Route Origin Authorization
$ rpki-client -vvf rsync.cernet.net/repo/cernet/0/AS138375.roa
File: AS138375.roa (raw, json)
Hash identifier: HD4so1Rne6Btv35PrbRX/11G3gEm3x9A8E+ikGe0Vjo=
Subject key identifier: 49:D3:D8:BA:5D:44:68:0D:17:6A:2E:D1:F8:C0:02:9A:5A:D1:11:D8
Certificate issuer: /CN=A91E5D610001/serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Certificate serial: 2C3973C8F27592C97384962722655FCA6BB1B0E4
Authority key identifier: C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject info access: rsync://rsync.cernet.net/repo/cernet/0/AS138375.roa
Signing time: Thu 11 Jun 2026 07:16:15 +0000
ROA not before: Thu 11 Jun 2026 07:11:15 +0000
ROA not after: Thu 10 Jun 2027 07:16:15 +0000
asID: 138375
IP address blocks: 2001:250:e00::/48 maxlen: 48
2001:250:e01::/48 maxlen: 48
2001:250:e02::/48 maxlen: 48
2001:250:e04::/48 maxlen: 48
2001:250:e05::/48 maxlen: 48
2001:250:e06::/48 maxlen: 48
2001:250:e07::/48 maxlen: 48
2001:250:e08::/48 maxlen: 48
2001:250:e09::/48 maxlen: 48
2001:250:e0a::/48 maxlen: 48
2001:250:e0b::/48 maxlen: 48
2001:250:e0c::/48 maxlen: 48
2001:250:e0e::/48 maxlen: 48
2001:250:e0f::/48 maxlen: 48
2001:250:e10::/48 maxlen: 48
2001:250:e11::/48 maxlen: 48
2001:250:e12::/48 maxlen: 48
2001:250:e13::/48 maxlen: 48
2001:250:e14::/48 maxlen: 48
2001:250:e15::/48 maxlen: 48
2001:250:e16::/48 maxlen: 48
2001:250:e17::/48 maxlen: 48
2001:250:e18::/48 maxlen: 48
2001:250:e19::/48 maxlen: 48
2001:250:e1a::/48 maxlen: 48
2001:250:e1b::/48 maxlen: 48
2001:250:e1c::/48 maxlen: 48
2001:250:e1d::/48 maxlen: 48
2001:250:e1e::/48 maxlen: 48
2001:250:e1f::/48 maxlen: 48
2001:250:e20::/48 maxlen: 48
2001:250:e21::/48 maxlen: 48
2001:250:e22::/48 maxlen: 48
2001:250:e24::/48 maxlen: 48
2001:250:e25::/48 maxlen: 48
2001:250:e26::/48 maxlen: 48
2001:250:e27::/48 maxlen: 48
2001:250:e28::/48 maxlen: 48
2001:250:e29::/48 maxlen: 48
2001:da8:cf::/48 maxlen: 48
2001:da8:21d::/48 maxlen: 48
240c:c246::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 03:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:39:73:c8:f2:75:92:c9:73:84:96:27:22:65:5f:ca:6b:b1:b0:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D610001, serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Validity
Not Before: Jun 11 07:11:15 2026 GMT
Not After : Jun 10 07:16:15 2027 GMT
Subject: CN=49D3D8BA5D44680D176A2ED1F8C0029A5AD111D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b7:eb:36:56:e2:7d:74:06:23:9f:c7:a6:80:
8d:c2:05:c3:f7:59:57:ea:dc:09:ff:09:48:80:31:
05:56:1e:2b:75:9c:ef:71:4e:85:6b:01:e2:4e:c3:
db:6c:33:a9:21:75:77:08:47:62:9d:5d:a3:69:76:
94:96:7d:31:6b:b0:29:58:68:46:d4:57:d6:a9:00:
a1:6d:89:d5:2e:1c:04:c5:b6:1e:f3:b0:79:d9:1b:
05:de:f3:0c:84:9c:f7:53:44:91:eb:da:15:10:21:
ae:23:63:af:6b:bd:3d:cc:43:a5:b3:e8:a9:03:d6:
f7:dc:f5:7f:ed:83:d3:76:56:6c:6e:f3:d4:bd:6e:
e2:95:4e:57:2e:08:02:21:a5:88:d9:1e:d8:41:70:
66:65:cf:6d:5b:5d:c4:4c:68:c1:24:f5:df:60:da:
df:df:62:58:ac:2b:09:52:54:17:57:51:3f:31:8c:
70:5e:35:61:27:44:be:7a:13:07:d5:a1:bd:4d:b9:
81:a1:82:67:57:b8:c6:3f:08:80:1b:53:21:4c:b3:
0c:97:0a:58:37:37:3a:df:37:54:f7:f2:6b:57:45:
d2:ae:f8:d5:76:e5:78:97:d6:c1:fb:85:6e:38:9a:
10:02:6d:d6:bf:cc:8c:44:a3:12:46:7e:85:47:90:
e4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D3:D8:BA:5D:44:68:0D:17:6A:2E:D1:F8:C0:02:9A:5A:D1:11:D8
