Route Origin Authorization
$ rpki-client -vvf rsync.cernet.net/repo/cernet/0/AS138381.roa
File: AS138381.roa (raw, json)
Hash identifier: LL6qyeCKnOjYSwFNIRJUAiHihKLzNnJcUDQWMtPBSz0=
Subject key identifier: 42:7F:D3:40:22:C9:70:19:12:B7:F7:1C:3C:A0:D3:63:40:14:40:9D
Certificate issuer: /CN=A91E5D610001/serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Certificate serial: 7B780E9A883552621C8FC84D02D9526E798F87C1
Authority key identifier: C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject info access: rsync://rsync.cernet.net/repo/cernet/0/AS138381.roa
Signing time: Thu 11 Jun 2026 07:16:16 +0000
ROA not before: Thu 11 Jun 2026 07:11:16 +0000
ROA not after: Thu 10 Jun 2027 07:16:16 +0000
asID: 138381
IP address blocks: 2001:250:2100::/48 maxlen: 48
2001:250:2c00::/48 maxlen: 48
2001:250:2c01::/48 maxlen: 48
2001:250:2c02::/48 maxlen: 48
2001:250:2c03::/48 maxlen: 48
2001:250:2c04::/48 maxlen: 48
2001:250:2c05::/48 maxlen: 48
2001:250:2c06::/48 maxlen: 48
2001:250:2c07::/48 maxlen: 48
2001:250:2c08::/48 maxlen: 48
2001:250:2c09::/48 maxlen: 48
2001:250:2c0b::/48 maxlen: 48
2001:250:2c0c::/48 maxlen: 48
2001:250:2c0d::/48 maxlen: 48
2001:250:2c0e::/48 maxlen: 48
2001:250:2c0f::/48 maxlen: 48
2001:250:2c10::/48 maxlen: 48
2001:250:2c11::/48 maxlen: 48
2001:250:2c12::/48 maxlen: 48
2001:250:2c13::/48 maxlen: 48
2001:250:2c14::/48 maxlen: 48
2001:250:2c15::/48 maxlen: 48
2001:250:2c16::/48 maxlen: 48
2001:250:2c17::/48 maxlen: 48
2001:250:2c18::/48 maxlen: 48
2001:250:2c19::/48 maxlen: 48
2001:250:2c1a::/48 maxlen: 48
2001:250:2c1b::/48 maxlen: 48
2001:250:2c1c::/48 maxlen: 48
2001:250:2c1d::/48 maxlen: 48
2001:250:2c1e::/48 maxlen: 48
2001:250:2c1f::/48 maxlen: 48
2001:250:2c21::/48 maxlen: 48
2001:250:2c22::/48 maxlen: 48
2001:250:2c23::/48 maxlen: 48
2001:250:2c24::/48 maxlen: 48
2001:250:2c25::/48 maxlen: 48
2001:250:2c26::/48 maxlen: 48
2001:250:2c27::/48 maxlen: 48
2001:250:2c28::/48 maxlen: 48
2001:250:2c29::/48 maxlen: 48
2001:250:2c2a::/48 maxlen: 48
2001:250:2c2b::/48 maxlen: 48
2001:250:2c2d::/48 maxlen: 48
2001:250:2c2e::/48 maxlen: 48
2001:250:2c30::/48 maxlen: 48
2001:250:2c31::/48 maxlen: 48
2001:250:2c32::/48 maxlen: 48
2001:250:2c33::/48 maxlen: 48
2001:250:2c34::/48 maxlen: 48
2001:250:2c35::/48 maxlen: 48
2001:250:2c36::/48 maxlen: 48
2001:250:2c37::/48 maxlen: 48
2001:250:2c38::/48 maxlen: 48
2001:250:2c39::/48 maxlen: 48
2001:250:2c3a::/48 maxlen: 48
