Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917FFB0/E557C0001D9211E2933A21F608B02CD2/CAE324148A3311F091DEBC42C4F9AE02.roa
File: CAE324148A3311F091DEBC42C4F9AE02.roa (raw, json)
Hash identifier: 1GJIa0xCy7ffT8GF61jfRTkKOAbXSUpcRhyVPnWT4/w=
Subject key identifier: 5B:82:1E:18:D4:A8:DB:6E:0C:D2:3A:08:FE:3B:E7:88:4B:F0:30:C3
Certificate issuer: /CN=A917FFB0/serialNumber=1324043021BB45D7FF66F20AFC6839343130C3F2
Certificate serial: 3542
Authority key identifier: 13:24:04:30:21:BB:45:D7:FF:66:F2:0A:FC:68:39:34:31:30:C3:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EyQEMCG7Rdf_ZvIK_Gg5NDEww_I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917FFB0/E557C0001D9211E2933A21F608B02CD2/CAE324148A3311F091DEBC42C4F9AE02.roa
Signing time: Fri 05 Sep 2025 08:39:10 +0000
ROA not before: Fri 05 Sep 2025 08:39:10 +0000
ROA not after: Sat 31 Oct 2026 00:00:00 +0000
asID: 38264
IP address blocks: 58.27.128.0/17 maxlen: 17
58.27.128.0/24 maxlen: 24
58.27.129.0/24 maxlen: 24
58.27.130.0/24 maxlen: 24
58.27.131.0/24 maxlen: 24
58.27.132.0/22 maxlen: 22
58.27.132.0/24 maxlen: 24
58.27.133.0/24 maxlen: 24
58.27.134.0/24 maxlen: 24
58.27.135.0/24 maxlen: 24
58.27.136.0/22 maxlen: 22
58.27.140.0/24 maxlen: 24
58.27.141.0/24 maxlen: 24
58.27.142.0/24 maxlen: 24
58.27.144.0/22 maxlen: 22
58.27.144.0/23 maxlen: 24
58.27.146.0/24 maxlen: 24
58.27.147.0/24 maxlen: 24
58.27.148.0/22 maxlen: 22
58.27.148.0/24 maxlen: 24
58.27.149.0/24 maxlen: 24
58.27.150.0/23 maxlen: 23
58.27.152.0/21 maxlen: 22
58.27.152.0/22 maxlen: 23
58.27.156.0/24 maxlen: 24
58.27.157.0/24 maxlen: 24
58.27.158.0/24 maxlen: 24
58.27.159.0/24 maxlen: 24
58.27.160.0/21 maxlen: 22
58.27.160.0/24 maxlen: 24
58.27.164.0/24 maxlen: 24
58.27.168.0/21 maxlen: 22
58.27.168.0/23 maxlen: 23
58.27.170.0/24 maxlen: 24
58.27.171.0/24 maxlen: 24
58.27.172.0/24 maxlen: 24
58.27.176.0/20 maxlen: 20
58.27.184.0/22 maxlen: 22
58.27.188.0/24 maxlen: 24
58.27.189.0/24 maxlen: 24
58.27.190.0/24 maxlen: 24
58.27.192.0/19 maxlen: 19
58.27.192.0/21 maxlen: 21
58.27.192.0/24 maxlen: 24
58.27.193.0/24 maxlen: 24
58.27.194.0/23 maxlen: 23
58.27.195.0/24 maxlen: 24
58.27.196.0/23 maxlen: 24
58.27.198.0/24 maxlen: 24
58.27.199.0/24 maxlen: 24
58.27.200.0/22 maxlen: 22
58.27.200.0/24 maxlen: 24
58.27.201.0/24 maxlen: 24
58.27.202.0/24 maxlen: 24
58.27.203.0/24 maxlen: 24
58.27.204.0/22 maxlen: 22
58.27.204.0/24 maxlen: 24
58.27.205.0/24 maxlen: 24
58.27.206.0/24 maxlen: 24
58.27.207.0/24 maxlen: 24
58.27.208.0/20 maxlen: 20
58.27.208.0/22 maxlen: 22
58.27.208.0/24 maxlen: 24
58.27.209.0/24 maxlen: 24
58.27.210.0/24 maxlen: 24
58.27.211.0/24 maxlen: 24
58.27.212.0/22 maxlen: 22
58.27.212.0/24 maxlen: 24
58.27.213.0/24 maxlen: 24
58.27.215.0/24 maxlen: 24
58.27.216.0/24 maxlen: 24
58.27.217.0/24 maxlen: 24
58.27.218.0/24 maxlen: 24
58.27.219.0/24 maxlen: 24
58.27.220.0/24 maxlen: 24
58.27.221.0/24 maxlen: 24
58.27.222.0/24 maxlen: 24
58.27.223.0/24 maxlen: 24
58.27.224.0/19 maxlen: 19
58.27.224.0/20 maxlen: 20
58.27.224.0/24 maxlen: 24
58.27.225.0/24 maxlen: 24
58.27.226.0/24 maxlen: 24
58.27.227.0/24 maxlen: 24
