Route Origin Authorization
$ rpki-client -vvf rsync.cernet.net/repo/cernet/0/AS138369.roa
File: AS138369.roa (raw, json)
Hash identifier: hKPjcbU4Ud9fmL5pb0qRq3HrEknjLatLVK/snnE5gIc=
Subject key identifier: DD:DA:81:CE:72:A9:35:D6:F0:3E:C3:CC:D4:8B:8A:60:98:5F:09:A6
Certificate issuer: /CN=A91E5D610001/serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Certificate serial: 05B29141786E1300780D30E7FADE846BC5A8DE15
Authority key identifier: C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject info access: rsync://rsync.cernet.net/repo/cernet/0/AS138369.roa
Signing time: Thu 11 Jun 2026 06:43:37 +0000
ROA not before: Thu 11 Jun 2026 06:38:37 +0000
ROA not after: Thu 10 Jun 2027 06:43:37 +0000
asID: 138369
IP address blocks: 2001:250:3c00::/48 maxlen: 48
2001:250:3c01::/48 maxlen: 48
2001:250:3c02::/48 maxlen: 48
2001:250:3c03::/48 maxlen: 48
2001:250:3c04::/48 maxlen: 48
2001:250:3c05::/48 maxlen: 48
2001:250:3c06::/48 maxlen: 48
2001:250:3c07::/48 maxlen: 48
2001:250:3c08::/48 maxlen: 48
2001:250:3c09::/48 maxlen: 48
2001:250:3c0a::/48 maxlen: 48
2001:250:3c0b::/48 maxlen: 48
2001:250:3c0c::/48 maxlen: 48
2001:250:3c0d::/48 maxlen: 48
2001:250:3c0e::/48 maxlen: 48
2001:250:3c0f::/48 maxlen: 48
2001:250:3c11::/48 maxlen: 48
2001:250:3c13::/48 maxlen: 48
2001:250:3c14::/48 maxlen: 48
2001:250:3c15::/48 maxlen: 48
2001:250:3c16::/48 maxlen: 48
2001:250:3c17::/48 maxlen: 48
2001:250:3c18::/48 maxlen: 48
2001:250:3c19::/48 maxlen: 48
2001:250:3c1a::/48 maxlen: 48
2001:250:3c1b::/48 maxlen: 48
2001:250:3c1c::/48 maxlen: 48
2001:250:3c1d::/48 maxlen: 48
2001:250:3c1e::/48 maxlen: 48
2001:250:3c20::/48 maxlen: 48
2001:250:3c22::/48 maxlen: 48
2001:250:3c23::/48 maxlen: 48
2001:250:3c25::/48 maxlen: 48
2001:250:3c26::/48 maxlen: 48
2001:da8:c9::/48 maxlen: 48
2001:da8:201d::/48 maxlen: 48
2001:da8:203f::/48 maxlen: 48
2001:da8:2d00::/48 maxlen: 48
2001:da8:2d01::/48 maxlen: 48
2001:da8:2d02::/48 maxlen: 48
240c:cd44::/32 maxlen: 32
240c:cda3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 03:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:b2:91:41:78:6e:13:00:78:0d:30:e7:fa:de:84:6b:c5:a8:de:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D610001, serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Validity
Not Before: Jun 11 06:38:37 2026 GMT
Not After : Jun 10 06:43:37 2027 GMT
Subject: CN=DDDA81CE72A935D6F03EC3CCD48B8A60985F09A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:31:a2:9f:a2:37:d4:ce:4c:25:4a:2d:f1:e9:
af:84:d1:b6:91:b9:2a:ba:a2:b6:94:4b:fe:36:6a:
6d:4a:62:77:39:27:1f:4c:29:d6:0c:77:30:7b:e2:
a3:bb:cd:77:17:12:37:11:93:c4:13:84:1a:1b:46:
9b:26:9d:95:88:22:ca:fa:15:5c:af:3c:ac:bc:66:
d9:17:1c:a2:04:91:a5:07:2b:70:7a:8e:34:a3:fc:
3b:73:2a:48:49:b1:08:c1:60:b1:2c:97:8f:7e:e0:
f4:f4:e1:12:7e:c0:fb:ab:68:0f:1c:c8:9e:c9:f0:
b6:ad:9c:67:99:da:1c:84:c8:bd:75:b5:a8:5c:f2:
b5:7d:de:5d:83:65:5c:51:f1:b9:0e:bd:dc:64:c5:
63:6f:76:06:26:15:12:c0:1b:77:91:d2:ae:a3:4f:
a2:15:f8:e3:4a:c2:53:25:62:45:c4:1c:7c:02:1d:
75:12:5f:27:7f:8c:3b:4a:90:cd:00:fa:20:38:d7:
30:1c:71:ed:f4:78:bc:6c:aa:2d:5e:f2:aa:30:12:
1e:1e:66:12:a0:a4:43:a9:0b:0b:fb:07:d6:68:22:
96:90:27:fb:fb:4d:74:79:3d:a2:2d:94:d0:4e:04:
34:08:61:d6:31:6c:01:62:a1:8b:ef:19:ad:dd:d7:
a8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:DA:81:CE:72:A9:35:D6:F0:3E:C3:CC:D4:8B:8A:60:98:5F:09:A6