2001:250:2c3c::/48 maxlen: 48
2001:250:2c3d::/48 maxlen: 48
2001:250:2c3e::/48 maxlen: 48
2001:da8:c3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 03:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:78:0e:9a:88:35:52:62:1c:8f:c8:4d:02:d9:52:6e:79:8f:87:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D610001, serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Validity
Not Before: Jun 11 07:11:16 2026 GMT
Not After : Jun 10 07:16:16 2027 GMT
Subject: CN=427FD34022C9701912B7F71C3CA0D3634014409D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:45:08:08:68:f6:bf:a5:a9:21:5e:8c:bf:7e:
7a:77:65:d2:65:2e:72:6d:00:dc:5e:bb:15:e2:97:
dd:5d:38:70:13:4f:6a:4b:36:70:59:d0:84:5b:03:
6b:04:3b:1b:4c:38:a7:15:25:e6:53:8f:0c:0e:61:
70:7e:da:c0:be:da:e4:7e:bc:6f:01:59:4c:cc:d8:
a4:db:63:f8:ac:06:fb:ce:65:c0:68:02:34:dc:b0:
61:2c:54:c4:37:ef:0e:a9:f9:08:37:f3:b4:52:53:
5f:f2:fb:fd:30:50:d6:f2:1e:df:b8:82:ca:96:7f:
14:a2:f3:c9:08:0a:32:aa:86:e7:2f:2f:8b:29:02:
1d:cf:2b:d0:8b:74:22:d8:bd:6d:00:1f:fa:b1:78:
86:64:dd:06:03:a3:cc:a8:2d:58:82:cf:d1:22:4c:
a4:57:f2:94:b7:9c:cb:31:0f:de:e5:d8:f6:24:f7:
1d:35:48:f4:a2:3e:a6:3b:ca:45:c6:d8:cb:43:ce:
3c:86:59:c3:ab:54:96:5d:f9:9b:77:26:69:5f:82:
91:d8:37:b6:30:9a:33:ac:9a:ba:7e:9c:05:e3:eb:
4e:a8:7f:d1:b4:ca:39:3a:b7:98:7e:87:d0:62:8c:
d5:71:f6:7f:97:0a:fe:52:cf:45:8a:fd:b9:63:10:
9a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:7F:D3:40:22:C9:70:19:12:B7:F7:1C:3C:A0:D3:63:40:14:40:9D
X509v3 Authority Key Identifier:
keyid:C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.cernet.net/repo/cernet/0/AS138381.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:250:2100::/48
2001:250:2c00::-2001:250:2c09:ffff:ffff:ffff:ffff:ffff
2001:250:2c0b::-2001:250:2c1f:ffff:ffff:ffff:ffff:ffff
2001:250:2c21::-2001:250:2c2b:ffff:ffff:ffff:ffff:ffff
2001:250:2c2d::-2001:250:2c2e:ffff:ffff:ffff:ffff:ffff
2001:250:2c30::-2001:250:2c3a:ffff:ffff:ffff:ffff:ffff
2001:250:2c3c::-2001:250:2c3e:ffff:ffff:ffff:ffff:ffff
2001:da8:c3::/48
Signature Algorithm: sha256WithRSAEncryption
ea:4a:62:6a:09:72:98:b7:ad:75:b0:b6:b8:d4:b3:d7:05:2f:
d3:06:d9:00:15:f9:cc:66:3e:3f:ac:0c:ba:78:8f:8e:08:48:
60:8c:74:fa:e2:6e:4d:c4:fc:23:9b:01:d2:a8:4f:a6:cd:8f:
9f:65:c7:65:c4:da:12:f9:42:68:42:82:49:dc:f0:59:95:75:
f6:de:6d:24:01:23:6c:7e:e6:25:95:85:bd:22:30:01:44:80:
9a:82:b5:08:d3:80:e9:2f:ad:72:34:c8:5c:c1:33:82:ed:d5:
66:66:d8:3e:9a:ff:45:3d:10:a6:12:69:ba:b8:31:42:a1:8d:
