Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/iMf24IPbudl4M4gkesToqwGpvlI.roa
File: iMf24IPbudl4M4gkesToqwGpvlI.roa (raw, json)
Hash identifier: itln0GWDotInUvZOaNqRtB6I6L6PROPSB/qFkHmvcus=
Subject key identifier: 88:C7:F6:E0:83:DB:B9:D9:78:33:88:24:7A:C4:E8:AB:01:A9:BE:52
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6370
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iMf24IPbudl4M4gkesToqwGpvlI.roa
Signing time: Fri 23 May 2025 06:11:11 +0000
ROA not before: Fri 23 May 2025 06:11:11 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25456 (0x6370)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 23 06:11:11 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=88C7F6E083DBB9D9783388247AC4E8AB01A9BE52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7c:e3:10:12:9a:5e:e9:e7:b5:c4:99:f6:7f:
16:29:b5:7f:d4:b9:d3:58:2a:20:13:20:5d:62:d6:
61:81:00:28:02:f2:51:2d:08:11:8a:6d:2c:40:0b:
33:15:08:9f:96:0e:56:30:f9:5d:94:24:fc:b0:22:
4a:11:6f:10:44:fc:30:f6:27:4c:12:ed:90:7e:2c:
e3:6f:cb:69:52:95:1c:78:7a:3c:7d:58:46:fc:8c:
13:84:d3:67:57:3e:b1:17:7b:c9:da:13:27:b4:35:
5d:66:74:61:5f:18:65:26:c3:c9:44:c1:f7:d5:d7:
4f:62:a9:d1:3e:41:60:55:05:43:b5:42:38:13:af:
cd:6c:e5:7e:c9:62:55:97:5c:df:e1:ff:73:bb:dc:
31:f5:ae:6c:1d:a1:c3:49:28:f6:ce:c5:e3:99:98:
c6:8d:f7:36:c0:19:01:d0:53:02:6b:73:cc:36:70:
65:8b:a2:b4:40:67:77:57:9c:10:b9:a7:ce:04:02:
76:9d:c0:bd:55:5f:82:4b:22:a3:72:1f:1c:8d:a8:
a1:54:94:b8:06:4c:e8:80:3f:c3:a1:e3:7e:ec:04:
0f:4a:6c:07:cd:a6:9e:27:0f:b3:65:d5:d5:0a:f5:
b3:dc:68:b5:b5:c4:cb:f8:6e:00:09:89:23:be:2c:
a1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C7:F6:E0:83:DB:B9:D9:78:33:88:24:7A:C4:E8:AB:01:A9:BE:52
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iMf24IPbudl4M4gkesToqwGpvlI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
9b:67:a8:3c:bb:49:97:72:fa:88:8c:b9:91:a4:d6:78:fb:d6:
c5:79:4d:c6:0e:7e:ad:1a:a7:3a:4a:d5:a7:16:6d:a7:44:9a:
89:81:9a:b9:6f:1e:cb:0a:dd:cf:76:e9:07:1e:73:4e:47:6b:
91:25:e5:73:cb:84:2e:e3:62:16:a5:f2:40:f4:3b:ca:48:27:
81:2b:92:c2:1a:3e:94:c0:36:c9:f7:ac:c0:43:9b:ed:a0:b7:
05:c5:7f:a5:05:60:23:aa:dd:76:52:b6:ed:1b:53:33:d9:69:
cd:e0:f8:da:4d:9c:1a:1a:77:6f:2a:b2:ce:f5:36:75:ee:b0:
3b:7f:d5:32:74:71:17:1e:f5:3e:32:be:23:e7:22:3d:ba:11:
74:0a:29:7c:91:94:f4:4d:68:01:3d:d6:e0:12:8a:35:77:50:
bd:fd:07:8d:b9:84:78:7f:ce:0e:b9:24:a6:a9:f4:24:47:a0:
2d:20:71:ab:87:44:2d:04:d4:b5:1e:26:c9:cc:91:de:28:d1:
87:b9:33:82:9e:9e:6f:c9:fe:0a:3b:29:db:d0:5f:f4:0e:5d:
9d:b6:c9:ae:55:e6:1a:5a:ee:eb:76:2b:79:9a:da:0c:34:80:
80:54:10:9c:fb:37:2f:a0:5e:f8:18:4d:4f:30:31:6d:bb:c6:
87:2d:6d:cc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICY3AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjMw
NjExMTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg4QzdGNkUwODNEQkI5
RDk3ODMzODgyNDdBQzRFOEFCMDFBOUJFNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhfOMQEppe6ee1xJn2fxYptX/UudNYKiATIF1i1mGBACgC8lEt
CBGKbSxACzMVCJ+WDlYw+V2UJPywIkoRbxBE/DD2J0wS7ZB+LONvy2lSlRx4ejx9
WEb8jBOE02dXPrEXe8naEye0NV1mdGFfGGUmw8lEwffV109iqdE+QWBVBUO1QjgT
r81s5X7JYlWXXN/h/3O73DH1rmwdocNJKPbOxeOZmMaN9zbAGQHQUwJrc8w2cGWL
orRAZ3dXnBC5p84EAnadwL1VX4JLIqNyHxyNqKFUlLgGTOiAP8Oh437sBA9KbAfN
pp4nD7Nl1dUK9bPcaLW1xMv4bgAJiSO+LKFNAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUiMf24IPbudl4M4gkesToqwGpvlIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lNZjI0SVBidWRsNE00
Z2tlc1RvcXdHcHZsSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCbZ6g8
u0mXcvqIjLmRpNZ4+9bFeU3GDn6tGqc6StWnFm2nRJqJgZq5bx7LCt3PdukHHnNO
R2uRJeVzy4Qu42IWpfJA9DvKSCeBK5LCGj6UwDbJ96zAQ5vtoLcFxX+lBWAjqt12
UrbtG1Mz2WnN4PjaTZwaGndvKrLO9TZ17rA7f9UydHEXHvU+Mr4j5yI9uhF0Cil8
kZT0TWgBPdbgEoo1d1C9/QeNuYR4f84OuSSmqfQkR6AtIHGrh0QtBNS1HibJzJHe
KNGHuTOCnp5vyf4KOynb0F/0Dl2dtsmuVeYaWu7rdit5mtoMNICAVBCc+zcvoF74
GE1PMDFtu8aHLW3M
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:01:46 2025 by rpki-client