Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/97C79A806C0511EF8B77D10EC4F9AE02.roa
File: 97C79A806C0511EF8B77D10EC4F9AE02.roa (raw, json)
Hash identifier: Z/eyVAkA9R8S1+9PHNU8ppbtyyeeA+WhA6oeOKeAzo8=
Subject key identifier: 5C:38:23:59:18:5C:0C:AC:BB:FD:D4:FF:73:2C:28:0B:9C:3C:97:00
Certificate issuer: /CN=A91DC31B/serialNumber=8B8AD5CA1C3E8B8CF468B5F496A91ABB0E48CFA8
Certificate serial: 06D8
Authority key identifier: 8B:8A:D5:CA:1C:3E:8B:8C:F4:68:B5:F4:96:A9:1A:BB:0E:48:CF:A8
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i4rVyhw-i4z0aLX0lqkauw5Iz6g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/97C79A806C0511EF8B77D10EC4F9AE02.roa
Signing time: Fri 24 Jan 2025 22:31:58 +0000
ROA not before: Fri 24 Jan 2025 22:31:58 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 0
IP address blocks: 166.81.0.0/24 maxlen: 24
166.81.1.0/24 maxlen: 24
166.81.3.0/24 maxlen: 24
166.81.4.0/24 maxlen: 24
166.81.7.0/24 maxlen: 24
166.81.8.0/24 maxlen: 24
166.81.31.0/24 maxlen: 24
166.81.36.0/24 maxlen: 24
166.81.37.0/24 maxlen: 24
166.81.41.0/24 maxlen: 24
166.81.42.0/24 maxlen: 24
166.81.43.0/24 maxlen: 24
166.81.44.0/24 maxlen: 24
166.81.45.0/24 maxlen: 24
166.81.46.0/24 maxlen: 24
166.81.47.0/24 maxlen: 24
166.81.48.0/24 maxlen: 24
166.81.49.0/24 maxlen: 24
166.81.50.0/24 maxlen: 24
166.81.71.0/24 maxlen: 24
166.81.72.0/24 maxlen: 24
166.81.73.0/24 maxlen: 24
166.81.74.0/24 maxlen: 24
166.81.75.0/24 maxlen: 24
166.81.76.0/24 maxlen: 24
166.81.82.0/24 maxlen: 24
166.81.84.0/24 maxlen: 24
166.81.85.0/24 maxlen: 24
166.81.86.0/24 maxlen: 24
166.81.87.0/24 maxlen: 24
166.81.88.0/24 maxlen: 24
166.81.89.0/24 maxlen: 24
166.81.90.0/24 maxlen: 24
166.81.91.0/24 maxlen: 24
166.81.92.0/24 maxlen: 24
166.81.93.0/24 maxlen: 24
166.81.94.0/24 maxlen: 24
166.81.95.0/24 maxlen: 24
166.81.96.0/24 maxlen: 24
166.81.97.0/24 maxlen: 24
166.81.98.0/24 maxlen: 24
166.81.99.0/24 maxlen: 24
166.81.100.0/24 maxlen: 24
166.81.107.0/24 maxlen: 24
166.81.108.0/24 maxlen: 24
166.81.109.0/24 maxlen: 24
166.81.110.0/24 maxlen: 24
166.81.111.0/24 maxlen: 24
166.81.112.0/24 maxlen: 24
166.81.113.0/24 maxlen: 24
166.81.114.0/24 maxlen: 24
166.81.115.0/24 maxlen: 24
166.81.116.0/24 maxlen: 24
166.81.117.0/24 maxlen: 24
166.81.118.0/24 maxlen: 24
166.81.119.0/24 maxlen: 24
166.81.120.0/24 maxlen: 24
166.81.121.0/24 maxlen: 24
166.81.122.0/24 maxlen: 24
166.81.123.0/24 maxlen: 24
166.81.124.0/24 maxlen: 24
166.81.125.0/24 maxlen: 24
166.81.126.0/24 maxlen: 24
