Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/97DC58040B5B11EAB69DC64FC4F9AE02.roa
File: 97DC58040B5B11EAB69DC64FC4F9AE02.roa (raw, json)
Hash identifier: Y+cj8aPzkN19TGx3f4b/9SfnrM0Zcz/vz+dPbozawXQ=
Subject key identifier: 6A:3A:1D:9A:9B:9E:A2:DB:0F:2D:6C:A5:08:1C:C2:CB:AD:7D:E7:2E
Certificate issuer: /CN=A919EAAD/serialNumber=F53983B7AB8386C69958784FFAF0E697262457A7
Certificate serial: 0C0A
Authority key identifier: F5:39:83:B7:AB:83:86:C6:99:58:78:4F:FA:F0:E6:97:26:24:57:A7
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9TmDt6uDhsaZWHhP-vDmlyYkV6c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/97DC58040B5B11EAB69DC64FC4F9AE02.roa
Signing time: Mon 10 Feb 2025 18:56:54 +0000
ROA not before: Mon 10 Feb 2025 18:56:54 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133385
IP address blocks: 37.111.0.0/21 maxlen: 22
37.111.0.0/24 maxlen: 24
37.111.1.0/24 maxlen: 24
37.111.2.0/24 maxlen: 24
37.111.3.0/24 maxlen: 24
37.111.4.0/24 maxlen: 24
37.111.5.0/24 maxlen: 24
37.111.6.0/24 maxlen: 24
37.111.7.0/24 maxlen: 24
37.111.8.0/21 maxlen: 22
37.111.8.0/24 maxlen: 24
37.111.9.0/24 maxlen: 24
37.111.10.0/24 maxlen: 24
37.111.11.0/24 maxlen: 24
37.111.12.0/24 maxlen: 24
37.111.13.0/24 maxlen: 24
37.111.14.0/24 maxlen: 24
37.111.15.0/24 maxlen: 24
37.111.16.0/21 maxlen: 22
37.111.16.0/24 maxlen: 24
37.111.17.0/24 maxlen: 24
37.111.18.0/24 maxlen: 24
37.111.19.0/24 maxlen: 24
37.111.20.0/24 maxlen: 24
37.111.21.0/24 maxlen: 24
37.111.22.0/24 maxlen: 24
37.111.23.0/24 maxlen: 24
37.111.32.0/21 maxlen: 24
37.111.40.0/22 maxlen: 24
37.111.44.0/22 maxlen: 22
37.111.44.0/23 maxlen: 23
37.111.44.0/24 maxlen: 24
37.111.45.0/24 maxlen: 24
37.111.46.0/23 maxlen: 23
37.111.46.0/24 maxlen: 24
37.111.47.0/24 maxlen: 24
37.111.48.0/22 maxlen: 22
37.111.48.0/23 maxlen: 23
37.111.48.0/24 maxlen: 24
37.111.49.0/24 maxlen: 24
37.111.50.0/23 maxlen: 23
37.111.50.0/24 maxlen: 24
37.111.51.0/24 maxlen: 24
37.111.52.0/23 maxlen: 23
37.111.52.0/24 maxlen: 24
37.111.53.0/24 maxlen: 24
37.111.60.0/22 maxlen: 22
37.111.60.0/23 maxlen: 23
37.111.60.0/24 maxlen: 24
37.111.61.0/24 maxlen: 24
37.111.62.0/23 maxlen: 23
37.111.62.0/24 maxlen: 24
37.111.63.0/24 maxlen: 24
37.111.64.0/20 maxlen: 22
37.111.64.0/24 maxlen: 24
37.111.65.0/24 maxlen: 24
37.111.66.0/24 maxlen: 24
37.111.67.0/24 maxlen: 24
37.111.68.0/24 maxlen: 24
37.111.69.0/24 maxlen: 24
37.111.70.0/24 maxlen: 24
37.111.71.0/24 maxlen: 24
37.111.72.0/24 maxlen: 24
37.111.73.0/24 maxlen: 24
37.111.74.0/24 maxlen: 24
37.111.75.0/24 maxlen: 24
37.111.76.0/24 maxlen: 24
37.111.77.0/24 maxlen: 24
