Route Origin Authorization
$ rpki-client -vvf rsync.cernet.net/repo/cernet/0/AS24349.roa
File: AS24349.roa (raw, json)
Hash identifier: fsGWIXwUuLyJdbNjQQxErXvtAF1ffx/hAiR96UGOHiw=
Subject key identifier: 0A:10:76:DC:9F:47:60:87:1F:D6:33:FD:D8:46:6E:78:16:63:A2:BC
Certificate issuer: /CN=A91E5D610001/serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Certificate serial: 6E18D9C6EFBE255DBB9DAD4909653C44013E20E8
Authority key identifier: C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject info access: rsync://rsync.cernet.net/repo/cernet/0/AS24349.roa
Signing time: Thu 11 Jun 2026 06:43:38 +0000
ROA not before: Thu 11 Jun 2026 06:38:38 +0000
ROA not after: Thu 10 Jun 2027 06:43:38 +0000
asID: 24349
IP address blocks: 2001:250:205::/48 maxlen: 48
2001:250:207::/48 maxlen: 48
2001:250:208::/48 maxlen: 48
2001:250:20c::/48 maxlen: 48
2001:250:210::/48 maxlen: 48
2001:250:212::/48 maxlen: 48
2001:250:215::/48 maxlen: 48
2001:250:218::/48 maxlen: 48
2001:250:21e::/48 maxlen: 48
2001:250:21f::/48 maxlen: 48
2001:250:223::/48 maxlen: 48
2001:250:228::/48 maxlen: 48
2001:250:22b::/48 maxlen: 48
2001:250:22d::/48 maxlen: 48
2001:250:22e::/48 maxlen: 48
2001:250:230::/48 maxlen: 48
2001:250:231::/48 maxlen: 48
2001:250:234::/48 maxlen: 48
2001:250:236::/48 maxlen: 48
2001:250:237::/48 maxlen: 48
2001:250:238::/48 maxlen: 48
2001:250:23a::/48 maxlen: 48
2001:250:23c::/48 maxlen: 48
2001:250:23d::/48 maxlen: 48
2001:250:251::/48 maxlen: 48
2001:250:5060::/48 maxlen: 48
2001:da8:ac::/48 maxlen: 48
2001:da8:201::/48 maxlen: 48
2001:da8:204::/48 maxlen: 48
2001:da8:20c::/48 maxlen: 48
2001:da8:20f::/48 maxlen: 48
2001:da8:218::/48 maxlen: 48
2001:da8:219::/48 maxlen: 48
2001:da8:21c::/48 maxlen: 48
2001:da8:22d::/48 maxlen: 48
2001:da8:230::/48 maxlen: 48
2001:da8:233::/48 maxlen: 48
2001:da8:234::/48 maxlen: 48
2001:da8:235::/48 maxlen: 48
2001:da8:236::/48 maxlen: 48
2001:da8:237::/48 maxlen: 48
2001:da8:23b::/48 maxlen: 48
2001:da8:240::/48 maxlen: 48
2001:da8:244::/48 maxlen: 48
2001:da8:246::/48 maxlen: 48
2001:da8:253::/48 maxlen: 48
2001:da8:259::/48 maxlen: 48
2001:da8:272::/48 maxlen: 48
2001:da8:273::/48 maxlen: 48
2001:da8:274::/48 maxlen: 48
2001:da8:275::/48 maxlen: 48
2001:da8:278::/48 maxlen: 48
2001:da8:279::/48 maxlen: 48
2001:da8:27b::/48 maxlen: 48
2001:da8:27e::/48 maxlen: 48
2001:da8:27f::/48 maxlen: 48
2001:da8:280::/48 maxlen: 48
240c:c001::/32 maxlen: 32
240c:c017::/32 maxlen: 32
240c:c019::/32 maxlen: 32
240c:c02f::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 03:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:18:d9:c6:ef:be:25:5d:bb:9d:ad:49:09:65:3c:44:01:3e:20:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D610001, serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Validity
