Route Origin Authorization
$ rpki-client -vvf rsync.cernet.net/repo/cernet/0/AS138373.roa
File: AS138373.roa (raw, json)
Hash identifier: 8/VBVxmSmmlSC6g+HuAk2SZ5mPvS/IWZ1zAlAveXGDo=
Subject key identifier: EA:0C:BF:81:5B:72:F0:9D:EC:68:6D:3D:6E:9E:C6:D5:F7:2F:2B:59
Certificate issuer: /CN=A91E5D610001/serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Certificate serial: 184D5CC30EB668D9C45089B4140ADA67826773AE
Authority key identifier: C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject info access: rsync://rsync.cernet.net/repo/cernet/0/AS138373.roa
Signing time: Thu 11 Jun 2026 06:43:37 +0000
ROA not before: Thu 11 Jun 2026 06:38:37 +0000
ROA not after: Thu 10 Jun 2027 06:43:37 +0000
asID: 138373
IP address blocks: 2001:250:6802::/48 maxlen: 48
2001:250:6803::/48 maxlen: 48
2001:250:6804::/48 maxlen: 48
2001:250:6805::/48 maxlen: 48
2001:250:6806::/48 maxlen: 48
2001:250:6808::/48 maxlen: 48
2001:250:680b::/48 maxlen: 48
2001:250:680c::/48 maxlen: 48
2001:250:680e::/48 maxlen: 48
2001:250:680f::/48 maxlen: 48
2001:250:6811::/48 maxlen: 48
2001:250:6812::/48 maxlen: 48
2001:250:6813::/48 maxlen: 48
2001:250:6814::/48 maxlen: 48
2001:250:6818::/48 maxlen: 48
2001:250:6819::/48 maxlen: 48
2001:250:681a::/48 maxlen: 48
2001:250:681c::/48 maxlen: 48
2001:250:681e::/48 maxlen: 48
2001:250:6823::/48 maxlen: 48
2001:250:6829::/48 maxlen: 48
2001:da8:cd::/48 maxlen: 48
2001:da8:e801::/48 maxlen: 48
2001:da8:e802::/48 maxlen: 48
2001:da8:e804::/48 maxlen: 48
2001:da8:e80c::/48 maxlen: 48
2001:da8:e80f::/48 maxlen: 48
2001:da8:e813::/48 maxlen: 48
2001:da8:e815::/48 maxlen: 48
2001:da8:e816::/48 maxlen: 48
2001:da8:e818::/48 maxlen: 48
2001:da8:e819::/48 maxlen: 48
2001:da8:e81a::/48 maxlen: 48
2001:da8:e81d::/48 maxlen: 48
2001:da8:e81f::/48 maxlen: 48
2001:da8:e821::/48 maxlen: 48
2001:da8:e823::/48 maxlen: 48
2001:da8:ef00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 03:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:4d:5c:c3:0e:b6:68:d9:c4:50:89:b4:14:0a:da:67:82:67:73:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D610001, serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Validity
Not Before: Jun 11 06:38:37 2026 GMT
Not After : Jun 10 06:43:37 2027 GMT
Subject: CN=EA0CBF815B72F09DEC686D3D6E9EC6D5F72F2B59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:60:6a:7f:bd:94:1d:69:30:22:03:69:7e:10:
