Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3qWJLGbyVihL8DPXL_zb-kNsuNg.roa
File: 3qWJLGbyVihL8DPXL_zb-kNsuNg.roa (raw, json)
Hash identifier: 53rHte4oiX7trl2tGSgsQFDh5hGybVM/feEXvJkyYYk=
Subject key identifier: DE:A5:89:2C:66:F2:56:28:4B:F0:33:D7:2F:FC:DB:FA:43:6C:B8:D8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6ACE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3qWJLGbyVihL8DPXL_zb-kNsuNg.roa
Signing time: Wed 11 Jun 2025 21:43:38 +0000
ROA not before: Wed 11 Jun 2025 21:43:38 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27342 (0x6ace)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 11 21:43:38 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=DEA5892C66F256284BF033D72FFCDBFA436CB8D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:74:8e:64:a9:bf:65:14:85:5d:f7:33:6f:c1:
dd:0b:58:c8:8d:b4:c6:61:45:53:88:e1:67:af:ce:
f9:07:4a:32:aa:17:bf:7b:34:25:9e:69:b5:7e:a9:
f4:39:d2:a5:f2:54:bc:e4:28:d9:0a:e8:40:c4:48:
69:c7:af:c0:73:8b:15:6b:f4:8b:e9:32:21:47:49:
9f:9a:58:44:81:00:dc:ff:cf:93:30:65:56:78:dd:
d9:76:94:7b:16:67:ed:d6:fa:01:7c:62:75:59:b7:
c6:05:6a:85:d5:f8:84:b7:be:4c:b5:36:48:9b:08:
f3:05:3f:db:8e:4c:fc:08:4b:34:73:cf:7d:24:47:
22:dd:63:36:c9:27:f7:08:d7:5f:47:84:dd:8d:d5:
7f:aa:73:78:d8:ea:0e:d2:1e:36:44:80:23:28:92:
e7:1f:9c:ee:bc:d8:9f:af:1f:d0:31:ce:ce:0a:db:
cd:40:5b:66:63:73:1a:36:e0:c3:97:87:8f:8b:e0:
70:41:6c:94:1c:45:2a:73:e3:80:30:3c:2c:39:e8:
c0:3d:62:55:8c:13:04:a3:d4:6b:bb:3a:9a:cc:a5:
e8:b8:a3:58:4c:ad:0e:68:e3:e8:33:e2:86:77:73:
d6:bc:d3:4f:b0:ab:92:2f:c7:23:b1:d8:b5:b7:2c:
84:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A5:89:2C:66:F2:56:28:4B:F0:33:D7:2F:FC:DB:FA:43:6C:B8:D8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3qWJLGbyVihL8DPXL_zb-kNsuNg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
49:d7:4c:17:24:de:5f:e7:f7:6d:1f:5f:cf:0d:57:9d:ea:35:
a0:11:ac:15:52:69:0f:54:7a:17:6e:ab:5c:ae:ca:37:8f:b0:
61:79:a5:b0:ca:c9:e4:e5:72:1c:11:e5:a2:41:cc:5b:12:08:
c8:ea:ee:93:5b:1b:c7:ef:c6:e9:78:10:e9:af:0c:10:52:75:
35:13:52:71:1a:aa:be:ef:4f:a6:c2:7c:0b:a5:90:d1:e4:df:
0c:c1:51:d7:b3:01:1c:9e:a4:70:fd:56:9f:00:95:bc:1c:d1:
4f:34:0d:ae:26:da:39:73:d9:3c:f8:47:e4:63:e3:17:8f:98:
00:0d:18:78:b2:26:63:8e:73:d5:65:c6:99:1a:e0:e3:aa:64:
58:0b:c4:85:00:3f:c2:e1:c5:06:a6:b7:6b:32:e9:b1:bf:d5:
61:f4:2d:3d:09:33:6a:7f:31:e1:f8:a0:0e:ef:d5:e3:17:54:
d6:28:84:01:8e:28:69:da:9b:bf:43:3b:1f:29:d9:45:57:b8:
f5:8e:7a:e2:5f:a0:99:62:69:02:55:5e:95:f4:98:79:2e:2e:
eb:0a:6e:9b:14:3f:91:f9:e0:ba:96:d1:ed:3d:ae:af:e1:94:
7a:e9:90:15:7a:0b:03:ad:6b:ec:0c:6f:4a:c4:24:a2:4b:38:
51:3d:81:dc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICas4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTEy
MTQzMzhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKERFQTU4OTJDNjZGMjU2
Mjg0QkYwMzNENzJGRkNEQkZBNDM2Q0I4RDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPdI5kqb9lFIVd9zNvwd0LWMiNtMZhRVOI4WevzvkHSjKqF797
NCWeabV+qfQ50qXyVLzkKNkK6EDESGnHr8BzixVr9IvpMiFHSZ+aWESBANz/z5Mw
ZVZ43dl2lHsWZ+3W+gF8YnVZt8YFaoXV+IS3vky1NkibCPMFP9uOTPwISzRzz30k
RyLdYzbJJ/cI119HhN2N1X+qc3jY6g7SHjZEgCMokucfnO682J+vH9Axzs4K281A
W2Zjcxo24MOXh4+L4HBBbJQcRSpz44AwPCw56MA9YlWMEwSj1Gu7OprMpei4o1hM
rQ5o4+gz4oZ3c9a800+wq5IvxyOx2LW3LITfAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU3qWJLGbyVihL8DPXL/zb+kNsuNgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNxV0pMR2J5VmloTDhE
UFhMX3piLWtOc3VOZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBJ10wX
JN5f5/dtH1/PDVed6jWgEawVUmkPVHoXbqtcrso3j7BheaWwysnk5XIcEeWiQcxb
EgjI6u6TWxvH78bpeBDprwwQUnU1E1JxGqq+70+mwnwLpZDR5N8MwVHXswEcnqRw
/VafAJW8HNFPNA2uJto5c9k8+EfkY+MXj5gADRh4siZjjnPVZcaZGuDjqmRYC8SF
AD/C4cUGprdrMumxv9Vh9C09CTNqfzHh+KAO79XjF1TWKIQBjihp2pu/QzsfKdlF
V7j1jnriX6CZYmkCVV6V9Jh5Li7rCm6bFD+R+eC6ltHtPa6v4ZR66ZAVegsDrWvs
DG9KxCSiSzhRPYHc
-----END CERTIFICATE-----
Generated at Sat Jun 21 19:56:05 2025 by rpki-client