Route Origin Authorization
$ rpki-client -vvf rsync.cernet.net/repo/cernet/0/AS24352.roa
File: AS24352.roa (raw, json)
Hash identifier: 1nHrj+GTS+TD9yZCfI3JniWtY9/W9XaJP8SQxJdeCLI=
Subject key identifier: 57:84:9B:4C:CC:4D:11:3A:51:77:3B:FA:EA:8B:73:5D:00:95:AF:E8
Certificate issuer: /CN=A91E5D610001/serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Certificate serial: 19A8412496E82DF1A57771B954BF09E11E393193
Authority key identifier: C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject info access: rsync://rsync.cernet.net/repo/cernet/0/AS24352.roa
Signing time: Thu 11 Jun 2026 07:27:13 +0000
ROA not before: Thu 11 Jun 2026 07:22:13 +0000
ROA not after: Thu 10 Jun 2027 07:27:13 +0000
asID: 24352
IP address blocks: 2001:250:401::/48 maxlen: 48
2001:250:402::/48 maxlen: 48
2001:250:403::/48 maxlen: 48
2001:250:404::/48 maxlen: 48
2001:250:405::/48 maxlen: 48
2001:250:406::/48 maxlen: 48
2001:250:407::/48 maxlen: 48
2001:250:408::/48 maxlen: 48
2001:250:40d::/48 maxlen: 48
2001:250:40e::/48 maxlen: 48
2001:250:40f::/48 maxlen: 48
2001:da8:a6::/48 maxlen: 48
2001:da8:a001::/48 maxlen: 48
2001:da8:a002::/48 maxlen: 48
2001:da8:a005::/48 maxlen: 48
2001:da8:a006::/48 maxlen: 48
2001:da8:a007::/48 maxlen: 48
2001:da8:a008::/48 maxlen: 48
2001:da8:a009::/48 maxlen: 48
2001:da8:a00a::/48 maxlen: 48
2001:da8:a00b::/48 maxlen: 48
2001:da8:a00c::/48 maxlen: 48
2001:da8:a00d::/48 maxlen: 48
2001:da8:a00e::/48 maxlen: 48
2001:da8:a00f::/48 maxlen: 48
2001:da8:a010::/48 maxlen: 48
2001:da8:a011::/48 maxlen: 48
2001:da8:a012::/48 maxlen: 48
2001:da8:a013::/48 maxlen: 48
2001:da8:a014::/48 maxlen: 48
2001:da8:a015::/48 maxlen: 48
2001:da8:a016::/48 maxlen: 48
2001:da8:a017::/48 maxlen: 48
2001:da8:a018::/48 maxlen: 48
2001:da8:a019::/48 maxlen: 48
2001:da8:a01a::/48 maxlen: 48
2001:da8:a01b::/48 maxlen: 48
2001:da8:a01c::/48 maxlen: 48
2001:da8:a01e::/48 maxlen: 48
2001:da8:a01f::/48 maxlen: 48
2001:da8:a020::/48 maxlen: 48
2001:da8:a021::/48 maxlen: 48
2001:da8:a023::/48 maxlen: 48
2001:da8:a024::/48 maxlen: 48
2001:da8:a025::/48 maxlen: 48
2001:da8:a027::/48 maxlen: 48
2001:da8:a028::/48 maxlen: 48
2001:da8:a029::/48 maxlen: 48
2001:da8:a02a::/48 maxlen: 48
240c:c220::/32 maxlen: 32