31:90:27:85:15:3d:42:a9:2e:52:c6:37:da:1f:cb:
bb:96:ab:59:88:45:95:05:47:bd:49:9d:22:3a:95:
80:40:97:60:c4:6d:ce:f8:aa:a1:84:a7:fb:05:97:
03:58:4f:0e:1b:c6:cf:23:b8:73:36:9b:1f:b1:b9:
a1:43:5f:ae:3e:27:df:cc:7c:ad:93:cf:42:f0:2c:
8b:94:01:eb:fc:23:92:fc:be:f3:c9:a8:9f:43:b5:
af:65:e1:bc:5e:03:1d:28:23:67:82:8c:21:b7:5e:
04:5e:bc:8a:51:3d:90:1d:71:07:f5:53:db:2a:e8:
6a:82:58:8b:33:ce:93:a5:85:e0:5d:bb:36:99:36:
f9:2a:77:a9:9f:b6:9d:b2:7d:2a:9f:6c:55:87:f6:
a8:63:78:e4:9d:1b:5a:b9:f3:14:ee:95:fc:97:6b:
0f:28:25:53:7c:60:f5:14:9f:ba:71:7e:fb:bd:03:
76:b6:84:dc:cf:2a:6b:b5:d5:73:26:e6:9c:c3:3f:
f0:10:c0:1e:09:e4:b0:98:e6:5e:f8:09:3b:28:d2:
09:44:aa:91:ab:a1:98:77:30:6c:bd:2a:35:9c:ce:
e7:80:4f:a1:3f:c9:c8:80:ad:59:69:22:48:26:b8:
35:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:0C:BF:81:5B:72:F0:9D:EC:68:6D:3D:6E:9E:C6:D5:F7:2F:2B:59
X509v3 Authority Key Identifier:
keyid:C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.cernet.net/repo/cernet/0/AS138373.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:250:6802::-2001:250:6806:ffff:ffff:ffff:ffff:ffff
2001:250:6808::/48
2001:250:680b::-2001:250:680c:ffff:ffff:ffff:ffff:ffff
2001:250:680e::/47
2001:250:6811::-2001:250:6814:ffff:ffff:ffff:ffff:ffff
2001:250:6818::-2001:250:681a:ffff:ffff:ffff:ffff:ffff
2001:250:681c::/48
2001:250:681e::/48
2001:250:6823::/48
2001:250:6829::/48
2001:da8:cd::/48
2001:da8:e801::-2001:da8:e802:ffff:ffff:ffff:ffff:ffff
2001:da8:e804::/48
2001:da8:e80c::/48
2001:da8:e80f::/48
2001:da8:e813::/48
2001:da8:e815::-2001:da8:e816:ffff:ffff:ffff:ffff:ffff
2001:da8:e818::-2001:da8:e81a:ffff:ffff:ffff:ffff:ffff
2001:da8:e81d::/48
2001:da8:e81f::/48
2001:da8:e821::/48
2001:da8:e823::/48
2001:da8:ef00::/48
Signature Algorithm: sha256WithRSAEncryption
d1:0e:86:6b:f4:dc:5e:03:79:0f:ca:a5:f6:ce:4f:40:5c:51:
47:d8:c8:72:a9:94:02:cf:cd:d0:18:88:2a:72:54:3d:1c:19:
c4:6c:28:a3:b2:50:29:9b:48:8e:ab:b3:5b:ef:7f:ac:b0:99:
aa:a5:8c:0f:a9:ae:0b:db:5a:0a:9a:47:20:19:6e:68:4a:9c:
62:16:c8:e6:07:67:18:ca:78:3b:d0:f5:ab:85:34:6c:1e:cb:
ba:63:2e:3e:f5:71:95:e8:0d:8c:ec:a5:b6:10:45:a9:86:6b:
10:55:60:07:52:77:16:d2:14:12:73:46:ba:7e:77:9a:b2:e1:
0e:13:14:a4:6b:45:97:45:f8:28:13:05:b4:82:95:7f:bb:d3:
5b:91:0e:e8:a0:dd:02:11:fd:31:96:d7:c2:88:2c:70:de:2a:
91:1b:28:62:9d:b4:c5:02:e4:d4:94:e2:83:a2:d9:f4:4c:a1:
3c:58:65:31:a7:bb:ab:7d:58:2f:98:11:bb:5a:1a:f1:e0:b2:
15:f6:f9:9f:85:4c:8f:f6:ca:9e:e9:90:1f:26:a3:30:b0:c2:
