Route Origin Authorization
$ rpki-client -vvf rsync.cernet.net/repo/cernet/0/AS138371.roa
File: AS138371.roa (raw, json)
Hash identifier: 1u10Z7k5YkZWojXfhjr1fyQxN2DVcVviHCuXi+mewvs=
Subject key identifier: 4E:7F:31:1B:F6:E1:89:8B:52:1A:98:AD:CE:67:ED:5F:6B:00:86:EC
Certificate issuer: /CN=A91E5D610001/serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Certificate serial: 2BF031B539B36F43B5FC47C631C06AE16E9F93D6
Authority key identifier: C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject info access: rsync://rsync.cernet.net/repo/cernet/0/AS138371.roa
Signing time: Thu 11 Jun 2026 06:43:38 +0000
ROA not before: Thu 11 Jun 2026 06:38:38 +0000
ROA not after: Thu 10 Jun 2027 06:43:38 +0000
asID: 138371
IP address blocks: 2001:250:5805::/48 maxlen: 48
2001:250:5806::/48 maxlen: 48
2001:250:5816::/48 maxlen: 48
2001:250:5820::/48 maxlen: 48
2001:250:5821::/48 maxlen: 48
2001:250:5822::/48 maxlen: 48
2001:250:5823::/48 maxlen: 48
2001:250:5828::/48 maxlen: 48
2001:250:582a::/48 maxlen: 48
2001:250:5831::/48 maxlen: 48
2001:250:5833::/48 maxlen: 48
2001:250:5845::/48 maxlen: 48
2001:250:5846::/48 maxlen: 48
2001:250:5847::/48 maxlen: 48
2001:250:5848::/48 maxlen: 48
2001:250:5849::/48 maxlen: 48
2001:250:584a::/48 maxlen: 48
2001:250:5862::/48 maxlen: 48
2001:250:5864::/48 maxlen: 48
2001:250:5866::/48 maxlen: 48
2001:250:5875::/48 maxlen: 48
2001:250:587c::/48 maxlen: 48
2001:250:587d::/48 maxlen: 48
2001:250:5895::/48 maxlen: 48
2001:da8:cc::/48 maxlen: 48
2001:da8:7013::/48 maxlen: 48
2001:da8:701f::/48 maxlen: 48
2001:da8:702a::/48 maxlen: 48
240c:ca02::/32 maxlen: 32
240c:ca03::/32 maxlen: 32
240c:ca05::/32 maxlen: 32
240c:ca07::/32 maxlen: 32
240c:ca0c::/32 maxlen: 32
240c:ca23::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 03:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:f0:31:b5:39:b3:6f:43:b5:fc:47:c6:31:c0:6a:e1:6e:9f:93:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D610001, serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Validity
Not Before: Jun 11 06:38:38 2026 GMT
Not After : Jun 10 06:43:38 2027 GMT
Subject: CN=4E7F311BF6E1898B521A98ADCE67ED5F6B0086EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:98:39:d2:05:41:69:93:a3:45:85:d5:24:f7:
1f:09:75:37:77:1f:6e:fc:09:77:b5:9d:73:69:be:
92:4f:7a:41:99:96:cf:a4:13:5e:ca:b9:72:3c:fa:
ee:df:4c:66:56:5e:d0:82:43:54:46:16:ce:86:42:
a0:ec:b0:0f:1b:ed:aa:e2:ac:7c:32:b0:bc:2e:0b:
cd:30:a0:1d:74:50:5b:4a:fa:19:72:bb:43:b2:f9:
d9:eb:c2:41:43:3e:d4:d1:d6:9e:9c:f5:8f:c8:38:
73:4b:48:9f:b0:59:a8:09:21:f6:5c:fd:3b:4f:d4:
e0:ad:f8:da:cd:c0:b5:1a:85:43:75:f3:46:50:40:
c3:98:00:7d:7b:88:b5:51:99:19:56:56:8d:44:74:
5e:f9:0c:26:07:34:5c:72:df:17:c4:63:72:76:73:
5f:cc:29:89:eb:44:15:70:3c:2e:ba:a4:6f:8e:5a:
f0:60:c4:cd:1c:40:65:75:f8:e7:68:fa:e8:c1:bb:
a1:8e:fb:85:05:4b:bb:15:14:14:0f:93:be:be:10:
50:72:fc:87:1b:0d:cb:ab:bf:2a:f4:c6:14:26:11:
4f:57:55:38:a1:bc:4c:60:cd:1b:fd:72:d3:6c:85:
48:d6:49:31:20:7e:46:5f:32:a5:c8:3e:83:9a:67:
0f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:7F:31:1B:F6:E1:89:8B:52:1A:98:AD:CE:67:ED:5F:6B:00:86:EC
X509v3 Authority Key Identifier:
keyid:C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.cernet.net/repo/cernet/0/AS138371.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:250:5805::-2001:250:5806:ffff:ffff:ffff:ffff:ffff
2001:250:5816::/48
2001:250:5820::/46
2001:250:5828::/48