166.81.127.0/24 maxlen: 24
166.81.128.0/24 maxlen: 24
166.81.129.0/24 maxlen: 24
166.81.130.0/24 maxlen: 24
166.81.131.0/24 maxlen: 24
166.81.132.0/24 maxlen: 24
166.81.133.0/24 maxlen: 24
166.81.134.0/24 maxlen: 24
166.81.135.0/24 maxlen: 24
166.81.136.0/24 maxlen: 24
166.81.137.0/24 maxlen: 24
166.81.138.0/24 maxlen: 24
166.81.139.0/24 maxlen: 24
166.81.140.0/24 maxlen: 24
166.81.141.0/24 maxlen: 24
166.81.142.0/24 maxlen: 24
166.81.143.0/24 maxlen: 24
166.81.144.0/24 maxlen: 24
166.81.145.0/24 maxlen: 24
166.81.146.0/24 maxlen: 24
166.81.147.0/24 maxlen: 24
166.81.148.0/24 maxlen: 24
166.81.149.0/24 maxlen: 24
166.81.150.0/24 maxlen: 24
166.81.151.0/24 maxlen: 24
166.81.152.0/24 maxlen: 24
166.81.153.0/24 maxlen: 24
166.81.154.0/24 maxlen: 24
166.81.155.0/24 maxlen: 24
166.81.156.0/24 maxlen: 24
166.81.157.0/24 maxlen: 24
166.81.158.0/24 maxlen: 24
166.81.159.0/24 maxlen: 24
166.81.160.0/24 maxlen: 24
166.81.161.0/24 maxlen: 24
166.81.162.0/24 maxlen: 24
166.81.163.0/24 maxlen: 24
166.81.164.0/24 maxlen: 24
166.81.165.0/24 maxlen: 24
166.81.166.0/24 maxlen: 24
166.81.167.0/24 maxlen: 24
166.81.168.0/24 maxlen: 24
166.81.169.0/24 maxlen: 24
166.81.170.0/24 maxlen: 24
166.81.171.0/24 maxlen: 24
166.81.172.0/24 maxlen: 24
166.81.173.0/24 maxlen: 24
166.81.174.0/24 maxlen: 24
166.81.175.0/24 maxlen: 24
166.81.176.0/24 maxlen: 24
166.81.177.0/24 maxlen: 24
166.81.178.0/24 maxlen: 24
166.81.179.0/24 maxlen: 24
166.81.180.0/24 maxlen: 24
166.81.181.0/24 maxlen: 24
166.81.182.0/24 maxlen: 24
166.81.183.0/24 maxlen: 24
166.81.184.0/24 maxlen: 24
166.81.185.0/24 maxlen: 24
166.81.186.0/24 maxlen: 24
166.81.187.0/24 maxlen: 24
166.81.188.0/24 maxlen: 24
166.81.189.0/24 maxlen: 24
166.81.190.0/24 maxlen: 24
166.81.191.0/24 maxlen: 24
166.81.192.0/24 maxlen: 24
166.81.193.0/24 maxlen: 24
166.81.194.0/24 maxlen: 24
166.81.195.0/24 maxlen: 24
166.81.196.0/24 maxlen: 24
166.81.197.0/24 maxlen: 24
166.81.198.0/24 maxlen: 24
166.81.199.0/24 maxlen: 24
166.81.200.0/24 maxlen: 24
166.81.201.0/24 maxlen: 24
166.81.202.0/24 maxlen: 24
166.81.203.0/24 maxlen: 24
166.81.204.0/24 maxlen: 24
166.81.205.0/24 maxlen: 24
166.81.206.0/24 maxlen: 24
166.81.207.0/24 maxlen: 24
166.81.208.0/24 maxlen: 24
166.81.209.0/24 maxlen: 24
166.81.210.0/24 maxlen: 24
166.81.211.0/24 maxlen: 24
166.81.212.0/24 maxlen: 24
166.81.213.0/24 maxlen: 24
166.81.214.0/24 maxlen: 24
166.81.215.0/24 maxlen: 24
166.81.216.0/24 maxlen: 24
166.81.217.0/24 maxlen: 24
166.81.218.0/24 maxlen: 24