X509v3 Authority Key Identifier:
keyid:C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.cernet.net/repo/cernet/0/AS138369.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:250:3c00::/44
2001:250:3c11::/48
2001:250:3c13::-2001:250:3c1e:ffff:ffff:ffff:ffff:ffff
2001:250:3c20::/48
2001:250:3c22::/47
2001:250:3c25::-2001:250:3c26:ffff:ffff:ffff:ffff:ffff
2001:da8:c9::/48
2001:da8:201d::/48
2001:da8:203f::/48
2001:da8:2d00::-2001:da8:2d02:ffff:ffff:ffff:ffff:ffff
240c:cd44::/32
240c:cda3::/32
Signature Algorithm: sha256WithRSAEncryption
a9:f6:7f:9d:d5:15:c4:3e:1a:81:61:90:5f:bd:7d:7a:fe:07:
86:40:2d:d2:4e:37:e2:11:30:c4:18:ae:ef:78:39:21:f2:45:
51:cc:77:2b:ef:76:05:ed:1c:f8:8c:06:7e:cd:54:5b:18:8d:
7c:48:c5:92:58:98:92:ec:60:0f:d6:3b:28:a4:42:3f:0a:8e:
92:bc:0e:44:e4:3b:15:7a:2e:50:f4:ee:f6:58:96:da:5d:d6:
ae:52:2b:26:38:3b:b5:e0:6a:9e:b6:40:b7:73:8b:86:0b:ba:
60:a1:01:d7:e6:b3:2a:8a:27:25:ee:87:35:13:30:2c:93:cf:
52:bb:7d:07:f5:9e:c4:9d:54:16:73:9a:a7:2d:17:77:ce:82:
2d:2e:54:a9:25:95:0a:5d:b5:4a:a0:bb:b6:f5:22:d3:2c:5f:
56:86:87:a1:12:68:47:45:ae:34:68:24:08:30:c9:e0:0d:7c:
c3:e2:91:29:f1:63:12:68:3a:6e:33:d5:33:d3:7e:f8:23:b6:
b2:b7:d7:8b:20:50:1b:6a:54:fc:e5:c3:55:b7:16:3e:6f:0c:
65:68:0d:7b:69:a7:c4:32:6c:5b:11:8c:0f:5c:88:c1:97:d5:
af:e6:7d:b3:fc:ec:b7:50:89:34:30:56:11:cb:2b:e5:3f:30:
f6:c5:10:e7
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIUBbKRQXhuEwB4DTDn+t6Ea8Wo3hUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEyhDMUVGMzkyQzUw
MDU5N0NBM0NCQTJFMUVDN0FBMUVDM0Y1MEEyOEIyMB4XDTI2MDYxMTA2MzgzN1oX
DTI3MDYxMDA2NDMzN1owMzExMC8GA1UEAxMoREREQTgxQ0U3MkE5MzVENkYwM0VD
M0NDRDQ4QjhBNjA5ODVGMDlBNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsxop+iN9TOTCVKLfHpr4TRtpG5KrqitpRL/jZqbUpidzknH0wp1gx3MHvi
o7vNdxcSNxGTxBOEGhtGmyadlYgiyvoVXK88rLxm2RccogSRpQcrcHqONKP8O3Mq
SEmxCMFgsSyXj37g9PThEn7A+6toDxzInsnwtq2cZ5naHITIvXW1qFzytX3eXYNl
XFHxuQ693GTFY292BiYVEsAbd5HSrqNPohX440rCUyViRcQcfAIddRJfJ3+MO0qQ
zQD6IDjXMBxx7fR4vGyqLV7yqjASHh5mEqCkQ6kLC/sH1mgilpAn+/tNdHk9oi2U
0E4ENAhh1jFsAWKhi+8Zrd3XqLsCAwEAAaOCAk0wggJJMB0GA1UdDgQWBBTd2oHO
cqk11vA+w8zUi4pgmF8JpjAfBgNVHSMEGDAWgBTB7zksUAWXyjy6Lh7Hqh7D9Qoo
sjAOBgNVHQ8BAf8EBAMCB4AwZAYDVR0fBF0wWzBZoFegVYZTcnN5bmM6Ly9yc3lu
Yy5jZXJuZXQubmV0L3JlcG8vY2VybmV0LzAvQzFFRjM5MkM1MDA1OTdDQTNDQkEy
RTFFQzdBQTFFQzNGNTBBMjhCMi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUF
BzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgx
RDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd2U4NUxGQUZsOG84dWk0ZXg2b2V3X1VL
S0xJLmNlcjBPBggrBgEFBQcBCwRDMEEwPwYIKwYBBQUHMAuGM3JzeW5jOi8vcnN5
bmMuY2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8wL0FTMTM4MzY5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAIw
gYgDBwQgAQJQPAADBwAgAQJQPBEwEgMHACABAlA8EwMHACABAlA8HgMHACABAlA8
IAMHASABAlA8IjASAwcAIAECUDwlAwcAIAECUDwmAwcAIAENqADJAwcAIAENqCAd
AwcAIAENqCA/MBEDBgAgAQ2oLQMHACABDagtAgMFACQMzUQDBQAkDM2jMA0GCSqG
SIb3DQEBCwUAA4IBAQCp9n+d1RXEPhqBYZBfvX16/geGQC3STjfiETDEGK7veDkh
8kVRzHcr73YF7Rz4jAZ+zVRbGI18SMWSWJiS7GAP1jsopEI/Co6SvA5E5DsVei5Q
9O72WJbaXdauUismODu14GqetkC3c4uGC7pgoQHX5rMqiicl7oc1EzAsk89Su30H
9Z7EnVQWc5qnLRd3zoItLlSpJZUKXbVKoLu29SLTLF9WhoehEmhHRa40aCQIMMng
DXzD4pEp8WMSaDpuM9Uz0374I7ayt9eLIFAbalT85cNVtxY+bwxlaA17aafEMmxb
EYwPXIjBl9Wv5n2z/Oy3UIk0MFYRyyvlPzD2xRDn
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:49:22 2026 by rpki-client