Route Origin Authorization
$ rpki-client -vvf rsync.cernet.net/repo/cernet/0/AS138377.roa
File: AS138377.roa (raw, json)
Hash identifier: /T0MTL8WhyOuBqPt/vxBVFMvNLtE6EVG3xhsaGKxsiE=
Subject key identifier: 2D:E2:89:88:3A:DE:17:4A:F9:23:FF:9E:29:B4:C3:6C:AB:11:26:A2
Certificate issuer: /CN=A91E5D610001/serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Certificate serial: 7633D81ED6B3C1B7DD98644F420D79E78AA8E3F4
Authority key identifier: C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject info access: rsync://rsync.cernet.net/repo/cernet/0/AS138377.roa
Signing time: Thu 11 Jun 2026 07:16:16 +0000
ROA not before: Thu 11 Jun 2026 07:11:16 +0000
ROA not after: Thu 10 Jun 2027 07:16:16 +0000
asID: 138377
IP address blocks: 2001:250:1e00::/48 maxlen: 48
2001:250:1e01::/48 maxlen: 48
2001:250:1e02::/48 maxlen: 48
2001:250:1e03::/48 maxlen: 48
2001:250:1e04::/48 maxlen: 48
2001:250:1e05::/48 maxlen: 48
2001:250:1e06::/48 maxlen: 48
2001:250:1e07::/48 maxlen: 48
2001:250:1e08::/48 maxlen: 48
2001:250:1e09::/48 maxlen: 48
2001:250:1e0a::/48 maxlen: 48
2001:250:1e0b::/48 maxlen: 48
2001:250:1e0c::/48 maxlen: 48
2001:250:1e0d::/48 maxlen: 48
2001:250:1e0e::/48 maxlen: 48
2001:da8:c1::/48 maxlen: 48
240c:c381::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 03:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:33:d8:1e:d6:b3:c1:b7:dd:98:64:4f:42:0d:79:e7:8a:a8:e3:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D610001, serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Validity
Not Before: Jun 11 07:11:16 2026 GMT
Not After : Jun 10 07:16:16 2027 GMT
Subject: CN=2DE289883ADE174AF923FF9E29B4C36CAB1126A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4f:2b:22:f6:6d:4f:9b:5c:42:ed:4d:a9:65:
c6:e5:3f:79:67:1f:e3:9d:45:f0:ca:d8:59:a1:4e:
c7:45:86:48:36:2f:b5:48:a3:84:aa:92:ff:c9:e2:
87:d0:06:86:e1:f3:2c:79:5a:f1:26:4d:4b:18:f6:
e5:c2:3d:4f:c7:d0:9c:de:8a:8b:54:98:fd:26:1c:
0d:3f:74:3b:d3:66:e0:4b:ad:18:26:1a:fa:20:3e:
a2:b9:e5:8c:86:61:99:59:fe:73:7a:c6:24:00:d7:
36:d2:df:2a:3e:8b:bb:02:b7:dc:e4:5e:3f:ed:fd:
49:1d:f7:0e:71:ac:2e:e4:1a:85:05:00:ce:ef:07:
bb:cd:bd:85:82:3d:e6:80:b3:27:f3:39:0b:95:be:
a0:66:4a:b0:c1:f9:cb:15:d6:fa:d4:f0:58:64:13:
9c:40:2d:fa:91:2b:84:d1:d3:ad:1d:17:17:22:14:
a5:2f:d2:d2:82:d5:e2:ea:82:9b:ea:fd:11:48:b5:
e7:c9:25:b1:5f:00:d0:52:c1:b0:f3:37:94:62:17:
66:4d:de:c0:d3:a7:2b:b8:e2:62:7e:8b:11:26:f0:
ca:b6:54:f9:ed:9b:6f:83:b3:29:e1:88:23:79:37:
ec:3c:4d:26:68:7f:b4:dd:70:74:f9:53:a8:9c:db:
10:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:E2:89:88:3A:DE:17:4A:F9:23:FF:9E:29:B4:C3:6C:AB:11:26:A2
X509v3 Authority Key Identifier:
keyid:C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.cernet.net/repo/cernet/0/AS138377.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:250:1e00::-2001:250:1e0e:ffff:ffff:ffff:ffff:ffff