166.81.219.0/24 maxlen: 24
166.81.220.0/24 maxlen: 24
166.81.221.0/24 maxlen: 24
166.81.222.0/24 maxlen: 24
166.81.223.0/24 maxlen: 24
166.81.224.0/24 maxlen: 24
166.81.225.0/24 maxlen: 24
166.81.226.0/24 maxlen: 24
166.81.227.0/24 maxlen: 24
166.81.228.0/24 maxlen: 24
166.81.229.0/24 maxlen: 24
166.81.230.0/24 maxlen: 24
166.81.231.0/24 maxlen: 24
166.81.232.0/24 maxlen: 24
166.81.233.0/24 maxlen: 24
166.81.234.0/24 maxlen: 24
166.81.235.0/24 maxlen: 24
166.81.236.0/24 maxlen: 24
166.81.237.0/24 maxlen: 24
166.81.238.0/24 maxlen: 24
166.81.239.0/24 maxlen: 24
166.81.240.0/24 maxlen: 24
166.81.241.0/24 maxlen: 24
166.81.242.0/24 maxlen: 24
166.81.243.0/24 maxlen: 24
166.81.244.0/24 maxlen: 24
166.81.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/i4rVyhw-i4z0aLX0lqkauw5Iz6g.crl
rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/i4rVyhw-i4z0aLX0lqkauw5Iz6g.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i4rVyhw-i4z0aLX0lqkauw5Iz6g.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 22:22:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1752 (0x6d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC31B
Validity
Not Before: Jan 24 22:31:58 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679414de-3376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ce:f8:73:2b:1d:2e:73:49:3e:3f:42:1c:c1:
a6:d8:e3:a6:a8:0a:d3:2b:04:30:30:7a:a6:32:65:
ac:e6:9a:08:77:d8:c6:81:3f:7d:5f:f7:de:14:d7:
66:d1:07:df:95:28:7a:83:8c:20:ae:f1:b4:fd:5b:
38:2c:bd:a0:79:6e:a6:38:44:a3:53:74:7f:8a:ea:
d7:60:91:50:7a:0c:48:f4:fe:18:54:85:b3:c2:79:
38:25:45:81:f4:76:e8:a3:38:90:9b:34:03:65:a4:
e3:c8:44:40:b8:6b:d8:d7:02:1e:19:81:32:2b:5a:
16:44:22:4d:7d:b1:dd:57:17:b9:97:66:76:2a:4b:
f1:d2:a2:db:16:de:e7:27:f6:3e:53:45:a6:2e:53:
24:1b:b3:3b:7d:24:50:e8:4a:c8:8a:ce:21:28:2b:
79:6e:16:42:17:d8:d5:d2:86:fd:83:ee:fd:5a:7c:
6c:7f:be:8f:ad:c9:97:a5:7f:42:3c:f3:cc:cf:f7:
08:2f:db:f2:12:f3:f5:7d:b9:02:46:7f:b9:e3:00:
16:7f:f8:06:40:1f:cb:df:ad:7e:f5:5b:7f:96:9b:
81:95:fe:5b:8c:90:56:cd:d1:69:cb:e3:2b:ee:a0:
d5:49:7d:b3:16:38:48:04:30:d6:9d:ff:46:29:8c:
e8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:38:23:59:18:5C:0C:AC:BB:FD:D4:FF:73:2C:28:0B:9C:3C:97:00
X509v3 Authority Key Identifier:
keyid:8B:8A:D5:CA:1C:3E:8B:8C:F4:68:B5:F4:96:A9:1A:BB:0E:48:CF:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/i4rVyhw-i4z0aLX0lqkauw5Iz6g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i4rVyhw-i4z0aLX0lqkauw5Iz6g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/97C79A806C0511EF8B77D10EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
