Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/U7CGPFETLzNNdR22yGii60UL93g.roa
File: U7CGPFETLzNNdR22yGii60UL93g.roa (raw, json)
Hash identifier: OdXFdmmvsXpOJu+jfpoLQyiSvaLnw5OmirglN+XWrUc=
Subject key identifier: 53:B0:86:3C:51:13:2F:33:4D:75:1D:B6:C8:68:A2:EB:45:0B:F7:78
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2180
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/U7CGPFETLzNNdR22yGii60UL93g.roa
Signing time: Sat 21 Jun 2025 05:41:43 +0000
ROA not before: Sat 21 Jun 2025 05:41:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8576 (0x2180)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 21 05:41:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=53B0863C51132F334D751DB6C868A2EB450BF778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:9b:46:36:03:93:52:38:b7:8d:f7:c9:08:00:
28:f6:f3:16:03:23:44:18:50:18:d0:25:29:92:cb:
7c:78:d0:05:53:d3:15:49:e0:e2:e9:05:91:0b:e0:
78:e3:d9:f2:fe:85:0f:04:85:f5:63:e0:3e:dc:1e:
06:de:61:6c:57:53:55:ba:a7:fa:1c:19:f4:4b:3b:
79:28:63:e7:58:16:ad:81:16:f0:45:84:68:b3:b0:
6b:b2:64:fa:1d:bf:fb:92:08:f2:16:c1:30:a6:8e:
3b:2f:3d:be:e6:40:cd:ec:34:e9:b5:f8:9d:11:ba:
99:01:aa:3a:3e:dc:af:e7:01:5a:c0:99:fd:3d:8e:
4f:5d:bf:df:b5:75:bd:ec:65:1f:89:5f:6d:ae:56:
47:34:c6:6d:6f:51:f1:75:6e:e5:a0:63:ee:56:1c:
0a:83:95:83:0b:96:ff:74:53:0d:ae:80:da:0d:0d:
d7:b4:61:72:a1:77:64:03:e5:6d:40:8e:5d:29:26:
09:82:b8:de:ee:6a:07:0f:47:b2:9d:17:e5:e7:52:
ba:05:dd:b9:c1:6a:49:41:4a:c2:c6:56:9a:84:3d:
45:2a:e9:2a:55:da:da:2e:28:8c:2b:20:87:55:ae:
83:41:52:ce:a4:44:58:95:61:20:31:cb:4a:75:05:
9a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B0:86:3C:51:13:2F:33:4D:75:1D:B6:C8:68:A2:EB:45:0B:F7:78
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/U7CGPFETLzNNdR22yGii60UL93g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:80:2b:22:75:e9:42:d8:87:2c:17:10:46:13:b0:0f:6c:07:
e6:b4:16:c8:ec:b2:0a:7e:26:71:bf:9b:0f:a9:58:79:f5:28:
bb:4d:a8:67:49:29:df:30:3e:e0:92:08:f1:43:d7:bb:ee:e0:
25:53:25:5e:da:3b:3e:41:31:31:22:9d:7b:c6:d0:ae:3f:11:
b0:f0:cc:06:53:f0:86:62:b5:93:e1:a5:97:67:29:68:5c:74:
9a:a6:d6:46:15:2c:25:b1:bd:17:bc:e8:37:30:53:67:b9:18:
10:8f:f8:0d:1f:a7:d2:48:cc:b7:c9:04:bf:fc:b9:c7:28:4f:
b3:50:ed:e9:ce:e2:34:c5:6e:c3:b8:32:ed:3f:38:b2:46:25:
c2:d5:48:11:98:8f:1c:61:37:29:4a:0d:41:58:5d:62:7e:06:
7f:31:c8:1d:00:19:97:6e:5c:c6:21:bd:a9:3f:90:ea:5b:ea:
f2:f8:10:61:23:4f:3a:bf:4e:49:25:d6:87:b7:64:df:41:53:
ae:25:15:7a:f9:15:a2:74:ac:c2:87:9c:d0:e4:49:eb:fd:bb:
0f:4a:8d:63:d2:7b:ee:02:6b:45:c8:00:ac:b2:59:c1:00:9a:
a7:cf:6d:87:35:d2:81:33:cd:8d:5e:5a:08:7e:24:05:3e:66:
c9:03:d0:88
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIYAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjEw
NTQxNDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDUzQjA4NjNDNTExMzJG
MzM0RDc1MURCNkM4NjhBMkVCNDUwQkY3NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0m0Y2A5NSOLeN98kIACj28xYDI0QYUBjQJSmSy3x40AVT0xVJ
4OLpBZEL4Hjj2fL+hQ8EhfVj4D7cHgbeYWxXU1W6p/ocGfRLO3koY+dYFq2BFvBF
hGizsGuyZPodv/uSCPIWwTCmjjsvPb7mQM3sNOm1+J0RupkBqjo+3K/nAVrAmf09
jk9dv9+1db3sZR+JX22uVkc0xm1vUfF1buWgY+5WHAqDlYMLlv90Uw2ugNoNDde0
YXKhd2QD5W1Ajl0pJgmCuN7uagcPR7KdF+XnUroF3bnBaklBSsLGVpqEPUUq6SpV
2touKIwrIIdVroNBUs6kRFiVYSAxy0p1BZpjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUU7CGPFETLzNNdR22yGii60UL93gwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9VN0NHUEZFVEx6Tk5kUjIy
eUdpaTYwVUw5M2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAK6AKyJ16ULYhywXEEYTsA9sB+a0Fsjssgp+
JnG/mw+pWHn1KLtNqGdJKd8wPuCSCPFD17vu4CVTJV7aOz5BMTEinXvG0K4/EbDw
zAZT8IZitZPhpZdnKWhcdJqm1kYVLCWxvRe86DcwU2e5GBCP+A0fp9JIzLfJBL/8
uccoT7NQ7enO4jTFbsO4Mu0/OLJGJcLVSBGYjxxhNylKDUFYXWJ+Bn8xyB0AGZdu
XMYhvak/kOpb6vL4EGEjTzq/Tkkl1oe3ZN9BU64lFXr5FaJ0rMKHnNDkSev9uw9K
jWPSe+4Ca0XIAKyyWcEAmqfPbYc10oEzzY1eWgh+JAU+ZskD0Ig=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:20:17 2025 by rpki-client