X509v3 Authority Key Identifier:
keyid:C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.cernet.net/repo/cernet/0/AS138375.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:250:e00::-2001:250:e02:ffff:ffff:ffff:ffff:ffff
2001:250:e04::-2001:250:e0c:ffff:ffff:ffff:ffff:ffff
2001:250:e0e::-2001:250:e22:ffff:ffff:ffff:ffff:ffff
2001:250:e24::-2001:250:e29:ffff:ffff:ffff:ffff:ffff
2001:da8:cf::/48
2001:da8:21d::/48
240c:c246::/32
Signature Algorithm: sha256WithRSAEncryption
3e:6c:01:10:80:44:f4:d4:a0:2d:75:5d:a0:6e:14:65:ae:c7:
0e:3d:04:81:9b:04:ea:7b:cc:db:fa:74:c7:77:a9:1b:84:62:
49:dd:80:4a:c9:cd:d4:3b:58:09:9b:5b:5a:48:30:30:51:d6:
6a:bd:99:27:f3:a2:31:61:93:eb:89:a0:21:8f:da:20:00:65:
1b:c6:c5:5f:af:70:db:28:c6:6b:60:c5:8c:b1:23:15:60:67:
52:ce:f7:98:e6:0e:61:32:c9:a7:9e:30:c9:8e:bf:b4:ed:3e:
90:01:12:8b:96:95:b7:51:47:d1:b8:96:db:a6:fd:0f:cb:ea:
19:df:53:bf:40:5c:cf:00:8f:1d:94:b4:ae:be:9e:f0:3c:cf:
b6:1e:1c:25:ed:34:81:4e:96:95:f0:95:b4:b0:d1:dd:70:5f:
8c:b2:5a:05:a5:25:98:82:75:95:36:a2:f7:05:66:65:18:f4:
e6:03:76:e3:1c:b4:9e:eb:44:de:da:ec:f6:81:41:d1:c8:22:
e1:af:17:a1:24:14:6a:cc:8d:3b:3a:50:d0:c5:49:b6:40:c0:
80:2a:34:74:81:80:2c:59:b8:ff:e5:d9:0a:c4:34:ef:d5:20:
7a:7d:0b:76:e6:70:c7:ae:c5:79:89:6b:0f:74:61:4e:90:1c:
c2:5a:79:66
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIULDlzyPJ1kslzhJYnImVfymuxsOQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEyhDMUVGMzkyQzUw
MDU5N0NBM0NCQTJFMUVDN0FBMUVDM0Y1MEEyOEIyMB4XDTI2MDYxMTA3MTExNVoX
DTI3MDYxMDA3MTYxNVowMzExMC8GA1UEAxMoNDlEM0Q4QkE1RDQ0NjgwRDE3NkEy
RUQxRjhDMDAyOUE1QUQxMTFEODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMW36zZW4n10BiOfx6aAjcIFw/dZV+rcCf8JSIAxBVYeK3Wc73FOhWsB4k7D
22wzqSF1dwhHYp1do2l2lJZ9MWuwKVhoRtRX1qkAoW2J1S4cBMW2HvOwedkbBd7z
DISc91NEkevaFRAhriNjr2u9PcxDpbPoqQPW99z1f+2D03ZWbG7z1L1u4pVOVy4I
AiGliNke2EFwZmXPbVtdxExowST132Da399iWKwrCVJUF1dRPzGMcF41YSdEvnoT
B9WhvU25gaGCZ1e4xj8IgBtTIUyzDJcKWDc3Ot83VPfya1dF0q741XbleJfWwfuF
bjiaEAJt1r/MjESjEkZ+hUeQ5AMCAwEAAaOCAikwggIlMB0GA1UdDgQWBBRJ09i6
XURoDRdqLtH4wAKaWtER2DAfBgNVHSMEGDAWgBTB7zksUAWXyjy6Lh7Hqh7D9Qoo
sjAOBgNVHQ8BAf8EBAMCB4AwZAYDVR0fBF0wWzBZoFegVYZTcnN5bmM6Ly9yc3lu
Yy5jZXJuZXQubmV0L3JlcG8vY2VybmV0LzAvQzFFRjM5MkM1MDA1OTdDQTNDQkEy
RTFFQzdBQTFFQzNGNTBBMjhCMi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUF
BzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgx
RDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd2U4NUxGQUZsOG84dWk0ZXg2b2V3X1VL
S0xJLmNlcjBPBggrBgEFBQcBCwRDMEEwPwYIKwYBBQUHMAuGM3JzeW5jOi8vcnN5
bmMuY2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8wL0FTMTM4Mzc1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAIwaDAR
AwYBIAECUA4DBwAgAQJQDgIwEgMHAiABAlAOBAMHACABAlAODDASAwcBIAECUA4O
AwcAIAECUA4iMBIDBwIgAQJQDiQDBwEgAQJQDigDBwAgAQ2oAM8DBwAgAQ2oAh0D
BQAkDMJGMA0GCSqGSIb3DQEBCwUAA4IBAQA+bAEQgET01KAtdV2gbhRlrscOPQSB
mwTqe8zb+nTHd6kbhGJJ3YBKyc3UO1gJm1taSDAwUdZqvZkn86IxYZPriaAhj9og
AGUbxsVfr3DbKMZrYMWMsSMVYGdSzveY5g5hMsmnnjDJjr+07T6QARKLlpW3UUfR
uJbbpv0Py+oZ31O/QFzPAI8dlLSuvp7wPM+2Hhwl7TSBTpaV8JW0sNHdcF+MsloF
pSWYgnWVNqL3BWZlGPTmA3bjHLSe60Te2uz2gUHRyCLhrxehJBRqzI07OlDQxUm2
QMCAKjR0gYAsWbj/5dkKxDTv1SB6fQt25nDHrsV5iWsPdGFOkBzCWnlm
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:48:55 2026 by rpki-client