Route Origin Authorization
$ rpki-client -vvf rsync.cernet.net/repo/cernet/0/AS24356.roa
File: AS24356.roa (raw, json)
Hash identifier: WXwkhnpiITnCE8Is6/C9CqzyYkBs05qRAujM2jXgasg=
Subject key identifier: 22:BC:C9:2B:7C:A2:D4:A7:44:85:A3:6F:0A:4D:23:13:A3:E2:3A:69
Certificate issuer: /CN=A91E5D610001/serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Certificate serial: 468C59B64C35B8612B2D005AAB6D0E50B80ECD22
Authority key identifier: C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject info access: rsync://rsync.cernet.net/repo/cernet/0/AS24356.roa
Signing time: Thu 11 Jun 2026 07:31:08 +0000
ROA not before: Thu 11 Jun 2026 07:26:08 +0000
ROA not after: Thu 10 Jun 2027 07:31:08 +0000
asID: 24356
IP address blocks: 2001:250:2401::/48 maxlen: 48
2001:250:2402::/48 maxlen: 48
2001:250:2406::/48 maxlen: 48
2001:250:2407::/48 maxlen: 48
2001:250:2408::/48 maxlen: 48
2001:250:2409::/48 maxlen: 48
2001:250:240a::/48 maxlen: 48
2001:250:240b::/48 maxlen: 48
2001:250:240c::/48 maxlen: 48
2001:250:240d::/48 maxlen: 48
2001:250:240f::/48 maxlen: 48
2001:250:2410::/48 maxlen: 48
2001:250:2413::/48 maxlen: 48
2001:250:2414::/48 maxlen: 48
2001:250:2415::/48 maxlen: 48
2001:250:2416::/48 maxlen: 48
2001:250:2417::/48 maxlen: 48
2001:250:2418::/48 maxlen: 48
2001:250:2419::/48 maxlen: 48
2001:250:241a::/48 maxlen: 48
2001:250:241b::/48 maxlen: 48
2001:250:241c::/48 maxlen: 48
2001:250:241d::/48 maxlen: 48
2001:250:241e::/48 maxlen: 48
2001:250:2420::/48 maxlen: 48
2001:250:2421::/48 maxlen: 48
2001:250:2422::/48 maxlen: 48
2001:250:2423::/48 maxlen: 48
2001:250:2424::/48 maxlen: 48
2001:250:2425::/48 maxlen: 48
2001:250:2426::/48 maxlen: 48
2001:250:2427::/48 maxlen: 48
2001:250:2429::/48 maxlen: 48
2001:250:242a::/48 maxlen: 48
2001:250:242b::/48 maxlen: 48
2001:250:242c::/48 maxlen: 48
2001:250:242d::/48 maxlen: 48
2001:250:242e::/48 maxlen: 48
2001:250:242f::/48 maxlen: 48
2001:250:2430::/48 maxlen: 48
2001:250:2431::/48 maxlen: 48
2001:250:2432::/48 maxlen: 48
2001:250:2433::/48 maxlen: 48
2001:250:2434::/48 maxlen: 48
2001:250:2435::/48 maxlen: 48
2001:250:2436::/48 maxlen: 48
2001:250:2437::/48 maxlen: 48
2001:250:2438::/48 maxlen: 48
2001:250:2439::/48 maxlen: 48
2001:250:243a::/48 maxlen: 48
2001:250:243c::/48 maxlen: 48
2001:250:243d::/48 maxlen: 48
2001:250:243e::/48 maxlen: 48
2001:250:243f::/48 maxlen: 48
2001:250:2440::/48 maxlen: 48
2001:250:2441::/48 maxlen: 48
2001:250:2442::/48 maxlen: 48
2001:250:2443::/48 maxlen: 48
2001:250:4038::/48 maxlen: 48
2001:da8:b1::/48 maxlen: 48
2001:da8:300c::/48 maxlen: 48
2001:da8:300e::/48 maxlen: 48
2001:da8:303a::/48 maxlen: 48
2001:da8:304f::/48 maxlen: 48
2001:da8:c800::/48 maxlen: 48
2001:da8:c801::/48 maxlen: 48
