Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jUO8UVuXhhFs-Io7E3PG7lYGA2I.roa
File: jUO8UVuXhhFs-Io7E3PG7lYGA2I.roa (raw, json)
Hash identifier: r6y+WDv2vEHoU8ITeflEUlx30cFBInmIDTRxq0Tygvo=
Subject key identifier: 8D:43:BC:51:5B:97:86:11:6C:F8:8A:3B:13:73:C6:EE:56:06:03:62
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 624E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jUO8UVuXhhFs-Io7E3PG7lYGA2I.roa
Signing time: Tue 20 May 2025 05:40:53 +0000
ROA not before: Tue 20 May 2025 05:40:53 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25166 (0x624e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 20 05:40:53 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=8D43BC515B9786116CF88A3B1373C6EE56060362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f8:21:d0:56:86:62:09:e2:5b:19:c2:c5:ef:
8f:f4:35:ae:b7:c7:f5:e9:34:f9:39:31:4d:fd:e8:
42:bf:40:6b:9b:00:76:b3:d2:80:60:64:d1:6d:d2:
64:8a:ff:e5:5f:dd:5d:4f:73:20:cd:16:97:a4:70:
9c:40:21:5f:b2:93:20:0e:35:60:79:ad:d7:b8:d1:
3f:ee:96:3a:83:d3:05:bf:df:14:41:53:cc:6a:02:
8e:5e:31:d5:b1:da:51:c3:65:f3:1f:0c:f8:cc:a1:
62:12:bd:08:a2:c3:ee:34:2a:52:96:0e:a3:d6:ab:
01:3a:f8:91:d7:6b:b7:27:30:6a:e8:81:72:7c:13:
29:90:60:de:06:b4:5e:02:ea:5a:71:5e:e2:4d:9a:
9d:0c:c8:33:80:a5:1e:2d:e4:2e:46:82:df:da:ff:
c5:fb:7e:d6:c3:53:4b:86:41:22:d3:c5:f8:9f:37:
34:29:d6:07:26:cb:d6:72:73:ff:ee:a4:d7:29:52:
e4:a4:e0:a9:a6:24:69:85:6c:75:5c:da:93:ba:15:
3f:33:2e:10:bc:bb:04:31:af:33:20:8d:74:a8:8f:
3f:d7:4c:b3:d4:66:bf:bc:26:0a:5b:ce:d9:5e:76:
e3:79:6b:2a:2c:f8:8d:d4:db:a6:75:77:0e:a5:de:
cf:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:43:BC:51:5B:97:86:11:6C:F8:8A:3B:13:73:C6:EE:56:06:03:62
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jUO8UVuXhhFs-Io7E3PG7lYGA2I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
6a:c1:0d:50:25:0a:e4:52:68:52:18:4c:18:b8:e0:9f:1b:00:
e9:85:b2:c1:56:95:af:66:6c:e9:7e:76:3d:72:76:77:a7:bd:
eb:31:a8:d7:f8:c1:96:ea:44:70:72:7d:24:b3:90:03:9c:54:
2a:2c:4c:a6:e6:8f:7c:fd:38:4b:da:44:77:85:45:aa:54:2b:
0f:e9:a4:1c:c9:56:72:9d:44:15:b5:17:d8:05:18:31:02:41:
f2:09:48:fd:a3:5e:0d:4f:2f:74:ad:67:0f:a5:63:a3:c6:48:
83:71:ff:1d:01:2b:c9:2f:34:c7:2e:34:99:c7:f7:b1:2a:57:
d6:8e:54:f0:25:52:e1:cd:a4:d0:2f:6b:4a:cb:bd:f9:0b:d8:
67:7e:42:f2:2b:16:6e:f5:e1:1a:34:c3:29:2c:87:15:cd:63:
75:a9:9d:62:55:98:44:84:a1:aa:ec:01:e1:8f:91:c1:24:0c:
ba:1a:b6:1e:c3:2f:f9:f9:74:f2:5a:11:5a:87:80:d7:b7:56:
de:f0:05:d5:7f:18:64:69:9e:3f:c5:6c:78:7e:22:84:28:1f:
ec:e0:38:a0:9d:b3:b4:2a:37:d2:7a:41:ea:b1:df:a2:98:dc:
f3:d8:99:36:1d:71:d0:19:e8:84:97:1b:f8:f2:10:0c:9b:bb:
ab:34:a9:b2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYk4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MjAw
NTQwNTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDhENDNCQzUxNUI5Nzg2
MTE2Q0Y4OEEzQjEzNzNDNkVFNTYwNjAzNjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz+CHQVoZiCeJbGcLF74/0Na63x/XpNPk5MU396EK/QGubAHaz
0oBgZNFt0mSK/+Vf3V1PcyDNFpekcJxAIV+ykyAONWB5rde40T/uljqD0wW/3xRB
U8xqAo5eMdWx2lHDZfMfDPjMoWISvQiiw+40KlKWDqPWqwE6+JHXa7cnMGrogXJ8
EymQYN4GtF4C6lpxXuJNmp0MyDOApR4t5C5Ggt/a/8X7ftbDU0uGQSLTxfifNzQp
1gcmy9Zyc//upNcpUuSk4KmmJGmFbHVc2pO6FT8zLhC8uwQxrzMgjXSojz/XTLPU
Zr+8JgpbztleduN5ayos+I3U26Z1dw6l3s8nAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUjUO8UVuXhhFs+Io7E3PG7lYGA2IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2pVTzhVVnVYaGhGcy1J
bzdFM1BHN2xZR0EySS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQBqwQ1Q
JQrkUmhSGEwYuOCfGwDphbLBVpWvZmzpfnY9cnZ3p73rMajX+MGW6kRwcn0ks5AD
nFQqLEym5o98/ThL2kR3hUWqVCsP6aQcyVZynUQVtRfYBRgxAkHyCUj9o14NTy90
rWcPpWOjxkiDcf8dASvJLzTHLjSZx/exKlfWjlTwJVLhzaTQL2tKy735C9hnfkLy
KxZu9eEaNMMpLIcVzWN1qZ1iVZhEhKGq7AHhj5HBJAy6GrYewy/5+XTyWhFah4DX
t1be8AXVfxhkaZ4/xWx4fiKEKB/s4DignbO0KjfSekHqsd+imNzz2Jk2HXHQGeiE
lxv48hAMm7urNKmy
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:24:06 2025 by rpki-client