c6:dc:a8:9c:de:6b:0d:1f:83:10:bb:83:9c:d6:54:fa:2a:9d:
36:6d:77:9f:6d:94:92:eb:81:f6:c5:66:c3:59:99:7e:12:f1:
5d:73:ee:52
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgIUGE1cww62aNnEUIm0FAraZ4Jnc64wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEyhDMUVGMzkyQzUw
MDU5N0NBM0NCQTJFMUVDN0FBMUVDM0Y1MEEyOEIyMB4XDTI2MDYxMTA2MzgzN1oX
DTI3MDYxMDA2NDMzN1owMzExMC8GA1UEAxMoRUEwQ0JGODE1QjcyRjA5REVDNjg2
RDNENkU5RUM2RDVGNzJGMkI1OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9gan+9lB1pMCIDaX4QMZAnhRU9QqkuUsY32h/Lu5arWYhFlQVHvUmdIjqV
gECXYMRtzviqoYSn+wWXA1hPDhvGzyO4czabH7G5oUNfrj4n38x8rZPPQvAsi5QB
6/wjkvy+88mon0O1r2XhvF4DHSgjZ4KMIbdeBF68ilE9kB1xB/VT2yroaoJYizPO
k6WF4F27Npk2+Sp3qZ+2nbJ9Kp9sVYf2qGN45J0bWrnzFO6V/JdrDyglU3xg9RSf
unF++70DdraE3M8qa7XVcybmnMM/8BDAHgnksJjmXvgJOyjSCUSqkauhmHcwbL0q
NZzO54BPoT/JyICtWWkiSCa4NV8CAwEAAaOCAuYwggLiMB0GA1UdDgQWBBTqDL+B
W3LwnexobT1unsbV9y8rWTAfBgNVHSMEGDAWgBTB7zksUAWXyjy6Lh7Hqh7D9Qoo
sjAOBgNVHQ8BAf8EBAMCB4AwZAYDVR0fBF0wWzBZoFegVYZTcnN5bmM6Ly9yc3lu
Yy5jZXJuZXQubmV0L3JlcG8vY2VybmV0LzAvQzFFRjM5MkM1MDA1OTdDQTNDQkEy
RTFFQzdBQTFFQzNGNTBBMjhCMi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUF
BzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgx
RDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd2U4NUxGQUZsOG84dWk0ZXg2b2V3X1VL
S0xJLmNlcjBPBggrBgEFBQcBCwRDMEEwPwYIKwYBBQUHMAuGM3JzeW5jOi8vcnN5
bmMuY2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8wL0FTMTM4MzczLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMIIBPQYIKwYBBQUHAQcBAf8EggEsMIIBKDCCASQE
AgACMIIBHDASAwcBIAECUGgCAwcAIAECUGgGAwcAIAECUGgIMBIDBwAgAQJQaAsD
BwAgAQJQaAwDBwEgAQJQaA4wEgMHACABAlBoEQMHACABAlBoFDASAwcDIAECUGgY
AwcAIAECUGgaAwcAIAECUGgcAwcAIAECUGgeAwcAIAECUGgjAwcAIAECUGgpAwcA
IAENqADNMBIDBwAgAQ2o6AEDBwAgAQ2o6AIDBwAgAQ2o6AQDBwAgAQ2o6AwDBwAg
AQ2o6A8DBwAgAQ2o6BMwEgMHACABDajoFQMHACABDajoFjASAwcDIAENqOgYAwcA
IAENqOgaAwcAIAENqOgdAwcAIAENqOgfAwcAIAENqOghAwcAIAENqOgjAwcAIAEN
qO8AMA0GCSqGSIb3DQEBCwUAA4IBAQDRDoZr9NxeA3kPyqX2zk9AXFFH2MhyqZQC
z83QGIgqclQ9HBnEbCijslApm0iOq7Nb73+ssJmqpYwPqa4L21oKmkcgGW5oSpxi
FsjmB2cYyng70PWrhTRsHsu6Yy4+9XGV6A2M7KW2EEWphmsQVWAHUncW0hQSc0a6
fneasuEOExSka0WXRfgoEwW0gpV/u9NbkQ7ooN0CEf0xltfCiCxw3iqRGyhinbTF
AuTUlOKDotn0TKE8WGUxp7urfVgvmBG7Whrx4LIV9vmfhUyP9sqe6ZAfJqMwsMLG
3Kic3msNH4MQu4Oc1lT6Kp02bXefbZSS64H2xWbDWZl+EvFdc+5S
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:49:20 2026 by rpki-client