Not Before: Jun 11 06:38:38 2026 GMT
Not After : Jun 10 06:43:38 2027 GMT
Subject: CN=0A1076DC9F4760871FD633FDD8466E781663A2BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8b:85:01:9c:2e:a2:01:fc:86:0b:e9:16:a8:
d0:6c:b3:2c:eb:41:e1:29:74:c4:9c:7c:e6:e8:3e:
bf:27:53:5c:37:ca:dd:1a:a2:83:e6:a6:3f:74:5b:
7a:51:8f:81:ec:f2:61:b3:a6:c4:26:7f:43:8a:4a:
d7:ba:52:5a:53:2a:63:72:83:34:d2:5e:bc:35:ac:
e4:94:fc:da:e5:74:bc:3c:d7:dc:6c:96:61:c5:ac:
d5:f3:21:89:45:65:b3:1a:01:60:9c:24:03:30:13:
d5:d4:c4:2e:00:a8:a7:21:74:a1:64:9d:b4:e0:f4:
29:6d:09:96:d8:1a:79:c6:73:5d:a0:ec:94:63:9b:
a1:7f:ae:56:0b:6c:61:e6:c8:75:0d:e8:0c:8a:87:
f0:80:2b:83:6a:22:5c:5a:19:b4:7a:49:de:a1:a8:
1c:b9:89:49:b2:c3:40:3c:72:d8:80:87:69:fd:2a:
54:44:9d:47:b4:06:8a:1e:2b:f4:fb:63:9e:ec:21:
d5:36:b5:cc:c1:e6:f3:d4:06:e5:55:a5:06:6c:17:
32:c3:c1:26:e1:43:bf:2a:68:dc:65:2a:7e:ed:f9:
38:25:5b:8e:d5:f9:86:30:ce:54:96:41:d0:0e:6d:
c0:f9:20:00:98:fe:a7:f5:cc:99:91:b9:9e:07:f9:
99:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:10:76:DC:9F:47:60:87:1F:D6:33:FD:D8:46:6E:78:16:63:A2:BC
X509v3 Authority Key Identifier:
keyid:C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.cernet.net/repo/cernet/0/AS24349.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:250:205::/48
2001:250:207::-2001:250:208:ffff:ffff:ffff:ffff:ffff
2001:250:20c::/48
2001:250:210::/48
2001:250:212::/48
2001:250:215::/48
2001:250:218::/48
2001:250:21e::/47
2001:250:223::/48
2001:250:228::/48
2001:250:22b::/48
2001:250:22d::-2001:250:22e:ffff:ffff:ffff:ffff:ffff
2001:250:230::/47
2001:250:234::/48
2001:250:236::-2001:250:238:ffff:ffff:ffff:ffff:ffff
2001:250:23a::/48
2001:250:23c::/47
2001:250:251::/48
2001:250:5060::/48
2001:da8:ac::/48
2001:da8:201::/48
2001:da8:204::/48
2001:da8:20c::/48
2001:da8:20f::/48
2001:da8:218::/47
2001:da8:21c::/48
2001:da8:22d::/48
2001:da8:230::/48
2001:da8:233::-2001:da8:237:ffff:ffff:ffff:ffff:ffff
2001:da8:23b::/48
2001:da8:240::/48
2001:da8:244::/48
2001:da8:246::/48
2001:da8:253::/48
2001:da8:259::/48
2001:da8:272::-2001:da8:275:ffff:ffff:ffff:ffff:ffff
2001:da8:278::/47
2001:da8:27b::/48
2001:da8:27e::-2001:da8:280:ffff:ffff:ffff:ffff:ffff
240c:c001::/32
240c:c017::/32
240c:c019::/32
240c:c02f::/32
Signature Algorithm: sha256WithRSAEncryption
8f:cc:82:7f:94:54:cd:b5:88:a6:67:c2:8a:96:57:69:af:89:
5f:8f:83:8d:35:a2:6f:8f:57:05:4d:4d:97:c4:d0:f4:7c:63:
8c:45:8a:5f:9c:2b:aa:80:08:c7:29:41:b0:46:94:9a:da:31:
a1:e5:a7:5f:9a:06:92:b1:c8:71:a4:e4:39:d2:c2:94:68:4f:
10:72:5e:49:a1:b5:94:54:08:ba:f8:7b:a4:f9:ac:ea:a3:83:
fe:38:3a:72:bd:62:92:55:ff:ad:51:2e:e3:d2:4f:11:61:e4:
34:94:ec:f1:87:43:40:4b:41:43:0c:7e:96:07:b5:d4:28:ff:
ab:62:40:e4:92:cc:bf:f8:7d:c7:8e:e5:68:80:7e:02:9e:2b:
51:62:dd:3a:ff:91:9c:9b:57:22:5a:b8:70:42:85:d8:11:a3:
