Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2hYhaCTv7WCpviNwJkoOsaPml0c.roa
File: 2hYhaCTv7WCpviNwJkoOsaPml0c.roa (raw, json)
Hash identifier: 27ClRbdpPQvxPS7s/nTRILNDIgMTUB2ssB+Z67xAI34=
Subject key identifier: DA:16:21:68:24:EF:ED:60:A9:BE:23:70:26:4A:0E:B1:A3:E6:97:47
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6792
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2hYhaCTv7WCpviNwJkoOsaPml0c.roa
Signing time: Tue 03 Jun 2025 06:41:53 +0000
ROA not before: Tue 03 Jun 2025 06:41:53 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26514 (0x6792)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 3 06:41:53 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=DA16216824EFED60A9BE2370264A0EB1A3E69747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7b:f3:6d:26:a6:d1:c8:9f:3f:f7:c0:e5:3c:
9f:48:a4:c7:10:bb:01:21:c1:1f:fd:17:13:53:14:
4f:3f:d9:17:b8:79:51:02:b4:08:8e:85:28:3d:b8:
5f:7f:f4:d3:33:31:9b:0c:1f:b7:c0:9d:0a:c1:8d:
3a:de:6e:c3:24:33:04:ca:f4:18:e0:ad:9d:94:4f:
80:cf:32:9e:dd:ae:19:be:5d:ce:af:ed:9c:2d:e7:
43:b5:f1:48:87:0f:1c:a2:98:ec:d7:3a:10:12:5c:
d4:7f:51:e9:9a:aa:d7:af:08:8c:65:14:4b:46:86:
8d:18:88:12:b5:a5:33:92:d0:2d:47:ee:7d:73:9d:
45:a7:5d:e1:3c:ad:1e:11:b3:1c:d9:4a:3b:fb:6e:
44:9a:1b:63:98:f3:92:c5:e9:48:66:9a:a1:e9:9c:
28:1e:03:68:d4:d4:4c:09:b1:50:60:a6:69:b1:ff:
ee:df:2d:d1:67:23:6a:2d:60:c2:fa:25:11:58:b5:
a9:95:db:2d:83:cf:28:6c:58:00:b1:45:de:ae:02:
fd:64:9f:0f:bf:c4:e0:ca:3f:34:10:f5:4f:db:5f:
d1:e5:45:15:90:a4:bf:25:af:1f:1f:83:cc:9a:87:
8b:ed:82:44:2d:34:83:2b:49:89:d3:6a:aa:6f:ee:
8e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:16:21:68:24:EF:ED:60:A9:BE:23:70:26:4A:0E:B1:A3:E6:97:47
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2hYhaCTv7WCpviNwJkoOsaPml0c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
08:cc:d3:c1:54:c2:5a:66:ae:1d:70:7e:b5:b3:a0:a5:7f:16:
53:bd:59:7d:02:b0:45:99:9a:da:29:79:ba:ce:80:5f:90:9a:
3d:25:a7:31:d3:b7:44:e5:7b:fe:6f:c7:95:7f:d3:df:0b:a5:
83:ce:de:80:70:15:61:6a:57:88:05:9b:6c:c9:8b:ea:f5:95:
9c:a5:2b:82:57:8b:5c:b8:a1:bb:84:5c:24:3f:eb:e8:bb:62:
b2:d1:62:8b:5e:3c:c7:17:96:cf:6a:15:82:ff:75:30:9d:02:
35:0b:2b:0b:22:e0:80:6c:f8:f7:c4:5a:54:e5:a7:6a:56:da:
21:66:52:ad:d9:3a:0a:4d:73:29:43:0c:46:ef:f0:e8:16:94:
c2:26:d7:09:ab:05:d6:b4:97:13:2f:a9:f3:51:42:f7:01:8d:
1d:e5:b1:b5:ed:b3:6b:c3:76:ab:cb:ea:6e:ba:44:a0:0b:2c:
f4:da:b2:6f:6b:28:2b:ba:8e:a7:42:d2:cc:92:88:85:ce:49:
e5:21:53:b6:91:93:94:87:b6:60:08:ce:7f:03:cc:4f:d3:a8:
fd:63:06:f2:1e:f6:ba:b5:9d:89:1c:0b:3d:fc:de:19:98:ce:
33:52:f9:a4:85:99:9b:61:be:fa:dc:f1:aa:34:fc:d6:0c:46:
c4:f4:1c:86
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICZ5IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDMw
NjQxNTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKERBMTYyMTY4MjRFRkVE
NjBBOUJFMjM3MDI2NEEwRUIxQTNFNjk3NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKe/NtJqbRyJ8/98DlPJ9IpMcQuwEhwR/9FxNTFE8/2Re4eVEC
tAiOhSg9uF9/9NMzMZsMH7fAnQrBjTrebsMkMwTK9BjgrZ2UT4DPMp7drhm+Xc6v
7Zwt50O18UiHDxyimOzXOhASXNR/UemaqtevCIxlFEtGho0YiBK1pTOS0C1H7n1z
nUWnXeE8rR4RsxzZSjv7bkSaG2OY85LF6UhmmqHpnCgeA2jU1EwJsVBgpmmx/+7f
LdFnI2otYML6JRFYtamV2y2DzyhsWACxRd6uAv1knw+/xODKPzQQ9U/bX9HlRRWQ
pL8lrx8fg8yah4vtgkQtNIMrSYnTaqpv7o5XAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU2hYhaCTv7WCpviNwJkoOsaPml0cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJoWWhhQ1R2N1dDcHZp
TndKa29Pc2FQbWwwYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAIzNPB
VMJaZq4dcH61s6ClfxZTvVl9ArBFmZraKXm6zoBfkJo9Jacx07dE5Xv+b8eVf9Pf
C6WDzt6AcBVhaleIBZtsyYvq9ZWcpSuCV4tcuKG7hFwkP+vou2Ky0WKLXjzHF5bP
ahWC/3UwnQI1CysLIuCAbPj3xFpU5adqVtohZlKt2ToKTXMpQwxG7/DoFpTCJtcJ
qwXWtJcTL6nzUUL3AY0d5bG17bNrw3ary+puukSgCyz02rJvaygruo6nQtLMkoiF
zknlIVO2kZOUh7ZgCM5/A8xP06j9YwbyHva6tZ2JHAs9/N4ZmM4zUvmkhZmbYb76
3PGqNPzWDEbE9ByG
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:44:52 2025 by rpki-client