88:cd:6f:02:e4:57:e8:38:6e:0d:5b:2a:61:a0:26:13:01:57:
02:8b:77:1f:b0:21:22:91:4e:97:e5:f4:ef:ee:2a:8a:e9:82:
0c:ab:85:0f:c9:d3:ab:3b:4a:d8:f2:b3:62:54:68:61:39:74:
3a:69:69:c9:0a:fa:37:35:34:1c:b8:ee:f2:31:78:34:8c:d6:
22:34:c9:f8:eb:fb:74:bb:4d:2e:c2:a7:a2:0f:78:9b:86:67:
e7:58:31:84:78:f4:bf:fa:4f:15:29:0b:25:6d:64:8e:67:d0:
5a:e1:85:76:90:99:db:50:67:dc:1c:d6:8f:dc:cc:51:47:5a:
1d:05:6a:82
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIUe3gOmog1UmIcj8hNAtlSbnmPh8EwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEyhDMUVGMzkyQzUw
MDU5N0NBM0NCQTJFMUVDN0FBMUVDM0Y1MEEyOEIyMB4XDTI2MDYxMTA3MTExNloX
DTI3MDYxMDA3MTYxNlowMzExMC8GA1UEAxMoNDI3RkQzNDAyMkM5NzAxOTEyQjdG
NzFDM0NBMEQzNjM0MDE0NDA5RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOdFCAho9r+lqSFejL9+endl0mUucm0A3F67FeKX3V04cBNPaks2cFnQhFsD
awQ7G0w4pxUl5lOPDA5hcH7awL7a5H68bwFZTMzYpNtj+KwG+85lwGgCNNywYSxU
xDfvDqn5CDfztFJTX/L7/TBQ1vIe37iCypZ/FKLzyQgKMqqG5y8viykCHc8r0It0
Iti9bQAf+rF4hmTdBgOjzKgtWILP0SJMpFfylLecyzEP3uXY9iT3HTVI9KI+pjvK
RcbYy0POPIZZw6tUll35m3cmaV+Ckdg3tjCaM6yaun6cBePrTqh/0bTKOTq3mH6H
0GKM1XH2f5cK/lLPRYr9uWMQmvMCAwEAAaOCAk4wggJKMB0GA1UdDgQWBBRCf9NA
IslwGRK39xw8oNNjQBRAnTAfBgNVHSMEGDAWgBTB7zksUAWXyjy6Lh7Hqh7D9Qoo
sjAOBgNVHQ8BAf8EBAMCB4AwZAYDVR0fBF0wWzBZoFegVYZTcnN5bmM6Ly9yc3lu
Yy5jZXJuZXQubmV0L3JlcG8vY2VybmV0LzAvQzFFRjM5MkM1MDA1OTdDQTNDQkEy
RTFFQzdBQTFFQzNGNTBBMjhCMi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUF
BzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgx
RDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd2U4NUxGQUZsOG84dWk0ZXg2b2V3X1VL
S0xJLmNlcjBPBggrBgEFBQcBCwRDMEEwPwYIKwYBBQUHMAuGM3JzeW5jOi8vcnN5
bmMuY2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8wL0FTMTM4MzgxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzCBkAQCAAIw
gYkDBwAgAQJQIQAwEQMGAiABAlAsAwcBIAECUCwIMBIDBwAgAQJQLAsDBwUgAQJQ
LAAwEgMHACABAlAsIQMHAiABAlAsKDASAwcAIAECUCwtAwcAIAECUCwuMBIDBwQg
AQJQLDADBwAgAQJQLDowEgMHAiABAlAsPAMHACABAlAsPgMHACABDagAwzANBgkq
hkiG9w0BAQsFAAOCAQEA6kpiaglymLetdbC2uNSz1wUv0wbZABX5zGY+P6wMuniP
jghIYIx0+uJuTcT8I5sB0qhPps2Pn2XHZcTaEvlCaEKCSdzwWZV19t5tJAEjbH7m
JZWFvSIwAUSAmoK1CNOA6S+tcjTIXMEzgu3VZmbYPpr/RT0QphJpurgxQqGNiM1v
AuRX6DhuDVsqYaAmEwFXAot3H7AhIpFOl+X07+4qiumCDKuFD8nTqztK2PKzYlRo
YTl0OmlpyQr6NzU0HLju8jF4NIzWIjTJ+Ov7dLtNLsKnog94m4Zn51gxhHj0v/pP
FSkLJW1kjmfQWuGFdpCZ21Bn3BzWj9zMUUdaHQVqgg==
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:49:24 2026 by rpki-client