Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BH7MLxIHFYVB-PkT06_4MNelSUs.roa
File: BH7MLxIHFYVB-PkT06_4MNelSUs.roa (raw, json)
Hash identifier: 9KgeE/N+gHTfenhBTxoP9/QrgALBiNg6hrqqZL0e1fE=
Subject key identifier: 04:7E:CC:2F:12:07:15:85:41:F8:F9:13:D3:AF:F8:30:D7:A5:49:4B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 68B2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BH7MLxIHFYVB-PkT06_4MNelSUs.roa
Signing time: Fri 06 Jun 2025 06:41:51 +0000
ROA not before: Fri 06 Jun 2025 06:41:51 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26802 (0x68b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 6 06:41:51 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=047ECC2F1207158541F8F913D3AFF830D7A5494B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d3:27:93:f3:9c:e8:15:8e:cb:82:b5:55:dc:
d9:40:65:2e:7a:22:38:3f:bf:4b:11:d8:51:3f:60:
42:1d:7a:8e:50:a1:97:d6:d5:d7:8a:2c:55:03:ec:
23:a4:42:8e:4f:38:78:0f:30:b3:a4:8c:da:47:54:
5f:84:97:40:39:c4:e6:7b:4f:f5:80:f4:2c:c9:da:
ba:9f:61:8e:8b:5f:c6:b8:16:8b:00:a4:05:0b:b1:
3c:04:02:c9:18:0d:c8:e5:72:b0:bf:8f:f4:ae:d3:
d3:9c:1c:4e:ad:bb:36:d4:47:a5:fa:99:51:32:97:
3d:ba:88:90:40:b8:79:95:d4:bf:7a:9d:c6:1a:50:
64:b9:3c:a5:23:6f:6d:50:79:f3:be:ce:58:30:7c:
c5:2e:52:88:c9:de:cd:02:cd:3b:f8:62:60:85:75:
f2:93:bd:57:b3:bc:2c:64:4b:80:58:8e:48:35:04:
59:ba:de:20:7d:90:57:1a:09:2c:41:e6:24:43:43:
a8:c0:3b:28:6e:81:12:97:6d:3a:3d:0c:cd:c8:cc:
3a:f0:4a:81:23:80:61:b1:b9:37:a9:fd:7a:25:69:
a4:ec:14:8b:f6:cb:11:30:2a:5e:15:b2:cf:6a:2b:
81:b8:25:da:e2:15:00:d9:62:db:73:be:81:8b:99:
b0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:7E:CC:2F:12:07:15:85:41:F8:F9:13:D3:AF:F8:30:D7:A5:49:4B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BH7MLxIHFYVB-PkT06_4MNelSUs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
7c:a8:97:46:62:60:b9:2a:58:8b:78:a3:61:b6:f3:ca:f2:85:
e0:36:2b:2e:b9:db:27:28:39:61:0e:b0:c6:f2:1f:c3:ee:07:
b2:53:d5:29:4e:76:16:fc:11:d7:26:b7:c6:17:ae:7d:8a:f4:
30:ee:3f:10:5e:70:55:aa:29:64:f4:01:4a:e4:92:41:65:6f:
cc:f9:00:dd:e1:4f:84:2c:73:e5:7a:24:6e:10:b2:c4:0b:bb:
fb:57:bf:a9:12:06:96:c2:e0:f4:d0:dc:a8:86:cb:40:7d:a0:
02:23:b0:f8:d2:9e:fd:ef:ec:9f:82:36:70:b4:8a:7c:ee:d6:
7c:12:ce:b1:63:8a:ae:01:d2:3d:e8:fb:5a:35:15:07:b3:43:
9c:61:61:af:d6:60:fc:12:58:6c:48:b5:70:74:86:57:e2:94:
78:75:f0:ce:7c:4e:95:7b:29:30:3f:81:c7:81:be:68:05:b0:
a7:b4:9e:9d:bd:26:0b:38:dc:ed:a6:d1:af:21:03:aa:a5:18:
43:02:88:a5:d0:d2:39:85:39:bb:f6:6f:7f:5c:59:21:12:2e:
5a:47:db:38:03:7b:c1:a5:e4:66:6c:7a:ef:44:79:96:6c:f5:
9e:a9:82:4b:2d:0c:41:8e:ea:7a:e4:be:16:16:4d:a3:d9:13:
d3:07:ed:a0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICaLIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDYw
NjQxNTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDA0N0VDQzJGMTIwNzE1
ODU0MUY4RjkxM0QzQUZGODMwRDdBNTQ5NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC70yeT85zoFY7LgrVV3NlAZS56Ijg/v0sR2FE/YEIdeo5QoZfW
1deKLFUD7COkQo5POHgPMLOkjNpHVF+El0A5xOZ7T/WA9CzJ2rqfYY6LX8a4FosA
pAULsTwEAskYDcjlcrC/j/Su09OcHE6tuzbUR6X6mVEylz26iJBAuHmV1L96ncYa
UGS5PKUjb21QefO+zlgwfMUuUojJ3s0CzTv4YmCFdfKTvVezvCxkS4BYjkg1BFm6
3iB9kFcaCSxB5iRDQ6jAOyhugRKXbTo9DM3IzDrwSoEjgGGxuTep/XolaaTsFIv2
yxEwKl4Vss9qK4G4JdriFQDZYttzvoGLmbDHAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUBH7MLxIHFYVB+PkT06/4MNelSUswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JIN01MeElIRllWQi1Q
a1QwNl80TU5lbFNVcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQB8qJdG
YmC5KliLeKNhtvPK8oXgNisuudsnKDlhDrDG8h/D7geyU9UpTnYW/BHXJrfGF659
ivQw7j8QXnBVqilk9AFK5JJBZW/M+QDd4U+ELHPleiRuELLEC7v7V7+pEgaWwuD0
0NyohstAfaACI7D40p797+yfgjZwtIp87tZ8Es6xY4quAdI96PtaNRUHs0OcYWGv
1mD8ElhsSLVwdIZX4pR4dfDOfE6VeykwP4HHgb5oBbCntJ6dvSYLONztptGvIQOq
pRhDAoil0NI5hTm79m9/XFkhEi5aR9s4A3vBpeRmbHrvRHmWbPWeqYJLLQxBjup6
5L4WFk2j2RPTB+2g
-----END CERTIFICATE-----
Generated at Sat Jun 21 05:36:10 2025 by rpki-client