Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KprQ9hN_6jLNcl7wyWd8gRiMkUo.roa
File: KprQ9hN_6jLNcl7wyWd8gRiMkUo.roa (raw, json)
Hash identifier: oo+zlpreW0k/7cn4LyN5Rb7JKaEVjQMQsGAsSv/ckIU=
Subject key identifier: 2A:9A:D0:F6:13:7F:EA:32:CD:72:5E:F0:C9:67:7C:81:18:8C:91:4A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6AC8
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KprQ9hN_6jLNcl7wyWd8gRiMkUo.roa
Signing time: Wed 11 Jun 2025 20:12:22 +0000
ROA not before: Wed 11 Jun 2025 20:12:22 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27336 (0x6ac8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 11 20:12:22 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=2A9AD0F6137FEA32CD725EF0C9677C81188C914A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:10:ab:9a:84:4d:ca:3d:08:c1:eb:76:6a:9e:
6b:e1:98:cc:a1:7d:55:d7:ff:3e:82:f7:3a:cb:e3:
56:e6:a3:ca:3b:90:17:be:84:1b:88:d1:ec:39:b3:
69:88:1d:9f:c3:eb:5e:b7:a2:89:a9:90:f0:70:f1:
93:a3:4d:9e:6e:11:c8:c6:0b:15:47:41:da:f6:5e:
eb:bd:14:77:0b:23:4f:6f:f8:11:c4:5b:2f:a2:a6:
db:3a:a7:2a:2c:9f:69:cb:53:f4:c4:69:ae:43:54:
b4:d9:95:fe:f7:1d:9b:41:bb:5b:2e:2c:89:95:ab:
57:56:46:46:fa:a7:a4:ce:b3:7b:27:d8:51:8e:29:
2e:80:98:dd:26:5e:9e:b9:13:5d:c2:9e:be:24:8d:
d1:e8:b4:37:e4:24:db:f8:29:7c:ac:50:37:f0:57:
f1:e9:ab:9d:fe:5d:b5:a3:7f:8e:c1:ab:82:d0:ac:
18:4a:34:ec:6a:39:fe:71:b2:f4:b1:14:d1:f6:49:
a5:a5:5d:89:a9:ed:21:35:ab:e5:a8:29:c0:61:ff:
e1:9c:69:a4:26:be:62:29:44:54:80:9e:b1:83:3e:
89:81:b7:de:24:07:6e:0f:22:e9:bc:67:5b:6f:2a:
18:70:f6:6b:dc:f6:6d:96:6f:8c:51:b8:2f:15:ce:
f5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:9A:D0:F6:13:7F:EA:32:CD:72:5E:F0:C9:67:7C:81:18:8C:91:4A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KprQ9hN_6jLNcl7wyWd8gRiMkUo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
01:7e:65:7e:a8:02:a3:99:f6:bb:4a:db:f0:db:e3:b1:44:2c:
43:8b:91:fe:34:64:f6:fb:f9:5a:f8:bd:a6:5c:eb:32:a6:4f:
da:e8:9f:8c:13:ca:d9:9e:ef:b5:df:5a:2d:73:7b:3c:1b:90:
c8:7a:02:ce:6f:e9:b4:b2:0c:19:89:e4:3d:a1:56:91:50:66:
4e:e6:aa:3b:a4:24:9c:dd:b9:ed:75:4e:9f:d3:4b:fb:c6:57:
8c:16:70:f2:6e:1a:22:3f:8d:4a:b8:6b:3a:18:f1:21:61:f1:
18:44:a7:1d:8d:ac:eb:8e:5d:a8:aa:71:04:20:13:75:38:b4:
67:fa:61:23:4b:db:4a:25:f7:e1:87:fc:91:21:5d:92:fa:71:
08:eb:77:dc:f7:4a:95:73:14:39:fd:24:e0:24:22:eb:d6:0d:
7c:ca:54:ac:62:0b:00:96:b1:ca:c1:ff:dd:b7:d0:fc:9c:41:
a8:9e:d1:27:ed:0f:b5:f7:96:93:57:26:3d:4b:7f:ce:f2:2d:
c0:46:10:01:55:4d:3f:0a:f2:d0:25:79:b2:19:84:eb:1f:ad:
41:99:4a:85:dc:f0:95:d0:ba:00:88:4e:51:a6:8a:e5:6c:07:
5f:ce:db:d3:05:7a:1b:6b:53:88:00:f2:e6:cc:b8:d1:ad:f1:
9c:ee:71:f8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICasgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MTEy
MDEyMjJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDJBOUFEMEY2MTM3RkVB
MzJDRDcyNUVGMEM5Njc3QzgxMTg4QzkxNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnEKuahE3KPQjB63ZqnmvhmMyhfVXX/z6C9zrL41bmo8o7kBe+
hBuI0ew5s2mIHZ/D6163oompkPBw8ZOjTZ5uEcjGCxVHQdr2Xuu9FHcLI09v+BHE
Wy+ipts6pyosn2nLU/TEaa5DVLTZlf73HZtBu1suLImVq1dWRkb6p6TOs3sn2FGO
KS6AmN0mXp65E13Cnr4kjdHotDfkJNv4KXysUDfwV/Hpq53+XbWjf47Bq4LQrBhK
NOxqOf5xsvSxFNH2SaWlXYmp7SE1q+WoKcBh/+GcaaQmvmIpRFSAnrGDPomBt94k
B24PIum8Z1tvKhhw9mvc9m2Wb4xRuC8VzvWpAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUKprQ9hN/6jLNcl7wyWd8gRiMkUowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0twclE5aE5fNmpMTmNs
N3d5V2Q4Z1JpTWtVby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQABfmV+
qAKjmfa7Stvw2+OxRCxDi5H+NGT2+/la+L2mXOsypk/a6J+ME8rZnu+131otc3s8
G5DIegLOb+m0sgwZieQ9oVaRUGZO5qo7pCSc3bntdU6f00v7xleMFnDybhoiP41K
uGs6GPEhYfEYRKcdjazrjl2oqnEEIBN1OLRn+mEjS9tKJffhh/yRIV2S+nEI63fc
90qVcxQ5/STgJCLr1g18ylSsYgsAlrHKwf/dt9D8nEGontEn7Q+195aTVyY9S3/O
8i3ARhABVU0/CvLQJXmyGYTrH61BmUqF3PCV0LoAiE5RporlbAdfztvTBXoba1OI
APLmzLjRrfGc7nH4
-----END CERTIFICATE-----
Generated at Sat Jun 21 23:57:39 2025 by rpki-client