29:2a:71:94:a7:ed:ea:5d:49:
27:a8:5b:f0:bd:41:8a:c3:8b:08:14:0d:f9:d3:91:
a4:b2:71:fa:24:19:7a:c8:77:dc:01:05:71:34:9b:
48:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F9:2B:00:11:7A:99:D1:34:68:85:C7:A6:A0:79:8A:11:C8:FB:47
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hPkrABF6mdE0aIXHpqB5ihHI-0c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
65:5e:bb:bd:01:ac:d1:e1:66:a9:b2:2a:f9:ec:8d:e3:07:e7:
24:99:e5:8a:86:39:61:01:29:c7:0e:94:02:09:26:65:09:f2:
ae:db:85:6f:96:28:e5:f0:84:1b:26:89:5d:bb:0a:c2:cd:43:
e3:95:61:57:69:9a:e2:8d:1c:85:2d:f5:fc:05:10:47:a0:3a:
57:72:97:86:77:b4:c7:fb:38:65:a3:be:c7:6c:9f:16:e1:0c:
33:6d:1b:1c:6a:84:5e:c8:c5:c4:cb:d8:9a:b5:b6:88:f8:30:
57:43:16:ba:9a:28:94:db:da:8e:9f:28:f8:a5:01:63:d9:85:
19:14:66:3f:60:c0:2a:75:57:90:b8:3a:42:fa:08:16:6f:83:
0e:15:5c:b9:01:04:1a:0b:45:86:9a:0a:79:19:f3:ea:6b:c9:
6c:53:9f:2b:6d:b4:2e:77:5c:b8:21:3b:56:70:cf:69:20:15:
d6:e4:37:0b:ad:68:53:ec:96:7e:fc:b9:64:82:a5:f5:a6:cc:
ae:6a:fa:4c:11:c5:1e:5f:2d:db:a9:4e:d0:c2:a7:89:de:4b:
53:19:e6:66:fd:78:8b:f5:4a:3f:21:6e:1d:fd:86:af:21:4b:
f4:59:f0:18:17:cc:82:af:c5:5b:ac:90:d2:5c:69:5f:e2:60:
d2:aa:e1:a8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZRAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1Mjcx
NDExMjlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg0RjkyQjAwMTE3QTk5
RDEzNDY4ODVDN0E2QTA3OThBMTFDOEZCNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCduQAIVWe8V9sUxioj65URB0sTbfpsQUEPXB0wCUxC/vuUDJ1y
cjSTwqIhaec6GfLIHhmuRlDNSmNVdWZAEVCDPunx6DJ4a8KPq4mMTThnWlDnQsT7
JyXpB3UptUEq3d74BQzH6iwMioI+V5mM22PTgsUoStvPfWe8xfndo3N47DmPjHew
RNNaRm+0/dAaSeniCMvohM1Ttdbdis5Bh67fhcr7oMWxfj4gGqSP1yigYgLdIs05
vKfumUHLWHDTUxVDX9JsLjQbtnhjenr2xiTOYBbxjS2oHCkqcZSn7epdSSeoW/C9
QYrDiwgUDfnTkaSycfokGXrId9wBBXE0m0hTAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUhPkrABF6mdE0aIXHpqB5ihHI+0cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hQa3JBQkY2bWRFMGFJ
WEhwcUI1aWhISS0wYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBlXru9
AazR4Wapsir57I3jB+ckmeWKhjlhASnHDpQCCSZlCfKu24Vvlijl8IQbJolduwrC
zUPjlWFXaZrijRyFLfX8BRBHoDpXcpeGd7TH+zhlo77HbJ8W4QwzbRscaoReyMXE
y9iatbaI+DBXQxa6miiU29qOnyj4pQFj2YUZFGY/YMAqdVeQuDpC+ggWb4MOFVy5
AQQaC0WGmgp5GfPqa8lsU58rbbQud1y4ITtWcM9pIBXW5DcLrWhT7JZ+/LlkgqX1
psyuavpMEcUeXy3bqU7QwqeJ3ktTGeZm/XiL9Uo/IW4d/YavIUv0WfAYF8yCr8Vb
rJDSXGlf4mDSquGo
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:05:00 2025 by rpki-client