Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/CBAFF664136B11EFB53F2683C4F9AE02.roa
File: CBAFF664136B11EFB53F2683C4F9AE02.roa (raw, json)
Hash identifier: ECJzkiRfh9CqCa59AgjD8kIvYajNj3FZXshk/ECR+ok=
Subject key identifier: 17:8F:C9:F0:FF:CC:D6:ED:24:AE:D0:B4:F0:BE:8E:5A:3B:31:67:86
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 20AF
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/CBAFF664136B11EFB53F2683C4F9AE02.roa
Signing time: Thu 04 Jun 2026 07:49:15 +0000
ROA not before: Thu 04 Jun 2026 07:49:15 +0000
ROA not after: Tue 01 Dec 2026 00:00:00 +0000
asID: 58777
IP address blocks: 42.122.63.0/24 maxlen: 24
59.47.246.0/24 maxlen: 24
59.47.247.0/24 maxlen: 24
59.50.75.0/24 maxlen: 24
59.52.138.0/24 maxlen: 24
61.133.162.0/24 maxlen: 24
61.151.144.0/24 maxlen: 24
61.151.145.0/24 maxlen: 24
106.91.120.0/24 maxlen: 24
113.240.205.0/24 maxlen: 24
115.233.202.0/24 maxlen: 24
117.25.105.0/24 maxlen: 24
125.93.28.0/24 maxlen: 24
125.93.29.0/24 maxlen: 24
171.221.53.0/24 maxlen: 24
182.36.0.0/24 maxlen: 24
182.36.12.0/24 maxlen: 24
202.67.0.0/22 maxlen: 24
202.73.128.0/22 maxlen: 24
202.191.72.0/21 maxlen: 24
203.33.67.0/24 maxlen: 24
203.33.68.0/24 maxlen: 24
203.33.73.0/24 maxlen: 24
203.33.79.0/24 maxlen: 24
203.33.100.0/24 maxlen: 24
203.33.122.0/24 maxlen: 24
203.33.129.0/24 maxlen: 24
203.33.131.0/24 maxlen: 24
220.171.147.0/24 maxlen: 24
221.226.225.0/24 maxlen: 24
221.235.40.0/24 maxlen: 24
221.237.65.0/24 maxlen: 24
240e:108:4000::/48 maxlen: 48
240e:108:4001::/48 maxlen: 48
240e:108:4020::/48 maxlen: 48
240e:108:4025::/48 maxlen: 48
240e:108:4040::/48 maxlen: 48
240e:108:4047::/48 maxlen: 48
240e:108:4059::/48 maxlen: 48
240e:108:4060::/48 maxlen: 48
240e:108:4080::/48 maxlen: 48
240e:108:40a0::/48 maxlen: 48
240e:108:40e0::/48 maxlen: 48
240e:108:40ec::/48 maxlen: 48
240e:108:4120::/48 maxlen: 48
240e:108:4140::/48 maxlen: 48
240e:108:4160::/48 maxlen: 48
240e:108:41c0::/48 maxlen: 48
240e:108:41e0::/48 maxlen: 48
240e:108:4200::/48 maxlen: 48
240e:108:4220::/48 maxlen: 48
240e:108:4240::/48 maxlen: 48
240e:108:4260::/48 maxlen: 48
240e:108:4280::/48 maxlen: 48
240e:108:42a0::/48 maxlen: 48
240e:108:42c0::/48 maxlen: 48
240e:108:42e0::/48 maxlen: 48
240e:108:4300::/48 maxlen: 48
240e:108:4320::/48 maxlen: 48
240e:108:4340::/48 maxlen: 48
240e:108:4360::/48 maxlen: 48
240e:108:4380::/48 maxlen: 48
240e:108:438c::/48 maxlen: 48