58.27.228.0/24 maxlen: 24
58.27.229.0/24 maxlen: 24
58.27.230.0/24 maxlen: 24
58.27.231.0/24 maxlen: 24
58.27.232.0/21 maxlen: 21
58.27.232.0/22 maxlen: 22
58.27.232.0/24 maxlen: 24
58.27.233.0/24 maxlen: 24
58.27.234.0/24 maxlen: 24
58.27.235.0/24 maxlen: 24
58.27.236.0/23 maxlen: 24
58.27.238.0/24 maxlen: 24
58.27.239.0/24 maxlen: 24
58.27.240.0/21 maxlen: 21
58.27.240.0/24 maxlen: 24
58.27.241.0/24 maxlen: 24
58.27.242.0/24 maxlen: 24
58.27.243.0/24 maxlen: 24
58.27.244.0/24 maxlen: 24
58.27.245.0/24 maxlen: 24
58.27.246.0/24 maxlen: 24
58.27.247.0/24 maxlen: 24
58.27.248.0/22 maxlen: 22
58.27.248.0/24 maxlen: 24
58.27.249.0/24 maxlen: 24
58.27.250.0/24 maxlen: 24
58.27.251.0/24 maxlen: 24
58.27.252.0/22 maxlen: 23
58.27.255.0/24 maxlen: 24
110.36.0.0/14 maxlen: 15
110.36.0.0/18 maxlen: 24
110.36.64.0/18 maxlen: 24
110.36.128.0/18 maxlen: 24
110.36.192.0/18 maxlen: 24
110.37.0.0/18 maxlen: 24
110.37.64.0/18 maxlen: 24
110.37.128.0/18 maxlen: 24
110.37.192.0/18 maxlen: 24
110.38.0.0/16 maxlen: 19
110.38.0.0/17 maxlen: 24
110.38.128.0/18 maxlen: 24
110.38.192.0/19 maxlen: 24
110.38.224.0/20 maxlen: 24
110.39.0.0/16 maxlen: 24
2402:fd00::/32 maxlen: 32
2402:fd00:100::/44 maxlen: 44
2402:fd00:110::/48 maxlen: 48
2402:fd00:111::/48 maxlen: 48
2402:fd00:11f::/48 maxlen: 48
2402:fd00:130::/44 maxlen: 44
2402:fd00:1e0::/44 maxlen: 44
2402:fd00:1f0::/48 maxlen: 48
2402:fd00:300::/40 maxlen: 40
2402:fd00:4000::/40 maxlen: 40
2402:fd00:6000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917FFB0/E557C0001D9211E2933A21F608B02CD2/EyQEMCG7Rdf_ZvIK_Gg5NDEww_I.crl
rsync://rpki.apnic.net/member_repository/A917FFB0/E557C0001D9211E2933A21F608B02CD2/EyQEMCG7Rdf_ZvIK_Gg5NDEww_I.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EyQEMCG7Rdf_ZvIK_Gg5NDEww_I.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 13 Sep 2025 14:45:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13634 (0x3542)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917FFB0, serialNumber=1324043021BB45D7FF66F20AFC6839343130C3F2
Validity
Not Before: Sep 5 08:39:10 2025 GMT
Not After : Oct 31 00:00:00 2026 GMT
Subject: CN=68baa1ae-869d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6e:55:d1:ec:ef:42:c7:38:e6:fc:8f:69:36:
00:aa:e3:60:c2:30:75:22:96:de:e9:52:a2:9f:bb:
db:87:6a:7f:06:b7:5a:82:8d:68:2a:bb:cf:11:13:
dd:92:52:df:20:e6:2f:17:17:68:77:31:14:f4:bc:
25:09:53:de:cb:25:cc:fc:ad:cb:bb:b4:68:f8:ad:
d5:90:5b:ee:11:15:3f:eb:23:9c:4e:2e:bf:c7:2a:
14:c3:9a:15:7c:44:26:8d:cc:c8:a8:ce:cc:89:4d:
d9:a6:2f:d2:a5:85:b8:5c:e0:47:51:d6:bc:9f:91:
19:ec:b5:5f:ae:08:a9:2c:fe:84:4a:f9:60:c1:12:
58:58:73:69:e9:68:63:26:07:1e:e7:57:40:03:e1:
87:65:bb:1c:1c:8a:39:8d:30:28:99:12:2c:e9:ef:
ff:5d:98:3f:1a:e9:b0:6d:11:a4:aa:5b:d3:82:9a:
4b:09:bf:83:74:7f:ad:ea:b3:97:0d:74:0b:8d:c8:
5c:19:a5:d7:3a:6b:fc:27:ab:9a:9f:29:65:70:59:
af:b9:80:5f:c6:ab:81:7e:c9:fb:40:f4:09:64:87:
e6:2a:45:22:3a:8f:c7:5c:60:a4:bb:0a:6a:44:66:
83:ab:2a:05:1f:6d:95:49:a5:3b:d5:3b:31:0d:05:
bf:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:82:1E:18:D4:A8:DB:6E:0C:D2:3A:08:FE:3B:E7:88:4B:F0:30:C3
