Route Origin Authorization
$ rpki-client -vvf rsync.cernet.net/repo/cernet/0/AS24366.roa
File: AS24366.roa (raw, json)
Hash identifier: 7i8alKuapLmrXaIrPHejq3z16g8Qh30cMygShuT+uic=
Subject key identifier: 8D:BA:C7:A8:B8:D2:67:22:98:A2:7F:7A:C9:8C:0E:24:E9:63:5A:45
Certificate issuer: /CN=A91E5D610001/serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Certificate serial: 31140AE53BDF46248F4A1C5606801795C07E067E
Authority key identifier: C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject info access: rsync://rsync.cernet.net/repo/cernet/0/AS24366.roa
Signing time: Thu 11 Jun 2026 06:43:39 +0000
ROA not before: Thu 11 Jun 2026 06:38:39 +0000
ROA not after: Thu 10 Jun 2027 06:43:39 +0000
asID: 24366
IP address blocks: 2001:250:6006::/48 maxlen: 48
2001:250:600b::/48 maxlen: 48
2001:250:6012::/48 maxlen: 48
2001:250:6025::/48 maxlen: 48
2001:250:6040::/48 maxlen: 48
2001:da8:b8::/48 maxlen: 48
2001:da8:8002::/48 maxlen: 48
2001:da8:800f::/48 maxlen: 48
2001:da8:8010::/48 maxlen: 48
2001:da8:8015::/48 maxlen: 48
2001:da8:801c::/48 maxlen: 48
2001:da8:8025::/48 maxlen: 48
2001:da8:8030::/48 maxlen: 48
240c:c0a8:5c49::/48 maxlen: 48
240c:c702::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 03:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:14:0a:e5:3b:df:46:24:8f:4a:1c:56:06:80:17:95:c0:7e:06:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D610001, serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Validity
Not Before: Jun 11 06:38:39 2026 GMT
Not After : Jun 10 06:43:39 2027 GMT
Subject: CN=8DBAC7A8B8D2672298A27F7AC98C0E24E9635A45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7e:67:2d:7f:57:9f:74:61:42:54:e3:62:d6:
ad:3f:70:02:fc:2e:c3:d1:3c:86:05:6f:37:69:dc:
d7:d1:28:3b:32:5e:5f:43:5d:2b:94:80:20:f8:02:
69:54:f0:f1:24:bc:7d:34:08:18:11:c6:bb:04:a4:
8e:64:04:ae:e4:c4:c2:34:98:e3:6e:5d:f2:15:50:
78:74:6e:52:98:ce:a1:6d:3c:18:24:cd:5f:9e:2e:
e4:cf:42:ae:35:f6:9b:81:27:55:47:ed:5c:bb:a6:
3a:c6:92:b9:b0:cc:cb:0f:39:a9:bf:a1:90:80:bd:
6f:b1:d7:d6:03:a7:8d:e1:7a:d4:02:fc:8c:ac:32:
90:26:c6:d6:8d:a7:db:43:32:56:5d:2e:91:56:a4:
da:2e:1f:f1:9a:5f:24:c9:f5:1f:42:0f:72:9a:09:
5a:14:e6:eb:0f:4f:26:80:e0:b8:9b:38:7b:06:61:
2a:4a:cd:70:cd:61:be:9b:c5:74:d3:55:1e:60:92:
ca:bc:23:57:0d:de:1c:a0:74:c2:8b:0b:d1:bd:27:
4b:fe:3e:45:16:ac:aa:24:2d:4b:06:db:2f:fe:6f:
f2:17:cf:16:55:1f:4f:81:66:a6:4a:21:90:77:95:
21:3d:39:8a:17:11:c9:b6:a3:91:7d:7c:79:4b:31:
34:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:BA:C7:A8:B8:D2:67:22:98:A2:7F:7A:C9:8C:0E:24:E9:63:5A:45
X509v3 Authority Key Identifier:
keyid:C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.cernet.net/repo/cernet/0/AS24366.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:250:6006::/48
2001:250:600b::/48
2001:250:6012::/48
2001:250:6025::/48
2001:250:6040::/48
2001:da8:b8::/48
2001:da8:8002::/48
2001:da8:800f::-2001:da8:8010:ffff:ffff:ffff:ffff:ffff
2001:da8:8015::/48
2001:da8:801c::/48