37.111.78.0/24 maxlen: 24
37.111.79.0/24 maxlen: 24
37.111.80.0/20 maxlen: 22
37.111.80.0/24 maxlen: 24
37.111.81.0/24 maxlen: 24
37.111.82.0/24 maxlen: 24
37.111.83.0/24 maxlen: 24
37.111.84.0/24 maxlen: 24
37.111.85.0/24 maxlen: 24
37.111.86.0/24 maxlen: 24
37.111.87.0/24 maxlen: 24
37.111.88.0/24 maxlen: 24
37.111.89.0/24 maxlen: 24
37.111.90.0/24 maxlen: 24
37.111.91.0/24 maxlen: 24
37.111.92.0/24 maxlen: 24
37.111.93.0/24 maxlen: 24
37.111.94.0/24 maxlen: 24
37.111.95.0/24 maxlen: 24
37.111.124.0/22 maxlen: 22
37.111.124.0/23 maxlen: 23
37.111.124.0/24 maxlen: 24
37.111.125.0/24 maxlen: 24
37.111.126.0/23 maxlen: 23
37.111.126.0/24 maxlen: 24
37.111.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/9TmDt6uDhsaZWHhP-vDmlyYkV6c.crl
rsync://rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/9TmDt6uDhsaZWHhP-vDmlyYkV6c.mft
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9TmDt6uDhsaZWHhP-vDmlyYkV6c.cer
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 18:43:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3082 (0xc0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EAAD
Validity
Not Before: Feb 10 18:56:54 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67aa4bf6-9472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:1a:7f:43:df:33:d4:1d:bb:e1:72:eb:5d:6f:
af:eb:45:e0:1d:50:dd:d4:db:69:e5:9e:20:48:a8:
5d:93:ae:cc:60:4d:79:f2:2a:a7:a6:b0:3a:c0:59:
41:7b:0f:9f:1c:c5:9c:37:f7:fb:83:78:74:3e:24:
c8:1c:1a:11:57:b0:da:f8:1f:2d:00:1e:16:e8:51:
3a:37:ba:81:de:6b:85:4f:f6:e6:70:39:06:80:04:
ea:b5:4f:60:43:df:34:a8:17:ed:f0:ff:a6:99:67:
e4:e1:8c:8b:78:b7:52:e3:39:b2:3d:4f:58:b0:e5:
fc:0f:45:dd:52:ca:98:96:63:12:48:56:79:94:1c:
d3:6d:4c:92:7c:06:46:db:e1:66:05:5a:38:99:bc:
9e:8f:25:a0:2e:3d:d3:ef:c3:2e:7e:f7:b4:fb:78:
39:74:ae:75:42:d9:c6:0e:63:72:74:f8:76:91:73:
4e:2e:ab:1e:d5:f4:f8:b4:45:c1:3d:b8:51:5a:1d:
3e:06:20:3a:eb:05:1b:d1:ef:8d:52:78:9d:eb:a2:
de:00:91:42:ca:52:0c:9c:52:79:43:b3:d9:5a:ef:
4e:ba:18:5a:a0:00:0b:5a:07:c3:c0:12:ee:09:90:
7d:f4:0a:52:a7:a6:99:ec:03:5a:a2:86:b4:3e:c4:
fd:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:3A:1D:9A:9B:9E:A2:DB:0F:2D:6C:A5:08:1C:C2:CB:AD:7D:E7:2E
X509v3 Authority Key Identifier:
keyid:F5:39:83:B7:AB:83:86:C6:99:58:78:4F:FA:F0:E6:97:26:24:57:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/9TmDt6uDhsaZWHhP-vDmlyYkV6c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9TmDt6uDhsaZWHhP-vDmlyYkV6c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/97DC58040B5B11EAB69DC64FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
37.111.0.0-37.111.23.255
37.111.32.0-37.111.53.255
