Route Origin Authorization
$ rpki-client -vvf rsync.cernet.net/repo/cernet/0/AS24371.roa
File: AS24371.roa (raw, json)
Hash identifier: AbD3QGI6KT3/xdgZkR/S0TzABv6PfyyAKoHPFeAF2So=
Subject key identifier: 27:B1:72:DF:46:C4:01:C6:7B:03:1D:B4:4B:49:3E:0E:B1:C5:58:DC
Certificate issuer: /CN=A91E5D610001/serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Certificate serial: 1AD145C671A295C2E5B73BC87DC9598C1E186FC0
Authority key identifier: C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject info access: rsync://rsync.cernet.net/repo/cernet/0/AS24371.roa
Signing time: Thu 11 Jun 2026 07:39:31 +0000
ROA not before: Thu 11 Jun 2026 07:34:31 +0000
ROA not after: Thu 10 Jun 2027 07:39:31 +0000
asID: 24371
IP address blocks: 2001:250:7401::/48 maxlen: 48
2001:250:7402::/48 maxlen: 48
2001:250:7403::/48 maxlen: 48
2001:250:7404::/48 maxlen: 48
2001:250:7405::/48 maxlen: 48
2001:250:7406::/48 maxlen: 48
2001:250:7407::/48 maxlen: 48
2001:250:7408::/48 maxlen: 48
2001:250:7409::/48 maxlen: 48
2001:250:740a::/48 maxlen: 48
2001:250:740b::/48 maxlen: 48
2001:250:740c::/48 maxlen: 48
2001:250:740d::/48 maxlen: 48
2001:250:740e::/48 maxlen: 48
2001:250:7410::/48 maxlen: 48
2001:250:7411::/48 maxlen: 48
2001:250:7412::/48 maxlen: 48
2001:250:7413::/48 maxlen: 48
2001:250:7414::/48 maxlen: 48
2001:250:7415::/48 maxlen: 48
2001:250:7416::/48 maxlen: 48
2001:250:7417::/48 maxlen: 48
2001:250:7418::/48 maxlen: 48
2001:250:7419::/48 maxlen: 48
2001:250:741a::/48 maxlen: 48
2001:250:741b::/48 maxlen: 48
2001:250:741c::/48 maxlen: 48
2001:250:741d::/48 maxlen: 48
2001:250:741e::/48 maxlen: 48
2001:250:741f::/48 maxlen: 48
2001:250:7420::/48 maxlen: 48
2001:250:7421::/48 maxlen: 48
2001:250:7422::/48 maxlen: 48
2001:250:7423::/48 maxlen: 48
2001:250:7424::/48 maxlen: 48
2001:250:7425::/48 maxlen: 48
2001:250:7426::/48 maxlen: 48
2001:250:7427::/48 maxlen: 48
2001:250:7428::/48 maxlen: 48
2001:250:7429::/48 maxlen: 48
2001:250:742a::/48 maxlen: 48
2001:250:742b::/48 maxlen: 48
2001:250:742c::/48 maxlen: 48
2001:250:742d::/48 maxlen: 48
2001:250:742e::/48 maxlen: 48
2001:250:742f::/48 maxlen: 48
2001:250:7430::/48 maxlen: 48
2001:da8:aa::/48 maxlen: 48
2001:da8:b000::/48 maxlen: 48
2001:da8:b001::/48 maxlen: 48
2001:da8:b002::/48 maxlen: 48
2001:da8:b003::/48 maxlen: 48
2001:da8:b004::/48 maxlen: 48
2001:da8:b005::/48 maxlen: 48
2001:da8:b006::/48 maxlen: 48
2001:da8:b007::/48 maxlen: 48
2001:da8:b008::/48 maxlen: 48
2001:da8:b00a::/48 maxlen: 48
2001:da8:b00b::/48 maxlen: 48
2001:da8:b00c::/48 maxlen: 48
