Route Origin Authorization
$ rpki-client -vvf rsync.cernet.net/repo/cernet/0/AS24351.roa
File: AS24351.roa (raw, json)
Hash identifier: QMGb/ozjXDQcV+HCoH4zsBS6eEUBTVmKebFkudIRJuM=
Subject key identifier: 5A:4B:84:87:47:0A:C5:44:7F:38:D0:07:06:4B:5B:8F:93:89:F4:C6
Certificate issuer: /CN=A91E5D610001/serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Certificate serial: 78ADCC65F465A442182D7DF5929FE2A1E0A1AC79
Authority key identifier: C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject info access: rsync://rsync.cernet.net/repo/cernet/0/AS24351.roa
Signing time: Thu 11 Jun 2026 06:43:38 +0000
ROA not before: Thu 11 Jun 2026 06:38:38 +0000
ROA not after: Thu 10 Jun 2027 06:43:38 +0000
asID: 24351
IP address blocks: 2001:250:206::/48 maxlen: 48
2001:250:20a::/48 maxlen: 48
2001:250:20f::/48 maxlen: 48
2001:250:214::/48 maxlen: 48
2001:da8:ae::/48 maxlen: 48
2001:da8:bc::/48 maxlen: 48
2001:da8:203::/48 maxlen: 48
2001:da8:20a::/48 maxlen: 48
2001:da8:25f::/48 maxlen: 48
2001:da8:ffc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 03:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:ad:cc:65:f4:65:a4:42:18:2d:7d:f5:92:9f:e2:a1:e0:a1:ac:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D610001, serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Validity
Not Before: Jun 11 06:38:38 2026 GMT
Not After : Jun 10 06:43:38 2027 GMT
Subject: CN=5A4B8487470AC5447F38D007064B5B8F9389F4C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1e:f7:f6:1b:22:a4:66:67:8b:63:30:a2:9f:
7c:eb:77:95:b2:46:20:da:27:0f:3c:ce:cf:97:2d:
20:25:de:21:b3:42:94:eb:5f:cc:75:16:08:e9:14:
d9:38:37:43:2e:77:af:79:8b:67:29:e2:8c:e9:59:
b8:4a:62:48:a8:ee:49:9b:ca:b1:7b:4a:51:87:88:
72:e4:e2:9f:56:38:44:09:12:04:24:5a:37:a4:78:
2a:f0:63:14:dd:6b:55:1b:2e:60:25:7f:55:0a:fe:
7e:4b:d2:bd:89:72:e8:84:fe:bb:96:49:b1:e3:4c:
8e:98:0e:5d:60:53:b1:ec:9d:91:d3:c6:68:2d:ae:
9c:16:6f:dc:27:58:6c:da:54:3d:cf:81:5b:4b:2c:
cd:f3:dc:5e:01:ad:b4:52:03:d6:0f:d9:ee:6c:b2:
97:fa:05:65:16:83:6f:62:6b:dd:12:18:bb:76:71:
c2:b7:b7:2c:02:4d:d8:9e:f7:38:2c:d5:26:07:d1:
3d:1b:cb:ec:b4:b9:77:f4:25:fb:f8:99:1f:98:1f:
29:bc:75:36:da:08:48:2d:2a:a5:6b:3d:a6:2e:f8:
56:58:a3:0b:63:40:5c:ee:e0:0c:05:98:d7:fe:6c:
5d:be:5b:63:ca:60:c5:c6:2d:90:ba:bd:db:f2:61:
ac:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:4B:84:87:47:0A:C5:44:7F:38:D0:07:06:4B:5B:8F:93:89:F4:C6
X509v3 Authority Key Identifier:
keyid:C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.cernet.net/repo/cernet/0/AS24351.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:250:206::/48
2001:250:20a::/48
2001:250:20f::/48
2001:250:214::/48
2001:da8:ae::/48
2001:da8:bc::/48
2001:da8:203::/48
2001:da8:20a::/48
2001:da8:25f::/48
2001:da8:ffc::/48
Signature Algorithm: sha256WithRSAEncryption