240c:c221::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 03:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:a8:41:24:96:e8:2d:f1:a5:77:71:b9:54:bf:09:e1:1e:39:31:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D610001, serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Validity
Not Before: Jun 11 07:22:13 2026 GMT
Not After : Jun 10 07:27:13 2027 GMT
Subject: CN=57849B4CCC4D113A51773BFAEA8B735D0095AFE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f3:64:fd:02:37:d2:0f:cf:16:45:d2:ac:60:
a6:1d:e6:01:ec:96:fd:09:5d:29:a8:bf:3d:7e:6a:
f1:5b:38:91:37:33:1b:db:96:b3:03:a3:9e:79:b4:
00:f5:e7:a6:8f:c7:83:4a:fb:e8:a8:a1:cd:af:04:
3e:3e:14:b8:10:fe:5a:c2:cf:01:af:0e:e1:6a:b3:
0e:af:6f:32:4d:4d:45:d2:89:12:df:4f:28:70:02:
e4:fd:6c:64:47:d7:cd:d4:6f:c9:35:9a:44:f5:ba:
e5:67:37:93:c3:d3:6b:b5:f8:35:c8:e0:7b:14:23:
7f:d3:36:a9:a4:19:a2:15:55:50:a4:f7:7e:cd:96:
db:c4:8b:25:b8:cb:d4:69:4d:72:3e:e0:d6:a3:be:
9d:7a:f6:bc:08:46:21:ed:13:b0:6f:55:e7:8f:dc:
12:fd:f1:8d:8a:c9:74:4e:2b:bb:f8:ae:b2:70:1c:
39:40:a7:a1:7f:aa:81:9a:fd:f2:eb:dc:00:8e:93:
b7:65:79:45:5f:23:69:ee:b1:94:c0:b8:de:ae:ae:
4d:48:de:70:e6:bb:b2:31:03:99:cd:2a:47:7a:a1:
84:e6:57:3e:79:11:01:b3:38:eb:a0:be:47:b9:5c:
3f:35:63:f1:36:0f:cd:bb:47:1c:29:33:81:1c:7f:
75:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:84:9B:4C:CC:4D:11:3A:51:77:3B:FA:EA:8B:73:5D:00:95:AF:E8
X509v3 Authority Key Identifier:
keyid:C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.cernet.net/repo/cernet/0/AS24352.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:250:401::-2001:250:408:ffff:ffff:ffff:ffff:ffff
2001:250:40d::-2001:250:40f:ffff:ffff:ffff:ffff:ffff
2001:da8:a6::/48
2001:da8:a001::-2001:da8:a002:ffff:ffff:ffff:ffff:ffff
2001:da8:a005::-2001:da8:a01c:ffff:ffff:ffff:ffff:ffff
2001:da8:a01e::-2001:da8:a021:ffff:ffff:ffff:ffff:ffff
2001:da8:a023::-2001:da8:a025:ffff:ffff:ffff:ffff:ffff
2001:da8:a027::-2001:da8:a02a:ffff:ffff:ffff:ffff:ffff
240c:c220::/31
Signature Algorithm: sha256WithRSAEncryption
9f:58:a6:56:82:fa:b8:5c:4d:47:72:a2:b9:82:77:e8:ac:fe:
03:53:82:78:8c:af:1d:e7:6d:2b:eb:b3:c2:cb:9d:f0:a4:94:
1e:04:f7:dc:89:c1:2c:09:67:11:1e:d8:05:8d:ba:a3:48:ed:
fc:13:f7:eb:aa:de:11:3f:51:72:da:02:1c:56:b5:dd:8f:86:
4f:19:71:82:89:d2:70:f3:9b:f8:4c:7d:17:08:e5:33:8c:b5:
93:9d:8b:71:ad:22:76:83:84:c1:ea:4d:bc:3a:27:ac:4c:21:
57:83:cb:73:ad:41:c4:c1:9f:0a:08:ea:6b:c6:44:12:c3:b3:
65:eb:c9:fe:f9:b5:31:ab:c6:4c:e0:dd:e9:cd:5b:17:8f:5d:
54:5a:62:df:64:9b:32:19:52:d2:5b:74:87:69:40:11:54:db:
73:e2:be:39:73:8b:1e:d4:86:ab:26:35:71:82:98:72:12:b0:
04:e1:90:fa:49:ab:60:ca:b6:3f:c2:a1:8a:be:ea:62:60:ff:
66:a0:ae:c3:74:9b:1d:1a:e8:b7:d3:e4:b8:8e:82:7d:2b:c3:
7b:2c:74:31:fa:b0:3b:5f:28:19:43:11:57:3d:09:d6:53:86:
cf:d5:4d:4a:f2:27:30:74:2d:ce:aa:a9:72:41:b8:f7:17:29:
0b:69:36:ce
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIUGahBJJboLfGld3G5VL8J4R45MZMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEyhDMUVGMzkyQzUw
MDU5N0NBM0NCQTJFMUVDN0FBMUVDM0Y1MEEyOEIyMB4XDTI2MDYxMTA3MjIxM1oX
DTI3MDYxMDA3MjcxM1owMzExMC8GA1UEAxMoNTc4NDlCNENDQzREMTEzQTUxNzcz
QkZBRUE4QjczNUQwMDk1QUZFODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOfzZP0CN9IPzxZF0qxgph3mAeyW/QldKai/PX5q8Vs4kTczG9uWswOjnnm0
APXnpo/Hg0r76Kihza8EPj4UuBD+WsLPAa8O4WqzDq9vMk1NRdKJEt9PKHAC5P1s
ZEfXzdRvyTWaRPW65Wc3k8PTa7X4NcjgexQjf9M2qaQZohVVUKT3fs2W28SLJbjL
1GlNcj7g1qO+nXr2vAhGIe0TsG9V54/cEv3xjYrJdE4ru/iusnAcOUCnoX+qgZr9
8uvcAI6Tt2V5RV8jae6xlMC43q6uTUjecOa7sjEDmc0qR3qhhOZXPnkRAbM466C+
R7lcPzVj8TYPzbtHHCkzgRx/dVsCAwEAAaOCAmAwggJcMB0GA1UdDgQWBBRXhJtM
zE0ROlF3O/rqi3NdAJWv6DAfBgNVHSMEGDAWgBTB7zksUAWXyjy6Lh7Hqh7D9Qoo
sjAOBgNVHQ8BAf8EBAMCB4AwZAYDVR0fBF0wWzBZoFegVYZTcnN5bmM6Ly9yc3lu
Yy5jZXJuZXQubmV0L3JlcG8vY2VybmV0LzAvQzFFRjM5MkM1MDA1OTdDQTNDQkEy
RTFFQzdBQTFFQzNGNTBBMjhCMi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUF
BzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgx
RDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd2U4NUxGQUZsOG84dWk0ZXg2b2V3X1VL
S0xJLmNlcjBOBggrBgEFBQcBCwRCMEAwPgYIKwYBBQUHMAuGMnJzeW5jOi8vcnN5
bmMuY2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8wL0FTMjQzNTIucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwgbkGCCsGAQUFBwEHAQH/BIGpMIGmMIGjBAIAAjCB
nDASAwcAIAECUAQBAwcAIAECUAQIMBIDBwAgAQJQBA0DBwQgAQJQBAADBwAgAQ2o
AKYwEgMHACABDaigAQMHACABDaigAjASAwcAIAENqKAFAwcAIAENqKAcMBIDBwEg
AQ2ooB4DBwEgAQ2ooCAwEgMHACABDaigIwMHASABDaigJDASAwcAIAENqKAnAwcA
IAENqKAqAwUBJAzCIDANBgkqhkiG9w0BAQsFAAOCAQEAn1imVoL6uFxNR3KiuYJ3
6Kz+A1OCeIyvHedtK+uzwsud8KSUHgT33InBLAlnER7YBY26o0jt/BP366reET9R
ctoCHFa13Y+GTxlxgonScPOb+Ex9FwjlM4y1k52Lca0idoOEwepNvDonrEwhV4PL
c61BxMGfCgjqa8ZEEsOzZevJ/vm1MavGTODd6c1bF49dVFpi32SbMhlS0lt0h2lA
EVTbc+K+OXOLHtSGqyY1cYKYchKwBOGQ+kmrYMq2P8Khir7qYmD/ZqCuw3SbHRro
t9PkuI6CfSvDeyx0MfqwO18oGUMRVz0J1lOGz9VNSvInMHQtzqqpckG49xcpC2k2
zg==
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:48:56 2026 by rpki-client