2001:da8:8025::/48
2001:da8:8030::/48
240c:c0a8:5c49::/48
240c:c702::/32
Signature Algorithm: sha256WithRSAEncryption
28:12:cf:8f:b9:ec:1c:d5:77:42:0c:be:6a:4f:56:d9:0f:8c:
88:37:62:20:f1:2d:74:2f:bc:d2:11:ac:b7:f5:66:29:86:f3:
4b:95:67:48:37:c8:59:20:cb:9f:df:b4:40:14:ae:42:94:0c:
a7:ff:73:ed:02:33:86:7f:0a:1e:75:38:8c:c3:92:b7:50:34:
42:82:ce:cf:dc:af:5b:8a:0a:7c:c5:f4:fe:2b:b0:54:6f:b3:
2d:ae:3b:bb:89:ba:78:dc:8b:72:64:87:d5:c5:87:ef:a1:f9:
2b:ee:3b:63:13:27:97:3e:a3:e7:3a:ee:5b:54:d6:9e:90:95:
1a:a4:28:dd:a3:63:62:f7:48:d6:b7:98:75:d3:b3:68:6f:d9:
29:ca:b9:53:f2:6d:11:04:fe:c5:bb:b1:b3:5b:24:fe:99:76:
df:2c:c2:4f:80:e9:96:d7:f4:e0:cf:6b:ed:b2:68:32:46:94:
9a:e1:5b:2f:8f:25:c0:8a:6a:4e:34:06:5b:17:39:48:47:7e:
bb:5e:a9:d6:25:04:31:70:49:e3:ed:bf:43:d3:6f:4a:fb:c9:
95:76:22:1f:69:42:da:ce:33:b2:8f:9b:48:9b:92:1a:09:67:
5f:c6:24:a2:2d:39:44:98:34:5b:18:82:ca:5a:3e:85:b5:b7:
ae:63:54:91
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIUMRQK5TvfRiSPShxWBoAXlcB+Bn4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEyhDMUVGMzkyQzUw
MDU5N0NBM0NCQTJFMUVDN0FBMUVDM0Y1MEEyOEIyMB4XDTI2MDYxMTA2MzgzOVoX
DTI3MDYxMDA2NDMzOVowMzExMC8GA1UEAxMoOERCQUM3QThCOEQyNjcyMjk4QTI3
RjdBQzk4QzBFMjRFOTYzNUE0NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9+Zy1/V590YUJU42LWrT9wAvwuw9E8hgVvN2nc19EoOzJeX0NdK5SAIPgC
aVTw8SS8fTQIGBHGuwSkjmQEruTEwjSY425d8hVQeHRuUpjOoW08GCTNX54u5M9C
rjX2m4EnVUftXLumOsaSubDMyw85qb+hkIC9b7HX1gOnjeF61AL8jKwykCbG1o2n
20MyVl0ukVak2i4f8ZpfJMn1H0IPcpoJWhTm6w9PJoDguJs4ewZhKkrNcM1hvpvF
dNNVHmCSyrwjVw3eHKB0wosL0b0nS/4+RRasqiQtSwbbL/5v8hfPFlUfT4Fmpkoh
kHeVIT05ihcRybajkX18eUsxNO0CAwEAAaOCAkswggJHMB0GA1UdDgQWBBSNuseo
uNJnIpiif3rJjA4k6WNaRTAfBgNVHSMEGDAWgBTB7zksUAWXyjy6Lh7Hqh7D9Qoo
sjAOBgNVHQ8BAf8EBAMCB4AwZAYDVR0fBF0wWzBZoFegVYZTcnN5bmM6Ly9yc3lu
Yy5jZXJuZXQubmV0L3JlcG8vY2VybmV0LzAvQzFFRjM5MkM1MDA1OTdDQTNDQkEy
RTFFQzdBQTFFQzNGNTBBMjhCMi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUF
BzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgx
RDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd2U4NUxGQUZsOG84dWk0ZXg2b2V3X1VL
S0xJLmNlcjBOBggrBgEFBQcBCwRCMEAwPgYIKwYBBQUHMAuGMnJzeW5jOi8vcnN5
bmMuY2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8wL0FTMjQzNjYucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwgaQGCCsGAQUFBwEHAQH/BIGUMIGRMIGOBAIAAjCB
hwMHACABAlBgBgMHACABAlBgCwMHACABAlBgEgMHACABAlBgJQMHACABAlBgQAMH
ACABDagAuAMHACABDaiAAjASAwcAIAENqIAPAwcAIAENqIAQAwcAIAENqIAVAwcA
IAENqIAcAwcAIAENqIAlAwcAIAENqIAwAwcAJAzAqFxJAwUAJAzHAjANBgkqhkiG
9w0BAQsFAAOCAQEAKBLPj7nsHNV3Qgy+ak9W2Q+MiDdiIPEtdC+80hGst/VmKYbz
S5VnSDfIWSDLn9+0QBSuQpQMp/9z7QIzhn8KHnU4jMOSt1A0QoLOz9yvW4oKfMX0
/iuwVG+zLa47u4m6eNyLcmSH1cWH76H5K+47YxMnlz6j5zruW1TWnpCVGqQo3aNj
YvdI1reYddOzaG/ZKcq5U/JtEQT+xbuxs1sk/pl23yzCT4Dpltf04M9r7bJoMkaU
muFbL48lwIpqTjQGWxc5SEd+u16p1iUEMXBJ4+2/Q9NvSvvJlXYiH2lC2s4zso+b
SJuSGglnX8Ykoi05RJg0WxiCylo+hbW3rmNUkQ==
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:48:58 2026 by rpki-client