240e:108:43a0::/48 maxlen: 48
240e:108:43c0::/48 maxlen: 48
240e:108:4800::/48 maxlen: 48
240e:108:4801::/48 maxlen: 48
240e:108:4820::/48 maxlen: 48
240e:108:4825::/48 maxlen: 48
240e:108:4840::/48 maxlen: 48
240e:108:4847::/48 maxlen: 48
240e:108:4859::/48 maxlen: 48
240e:108:4860::/48 maxlen: 48
240e:108:4880::/48 maxlen: 48
240e:108:48a0::/48 maxlen: 48
240e:108:48e0::/48 maxlen: 48
240e:108:48ec::/48 maxlen: 48
240e:108:4920::/48 maxlen: 48
240e:108:4940::/48 maxlen: 48
240e:108:4960::/48 maxlen: 48
240e:108:49c0::/48 maxlen: 48
240e:108:49e0::/48 maxlen: 48
240e:108:4a00::/48 maxlen: 48
240e:108:4a20::/48 maxlen: 48
240e:108:4a40::/48 maxlen: 48
240e:108:4a60::/48 maxlen: 48
240e:108:4a80::/48 maxlen: 48
240e:108:4aa0::/48 maxlen: 48
240e:108:4ac0::/48 maxlen: 48
240e:108:4ae0::/48 maxlen: 48
240e:108:4b00::/48 maxlen: 48
240e:108:4b20::/48 maxlen: 48
240e:108:4b40::/48 maxlen: 48
240e:108:4b60::/48 maxlen: 48
240e:108:4b80::/48 maxlen: 48
240e:108:4b8c::/48 maxlen: 48
240e:108:4ba0::/48 maxlen: 48
240e:108:4bc0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 17 Jun 2026 16:14:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8367 (0x20af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4, serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Jun 4 07:49:15 2026 GMT
Not After : Dec 1 00:00:00 2026 GMT
Subject: CN=6a212dfb-c7a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:49:be:37:b6:6a:7c:fc:38:a4:57:dc:3c:19:
33:d2:89:8b:70:92:a6:19:88:af:81:dd:dc:33:1a:
61:1f:5b:51:8b:62:45:16:a7:c7:1c:b2:9c:6d:71:
75:39:82:a4:48:30:70:c3:03:9e:1f:a6:e1:a8:fa:
f2:ab:51:37:bb:c0:92:80:8b:34:5b:c2:bd:da:6e:
63:a3:2a:6c:9d:5e:9a:66:cc:47:cc:ef:e2:f4:3a:
80:46:31:72:f5:8c:73:6b:51:c0:1e:7b:aa:87:15:
b5:b5:14:89:38:e0:7b:f9:c1:5a:de:56:d0:76:71:
6b:14:af:76:e1:36:6c:6c:97:71:81:9d:49:7b:03:
18:f3:a3:96:d7:53:99:b3:d6:88:1a:6a:fc:3c:65:
2a:ba:20:f1:69:0a:a7:bb:7c:ff:77:dd:4c:1b:b1:
5c:15:e0:b1:f2:8b:29:6e:15:9e:54:d1:d9:9c:f5:
ee:b3:71:dd:52:74:06:0d:42:e6:42:03:d6:b4:f4:
7d:ac:15:9a:44:fb:db:f0:d0:d4:4e:d7:ee:0a:bb:
38:22:a7:40:61:ca:5a:1e:c2:ba:cd:9a:24:ce:1e:
91:98:7a:70:bf:65:c8:06:7e:61:df:dd:8b:6b:32:
42:6c:85:22:09:4d:ee:25:af:58:84:58:d8:8d:7f:
25:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:8F:C9:F0:FF:CC:D6:ED:24:AE:D0:B4:F0:BE:8E:5A:3B:31:67:86
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/CBAFF664136B11EFB53F2683C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
