Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0qho63hKeDfgaftMIZjAjX4Y7qs.roa
File: 0qho63hKeDfgaftMIZjAjX4Y7qs.roa (raw, json)
Hash identifier: G4ZX3qQp00vF+9pVH+Z0Xz0f32VAlGtLuBlwtOPKtHQ=
Subject key identifier: D2:A8:68:EB:78:4A:78:37:E0:69:FB:4C:21:98:C0:8D:7E:18:EE:AB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 6034
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0qho63hKeDfgaftMIZjAjX4Y7qs.roa
Signing time: Wed 14 May 2025 15:10:25 +0000
ROA not before: Wed 14 May 2025 15:10:25 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24628 (0x6034)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 15:10:25 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=D2A868EB784A7837E069FB4C2198C08D7E18EEAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7a:cd:70:aa:6d:c5:75:ad:89:15:ca:4a:44:
23:81:b2:a6:83:1a:a6:9e:1e:77:f8:15:07:b4:6b:
f7:8c:29:f3:f4:a3:cc:cf:ae:b0:21:ad:8a:60:d7:
9b:0a:7f:11:56:b9:c4:f8:46:77:b6:6c:22:64:c4:
00:8e:9c:33:02:65:03:0a:cb:e0:46:70:67:b2:67:
e9:2b:af:ec:3b:0f:85:43:ac:41:01:84:6f:15:1c:
95:77:ae:e3:eb:7d:29:fb:d1:eb:81:c4:74:02:25:
f2:1b:a1:66:34:1a:8f:9b:df:0b:ab:c8:15:7e:3a:
d8:bc:45:0a:24:47:30:25:cf:fa:55:f0:00:cd:39:
4b:5c:fc:63:ab:9b:34:93:7e:d5:c6:72:bf:52:3e:
e1:ff:1e:ce:41:8a:53:73:ed:44:d7:a4:1c:8f:c2:
58:cb:12:ce:9a:fe:7b:53:c3:20:79:5a:88:5a:32:
cd:5c:77:29:42:18:ae:46:2c:6f:64:a1:fb:5a:b3:
18:79:f7:71:07:fc:3e:5b:17:a8:65:f3:71:13:4f:
d0:75:40:5c:94:c0:48:f5:24:6c:ce:5d:d1:1c:87:
99:81:d0:da:0d:33:a6:92:5d:d4:d4:36:52:fe:9c:
38:a9:21:f0:3e:ee:17:41:ba:15:f3:e9:f4:f3:f8:
1c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A8:68:EB:78:4A:78:37:E0:69:FB:4C:21:98:C0:8D:7E:18:EE:AB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0qho63hKeDfgaftMIZjAjX4Y7qs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
18:33:45:af:31:d9:6f:53:a2:37:fa:ca:77:e1:55:bc:19:c6:
be:bb:d8:e6:93:97:d4:52:5a:11:25:b7:f0:c4:8d:d4:ca:29:
92:bf:26:64:8b:36:06:0b:60:c1:36:e0:60:5b:95:34:54:59:
9f:f0:66:06:bd:43:87:c6:e0:9c:8e:4d:91:99:74:08:32:f3:
d5:12:55:25:4f:07:ed:a2:78:70:6e:e4:69:34:16:cc:fd:15:
d5:cf:dd:34:a0:0a:43:24:13:aa:8d:3e:a2:28:32:99:cf:19:
47:f7:8d:7f:89:07:26:49:c9:50:75:1d:08:98:06:8d:b0:52:
ce:4e:95:e2:a0:33:f2:92:09:2e:d8:72:3c:e6:d1:ca:16:f9:
96:a6:af:ee:fe:b9:b5:16:1f:ea:c1:52:d6:3e:74:00:a8:8f:
31:be:d3:67:d3:2e:0e:99:81:90:ce:8a:e9:86:58:cd:56:7b:
b7:59:50:57:e6:f3:79:b2:46:5b:80:da:db:d1:01:40:1e:e3:
0d:4b:12:05:83:a4:55:51:30:c1:0d:11:ca:97:33:85:06:24:
7a:19:57:6a:ce:7d:ac:d5:24:4c:a1:fb:3a:ab:50:08:b1:61:
25:70:df:94:5f:26:b3:9b:3c:fc:d9:c8:8d:46:59:22:85:ad:
fc:a0:5d:0e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYDQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTQx
NTEwMjVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQyQTg2OEVCNzg0QTc4
MzdFMDY5RkI0QzIxOThDMDhEN0UxOEVFQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCYes1wqm3Fda2JFcpKRCOBsqaDGqaeHnf4FQe0a/eMKfP0o8zP
rrAhrYpg15sKfxFWucT4Rne2bCJkxACOnDMCZQMKy+BGcGeyZ+krr+w7D4VDrEEB
hG8VHJV3ruPrfSn70euBxHQCJfIboWY0Go+b3wuryBV+Oti8RQokRzAlz/pV8ADN
OUtc/GOrmzSTftXGcr9SPuH/Hs5BilNz7UTXpByPwljLEs6a/ntTwyB5WohaMs1c
dylCGK5GLG9koftasxh593EH/D5bF6hl83ETT9B1QFyUwEj1JGzOXdEch5mB0NoN
M6aSXdTUNlL+nDipIfA+7hdBuhXz6fTz+ByzAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQU0qho63hKeDfgaftMIZjAjX4Y7qswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBxaG82M2hLZURmZ2Fm
dE1JWmpBalg0WTdxcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQAYM0Wv
MdlvU6I3+sp34VW8Gca+u9jmk5fUUloRJbfwxI3UyimSvyZkizYGC2DBNuBgW5U0
VFmf8GYGvUOHxuCcjk2RmXQIMvPVElUlTwftonhwbuRpNBbM/RXVz900oApDJBOq
jT6iKDKZzxlH941/iQcmSclQdR0ImAaNsFLOTpXioDPykgku2HI85tHKFvmWpq/u
/rm1Fh/qwVLWPnQAqI8xvtNn0y4OmYGQzorphljNVnu3WVBX5vN5skZbgNrb0QFA
HuMNSxIFg6RVUTDBDRHKlzOFBiR6GVdqzn2s1SRMofs6q1AIsWElcN+UXyazmzz8
2ciNRlkiha38oF0O
-----END CERTIFICATE-----
Generated at Sat May 17 20:18:29 2025 by rpki-client