37.111.60.0-37.111.95.255
37.111.124.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:6f:62:e8:e2:4c:f4:4c:d2:2d:6b:64:9f:db:b8:8f:c8:92:
4a:d0:2c:97:e0:c9:ef:57:26:b6:24:4f:77:fb:bc:fb:ed:04:
38:e4:a3:3a:35:c3:dd:08:1f:c0:e4:01:43:c5:77:51:b2:ce:
fc:ff:92:97:a0:a0:13:bc:4d:ec:32:15:c0:4b:8c:8b:54:b0:
50:93:2d:f4:31:d0:fa:7d:68:34:ac:bc:8e:9a:2b:d7:59:34:
a6:d7:07:9f:4a:28:10:31:66:67:f2:27:17:30:4b:b0:4d:41:
68:64:e3:6d:e0:51:42:9c:a5:20:db:fc:83:ec:6e:e1:60:26:
48:80:b7:61:b3:6f:48:8e:95:ce:55:68:36:7a:d5:0e:f0:ea:
3c:7b:b2:0c:bf:d8:90:67:85:72:2b:f4:fd:8b:b7:26:f8:90:
07:d9:d3:c5:d4:15:71:17:5a:f5:11:50:c3:6d:e8:7b:5e:c0:
9d:bb:3d:bb:13:3c:e3:ca:a6:b0:3f:11:30:df:62:9a:1c:4a:
39:38:7c:b5:14:05:d5:19:9f:5d:b1:c9:c1:d9:5f:be:f4:f6:
59:51:f7:5e:45:ee:e6:cc:3c:e6:4f:c3:b6:36:f7:70:bc:60:
f5:fc:96:b5:00:69:67:ee:a4:95:44:07:c4:91:1f:30:c8:af:
eb:29:cc:9e
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICDAowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVBQUQxMTAvBgNVBAUTKEY1Mzk4M0I3QUI4Mzg2QzY5OTU4Nzg0RkZBRjBFNjk3
MjYyNDU3QTcwHhcNMjUwMjEwMTg1NjU0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FhNGJmNi05NDcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3xp/Q98z1B274XLrXW+v60XgHVDd1Ntp5Z4gSKhdk67MYE158iqnprA6wFlB
ew+fHMWcN/f7g3h0PiTIHBoRV7Da+B8tAB4W6FE6N7qB3muFT/bmcDkGgATqtU9g
Q980qBft8P+mmWfk4YyLeLdS4zmyPU9YsOX8D0XdUsqYlmMSSFZ5lBzTbUySfAZG
2+FmBVo4mbyejyWgLj3T78Mufve0+3g5dK51QtnGDmNydPh2kXNOLqse1fT4tEXB
PbhRWh0+BiA66wUb0e+NUnid66LeAJFCylIMnFJ5Q7PZWu9OuhhaoAALWgfDwBLu
CZB99ApSp6aZ7ANaooa0PsT9/wIDAQABo4ICvjCCArowHQYDVR0OBBYEFGo6HZqb
nqLbDy1spQgcwsutfecuMB8GA1UdIwQYMBaAFPU5g7erg4bGmVh4T/rw5pcmJFen
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFBRC84N0MzMTY4ODA5
RDUxMUVBQjc2QzczMTdDNEY5QUUwMi85VG1EdDZ1RGhzYVpXSGhQLXZEbWx5WWtW
NmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyLzlUbUR0NnVEaHNhWldIaFAtdkRtbHlZa1Y2Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBQUQvODdDMzE2ODgwOUQ1MTFFQUI3NkM3MzE3QzRGOUFFMDIvOTdEQzU4MDQw
QjVCMTFFQUI2OURDNjRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MDUEAgABMC8wCwMDACVvAwQDJW8QMAwDBAUlbyADBAElbzQwDAMEAiVvPAME
BSVvQAMEAiVvfDANBgkqhkiG9w0BAQsFAAOCAQEAuG9i6OJM9EzSLWtkn9u4j8iS
StAsl+DJ71cmtiRPd/u8++0EOOSjOjXD3QgfwOQBQ8V3UbLO/P+Sl6CgE7xN7DIV
wEuMi1SwUJMt9DHQ+n1oNKy8jpor11k0ptcHn0ooEDFmZ/InFzBLsE1BaGTjbeBR
QpylINv8g+xu4WAmSIC3YbNvSI6VzlVoNnrVDvDqPHuyDL/YkGeFciv0/Yu3JviQ
B9nTxdQVcRda9RFQw23oe17Anbs9uxM848qmsD8RMN9imhxKOTh8tRQF1RmfXbHJ
wdlfvvT2WVH3XkXu5sw85k/Dtjb3cLxg9fyWtQBpZ+6klUQHxJEfMMiv6ynMng==
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:48:44 2025 by rpki-client