Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lHMBTn1URmqvSeEJca2jgDyDGUA.roa
File: lHMBTn1URmqvSeEJca2jgDyDGUA.roa (raw, json)
Hash identifier: zr8yeZi4vorYJGQSPEK3z5Npi2knTuuYhdT1yvyYULU=
Subject key identifier: 94:73:01:4E:7D:54:46:6A:AF:49:E1:09:71:AD:A3:80:3C:83:19:40
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6852
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lHMBTn1URmqvSeEJca2jgDyDGUA.roa
Signing time: Thu 05 Jun 2025 06:41:52 +0000
ROA not before: Thu 05 Jun 2025 06:41:52 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26706 (0x6852)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Jun 5 06:41:52 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=9473014E7D54466AAF49E10971ADA3803C831940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:78:8b:77:c0:29:de:44:57:8b:11:6f:f4:93:
46:e5:21:08:a1:07:41:3c:db:7d:ae:d7:35:e7:32:
9e:19:93:4c:4a:bd:24:39:cd:49:df:b3:7e:da:a5:
52:d7:eb:72:c9:6a:65:23:17:0c:18:ba:c9:dd:08:
e2:02:18:50:4a:31:ad:87:7e:3a:18:2b:68:a6:99:
ff:78:ac:78:25:e5:56:a4:e4:91:1a:42:d4:25:49:
53:2b:f7:c6:a2:1c:bb:d0:5e:31:8f:83:50:7f:11:
7e:c3:b1:28:82:1d:2d:f5:a6:85:99:ff:84:05:66:
60:5d:f4:af:ca:a8:31:8c:4c:d4:69:7b:87:d7:2e:
1e:c1:c1:5c:87:69:99:2e:88:d2:dc:05:27:7e:64:
2b:2c:0c:3c:5a:0f:7e:7f:de:61:f7:ba:7e:87:02:
c5:2d:e5:58:2e:ac:9b:a3:75:d3:9a:e8:72:15:c1:
48:e5:cd:3b:39:31:21:1c:8f:aa:e3:1d:a7:ce:bf:
bb:83:c4:4d:0c:3c:a8:50:28:f8:cd:76:81:0a:e8:
35:51:e4:72:01:ec:95:c3:d3:4b:14:f4:00:74:c2:
16:32:9a:f6:2b:50:da:db:f2:29:ec:b2:e3:d0:a5:
99:93:d5:ef:3f:17:76:69:75:25:65:67:7a:8d:3a:
c3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:73:01:4E:7D:54:46:6A:AF:49:E1:09:71:AD:A3:80:3C:83:19:40
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lHMBTn1URmqvSeEJca2jgDyDGUA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
30:99:25:b6:68:05:bc:0c:7d:7a:98:57:54:13:41:0d:40:87:
83:0f:3c:fb:2e:af:29:84:b5:c1:df:ac:e7:7c:d1:a1:de:64:
46:97:81:09:5b:b9:66:ff:a2:58:77:44:df:b4:a7:69:21:a5:
4d:98:cc:13:3d:6d:76:e3:f3:3e:96:9a:1e:4d:74:97:e8:78:
d3:68:73:26:a0:85:fc:49:c6:50:84:e8:a6:ab:a3:46:3c:d2:
26:a4:49:63:fa:d3:d6:8d:f2:c9:f9:18:10:35:6d:58:04:da:
ef:14:ce:36:17:ad:04:88:8b:7a:5d:a7:c7:cb:18:7e:eb:ed:
17:b9:2f:4f:74:c2:e4:dc:f7:ce:51:bd:e9:e9:8e:18:26:22:
90:05:e9:ce:ec:cc:f3:99:01:61:fa:e4:69:ae:9f:1a:fd:87:
8a:28:d9:79:35:d0:33:29:c0:88:8f:ed:88:63:cb:c3:c0:d1:
f8:63:58:d9:7f:92:a5:59:e0:97:88:76:b8:7e:f2:70:87:24:
23:1c:53:a3:84:c4:f3:cd:c4:ab:91:56:26:76:19:57:74:8f:
d2:0b:9d:9c:35:63:f3:ae:b7:79:7d:b1:f5:77:99:cb:05:3d:
fb:77:57:c2:bd:fd:19:a5:43:25:71:61:2f:77:b9:98:c3:21:
e9:13:90:ac
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICaFIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA2MDUw
NjQxNTJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDk0NzMwMTRFN0Q1NDQ2
NkFBRjQ5RTEwOTcxQURBMzgwM0M4MzE5NDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdeIt3wCneRFeLEW/0k0blIQihB0E8232u1zXnMp4Zk0xKvSQ5
zUnfs37apVLX63LJamUjFwwYusndCOICGFBKMa2HfjoYK2immf94rHgl5Vak5JEa
QtQlSVMr98aiHLvQXjGPg1B/EX7DsSiCHS31poWZ/4QFZmBd9K/KqDGMTNRpe4fX
Lh7BwVyHaZkuiNLcBSd+ZCssDDxaD35/3mH3un6HAsUt5VgurJujddOa6HIVwUjl
zTs5MSEcj6rjHafOv7uDxE0MPKhQKPjNdoEK6DVR5HIB7JXD00sU9AB0whYymvYr
UNrb8inssuPQpZmT1e8/F3ZpdSVlZ3qNOsMRAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUlHMBTn1URmqvSeEJca2jgDyDGUAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xITUJUbjFVUm1xdlNl
RUpjYTJqZ0R5REdVQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAwmSW2
aAW8DH16mFdUE0ENQIeDDzz7Lq8phLXB36znfNGh3mRGl4EJW7lm/6JYd0TftKdp
IaVNmMwTPW124/M+lpoeTXSX6HjTaHMmoIX8ScZQhOimq6NGPNImpElj+tPWjfLJ
+RgQNW1YBNrvFM42F60EiIt6XafHyxh+6+0XuS9PdMLk3PfOUb3p6Y4YJiKQBenO
7MzzmQFh+uRprp8a/YeKKNl5NdAzKcCIj+2IY8vDwNH4Y1jZf5KlWeCXiHa4fvJw
hyQjHFOjhMTzzcSrkVYmdhlXdI/SC52cNWPzrrd5fbH1d5nLBT37d1fCvf0ZpUMl
cWEvd7mYwyHpE5Cs
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:05:28 2025 by rpki-client