aa:d4:df:f7:b7:c0:70:c0:13:c0:6c:40:a3:a0:d2:dd:1d:99:
34:0b:44:38:49:1d:17:0d:79:1f:95:27:6b:2b:96:5f:4c:f5:
b3:09:cc:89:fd:b8:c9:49:63:d9:76:1c:21:68:3e:28:1b:a9:
d3:33:47:b8:e0:a2:0b:b4:ef:0f:b7:8e:18:3b:8e:ac:53:af:
09:b7:a6:62:ef:52:41:1b:6c:a8:8a:57:fc:58:1c:ba:b7:d8:
16:4a:f8:1c
-----BEGIN CERTIFICATE-----
MIIGkzCCBXugAwIBAgIUbhjZxu++JV27na1JCWU8RAE+IOgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEyhDMUVGMzkyQzUw
MDU5N0NBM0NCQTJFMUVDN0FBMUVDM0Y1MEEyOEIyMB4XDTI2MDYxMTA2MzgzOFoX
DTI3MDYxMDA2NDMzOFowMzExMC8GA1UEAxMoMEExMDc2REM5RjQ3NjA4NzFGRDYz
M0ZERDg0NjZFNzgxNjYzQTJCQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmLhQGcLqIB/IYL6Rao0GyzLOtB4Sl0xJx85ug+vydTXDfK3Rqig+amP3Rb
elGPgezyYbOmxCZ/Q4pK17pSWlMqY3KDNNJevDWs5JT82uV0vDzX3GyWYcWs1fMh
iUVlsxoBYJwkAzAT1dTELgCopyF0oWSdtOD0KW0JltgaecZzXaDslGOboX+uVgts
YebIdQ3oDIqH8IArg2oiXFoZtHpJ3qGoHLmJSbLDQDxy2ICHaf0qVESdR7QGih4r
9Ptjnuwh1Ta1zMHm89QG5VWlBmwXMsPBJuFDvypo3GUqfu35OCVbjtX5hjDOVJZB
0A5twPkgAJj+p/XMmZG5ngf5mZ0CAwEAAaOCA4YwggOCMB0GA1UdDgQWBBQKEHbc
n0dghx/WM/3YRm54FmOivDAfBgNVHSMEGDAWgBTB7zksUAWXyjy6Lh7Hqh7D9Qoo
sjAOBgNVHQ8BAf8EBAMCB4AwZAYDVR0fBF0wWzBZoFegVYZTcnN5bmM6Ly9yc3lu
Yy5jZXJuZXQubmV0L3JlcG8vY2VybmV0LzAvQzFFRjM5MkM1MDA1OTdDQTNDQkEy
RTFFQzdBQTFFQzNGNTBBMjhCMi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUF
BzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgx
RDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd2U4NUxGQUZsOG84dWk0ZXg2b2V3X1VL
S0xJLmNlcjBOBggrBgEFBQcBCwRCMEAwPgYIKwYBBQUHMAuGMnJzeW5jOi8vcnN5
bmMuY2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8wL0FTMjQzNDkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwggHeBggrBgEFBQcBBwEB/wSCAc0wggHJMIIBxQQC
AAIwggG9AwcAIAECUAIFMBIDBwAgAQJQAgcDBwAgAQJQAggDBwAgAQJQAgwDBwAg
AQJQAhADBwAgAQJQAhIDBwAgAQJQAhUDBwAgAQJQAhgDBwEgAQJQAh4DBwAgAQJQ
AiMDBwAgAQJQAigDBwAgAQJQAiswEgMHACABAlACLQMHACABAlACLgMHASABAlAC
MAMHACABAlACNDASAwcBIAECUAI2AwcAIAECUAI4AwcAIAECUAI6AwcBIAECUAI8
AwcAIAECUAJRAwcAIAECUFBgAwcAIAENqACsAwcAIAENqAIBAwcAIAENqAIEAwcA
IAENqAIMAwcAIAENqAIPAwcBIAENqAIYAwcAIAENqAIcAwcAIAENqAItAwcAIAEN
qAIwMBIDBwAgAQ2oAjMDBwMgAQ2oAjADBwAgAQ2oAjsDBwAgAQ2oAkADBwAgAQ2o
AkQDBwAgAQ2oAkYDBwAgAQ2oAlMDBwAgAQ2oAlkwEgMHASABDagCcgMHASABDagC
dAMHASABDagCeAMHACABDagCezASAwcBIAENqAJ+AwcAIAENqAKAAwUAJAzAAQMF
ACQMwBcDBQAkDMAZAwUAJAzALzANBgkqhkiG9w0BAQsFAAOCAQEAj8yCf5RUzbWI
pmfCipZXaa+JX4+DjTWib49XBU1Nl8TQ9HxjjEWKX5wrqoAIxylBsEaUmtoxoeWn
X5oGkrHIcaTkOdLClGhPEHJeSaG1lFQIuvh7pPms6qOD/jg6cr1iklX/rVEu49JP
EWHkNJTs8YdDQEtBQwx+lge11Cj/q2JA5JLMv/h9x47laIB+Ap4rUWLdOv+RnJtX
Ilq4cEKF2BGjqtTf97fAcMATwGxAo6DS3R2ZNAtEOEkdFw15H5UnayuWX0z1swnM
if24yUlj2XYcIWg+KBup0zNHuOCiC7TvD7eOGDuOrFOvCbemYu9SQRtsqIpX/Fgc
urfYFkr4HA==
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:48:56 2026 by rpki-client