2001:da8:c1::/48
240c:c381::/32
Signature Algorithm: sha256WithRSAEncryption
d5:99:77:98:b6:b8:3f:aa:c0:ca:4a:88:39:db:e1:34:8a:76:
a0:c2:c8:9a:0c:f4:d7:38:50:ea:cf:86:fd:dc:89:a6:ca:de:
7a:9c:45:5c:4b:26:3f:a0:ad:22:05:de:8b:4c:c0:73:08:46:
cb:e5:91:a4:6a:c2:4a:9f:a7:b8:7b:e3:42:34:85:fc:b6:97:
e3:2a:e9:cf:fe:75:80:2d:8a:7c:0c:9e:35:c1:41:7a:8d:60:
ad:30:5f:ee:11:2d:3f:b3:cc:ca:4f:63:c8:c0:19:68:dc:76:
a9:f9:37:1c:16:e7:e1:59:03:08:26:41:21:04:c8:a8:65:7f:
cf:72:5e:50:32:6f:fc:61:59:bb:18:f7:fd:4d:fd:5f:ff:a9:
ef:b0:b4:d1:06:15:bf:2e:01:88:c1:aa:b7:ee:67:82:a0:5d:
6a:24:d2:09:14:9b:d1:4d:55:4e:a6:87:78:01:a4:57:36:e1:
e7:f9:e6:b0:2b:4d:e4:5d:9c:01:a1:ef:62:2b:4c:93:d4:ac:
e3:57:fb:1c:c0:06:be:bf:8d:e0:fe:24:3c:88:f5:a3:66:84:
38:98:7e:bf:c9:a0:16:9a:fd:f4:01:b6:d6:4a:63:76:3a:6a:
99:ca:3c:d7:c5:b7:e7:cb:b6:9a:ce:4f:75:bb:69:6a:eb:18:
52:5a:98:6b
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIUdjPYHtazwbfdmGRPQg1554qo4/QwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEyhDMUVGMzkyQzUw
MDU5N0NBM0NCQTJFMUVDN0FBMUVDM0Y1MEEyOEIyMB4XDTI2MDYxMTA3MTExNloX
DTI3MDYxMDA3MTYxNlowMzExMC8GA1UEAxMoMkRFMjg5ODgzQURFMTc0QUY5MjNG
RjlFMjlCNEMzNkNBQjExMjZBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNPKyL2bU+bXELtTallxuU/eWcf451F8MrYWaFOx0WGSDYvtUijhKqS/8ni
h9AGhuHzLHla8SZNSxj25cI9T8fQnN6Ki1SY/SYcDT90O9Nm4EutGCYa+iA+ornl
jIZhmVn+c3rGJADXNtLfKj6LuwK33OReP+39SR33DnGsLuQahQUAzu8Hu829hYI9
5oCzJ/M5C5W+oGZKsMH5yxXW+tTwWGQTnEAt+pErhNHTrR0XFyIUpS/S0oLV4uqC
m+r9EUi158klsV8A0FLBsPM3lGIXZk3ewNOnK7jiYn6LESbwyrZU+e2bb4OzKeGI
I3k37DxNJmh/tN1wdPlTqJzbEI0CAwEAAaOCAeMwggHfMB0GA1UdDgQWBBQt4omI
Ot4XSvkj/54ptMNsqxEmojAfBgNVHSMEGDAWgBTB7zksUAWXyjy6Lh7Hqh7D9Qoo
sjAOBgNVHQ8BAf8EBAMCB4AwZAYDVR0fBF0wWzBZoFegVYZTcnN5bmM6Ly9yc3lu
Yy5jZXJuZXQubmV0L3JlcG8vY2VybmV0LzAvQzFFRjM5MkM1MDA1OTdDQTNDQkEy
RTFFQzdBQTFFQzNGNTBBMjhCMi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUF
BzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgx
RDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd2U4NUxGQUZsOG84dWk0ZXg2b2V3X1VL
S0xJLmNlcjBPBggrBgEFBQcBCwRDMEEwPwYIKwYBBQUHMAuGM3JzeW5jOi8vcnN5
bmMuY2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8wL0FTMTM4Mzc3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjMBED
BgEgAQJQHgMHACABAlAeDgMHACABDagAwQMFACQMw4EwDQYJKoZIhvcNAQELBQAD
ggEBANWZd5i2uD+qwMpKiDnb4TSKdqDCyJoM9Nc4UOrPhv3ciabK3nqcRVxLJj+g
rSIF3otMwHMIRsvlkaRqwkqfp7h740I0hfy2l+Mq6c/+dYAtinwMnjXBQXqNYK0w
X+4RLT+zzMpPY8jAGWjcdqn5NxwW5+FZAwgmQSEEyKhlf89yXlAyb/xhWbsY9/1N
/V//qe+wtNEGFb8uAYjBqrfuZ4KgXWok0gkUm9FNVU6mh3gBpFc24ef55rArTeRd
nAGh72IrTJPUrONX+xzABr6/jeD+JDyI9aNmhDiYfr/JoBaa/fQBttZKY3Y6apnK
PNfFt+fLtprOT3W7aWrrGFJamGs=
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:49:24 2026 by rpki-client