3b:ea:f7:b4:f2:a5:e1:31:f6:3d:d5:28:8d:05:26:c8:a1:b2:
6b:93:84:ae:f7:82:5a:3d:09:b3:a8:04:ee:76:a8:19:a5:93:
7f:54:5f:52:00:fb:ec:15:d2:69:dd:be:78:da:0d:03:2a:80:
f9:be:96:ee:93:89:5a:65:d0:a6:7c:71:82:5e:75:4b:09:e1:
b9:21:45:da:9a:29:3a:b3:d3:32:ce:c8:53:91:c4:c1:bf:8f:
39:a1:7b:42:9d:a6:f3:f3:5d:0b:c7:f2:6c:f8:0c:5b:da:b1:
ad:0c:03:45:48:4a:1a:b4:88:ec:16:88:4f:0e:1c:31:3e:31:
c5:4a:40:17:27:05:c7:77:92:5c:0a:14:df:f8:38:ee:1c:9b:
20:bd:b4:d8:5d:d1:52:d9:c5:e8:bf:ce:d7:56:23:9f:2d:f8:
66:2c:c8:cb:e2:3d:65:91:a7:44:1d:fb:08:8c:30:51:f9:54:
b9:4c:6b:e3:8c:57:08:d8:c4:85:35:df:7a:5c:73:6b:a8:56:
8d:3d:17:09:dc:0f:a8:17:0f:8f:9b:87:e1:ed:cf:d0:e9:67:
6f:b3:a3:55:68:46:4b:98:76:19:0f:6f:83:3b:89:a9:c1:2a:
15:ce:d9:a3:53:48:4d:c9:55:cc:40:c1:d1:79:c2:f0:2a:48:
08:8f:18:6b
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUeK3MZfRlpEIYLX31kp/ioeChrHkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEyhDMUVGMzkyQzUw
MDU5N0NBM0NCQTJFMUVDN0FBMUVDM0Y1MEEyOEIyMB4XDTI2MDYxMTA2MzgzOFoX
DTI3MDYxMDA2NDMzOFowMzExMC8GA1UEAxMoNUE0Qjg0ODc0NzBBQzU0NDdGMzhE
MDA3MDY0QjVCOEY5Mzg5RjRDNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALse9/YbIqRmZ4tjMKKffOt3lbJGINonDzzOz5ctICXeIbNClOtfzHUWCOkU
2Tg3Qy53r3mLZynijOlZuEpiSKjuSZvKsXtKUYeIcuTin1Y4RAkSBCRaN6R4KvBj
FN1rVRsuYCV/VQr+fkvSvYly6IT+u5ZJseNMjpgOXWBTseydkdPGaC2unBZv3CdY
bNpUPc+BW0sszfPcXgGttFID1g/Z7myyl/oFZRaDb2Jr3RIYu3Zxwre3LAJN2J73
OCzVJgfRPRvL7LS5d/Ql+/iZH5gfKbx1NtoISC0qpWs9pi74VlijC2NAXO7gDAWY
1/5sXb5bY8pgxcYtkLq92/JhrGsCAwEAAaOCAhkwggIVMB0GA1UdDgQWBBRaS4SH
RwrFRH840AcGS1uPk4n0xjAfBgNVHSMEGDAWgBTB7zksUAWXyjy6Lh7Hqh7D9Qoo
sjAOBgNVHQ8BAf8EBAMCB4AwZAYDVR0fBF0wWzBZoFegVYZTcnN5bmM6Ly9yc3lu
Yy5jZXJuZXQubmV0L3JlcG8vY2VybmV0LzAvQzFFRjM5MkM1MDA1OTdDQTNDQkEy
RTFFQzdBQTFFQzNGNTBBMjhCMi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUF
BzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgx
RDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd2U4NUxGQUZsOG84dWk0ZXg2b2V3X1VL
S0xJLmNlcjBOBggrBgEFBQcBCwRCMEAwPgYIKwYBBQUHMAuGMnJzeW5jOi8vcnN5
bmMuY2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8wL0FTMjQzNTEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwcwYIKwYBBQUHAQcBAf8EZDBiMGAEAgACMFoDBwAg
AQJQAgYDBwAgAQJQAgoDBwAgAQJQAg8DBwAgAQJQAhQDBwAgAQ2oAK4DBwAgAQ2o
ALwDBwAgAQ2oAgMDBwAgAQ2oAgoDBwAgAQ2oAl8DBwAgAQ2oD/wwDQYJKoZIhvcN
AQELBQADggEBADvq97TypeEx9j3VKI0FJsihsmuThK73glo9CbOoBO52qBmlk39U
X1IA++wV0mndvnjaDQMqgPm+lu6TiVpl0KZ8cYJedUsJ4bkhRdqaKTqz0zLOyFOR
xMG/jzmhe0KdpvPzXQvH8mz4DFvasa0MA0VIShq0iOwWiE8OHDE+McVKQBcnBcd3
klwKFN/4OO4cmyC9tNhd0VLZxei/ztdWI58t+GYsyMviPWWRp0Qd+wiMMFH5VLlM
a+OMVwjYxIU133pcc2uoVo09FwncD6gXD4+bh+Htz9DpZ2+zo1VoRkuYdhkPb4M7
ianBKhXO2aNTSE3JVcxAwdF5wvAqSAiPGGs=
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:49:23 2026 by rpki-client