Route Origin Authorization
$ rpki-client -vvf rsync.cernet.net/repo/cernet/0/AS24359.roa
File: AS24359.roa (raw, json)
Hash identifier: 5b9fbgqdSgo5FCgCtoHW7L/u28/xK3q0Na6ZlxuafgE=
Subject key identifier: 33:1E:92:A1:AC:94:F4:00:A4:06:F3:2A:2A:8D:61:44:7A:93:4C:62
Certificate issuer: /CN=A91E5D610001/serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Certificate serial: 7DC9D671E097219D32E017FF3651B1357F52310B
Authority key identifier: C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject info access: rsync://rsync.cernet.net/repo/cernet/0/AS24359.roa
Signing time: Thu 11 Jun 2026 07:35:08 +0000
ROA not before: Thu 11 Jun 2026 07:30:08 +0000
ROA not after: Thu 10 Jun 2027 07:35:08 +0000
asID: 24359
IP address blocks: 2001:250:4400::/48 maxlen: 48
2001:250:4401::/48 maxlen: 48
2001:250:4402::/48 maxlen: 48
2001:250:4403::/48 maxlen: 48
2001:250:4404::/48 maxlen: 48
2001:250:4405::/48 maxlen: 48
2001:250:4406::/48 maxlen: 48
2001:250:4407::/48 maxlen: 48
2001:250:4408::/48 maxlen: 48
2001:250:4409::/48 maxlen: 48
2001:250:440a::/48 maxlen: 48
2001:250:440b::/48 maxlen: 48
2001:250:440c::/48 maxlen: 48
2001:250:440d::/48 maxlen: 48
2001:250:440e::/48 maxlen: 48
2001:250:440f::/48 maxlen: 48
2001:250:4410::/48 maxlen: 48
2001:250:4411::/48 maxlen: 48
2001:250:4412::/48 maxlen: 48
2001:250:4413::/48 maxlen: 48
2001:250:4414::/48 maxlen: 48
2001:250:4415::/48 maxlen: 48
2001:250:4416::/48 maxlen: 48
2001:250:4417::/48 maxlen: 48
2001:250:4419::/48 maxlen: 48
2001:250:441a::/48 maxlen: 48
2001:250:441b::/48 maxlen: 48
2001:250:441c::/48 maxlen: 48
2001:250:441d::/48 maxlen: 48
2001:250:441e::/48 maxlen: 48
2001:250:441f::/48 maxlen: 48
2001:250:4420::/48 maxlen: 48
2001:250:4421::/48 maxlen: 48
2001:250:4422::/48 maxlen: 48
2001:250:4423::/48 maxlen: 48
2001:250:4424::/48 maxlen: 48
2001:250:4425::/48 maxlen: 48
2001:250:4426::/48 maxlen: 48
2001:250:4427::/48 maxlen: 48
2001:250:4428::/48 maxlen: 48
2001:da8:b6::/48 maxlen: 48
2001:da8:d000::/48 maxlen: 48
2001:da8:d001::/48 maxlen: 48
2001:da8:d002::/48 maxlen: 48
2001:da8:d003::/48 maxlen: 48
2001:da8:d004::/48 maxlen: 48
2001:da8:d005::/48 maxlen: 48
2001:da8:d006::/48 maxlen: 48
2001:da8:d007::/48 maxlen: 48
2001:da8:d008::/48 maxlen: 48
2001:da8:d009::/48 maxlen: 48
2001:da8:d00a::/48 maxlen: 48
2001:da8:d00b::/48 maxlen: 48
2001:da8:d00c::/48 maxlen: 48
2001:da8:d00d::/48 maxlen: 48
2001:da8:d00e::/48 maxlen: 48
2001:da8:d00f::/48 maxlen: 48
2001:da8:d010::/48 maxlen: 48
2001:da8:d011::/48 maxlen: 48
2001:da8:d012::/48 maxlen: 48