2001:da8:c802::/48 maxlen: 48
2001:da8:c803::/48 maxlen: 48
2001:da8:c804::/48 maxlen: 48
2001:da8:c807::/48 maxlen: 48
2001:da8:c808::/48 maxlen: 48
2001:da8:c809::/48 maxlen: 48
2001:da8:c80a::/48 maxlen: 48
2001:da8:c80b::/48 maxlen: 48
2001:da8:c80d::/48 maxlen: 48
2001:da8:c80e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 03:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:8c:59:b6:4c:35:b8:61:2b:2d:00:5a:ab:6d:0e:50:b8:0e:cd:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D610001, serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Validity
Not Before: Jun 11 07:26:08 2026 GMT
Not After : Jun 10 07:31:08 2027 GMT
Subject: CN=22BCC92B7CA2D4A74485A36F0A4D2313A3E23A69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:19:c5:e7:fc:9c:b7:60:60:00:7a:d8:29:94:
45:43:e8:a7:ba:e0:b0:8d:b5:d3:b7:05:26:2c:1f:
ff:9a:89:66:03:b6:0d:01:36:22:69:9c:fc:d7:d0:
bc:93:09:c6:f0:1f:aa:95:85:1c:47:13:76:fa:12:
09:ee:f1:b6:1a:0a:32:81:e7:aa:e8:10:d7:f4:9b:
2a:d8:08:bc:ce:63:92:30:0f:15:24:e1:29:f3:f6:
a0:09:d7:0e:14:22:be:b0:27:2e:b2:e7:1f:97:8e:
c7:8e:a0:11:53:5f:98:35:21:a6:02:ef:30:bd:4c:
96:ba:46:b2:2a:64:c4:af:26:f6:4c:f2:3c:da:3b:
cb:4a:8a:22:91:96:66:f8:45:56:8b:6b:14:c4:d6:
9f:b1:5c:b7:c9:ec:35:56:42:00:3b:63:d2:0f:2f:
46:8c:e0:5a:16:74:11:4b:18:f5:12:85:3d:41:34:
47:de:e1:83:b1:b4:4f:13:13:38:8e:2b:78:f0:c5:
7c:35:c1:51:53:1b:f4:d6:bb:ec:d5:17:b2:47:d3:
b1:b4:95:64:a6:ac:fb:72:2f:d4:77:70:fb:42:2d:
8c:d2:31:06:7f:aa:7f:7b:c7:45:56:d5:0b:a1:04:
a6:d8:9c:ba:ba:52:38:46:d2:c5:3c:ff:32:b2:d8:
1f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:BC:C9:2B:7C:A2:D4:A7:44:85:A3:6F:0A:4D:23:13:A3:E2:3A:69
X509v3 Authority Key Identifier:
keyid:C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.cernet.net/repo/cernet/0/AS24356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:250:2401::-2001:250:2402:ffff:ffff:ffff:ffff:ffff
2001:250:2406::-2001:250:240d:ffff:ffff:ffff:ffff:ffff
2001:250:240f::-2001:250:2410:ffff:ffff:ffff:ffff:ffff
2001:250:2413::-2001:250:241e:ffff:ffff:ffff:ffff:ffff
2001:250:2420::/45
2001:250:2429::-2001:250:243a:ffff:ffff:ffff:ffff:ffff
2001:250:243c::-2001:250:2443:ffff:ffff:ffff:ffff:ffff
2001:250:4038::/48
2001:da8:b1::/48
2001:da8:300c::/48
2001:da8:300e::/48
2001:da8:303a::/48
2001:da8:304f::/48
2001:da8:c800::-2001:da8:c804:ffff:ffff:ffff:ffff:ffff
2001:da8:c807::-2001:da8:c80b:ffff:ffff:ffff:ffff:ffff
2001:da8:c80d::-2001:da8:c80e:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
56:6e:84:90:f1:ec:89:a9:42:08:1c:c0:42:f9:eb:d1:b5:9e:
19:16:e4:64:56:33:32:f5:5d:f3:e0:85:0e:28:5c:c2:fb:46:
f4:7f:cb:fd:c6:db:5f:55:6f:6e:57:9b:c8:17:01:e1:fc:7a:
b4:bb:4a:3e:ea:98:e5:63:8f:f9:aa:d1:7b:5b:dd:3f:84:62:
c6:9b:1b:4f:b0:25:8e:31:39:93:d1:1d:b1:c3:6b:7b:42:8c:
18:85:f2:f8:9c:69:29:af:5c:ca:c2:37:24:f1:72:17:93:19:
d7:f1:f7:a2:28:4a:fe:39:bb:a7:1b:52:d2:ee:0f:77:8d:16:
1f:7e:c4:18:fe:f1:92:05:16:13:ac:91:4e:8f:17:cf:68:1c:
98:40:67:9c:d1:74:4a:97:b8:4d:57:8c:30:9b:41:e6:aa:da:
59:52:c9:4c:84:3b:df:b1:4a:6a:5f:46:82:16:30:57:4a:19:
11:8d:8e:ed:6b:ab:5a:02:3a:f1:c3:20:6e:ca:39:76:b2:dd:
d7:35:55:89:a9:4a:34:41:9b:9f:95:ea:2c:a8:42:dd:eb:74:
f8:4b:f6:99:f9:16:0a:33:46:b9:58:e8:0d:72:bf:40:67:bb:
17:32:03:8c:c0:3c:13:86:0c:56:05:c2:f2:9c:a4:1e:26:e6:
8f:05:64:9e
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgIURoxZtkw1uGErLQBaq20OULgOzSIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEyhDMUVGMzkyQzUw
MDU5N0NBM0NCQTJFMUVDN0FBMUVDM0Y1MEEyOEIyMB4XDTI2MDYxMTA3MjYwOFoX
DTI3MDYxMDA3MzEwOFowMzExMC8GA1UEAxMoMjJCQ0M5MkI3Q0EyRDRBNzQ0ODVB
MzZGMEE0RDIzMTNBM0UyM0E2OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAZxef8nLdgYAB62CmURUPop7rgsI2107cFJiwf/5qJZgO2DQE2Immc/NfQ
vJMJxvAfqpWFHEcTdvoSCe7xthoKMoHnqugQ1/SbKtgIvM5jkjAPFSThKfP2oAnX
DhQivrAnLrLnH5eOx46gEVNfmDUhpgLvML1MlrpGsipkxK8m9kzyPNo7y0qKIpGW
ZvhFVotrFMTWn7Fct8nsNVZCADtj0g8vRozgWhZ0EUsY9RKFPUE0R97hg7G0TxMT
OI4rePDFfDXBUVMb9Na77NUXskfTsbSVZKas+3Iv1Hdw+0ItjNIxBn+qf3vHRVbV
C6EEpticurpSOEbSxTz/MrLYHycCAwEAAaOCArcwggKzMB0GA1UdDgQWBBQivMkr
fKLUp0SFo28KTSMTo+I6aTAfBgNVHSMEGDAWgBTB7zksUAWXyjy6Lh7Hqh7D9Qoo
sjAOBgNVHQ8BAf8EBAMCB4AwZAYDVR0fBF0wWzBZoFegVYZTcnN5bmM6Ly9yc3lu
Yy5jZXJuZXQubmV0L3JlcG8vY2VybmV0LzAvQzFFRjM5MkM1MDA1OTdDQTNDQkEy
RTFFQzdBQTFFQzNGNTBBMjhCMi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUF
BzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgx
RDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd2U4NUxGQUZsOG84dWk0ZXg2b2V3X1VL
S0xJLmNlcjBOBggrBgEFBQcBCwRCMEAwPgYIKwYBBQUHMAuGMnJzeW5jOi8vcnN5
bmMuY2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8wL0FTMjQzNTYucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwggEPBggrBgEFBQcBBwEB/wSB/zCB/DCB+QQCAAIw
gfIwEgMHACABAlAkAQMHACABAlAkAjASAwcBIAECUCQGAwcBIAECUCQMMBIDBwAg
AQJQJA8DBwAgAQJQJBAwEgMHACABAlAkEwMHACABAlAkHgMHAyABAlAkIDASAwcA
IAECUCQpAwcAIAECUCQ6MBIDBwIgAQJQJDwDBwIgAQJQJEADBwAgAQJQQDgDBwAg
AQ2oALEDBwAgAQ2oMAwDBwAgAQ2oMA4DBwAgAQ2oMDoDBwAgAQ2oME8wEQMGAyAB
DajIAwcAIAENqMgEMBIDBwAgAQ2oyAcDBwIgAQ2oyAgwEgMHACABDajIDQMHACAB
DajIDjANBgkqhkiG9w0BAQsFAAOCAQEAVm6EkPHsialCCBzAQvnr0bWeGRbkZFYz
MvVd8+CFDihcwvtG9H/L/cbbX1VvblebyBcB4fx6tLtKPuqY5WOP+arRe1vdP4Ri
xpsbT7AljjE5k9EdscNre0KMGIXy+JxpKa9cysI3JPFyF5MZ1/H3oihK/jm7pxtS
0u4Pd40WH37EGP7xkgUWE6yRTo8Xz2gcmEBnnNF0Spe4TVeMMJtB5qraWVLJTIQ7
37FKal9GghYwV0oZEY2O7WurWgI68cMgbso5drLd1zVVialKNEGbn5XqLKhC3et0
+Ev2mfkWCjNGuVjoDXK/QGe7FzIDjMA8E4YMVgXC8pykHibmjwVkng==
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:48:56 2026 by rpki-client