Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/CBAFF664136B11EFB53F2683C4F9AE02.roa
File: CBAFF664136B11EFB53F2683C4F9AE02.roa (raw, json)
Hash identifier: +7ovyAPzd8D+I36rkvjE+8F7IFT7ftpN/ymconu0rew=
Subject key identifier: 84:1E:E4:B7:87:0C:4A:44:DD:07:03:87:E1:FA:BF:E1:63:0D:82:1E
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 2074
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/CBAFF664136B11EFB53F2683C4F9AE02.roa
Signing time: Fri 20 Mar 2026 06:14:08 +0000
ROA not before: Fri 20 Mar 2026 06:14:08 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 58777
IP address blocks: 59.47.246.0/24 maxlen: 24
59.47.247.0/24 maxlen: 24
59.50.75.0/24 maxlen: 24
59.52.138.0/24 maxlen: 24
61.133.162.0/24 maxlen: 24
61.151.144.0/24 maxlen: 24
61.151.145.0/24 maxlen: 24
113.240.205.0/24 maxlen: 24
117.25.105.0/24 maxlen: 24
125.93.28.0/24 maxlen: 24
125.93.29.0/24 maxlen: 24
202.67.0.0/22 maxlen: 24
202.73.128.0/22 maxlen: 24
202.191.72.0/21 maxlen: 24
203.33.67.0/24 maxlen: 24
203.33.68.0/24 maxlen: 24
203.33.73.0/24 maxlen: 24
203.33.79.0/24 maxlen: 24
203.33.100.0/24 maxlen: 24
203.33.122.0/24 maxlen: 24
203.33.129.0/24 maxlen: 24
203.33.131.0/24 maxlen: 24
220.171.147.0/24 maxlen: 24
221.226.225.0/24 maxlen: 24
221.235.40.0/24 maxlen: 24
221.237.65.0/24 maxlen: 24
240e:108:4040::/48 maxlen: 48
240e:108:4047::/48 maxlen: 48
240e:108:4060::/48 maxlen: 48
240e:108:4360::/48 maxlen: 48
240e:108:4820::/48 maxlen: 48
240e:108:4840::/48 maxlen: 48
240e:108:4847::/48 maxlen: 48
240e:108:4860::/48 maxlen: 48
240e:108:4b60::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 16:10:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8308 (0x2074)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4, serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Mar 20 06:14:08 2026 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=69bce5b0-2332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d1:6d:f0:da:16:41:4f:7f:1a:c7:34:2f:5b:
08:3d:2b:58:b9:51:77:99:15:f5:9b:9c:f4:8c:71:
f5:56:91:bb:bd:ba:e2:99:c9:cd:b3:6e:0c:d0:5b:
62:aa:ff:47:2a:cc:e7:02:60:61:db:a1:39:b1:65:
28:95:c5:9b:1b:c6:68:a5:83:0c:89:1f:55:c9:82:
62:db:30:e1:f5:d4:41:dd:79:04:52:e3:92:71:de:
35:d1:18:49:a4:a3:61:d1:4b:59:a4:c5:3b:5d:af:
48:f3:60:61:95:ec:9a:7e:ca:8f:a5:0a:d8:80:ef:
d3:a5:5e:b5:fd:10:c5:76:96:04:c2:ed:b2:00:64:
4a:e3:25:e8:44:13:3c:37:aa:4a:fe:ff:57:2e:88:
06:94:bc:fb:54:fe:0e:17:1b:3c:80:e3:e0:11:8a:
07:e3:55:7d:4c:1f:54:3d:20:53:41:9c:48:4c:ea:
25:14:c0:41:e7:13:b4:6f:4d:ab:7d:78:c7:6d:7c:
a4:e8:b7:59:7b:5a:cc:5b:1d:8e:9d:e2:f1:d3:b1:
3d:9f:37:7e:29:03:fc:98:93:ec:21:b9:dd:ed:54:
c1:1e:90:7c:e6:06:c8:9c:e2:75:2f:5a:f3:f9:b2:
0c:e3:58:4a:9d:ad:21:79:df:b1:9f:d6:28:a6:40:
50:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:1E:E4:B7:87:0C:4A:44:DD:07:03:87:E1:FA:BF:E1:63:0D:82:1E
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/CBAFF664136B11EFB53F2683C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
