Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/pkKHTIX2tcNVFQtFER--wgK6_14.roa
File: pkKHTIX2tcNVFQtFER--wgK6_14.roa (raw, json)
Hash identifier: tZyo/kRn0jODDrb7YXMaptcpP6lofBjdQ8vLlzRZ7XA=
Subject key identifier: A6:42:87:4C:85:F6:B5:C3:55:15:0B:45:11:1F:BE:C2:02:BA:FF:5E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 65B4
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pkKHTIX2tcNVFQtFER--wgK6_14.roa
Signing time: Thu 29 May 2025 07:11:47 +0000
ROA not before: Thu 29 May 2025 07:11:47 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26036 (0x65b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 29 07:11:47 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=A642874C85F6B5C355150B45111FBEC202BAFF5E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:14:c5:e1:b2:2a:ab:ae:da:13:24:fe:a9:52:
5b:8e:e3:9a:10:d6:30:e4:bf:6f:07:00:b5:fd:39:
a0:9e:3f:f9:3b:32:19:82:73:dc:9c:68:fa:b4:cc:
33:7d:78:01:14:ec:93:95:b7:18:fd:ec:fd:53:39:
be:1f:6c:b5:51:3a:81:46:99:ab:f4:7e:ae:94:9d:
77:5f:53:a0:cb:85:32:8b:7b:5f:bd:19:cb:1e:7b:
2a:9a:04:a8:ab:1c:7c:87:0f:a4:7c:83:f5:fe:ef:
8a:d1:2e:3d:a7:c7:f6:f8:88:d2:fd:7a:b8:c7:39:
67:3c:77:69:5f:b7:9f:91:1d:48:44:41:f4:d6:8f:
ac:ba:61:2f:68:a0:55:a4:b7:0b:ab:f1:e2:2c:3f:
f9:5d:a5:03:78:de:b2:6d:62:a9:8b:90:45:55:7d:
43:07:e0:64:05:c8:50:7f:de:ae:59:c0:37:97:5b:
91:96:ab:8c:67:15:f8:00:92:ca:7f:1e:30:6e:7a:
89:ab:3c:8c:97:a7:9b:dd:97:85:fc:8e:76:31:28:
b3:b6:7c:94:c5:7f:3a:86:2a:79:9e:df:4b:3b:23:
17:5c:25:bc:a5:c0:3e:e3:67:b8:18:4a:13:52:69:
80:da:ab:8e:b5:77:14:f5:7e:5e:fe:b3:48:f3:7e:
0b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:42:87:4C:85:F6:B5:C3:55:15:0B:45:11:1F:BE:C2:02:BA:FF:5E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/pkKHTIX2tcNVFQtFER--wgK6_14.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
27:1c:a7:73:53:f4:9b:a9:fb:85:8f:5a:70:92:09:d7:0b:0d:
fd:02:b2:19:1e:c8:af:58:a4:f8:5c:36:4f:9e:ff:c6:56:ca:
39:33:de:84:45:eb:2f:a9:1c:3f:cd:7f:50:ae:d9:52:5b:38:
c6:33:c2:eb:6a:b7:69:ac:a6:4a:fc:df:17:2e:51:db:bd:94:
c8:63:af:0d:88:0e:d3:69:64:75:72:ae:52:ec:aa:b8:6e:7e:
de:ff:48:e3:00:a3:5c:26:30:33:f0:13:2f:ab:2c:51:31:8a:
e1:09:6b:a7:61:0a:1e:94:42:8f:8f:93:37:a4:65:7c:06:a1:
03:df:d3:7f:82:e3:fd:2a:24:34:c6:45:7c:f0:73:9f:0d:ed:
01:cc:6e:85:8c:67:74:86:9f:03:3c:44:d4:57:93:02:f0:12:
1a:f1:ae:f7:c7:5d:af:70:dc:93:36:e5:2d:28:bb:c0:af:9c:
65:15:fe:b9:79:a0:f3:88:34:5d:d2:cc:e5:d5:bc:38:d3:b2:
21:60:c7:90:77:f1:5f:fb:43:5e:91:f6:3e:9b:11:0f:e3:8d:
1a:59:1a:a5:e3:39:4b:0b:46:b9:ad:21:81:3a:03:29:28:dd:
d5:6d:fa:df:05:48:74:d6:b3:36:b7:6a:44:1d:b6:16:cb:e4:
ee:e9:d5:df
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZbQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1Mjkw
NzExNDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEE2NDI4NzRDODVGNkI1
QzM1NTE1MEI0NTExMUZCRUMyMDJCQUZGNUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpFMXhsiqrrtoTJP6pUluO45oQ1jDkv28HALX9OaCeP/k7MhmC
c9ycaPq0zDN9eAEU7JOVtxj97P1TOb4fbLVROoFGmav0fq6UnXdfU6DLhTKLe1+9
GcseeyqaBKirHHyHD6R8g/X+74rRLj2nx/b4iNL9erjHOWc8d2lft5+RHUhEQfTW
j6y6YS9ooFWktwur8eIsP/ldpQN43rJtYqmLkEVVfUMH4GQFyFB/3q5ZwDeXW5GW
q4xnFfgAksp/HjBueomrPIyXp5vdl4X8jnYxKLO2fJTFfzqGKnme30s7IxdcJbyl
wD7jZ7gYShNSaYDaq461dxT1fl7+s0jzfgvNAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUpkKHTIX2tcNVFQtFER++wgK6/14wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3BrS0hUSVgydGNOVkZR
dEZFUi0td2dLNl8xNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAnHKdz
U/SbqfuFj1pwkgnXCw39ArIZHsivWKT4XDZPnv/GVso5M96EResvqRw/zX9QrtlS
WzjGM8LrardprKZK/N8XLlHbvZTIY68NiA7TaWR1cq5S7Kq4bn7e/0jjAKNcJjAz
8BMvqyxRMYrhCWunYQoelEKPj5M3pGV8BqED39N/guP9KiQ0xkV88HOfDe0BzG6F
jGd0hp8DPETUV5MC8BIa8a73x12vcNyTNuUtKLvAr5xlFf65eaDziDRd0szl1bw4
07IhYMeQd/Ff+0NekfY+mxEP440aWRql4zlLC0a5rSGBOgMpKN3VbfrfBUh01rM2
t2pEHbYWy+Tu6dXf
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:59:48 2025 by rpki-client