Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sYSWkZxY0haJLEBeo-xtwUj_jnA.roa
File: sYSWkZxY0haJLEBeo-xtwUj_jnA.roa (raw, json)
Hash identifier: ESwAqST3GdMXm6W9wDyo23jz3wImNiIdPi1q8BUgUQc=
Subject key identifier: B1:84:96:91:9C:58:D2:16:89:2C:40:5E:A3:EC:6D:C1:48:FF:8E:70
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 60D6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sYSWkZxY0haJLEBeo-xtwUj_jnA.roa
Signing time: Fri 16 May 2025 07:43:48 +0000
ROA not before: Fri 16 May 2025 07:43:48 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 24426
IP address blocks: 43.239.48.0/22 maxlen: 22
43.246.0.0/22 maxlen: 22
43.246.4.0/22 maxlen: 22
43.246.12.0/22 maxlen: 22
43.246.16.0/22 maxlen: 22
43.246.20.0/22 maxlen: 22
43.246.24.0/22 maxlen: 22
43.246.28.0/22 maxlen: 22
43.246.32.0/22 maxlen: 22
43.246.36.0/22 maxlen: 22
43.246.40.0/22 maxlen: 22
43.246.44.0/22 maxlen: 22
43.246.52.0/22 maxlen: 22
43.246.56.0/22 maxlen: 22
43.246.60.0/22 maxlen: 22
43.246.64.0/22 maxlen: 22
43.246.68.0/22 maxlen: 22
43.246.72.0/22 maxlen: 22
43.246.76.0/22 maxlen: 22
43.246.80.0/22 maxlen: 22
43.246.84.0/22 maxlen: 22
43.246.88.0/22 maxlen: 22
43.246.92.0/22 maxlen: 22
43.246.96.0/22 maxlen: 22
103.35.48.0/22 maxlen: 22
103.236.0.0/22 maxlen: 22
103.236.4.0/22 maxlen: 22
103.236.8.0/22 maxlen: 22
103.236.12.0/22 maxlen: 22
103.236.16.0/22 maxlen: 22
103.236.20.0/22 maxlen: 22
103.236.28.0/22 maxlen: 22
103.236.32.0/22 maxlen: 22
103.236.36.0/22 maxlen: 22
103.236.40.0/22 maxlen: 22
103.236.44.0/22 maxlen: 22
103.236.48.0/22 maxlen: 22
103.236.52.0/22 maxlen: 22
103.236.56.0/22 maxlen: 22
103.236.60.0/22 maxlen: 22
103.236.64.0/22 maxlen: 22
103.236.68.0/22 maxlen: 22
103.236.72.0/22 maxlen: 22
103.236.76.0/22 maxlen: 22
103.236.80.0/22 maxlen: 22
103.236.84.0/22 maxlen: 22
103.236.88.0/22 maxlen: 22
103.236.92.0/22 maxlen: 22
103.236.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24790 (0x60d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 16 07:43:48 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B18496919C58D216892C405EA3EC6DC148FF8E70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fc:22:fa:8e:15:60:9f:39:81:62:b3:7a:d6:
d2:fe:e7:bd:e8:26:68:09:46:98:44:05:1a:67:34:
ac:58:0e:81:b0:a7:2f:aa:19:bc:a8:8a:d3:b9:77:
e5:d3:b2:c9:ed:cb:21:d2:93:a5:cc:7f:57:84:b6:
9c:44:a2:af:1f:20:fe:44:b6:77:b4:e3:46:a0:db:
2e:d4:cc:7c:d8:bf:89:d9:5d:92:eb:c0:ba:86:ec:
5e:06:16:77:f2:5c:cc:bb:05:72:fd:14:8e:88:db:
e4:99:92:1c:e6:6b:87:68:26:b5:ec:2e:a9:3d:6f:
d9:04:4b:5a:9f:de:b3:98:8e:8f:5f:22:7c:55:a0:
92:a4:a0:b6:40:86:34:43:8f:8c:c5:e3:80:71:c7:
1e:78:08:85:85:3c:91:5e:87:8b:6a:9f:93:fc:38:
18:b6:be:0e:a6:ae:61:53:00:f0:c0:10:72:13:ab:
b2:b8:d2:4e:86:2a:29:30:1f:22:8a:b8:26:f4:aa:
e4:1b:ba:5d:c8:7e:44:f8:1f:89:dd:0c:ac:ce:a5:
22:35:29:78:33:37:57:fa:84:59:9f:0b:3d:da:5e:
8f:39:c6:7e:4d:01:a9:b5:bd:c1:5b:ab:1e:5e:eb:
33:a4:a3:9a:39:3d:bc:92:f4:8c:74:2d:ab:67:31:
97:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:84:96:91:9C:58:D2:16:89:2C:40:5E:A3:EC:6D:C1:48:FF:8E:70
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sYSWkZxY0haJLEBeo-xtwUj_jnA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.48.0/22
43.246.0.0/21
43.246.12.0-43.246.47.255
43.246.52.0-43.246.99.255
103.35.48.0/22
103.236.0.0-103.236.23.255
103.236.28.0-103.236.99.255
Signature Algorithm: sha256WithRSAEncryption
a7:1e:22:aa:34:eb:e3:19:b6:29:01:60:08:db:fd:60:a7:b1:
d0:8f:f4:e4:ff:21:17:14:74:6a:7f:f9:ee:0f:aa:ad:a7:4f:
a8:5d:31:48:32:2f:ea:e9:e0:43:6b:a9:81:fa:38:ab:39:d2:
73:3e:f5:95:03:7a:fb:44:2b:81:21:26:51:46:d2:02:1f:88:
bc:4e:b5:72:ba:b7:62:e8:63:66:e5:ec:1b:95:fe:44:a4:ab:
4d:00:19:25:3b:f5:fc:00:8f:02:7b:41:2f:43:20:de:59:66:
57:3a:29:41:f5:09:2a:99:9f:7e:e5:ae:40:5f:7f:d5:ff:72:
fd:bc:f8:59:b9:93:22:91:66:66:e2:21:d6:c6:d8:a9:8c:d7:
eb:c9:47:c7:4e:c0:d6:4d:ca:a2:43:c7:b6:50:c9:00:c0:15:
78:96:b4:a6:c0:92:d3:b3:e0:3e:2b:e9:e9:ca:c3:79:8a:b5:
de:ae:74:1c:45:a3:e2:ad:a5:99:67:6f:ab:5a:f2:45:0a:d9:
0d:9a:87:46:2c:21:be:c7:bd:86:c8:fd:50:70:a7:57:2c:41:
20:01:61:da:f5:58:74:94:15:ad:6a:26:5e:ca:4b:cd:9b:c3:
36:e2:8d:33:1e:c5:c3:79:4f:a1:7c:2a:01:1b:9f:de:b8:38:
7a:fb:a8:a9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgICYNYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNTA1MTYw
NzQzNDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEIxODQ5NjkxOUM1OEQy
MTY4OTJDNDA1RUEzRUM2REMxNDhGRjhFNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+/CL6jhVgnzmBYrN61tL+573oJmgJRphEBRpnNKxYDoGwpy+q
GbyoitO5d+XTssntyyHSk6XMf1eEtpxEoq8fIP5Etne040ag2y7UzHzYv4nZXZLr
wLqG7F4GFnfyXMy7BXL9FI6I2+SZkhzma4doJrXsLqk9b9kES1qf3rOYjo9fInxV
oJKkoLZAhjRDj4zF44Bxxx54CIWFPJFeh4tqn5P8OBi2vg6mrmFTAPDAEHITq7K4
0k6GKikwHyKKuCb0quQbul3IfkT4H4ndDKzOpSI1KXgzN1f6hFmfCz3aXo85xn5N
Aam1vcFbqx5e6zOko5o5PbyS9Ix0LatnMZexAgMBAAGjggI0MIICMDAdBgNVHQ4E
FgQUsYSWkZxY0haJLEBeo+xtwUj/jnAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NZU1drWnhZMGhhSkxF
QmVvLXh0d1VqX2puQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwYgYIKwYBBQUHAQcBAf8EUzBRME8EAgABMEkD
BAIr7zADBAMr9gAwDAMEAiv2DAMEBCv2IDAMAwQCK/Y0AwQCK/ZgAwQCZyMwMAsD
AwJn7AMEA2fsEDAMAwQCZ+wcAwQCZ+xgMA0GCSqGSIb3DQEBCwUAA4IBAQCnHiKq
NOvjGbYpAWAI2/1gp7HQj/Tk/yEXFHRqf/nuD6qtp0+oXTFIMi/q6eBDa6mB+jir
OdJzPvWVA3r7RCuBISZRRtICH4i8TrVyurdi6GNm5ewblf5EpKtNABklO/X8AI8C
e0EvQyDeWWZXOilB9QkqmZ9+5a5AX3/V/3L9vPhZuZMikWZm4iHWxtipjNfryUfH
TsDWTcqiQ8e2UMkAwBV4lrSmwJLTs+A+K+npysN5irXernQcRaPiraWZZ2+rWvJF
CtkNmodGLCG+x72GyP1QcKdXLEEgAWHa9Vh0lBWtaiZeykvNm8M24o0zHsXDeU+h
fCoBG5/euDh6+6ip
-----END CERTIFICATE-----
Generated at Sun May 18 01:20:39 2025 by rpki-client