59.47.246.0/23
59.50.75.0/24
59.52.138.0/24
61.133.162.0/24
61.151.144.0/23
113.240.205.0/24
117.25.105.0/24
125.93.28.0/23
202.67.0.0/22
202.73.128.0/22
202.191.72.0/21
203.33.67.0-203.33.68.255
203.33.73.0/24
203.33.79.0/24
203.33.100.0/24
203.33.122.0/24
203.33.129.0/24
203.33.131.0/24
220.171.147.0/24
221.226.225.0/24
221.235.40.0/24
221.237.65.0/24
IPv6:
240e:108:4040::/48
240e:108:4047::/48
240e:108:4060::/48
240e:108:4360::/48
240e:108:4820::/48
240e:108:4840::/48
240e:108:4847::/48
240e:108:4860::/48
240e:108:4b60::/48
Signature Algorithm: sha256WithRSAEncryption
31:0c:82:dd:e7:c2:70:36:7f:6f:a6:45:a7:7c:69:da:4b:0e:
dc:98:74:12:b5:84:52:49:74:70:0f:c8:41:cb:c9:23:59:0f:
a8:25:7c:e4:3a:7f:af:dd:3e:2d:4c:e5:4b:b5:64:64:8c:b5:
c2:1c:68:b7:1b:09:b3:c8:85:9a:11:ec:64:00:5b:3e:94:62:
8f:5f:f8:d3:8a:0f:fa:c5:f7:23:7b:80:a4:58:aa:2d:dc:7b:
d7:46:fa:9d:d6:fb:ba:8d:a1:73:3d:cb:db:d8:a9:c1:ae:23:
80:e2:48:8c:02:49:dd:ae:19:6f:75:c9:c0:99:b0:7a:18:8b:
69:26:48:26:5e:9e:e4:7c:d6:c4:7a:c0:06:1e:42:f3:94:9c:
92:eb:22:2b:c7:16:98:fc:86:c4:0a:e1:5e:17:e4:5c:13:e2:
80:5e:9f:91:be:2c:c5:23:e1:39:16:53:e4:25:d3:c6:df:1c:
ab:40:4a:54:dd:fd:44:7b:e3:d5:99:b0:d0:a6:49:9f:49:fc:
6a:31:a7:08:79:c7:33:d3:7c:5c:0c:f5:1d:5b:93:ad:f1:0b:
b9:f7:45:cd:f6:8e:0a:38:54:ba:01:e7:38:ac:a7:d9:65:73:
5a:6f:d8:98:34:80:b0:19:f9:73:b9:e5:2d:27:ff:eb:4f:aa:
ca:9d:c9:d5
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgICIHQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjYwMzIwMDYxNDA4WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWJjZTViMC0yMzMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxtFt8NoWQU9/Gsc0L1sIPStYuVF3mRX1m5z0jHH1VpG7vbrimcnNs24M0Fti
qv9HKsznAmBh26E5sWUolcWbG8ZopYMMiR9VyYJi2zDh9dRB3XkEUuOScd410RhJ
pKNh0UtZpMU7Xa9I82BhleyafsqPpQrYgO/TpV61/RDFdpYEwu2yAGRK4yXoRBM8
N6pK/v9XLogGlLz7VP4OFxs8gOPgEYoH41V9TB9UPSBTQZxITOolFMBB5xO0b02r
fXjHbXyk6LdZe1rMWx2OneLx07E9nzd+KQP8mJPsIbnd7VTBHpB85gbInOJ1L1rz
+bIM41hKna0hed+xn9YopkBQoQIDAQABo4IDRTCCA0EwHQYDVR0OBBYEFIQe5LeH
DEpE3QcDh+H6v+FjDYIeMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvQ0JBRkY2NjQx
MzZCMTFFRkI1M0YyNjgzQzRGOUFFMDIucm9hMIIBAgYIKwYBBQUHAQcBAf8EgfIw
ge8wgZMEAgABMIGMAwQBOy/2AwQAOzJLAwQAOzSKAwQAPYWiAwQBPZeQAwQAcfDN
AwQAdRlpAwQBfV0cAwQCykMAAwQCykmAAwQDyr9IMAwDBADLIUMDBADLIUQDBADL
IUkDBADLIU8DBADLIWQDBADLIXoDBADLIYEDBADLIYMDBADcq5MDBADd4uEDBADd
6ygDBADd7UEwVwQCAAIwUQMHACQOAQhAQAMHACQOAQhARwMHACQOAQhAYAMHACQO
AQhDYAMHACQOAQhIIAMHACQOAQhIQAMHACQOAQhIRwMHACQOAQhIYAMHACQOAQhL
YDANBgkqhkiG9w0BAQsFAAOCAQEAMQyC3efCcDZ/b6ZFp3xp2ksO3Jh0ErWEUkl0
cA/IQcvJI1kPqCV85Dp/r90+LUzlS7VkZIy1whxotxsJs8iFmhHsZABbPpRij1/4
04oP+sX3I3uApFiqLdx710b6ndb7uo2hcz3L29ipwa4jgOJIjAJJ3a4Zb3XJwJmw
ehiLaSZIJl6e5HzWxHrABh5C85SckusiK8cWmPyGxArhXhfkXBPigF6fkb4sxSPh
ORZT5CXTxt8cq0BKVN39RHvj1Zmw0KZJn0n8ajGnCHnHM9N8XAz1HVuTrfELufdF
zfaOCjhUugHnOKyn2WVzWm/YmDSAsBn5c7nlLSf/60+qyp3J1Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:34:48 2026 by rpki-client