2001:da8:d013::/48 maxlen: 48
2001:da8:d014::/48 maxlen: 48
2001:da8:d015::/48 maxlen: 48
2001:da8:d016::/48 maxlen: 48
2001:da8:d017::/48 maxlen: 48
2001:da8:d018::/48 maxlen: 48
2001:da8:d019::/48 maxlen: 48
2001:da8:d01a::/48 maxlen: 48
2001:da8:d01b::/48 maxlen: 48
2001:da8:d01c::/48 maxlen: 48
2001:da8:d01d::/48 maxlen: 48
2001:da8:d01e::/48 maxlen: 48
2001:da8:d01f::/48 maxlen: 48
2001:da8:d020::/48 maxlen: 48
2001:da8:d021::/48 maxlen: 48
2001:da8:d022::/48 maxlen: 48
2001:da8:d023::/48 maxlen: 48
2001:da8:d024::/48 maxlen: 48
2001:da8:d025::/48 maxlen: 48
240c:ce04::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 03:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:c9:d6:71:e0:97:21:9d:32:e0:17:ff:36:51:b1:35:7f:52:31:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D610001, serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Validity
Not Before: Jun 11 07:30:08 2026 GMT
Not After : Jun 10 07:35:08 2027 GMT
Subject: CN=331E92A1AC94F400A406F32A2A8D61447A934C62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f6:52:61:4f:91:72:b7:6d:e9:5d:98:ab:9d:
4d:c5:ee:4f:a9:a3:2c:59:ed:d2:7c:ed:db:6b:69:
c6:1c:55:4a:e8:07:ff:da:d0:e4:1d:f6:54:5f:71:
70:9a:96:1b:77:b4:3a:46:6a:60:a4:c9:c3:19:36:
14:97:32:53:25:b8:4d:c6:49:01:4b:aa:79:10:3a:
ae:ae:4a:e4:c4:fc:92:cc:a2:c8:69:6c:f7:a7:3f:
bb:17:55:fe:68:9b:59:8e:1f:22:4e:2c:85:7f:16:
24:e2:70:ba:08:0c:b9:1a:65:a4:f5:34:ed:60:67:
53:8d:52:65:73:a1:d1:07:11:1b:79:1a:e6:fe:13:
0b:a1:f6:2f:52:6f:0f:0e:3f:40:69:05:74:eb:1a:
6a:76:db:5b:ce:24:b9:84:d0:b1:8f:0c:c3:32:50:
9b:1e:2e:7a:81:16:42:c8:d7:76:8d:e3:5d:39:39:
b6:cc:a2:c2:d4:10:30:5c:70:49:b7:3c:91:f4:c3:
6c:03:df:84:76:e6:df:d9:ad:45:d3:a0:d3:29:89:
69:36:a4:16:ec:9b:37:1e:37:7d:90:f0:da:6a:2d:
de:eb:fa:7a:47:ac:c9:38:7a:39:75:da:03:b5:76:
84:d6:38:52:67:df:92:7e:a7:2d:43:0e:2a:e8:71:
48:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:1E:92:A1:AC:94:F4:00:A4:06:F3:2A:2A:8D:61:44:7A:93:4C:62
X509v3 Authority Key Identifier:
keyid:C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.cernet.net/repo/cernet/0/AS24359.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:250:4400::-2001:250:4417:ffff:ffff:ffff:ffff:ffff
2001:250:4419::-2001:250:4428:ffff:ffff:ffff:ffff:ffff
2001:da8:b6::/48
2001:da8:d000::-2001:da8:d025:ffff:ffff:ffff:ffff:ffff
240c:ce04::/32
Signature Algorithm: sha256WithRSAEncryption
98:b3:fd:d8:d2:3e:35:bf:1e:c1:ab:4b:45:4b:de:90:03:4f:
0d:25:80:78:cf:a6:de:7b:6f:06:b6:40:a1:00:25:b7:06:3a:
88:e6:c9:60:70:5d:79:f2:2b:3c:1d:b0:03:30:6a:37:7f:50:
b0:79:96:f6:54:46:7a:3e:cc:0f:5c:1c:25:50:71:62:e7:40:
ab:24:6d:20:99:86:db:be:f0:d6:7e:7a:9b:ab:bc:03:a2:76:
58:3f:80:1d:a8:84:3c:f8:56:39:db:5c:51:92:ef:2d:ae:54:
86:68:f3:46:24:d6:06:b2:c9:98:42:e8:92:38:73:b6:f8:dc:
9f:09:c7:69:e5:01:97:64:69:22:e6:79:3c:fe:ff:52:34:59:
df:03:28:96:40:03:a2:29:e9:0f:51:11:e8:b6:67:24:65:53:
a9:f1:22:24:35:d6:5d:6d:19:57:a7:13:87:cb:05:39:fc:ac:
3a:ab:b0:98:a8:f2:18:07:45:73:a1:91:74:db:ca:bc:18:39:
e1:1b:d6:22:f6:c7:bf:1b:35:a8:1c:48:04:bc:67:7f:07:88:
66:f7:88:f6:bc:e9:da:0a:0d:c5:2f:1d:fb:6b:a7:f8:1a:56:
5c:a3:49:14:d3:b7:be:48:44:26:20:3e:58:12:6c:49:aa:92:
d7:57:cd:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUfcnWceCXIZ0y4Bf/NlGxNX9SMQswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEyhDMUVGMzkyQzUw
MDU5N0NBM0NCQTJFMUVDN0FBMUVDM0Y1MEEyOEIyMB4XDTI2MDYxMTA3MzAwOFoX
DTI3MDYxMDA3MzUwOFowMzExMC8GA1UEAxMoMzMxRTkyQTFBQzk0RjQwMEE0MDZG
MzJBMkE4RDYxNDQ3QTkzNEM2MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJX2UmFPkXK3beldmKudTcXuT6mjLFnt0nzt22tpxhxVSugH/9rQ5B32VF9x
cJqWG3e0OkZqYKTJwxk2FJcyUyW4TcZJAUuqeRA6rq5K5MT8ksyiyGls96c/uxdV
/mibWY4fIk4shX8WJOJwuggMuRplpPU07WBnU41SZXOh0QcRG3ka5v4TC6H2L1Jv
Dw4/QGkFdOsaanbbW84kuYTQsY8MwzJQmx4ueoEWQsjXdo3jXTk5tsyiwtQQMFxw
Sbc8kfTDbAPfhHbm39mtRdOg0ymJaTakFuybNx43fZDw2mot3uv6ekesyTh6OXXa
A7V2hNY4Umffkn6nLUMOKuhxSNcCAwEAAaOCAgkwggIFMB0GA1UdDgQWBBQzHpKh
rJT0AKQG8yoqjWFEepNMYjAfBgNVHSMEGDAWgBTB7zksUAWXyjy6Lh7Hqh7D9Qoo
sjAOBgNVHQ8BAf8EBAMCB4AwZAYDVR0fBF0wWzBZoFegVYZTcnN5bmM6Ly9yc3lu
Yy5jZXJuZXQubmV0L3JlcG8vY2VybmV0LzAvQzFFRjM5MkM1MDA1OTdDQTNDQkEy
RTFFQzdBQTFFQzNGNTBBMjhCMi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUF
BzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgx
RDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd2U4NUxGQUZsOG84dWk0ZXg2b2V3X1VL
S0xJLmNlcjBOBggrBgEFBQcBCwRCMEAwPgYIKwYBBQUHMAuGMnJzeW5jOi8vcnN5
bmMuY2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8wL0FTMjQzNTkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwYwYIKwYBBQUHAQcBAf8EVDBSMFAEAgACMEowEQMG
AiABAlBEAwcDIAECUEQQMBIDBwAgAQJQRBkDBwAgAQJQRCgDBwAgAQ2oALYwEQMG
BCABDajQAwcBIAENqNAkAwUAJAzOBDANBgkqhkiG9w0BAQsFAAOCAQEAmLP92NI+
Nb8ewatLRUvekANPDSWAeM+m3ntvBrZAoQAltwY6iObJYHBdefIrPB2wAzBqN39Q
sHmW9lRGej7MD1wcJVBxYudAqyRtIJmG277w1n56m6u8A6J2WD+AHaiEPPhWOdtc
UZLvLa5UhmjzRiTWBrLJmELokjhztvjcnwnHaeUBl2RpIuZ5PP7/UjRZ3wMolkAD
oinpD1ER6LZnJGVTqfEiJDXWXW0ZV6cTh8sFOfysOquwmKjyGAdFc6GRdNvKvBg5
4RvWIvbHvxs1qBxIBLxnfweIZveI9rzp2goNxS8d+2un+BpWXKNJFNO3vkhEJiA+
WBJsSaqS11fNOQ==
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:48:56 2026 by rpki-client