42.122.63.0/24
59.47.246.0/23
59.50.75.0/24
59.52.138.0/24
61.133.162.0/24
61.151.144.0/23
106.91.120.0/24
113.240.205.0/24
115.233.202.0/24
117.25.105.0/24
125.93.28.0/23
171.221.53.0/24
182.36.0.0/24
182.36.12.0/24
202.67.0.0/22
202.73.128.0/22
202.191.72.0/21
203.33.67.0-203.33.68.255
203.33.73.0/24
203.33.79.0/24
203.33.100.0/24
203.33.122.0/24
203.33.129.0/24
203.33.131.0/24
220.171.147.0/24
221.226.225.0/24
221.235.40.0/24
221.237.65.0/24
IPv6:
240e:108:4000::/47
240e:108:4020::/48
240e:108:4025::/48
240e:108:4040::/48
240e:108:4047::/48
240e:108:4059::/48
240e:108:4060::/48
240e:108:4080::/48
240e:108:40a0::/48
240e:108:40e0::/48
240e:108:40ec::/48
240e:108:4120::/48
240e:108:4140::/48
240e:108:4160::/48
240e:108:41c0::/48
240e:108:41e0::/48
240e:108:4200::/48
240e:108:4220::/48
240e:108:4240::/48
240e:108:4260::/48
240e:108:4280::/48
240e:108:42a0::/48
240e:108:42c0::/48
240e:108:42e0::/48
240e:108:4300::/48
240e:108:4320::/48
240e:108:4340::/48
240e:108:4360::/48
240e:108:4380::/48
240e:108:438c::/48
240e:108:43a0::/48
240e:108:43c0::/48
240e:108:4800::/47
240e:108:4820::/48
240e:108:4825::/48
240e:108:4840::/48
240e:108:4847::/48
240e:108:4859::/48
240e:108:4860::/48
240e:108:4880::/48
240e:108:48a0::/48
240e:108:48e0::/48
240e:108:48ec::/48
240e:108:4920::/48
240e:108:4940::/48
240e:108:4960::/48
240e:108:49c0::/48
240e:108:49e0::/48
240e:108:4a00::/48
240e:108:4a20::/48
240e:108:4a40::/48
240e:108:4a60::/48
240e:108:4a80::/48
240e:108:4aa0::/48
240e:108:4ac0::/48
240e:108:4ae0::/48
240e:108:4b00::/48
240e:108:4b20::/48
240e:108:4b40::/48
240e:108:4b60::/48
240e:108:4b80::/48
240e:108:4b8c::/48
240e:108:4ba0::/48
240e:108:4bc0::/48
Signature Algorithm: sha256WithRSAEncryption
97:58:c7:03:bc:1d:80:07:2f:66:e9:85:b7:30:0e:56:46:93:
3f:89:57:d7:36:ad:9a:0d:7c:e3:0d:88:d9:7b:c1:e8:bf:92:
07:0d:14:67:e9:53:26:2d:de:5d:90:b9:1c:da:9f:2f:c2:a3:
96:08:aa:4c:3d:ca:ea:1f:f8:d0:39:cb:98:09:4d:6f:47:59:
8b:45:32:35:1d:04:f9:bb:33:e8:8a:2a:a8:30:1f:4e:11:0a:
7b:cc:d0:f2:78:1a:41:58:85:1b:0b:66:98:e1:25:49:f8:13:
a4:d0:ed:0e:dd:64:7d:c5:c0:48:63:3c:33:33:00:f4:a6:fd:
4e:e6:b1:95:63:e9:8e:32:8e:df:77:a0:f8:c5:61:8a:5e:38:
85:e5:f3:67:18:5b:79:30:93:83:b5:46:88:05:07:f3:4c:14:
90:2e:72:ab:c7:f9:30:76:f0:5f:b5:6b:64:f2:2e:75:42:c6:
d5:5c:c7:93:6b:02:07:c3:42:a1:2e:4e:84:dc:0a:06:70:d4:
f4:8f:fc:bc:ac:e5:59:ba:35:73:2f:95:eb:81:b1:2e:28:75:
18:bf:25:09:34:27:75:a5:69:be:4f:b9:51:3b:fb:2f:c6:cf:
74:20:60:45:91:55:ba:bf:ec:2a:53:3a:79:b8:4f:69:d0:de:
54:dc:62:dc
-----BEGIN CERTIFICATE-----
MIIIOjCCByKgAwIBAgICIK8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjYwNjA0MDc0OTE1WhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTIxMmRmYi1jN2E2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3Em+N7ZqfPw4pFfcPBkz0omLcJKmGYivgd3cMxphH1tRi2JFFqfHHLKcbXF1
OYKkSDBwwwOeH6bhqPryq1E3u8CSgIs0W8K92m5joypsnV6aZsxHzO/i9DqARjFy
9Yxza1HAHnuqhxW1tRSJOOB7+cFa3lbQdnFrFK924TZsbJdxgZ1JewMY86OW11OZ
s9aIGmr8PGUquiDxaQqnu3z/d91MG7FcFeCx8ospbhWeVNHZnPXus3HdUnQGDULm
QgPWtPR9rBWaRPvb8NDUTtfuCrs4IqdAYcpaHsK6zZokzh6RmHpwv2XIBn5h392L
azJCbIUiCU3uJa9YhFjYjX8l1QIDAQABo4IFXjCCBVowHQYDVR0OBBYEFBePyfD/
zNbtJK7QtPC+jlo7MWeGMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvQ0JBRkY2NjQx
MzZCMTFFRkI1M0YyNjgzQzRGOUFFMDIucm9hMIIDGwYIKwYBBQUHAQcBAf8EggMK
MIIDBjCBtwQCAAEwgbADBAAqej8DBAE7L/YDBAA7MksDBAA7NIoDBAA9haIDBAE9
l5ADBABqW3gDBABx8M0DBABz6coDBAB1GWkDBAF9XRwDBACr3TUDBAC2JAADBAC2
JAwDBALKQwADBALKSYADBAPKv0gwDAMEAMshQwMEAMshRAMEAMshSQMEAMshTwME
AMshZAMEAMshegMEAMshgQMEAMshgwMEANyrkwMEAN3i4QMEAN3rKAMEAN3tQTCC
AkgEAgACMIICQAMHASQOAQhAAAMHACQOAQhAIAMHACQOAQhAJQMHACQOAQhAQAMH
ACQOAQhARwMHACQOAQhAWQMHACQOAQhAYAMHACQOAQhAgAMHACQOAQhAoAMHACQO
AQhA4AMHACQOAQhA7AMHACQOAQhBIAMHACQOAQhBQAMHACQOAQhBYAMHACQOAQhB
wAMHACQOAQhB4AMHACQOAQhCAAMHACQOAQhCIAMHACQOAQhCQAMHACQOAQhCYAMH
ACQOAQhCgAMHACQOAQhCoAMHACQOAQhCwAMHACQOAQhC4AMHACQOAQhDAAMHACQO
AQhDIAMHACQOAQhDQAMHACQOAQhDYAMHACQOAQhDgAMHACQOAQhDjAMHACQOAQhD
oAMHACQOAQhDwAMHASQOAQhIAAMHACQOAQhIIAMHACQOAQhIJQMHACQOAQhIQAMH
ACQOAQhIRwMHACQOAQhIWQMHACQOAQhIYAMHACQOAQhIgAMHACQOAQhIoAMHACQO
AQhI4AMHACQOAQhI7AMHACQOAQhJIAMHACQOAQhJQAMHACQOAQhJYAMHACQOAQhJ
wAMHACQOAQhJ4AMHACQOAQhKAAMHACQOAQhKIAMHACQOAQhKQAMHACQOAQhKYAMH
ACQOAQhKgAMHACQOAQhKoAMHACQOAQhKwAMHACQOAQhK4AMHACQOAQhLAAMHACQO
AQhLIAMHACQOAQhLQAMHACQOAQhLYAMHACQOAQhLgAMHACQOAQhLjAMHACQOAQhL
oAMHACQOAQhLwDANBgkqhkiG9w0BAQsFAAOCAQEAl1jHA7wdgAcvZumFtzAOVkaT
P4lX1zatmg184w2I2XvB6L+SBw0UZ+lTJi3eXZC5HNqfL8KjlgiqTD3K6h/40DnL
mAlNb0dZi0UyNR0E+bsz6IoqqDAfThEKe8zQ8ngaQViFGwtmmOElSfgTpNDtDt1k
fcXASGM8MzMA9Kb9TuaxlWPpjjKO33eg+MVhil44heXzZxhbeTCTg7VGiAUH80wU
kC5yq8f5MHbwX7VrZPIudULG1VzHk2sCB8NCoS5OhNwKBnDU9I/8vKzlWbo1cy+V
64GxLih1GL8lCTQndaVpvk+5UTv7L8bPdCBgRZFVur/sKlM6ebhPadDeVNxi3A==
-----END CERTIFICATE-----
Generated at Thu Jun 11 23:54:44 2026 by rpki-client