2001:250:582a::/48
2001:250:5831::/48
2001:250:5833::/48
2001:250:5845::-2001:250:584a:ffff:ffff:ffff:ffff:ffff
2001:250:5862::/48
2001:250:5864::/48
2001:250:5866::/48
2001:250:5875::/48
2001:250:587c::/47
2001:250:5895::/48
2001:da8:cc::/48
2001:da8:7013::/48
2001:da8:701f::/48
2001:da8:702a::/48
240c:ca02::/31
240c:ca05::/32
240c:ca07::/32
240c:ca0c::/32
240c:ca23::/32
Signature Algorithm: sha256WithRSAEncryption
04:03:fb:60:9b:00:8c:60:c2:d4:c0:be:3c:0f:de:d4:c9:d4:
88:48:db:07:9e:fe:c9:80:5c:54:06:74:1d:ee:2d:f8:fe:0a:
ef:ba:8c:4c:f9:01:61:fe:59:a4:d4:7e:4d:d7:76:85:c0:d2:
4c:84:83:a3:9c:91:db:f4:b9:f8:35:26:79:ff:f8:6f:8c:2b:
fd:73:de:32:25:7b:3d:6e:ea:35:ff:5c:f7:ec:90:86:44:60:
27:be:81:47:3b:61:41:9d:68:88:a7:1d:3b:95:1e:b4:c7:e0:
3c:14:af:d6:ec:f5:cb:5f:e0:26:be:db:4f:c8:eb:85:eb:7b:
3d:42:eb:6a:3b:b1:1c:b7:db:31:b3:72:7f:d6:67:1f:d7:cd:
7e:98:c6:ea:0c:b4:31:aa:04:2c:b3:dd:88:2f:0b:9e:5b:d4:
af:44:25:cd:9a:e9:cc:e7:51:25:2b:e8:33:73:e3:ed:0d:99:
cb:d8:6f:78:68:f9:5a:5e:6d:b5:15:a9:56:da:44:ba:76:12:
3a:86:dd:9e:4e:18:d2:e8:d2:30:fd:f0:5e:59:cc:6d:1b:79:
f8:d5:91:f4:66:85:2e:cd:65:31:fa:97:f9:de:78:0c:bd:fc:
6e:b7:41:6e:f8:bd:c5:b9:34:0d:26:23:b3:24:8a:d4:b7:b4:
49:6c:a3:d1
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgIUK/AxtTmzb0O1/EfGMcBq4W6fk9YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEyhDMUVGMzkyQzUw
MDU5N0NBM0NCQTJFMUVDN0FBMUVDM0Y1MEEyOEIyMB4XDTI2MDYxMTA2MzgzOFoX
DTI3MDYxMDA2NDMzOFowMzExMC8GA1UEAxMoNEU3RjMxMUJGNkUxODk4QjUyMUE5
OEFEQ0U2N0VENUY2QjAwODZFQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWYOdIFQWmTo0WF1ST3Hwl1N3cfbvwJd7Wdc2m+kk96QZmWz6QTXsq5cjz6
7t9MZlZe0IJDVEYWzoZCoOywDxvtquKsfDKwvC4LzTCgHXRQW0r6GXK7Q7L52evC
QUM+1NHWnpz1j8g4c0tIn7BZqAkh9lz9O0/U4K342s3AtRqFQ3XzRlBAw5gAfXuI
tVGZGVZWjUR0XvkMJgc0XHLfF8RjcnZzX8wpietEFXA8Lrqkb45a8GDEzRxAZXX4
52j66MG7oY77hQVLuxUUFA+Tvr4QUHL8hxsNy6u/KvTGFCYRT1dVOKG8TGDNG/1y
02yFSNZJMSB+Rl8ypcg+g5pnD18CAwEAAaOCAqAwggKcMB0GA1UdDgQWBBROfzEb
9uGJi1IamK3OZ+1fawCG7DAfBgNVHSMEGDAWgBTB7zksUAWXyjy6Lh7Hqh7D9Qoo
sjAOBgNVHQ8BAf8EBAMCB4AwZAYDVR0fBF0wWzBZoFegVYZTcnN5bmM6Ly9yc3lu
Yy5jZXJuZXQubmV0L3JlcG8vY2VybmV0LzAvQzFFRjM5MkM1MDA1OTdDQTNDQkEy
RTFFQzdBQTFFQzNGNTBBMjhCMi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUF
BzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgx
RDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd2U4NUxGQUZsOG84dWk0ZXg2b2V3X1VL
S0xJLmNlcjBPBggrBgEFBQcBCwRDMEEwPwYIKwYBBQUHMAuGM3JzeW5jOi8vcnN5
bmMuY2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8wL0FTMTM4MzcxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMIH4BggrBgEFBQcBBwEB/wSB6DCB5TCB4gQCAAIw
gdswEgMHACABAlBYBQMHACABAlBYBgMHACABAlBYFgMHAiABAlBYIAMHACABAlBY
KAMHACABAlBYKgMHACABAlBYMQMHACABAlBYMzASAwcAIAECUFhFAwcAIAECUFhK
AwcAIAECUFhiAwcAIAECUFhkAwcAIAECUFhmAwcAIAECUFh1AwcBIAECUFh8AwcA
IAECUFiVAwcAIAENqADMAwcAIAENqHATAwcAIAENqHAfAwcAIAENqHAqAwUBJAzK
AgMFACQMygUDBQAkDMoHAwUAJAzKDAMFACQMyiMwDQYJKoZIhvcNAQELBQADggEB
AAQD+2CbAIxgwtTAvjwP3tTJ1IhI2wee/smAXFQGdB3uLfj+Cu+6jEz5AWH+WaTU
fk3XdoXA0kyEg6Ockdv0ufg1Jnn/+G+MK/1z3jIlez1u6jX/XPfskIZEYCe+gUc7
YUGdaIinHTuVHrTH4DwUr9bs9ctf4Ca+20/I64Xrez1C62o7sRy32zGzcn/WZx/X
zX6YxuoMtDGqBCyz3YgvC55b1K9EJc2a6cznUSUr6DNz4+0NmcvYb3ho+VpebbUV
qVbaRLp2EjqG3Z5OGNLo0jD98F5ZzG0befjVkfRmhS7NZTH6l/neeAy9/G63QW74
vcW5NA0mI7MkitS3tElso9E=
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:49:24 2026 by rpki-client