2001:da8:b00d::/48 maxlen: 48
2001:da8:b00e::/48 maxlen: 48
2001:da8:b00f::/48 maxlen: 48
2001:da8:b011::/48 maxlen: 48
2001:da8:b012::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Jun 2026 03:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:d1:45:c6:71:a2:95:c2:e5:b7:3b:c8:7d:c9:59:8c:1e:18:6f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D610001, serialNumber=C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2
Validity
Not Before: Jun 11 07:34:31 2026 GMT
Not After : Jun 10 07:39:31 2027 GMT
Subject: CN=27B172DF46C401C67B031DB44B493E0EB1C558DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4e:1b:0d:d5:0c:6b:7e:ab:2d:6a:a3:bf:f8:
10:b2:d2:8e:f8:9a:99:7f:db:e6:c0:7d:f2:6f:c3:
3e:46:22:53:90:ae:fa:e6:13:59:ea:b9:a7:44:55:
c1:64:3f:36:bb:3f:c3:e4:17:89:1e:ce:e7:e3:8f:
da:51:27:77:75:17:bd:be:cf:ab:4f:84:eb:28:6f:
36:aa:d7:47:4d:46:d7:4c:8a:47:a3:ca:7f:94:cc:
3d:88:f5:1d:e7:40:d3:d1:28:80:47:6e:c9:08:92:
d2:e6:2f:cb:19:7d:8e:f8:e7:7e:a5:18:78:fc:53:
2b:9b:00:a0:8e:66:fd:0f:8b:5e:b3:35:ca:cb:eb:
5a:ab:26:b7:c3:91:ea:ef:7d:79:c6:7f:35:02:a2:
6e:70:3f:2b:0d:a3:5d:ff:08:d8:2f:d6:e7:ab:31:
8b:7e:3a:19:e2:cb:40:86:06:b5:ac:2b:3b:34:ef:
98:0c:a8:dd:a3:05:09:70:f5:7f:d8:20:17:57:45:
2e:4d:de:5f:d0:b3:a7:5e:cc:44:15:05:9f:61:a6:
51:39:a2:e7:08:68:7b:1d:4b:06:d5:8d:2a:aa:49:
69:2b:20:d3:19:59:01:1c:6f:33:35:9e:f0:3d:88:
6e:b0:0b:c3:40:2e:c0:a0:48:56:b9:98:50:af:30:
30:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:B1:72:DF:46:C4:01:C6:7B:03:1D:B4:4B:49:3E:0E:B1:C5:58:DC
X509v3 Authority Key Identifier:
keyid:C1:EF:39:2C:50:05:97:CA:3C:BA:2E:1E:C7:AA:1E:C3:F5:0A:28:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.cernet.net/repo/cernet/0/C1EF392C500597CA3CBA2E1EC7AA1EC3F50A28B2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/we85LFAFl8o8ui4ex6oew_UKKLI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.cernet.net/repo/cernet/0/AS24371.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:250:7401::-2001:250:740e:ffff:ffff:ffff:ffff:ffff
2001:250:7410::-2001:250:7430:ffff:ffff:ffff:ffff:ffff
2001:da8:aa::/48
2001:da8:b000::-2001:da8:b008:ffff:ffff:ffff:ffff:ffff
2001:da8:b00a::-2001:da8:b00f:ffff:ffff:ffff:ffff:ffff
2001:da8:b011::-2001:da8:b012:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
58:89:2e:be:5e:6f:1b:71:45:1a:9d:88:1a:69:55:5c:09:c6:
e8:98:37:7b:48:06:3f:a4:27:23:16:bf:3b:8a:b5:60:89:50:
d8:dd:5d:23:27:0b:04:20:a0:ee:9b:52:7c:83:e7:f5:a1:18:
ba:2d:e3:82:8d:06:d3:ee:e8:61:f4:e8:ab:dd:2b:4c:87:e1:
0e:88:01:62:8d:f2:3e:55:9c:92:f1:5b:59:19:bc:3c:2f:7e:
d4:a0:44:8c:43:a4:67:41:83:0b:45:ac:e2:4a:c6:1b:0b:e2:
68:a7:95:fc:54:bf:dc:2d:8d:18:7f:f0:3e:cc:96:88:ef:55:
a5:e1:21:56:01:99:c1:fc:14:7a:68:42:aa:03:c4:eb:39:de:
9f:0e:b8:3d:88:49:dd:c1:b8:f2:89:1f:26:4f:c6:b5:25:2d:
9d:eb:40:61:b1:a1:45:88:1f:d2:ad:33:f0:69:ee:19:2d:41:
b4:b5:50:7f:db:eb:fc:c7:1f:e0:63:1f:7e:b7:9e:da:26:ea:
25:d3:57:42:ad:5d:c5:e0:db:05:56:20:83:ab:76:c2:b3:5c:
5a:9c:5e:a8:9b:c7:74:ea:a8:38:7f:cc:f2:35:1f:89:0c:ce:
78:64:fe:ef:82:42:9c:58:4b:08:d4:f2:dc:50:63:b8:69:4d:
de:6e:8e:b3
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIUGtFFxnGilcLltzvIfclZjB4Yb8AwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEyhDMUVGMzkyQzUw
MDU5N0NBM0NCQTJFMUVDN0FBMUVDM0Y1MEEyOEIyMB4XDTI2MDYxMTA3MzQzMVoX
DTI3MDYxMDA3MzkzMVowMzExMC8GA1UEAxMoMjdCMTcyREY0NkM0MDFDNjdCMDMx
REI0NEI0OTNFMEVCMUM1NThEQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJOGw3VDGt+qy1qo7/4ELLSjviamX/b5sB98m/DPkYiU5Cu+uYTWeq5p0RV
wWQ/Nrs/w+QXiR7O5+OP2lEnd3UXvb7Pq0+E6yhvNqrXR01G10yKR6PKf5TMPYj1
HedA09EogEduyQiS0uYvyxl9jvjnfqUYePxTK5sAoI5m/Q+LXrM1ysvrWqsmt8OR
6u99ecZ/NQKibnA/Kw2jXf8I2C/W56sxi346GeLLQIYGtawrOzTvmAyo3aMFCXD1
f9ggF1dFLk3eX9Czp17MRBUFn2GmUTmi5whoex1LBtWNKqpJaSsg0xlZARxvMzWe
8D2IbrALw0AuwKBIVrmYUK8wMI0CAwEAAaOCAiwwggIoMB0GA1UdDgQWBBQnsXLf
RsQBxnsDHbRLST4OscVY3DAfBgNVHSMEGDAWgBTB7zksUAWXyjy6Lh7Hqh7D9Qoo
sjAOBgNVHQ8BAf8EBAMCB4AwZAYDVR0fBF0wWzBZoFegVYZTcnN5bmM6Ly9yc3lu
Yy5jZXJuZXQubmV0L3JlcG8vY2VybmV0LzAvQzFFRjM5MkM1MDA1OTdDQTNDQkEy
RTFFQzdBQTFFQzNGNTBBMjhCMi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUF
BzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgx
RDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd2U4NUxGQUZsOG84dWk0ZXg2b2V3X1VL
S0xJLmNlcjBOBggrBgEFBQcBCwRCMEAwPgYIKwYBBQUHMAuGMnJzeW5jOi8vcnN5
bmMuY2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8wL0FTMjQzNzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwgYUGCCsGAQUFBwEHAQH/BHYwdDByBAIAAjBsMBID
BwAgAQJQdAEDBwAgAQJQdA4wEgMHBCABAlB0EAMHACABAlB0MAMHACABDagAqjAR
AwYEIAENqLADBwAgAQ2osAgwEgMHASABDaiwCgMHBCABDaiwADASAwcAIAENqLAR
AwcAIAENqLASMA0GCSqGSIb3DQEBCwUAA4IBAQBYiS6+Xm8bcUUanYgaaVVcCcbo
mDd7SAY/pCcjFr87irVgiVDY3V0jJwsEIKDum1J8g+f1oRi6LeOCjQbT7uhh9Oir
3StMh+EOiAFijfI+VZyS8VtZGbw8L37UoESMQ6RnQYMLRaziSsYbC+Jop5X8VL/c
LY0Yf/A+zJaI71Wl4SFWAZnB/BR6aEKqA8TrOd6fDrg9iEndwbjyiR8mT8a1JS2d
60BhsaFFiB/SrTPwae4ZLUG0tVB/2+v8xx/gYx9+t57aJuol01dCrV3F4NsFViCD
q3bCs1xanF6om8d06qg4f8zyNR+JDM54ZP7vgkKcWEsI1PLcUGO4aU3ebo6z
-----END CERTIFICATE-----
Generated at Fri Jun 12 09:49:22 2026 by rpki-client