X509v3 Authority Key Identifier:
keyid:13:24:04:30:21:BB:45:D7:FF:66:F2:0A:FC:68:39:34:31:30:C3:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917FFB0/E557C0001D9211E2933A21F608B02CD2/EyQEMCG7Rdf_ZvIK_Gg5NDEww_I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EyQEMCG7Rdf_ZvIK_Gg5NDEww_I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917FFB0/E557C0001D9211E2933A21F608B02CD2/CAE324148A3311F091DEBC42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.27.128.0/17
110.36.0.0/14
IPv6:
2402:fd00::/32
Signature Algorithm: sha256WithRSAEncryption
2c:ca:88:d3:5e:aa:f6:56:dc:55:b5:93:c0:e1:de:29:09:51:
92:3a:cd:1c:fa:22:94:4f:80:09:40:1e:34:a5:15:3c:af:ab:
2c:0c:09:eb:55:55:54:ed:bd:1c:07:4f:d8:34:61:6e:96:b3:
8b:06:6c:7d:11:80:ca:13:72:f2:ff:e5:ae:32:7e:f0:b9:27:
f4:0f:58:19:b7:07:93:81:a1:54:23:11:60:cc:e2:8f:50:5c:
d5:a6:15:34:9a:00:02:8e:73:8d:77:35:ba:1f:29:83:7e:42:
6c:fc:1c:53:ca:56:19:10:f3:8f:b5:9d:b1:ac:25:a4:cd:c2:
86:b0:92:28:bd:34:59:ca:12:e0:03:37:15:64:54:ae:4c:81:
7a:10:d2:87:82:70:43:49:7a:bc:f0:41:e3:01:9b:ee:e3:44:
14:58:2f:36:9b:08:cb:82:a8:d9:cf:43:f3:0f:9a:36:06:ba:
1b:62:17:c2:45:01:ea:df:44:32:c1:28:17:65:9f:57:35:bb:
dd:27:4c:5a:27:54:96:2f:87:64:75:95:83:71:aa:34:b3:e7:
9e:74:58:99:c6:75:31:10:9c:0a:99:ab:7e:24:cb:7a:fa:82:
14:ac:9c:62:48:4d:54:70:af:e4:70:3e:92:c3:1e:0e:49:cd:
97:fd:f7:2e
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICNUIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0ZGQjAxMTAvBgNVBAUTKDEzMjQwNDMwMjFCQjQ1RDdGRjY2RjIwQUZDNjgzOTM0
MzEzMEMzRjIwHhcNMjUwOTA1MDgzOTEwWhcNMjYxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGJhYTFhZS04NjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsW5V0ezvQsc45vyPaTYAquNgwjB1Ipbe6VKin7vbh2p/Brdago1oKrvPERPd
klLfIOYvFxdodzEU9LwlCVPeyyXM/K3Lu7Ro+K3VkFvuERU/6yOcTi6/xyoUw5oV
fEQmjczIqM7MiU3Zpi/SpYW4XOBHUda8n5EZ7LVfrgipLP6ESvlgwRJYWHNp6Whj
Jgce51dAA+GHZbscHIo5jTAomRIs6e//XZg/GumwbRGkqlvTgppLCb+DdH+t6rOX
DXQLjchcGaXXOmv8J6uanyllcFmvuYBfxquBfsn7QPQJZIfmKkUiOo/HXGCkuwpq
RGaDqyoFH22VSaU71TsxDQW/bwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFFuCHhjU
qNtuDNI6CP4754hL8DDDMB8GA1UdIwQYMBaAFBMkBDAhu0XX/2byCvxoOTQxMMPy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RkZCMC9FNTU3QzAwMDFE
OTIxMUUyOTMzQTIxRjYwOEIwMkNEMi9FeVFFTUNHN1JkZl9adklLX0dnNU5ERXd3
X0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0V5UUVNQ0c3UmRmX1p2SUtfR2c1TkRFd3dfSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0ZGQjAvRTU1N0MwMDAxRDkyMTFFMjkzM0EyMUY2MDhCMDJDRDIvQ0FFMzI0MTQ4
QTMzMTFGMDkxREVCQzQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMBEEAgABMAsDBAc6G4ADAwJuJDANBAIAAjAHAwUAJAL9ADANBgkqhkiG9w0B
AQsFAAOCAQEALMqI016q9lbcVbWTwOHeKQlRkjrNHPoilE+ACUAeNKUVPK+rLAwJ
61VVVO29HAdP2DRhbpaziwZsfRGAyhNy8v/lrjJ+8Lkn9A9YGbcHk4GhVCMRYMzi
j1Bc1aYVNJoAAo5zjXc1uh8pg35CbPwcU8pWGRDzj7WdsawlpM3ChrCSKL00WcoS
4AM3FWRUrkyBehDSh4JwQ0l6vPBB4wGb7uNEFFgvNpsIy4Ko2c9D8w+aNga6G2IX
wkUB6t9EMsEoF2WfVzW73SdMWidUli+HZHWVg3GqNLPnnnRYmcZ1MRCcCpmrfiTL
evqCFKycYkhNVHCv5HA+ksMeDknNl/33Lg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 06:16:20 2025 by rpki-client