166.81.0.0/23
166.81.3.0-166.81.4.255
166.81.7.0-166.81.8.255
166.81.31.0/24
166.81.36.0/23
166.81.41.0-166.81.50.255
166.81.71.0-166.81.76.255
166.81.82.0/24
166.81.84.0-166.81.100.255
166.81.107.0-166.81.245.255
Signature Algorithm: sha256WithRSAEncryption
8e:86:4b:ea:09:34:08:48:5c:80:d9:f7:0c:90:c1:41:72:f4:
00:ec:a1:21:87:b0:94:25:99:bc:11:a4:1d:26:ec:fc:c5:ff:
da:44:0e:88:ca:c2:c0:3e:fd:71:e8:62:0a:16:dc:a5:9a:ea:
68:9b:9c:f6:c0:12:aa:7b:ff:be:25:48:cc:92:7f:9e:85:32:
4c:e1:72:aa:b0:52:2e:5a:b3:3f:85:f3:25:21:94:87:36:48:
87:62:28:d0:8a:f2:c0:e0:e1:83:da:4b:25:54:50:e4:ea:da:
ee:21:79:42:b6:e5:dd:17:83:93:ce:7c:95:5a:64:68:1b:85:
ea:da:f9:e5:97:af:11:0e:53:cd:ed:33:bb:34:91:9b:be:c1:
0d:43:ec:2c:f6:86:52:08:9b:c3:7f:5e:fb:d8:89:b5:70:25:
91:c5:0f:a9:d1:55:34:66:4e:a1:fa:f5:8d:f4:f3:bd:36:2b:
3b:08:9b:f9:6a:bf:19:0f:a3:af:f7:20:27:2c:39:bc:cf:91:
2d:12:ec:5b:59:aa:a4:fb:62:8e:c0:41:8f:c2:54:cc:64:c3:
31:ae:65:32:6f:ec:9b:c2:1a:03:ad:19:43:cb:3a:82:47:02:
54:e3:64:88:6d:89:d1:cd:83:c7:79:9b:f0:56:36:1b:63:0d:
65:6f:21:c0
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgICBtgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REMzMUIxMTAvBgNVBAUTKDhCOEFENUNBMUMzRThCOENGNDY4QjVGNDk2QTkxQUJC
MEU0OENGQTgwHhcNMjUwMTI0MjIzMTU4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk0MTRkZS0zMzc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy874cysdLnNJPj9CHMGm2OOmqArTKwQwMHqmMmWs5poId9jGgT99X/feFNdm
0QfflSh6g4wgrvG0/Vs4LL2geW6mOESjU3R/iurXYJFQegxI9P4YVIWzwnk4JUWB
9HbooziQmzQDZaTjyERAuGvY1wIeGYEyK1oWRCJNfbHdVxe5l2Z2Kkvx0qLbFt7n
J/Y+U0WmLlMkG7M7fSRQ6ErIis4hKCt5bhZCF9jV0ob9g+79Wnxsf76PrcmXpX9C
PPPMz/cIL9vyEvP1fbkCRn+54wAWf/gGQB/L361+9Vt/lpuBlf5bjJBWzdFpy+Mr
7qDVSX2zFjhIBDDWnf9GKYzoEQIDAQABo4IC/DCCAvgwHQYDVR0OBBYEFFw4I1kY
XAysu/3U/3MsKAucPJcAMB8GA1UdIwQYMBaAFIuK1cocPouM9Gi19JapGrsOSM+o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzMxQi9EMEVDQ0Q0ODg5
M0QxMUVCOTE2REYwMjJDNEY5QUUwMi9pNHJWeWh3LWk0ejBhTFgwbHFrYXV3NUl6
NmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2k0clZ5aHctaTR6MGFMWDBscWthdXc1SXo2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REMzMUIvRDBFQ0NENDg4OTNEMTFFQjkxNkRGMDIyQzRGOUFFMDIvOTdDNzlBODA2
QzA1MTFFRjhCNzdEMTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYUGCCsGAQUFBwEHAQH/
BHYwdDByBAIAATBsAwQBplEAMAwDBACmUQMDBACmUQQwDAMEAKZRBwMEAKZRCAME
AKZRHwMEAaZRJDAMAwQAplEpAwQAplEyMAwDBACmUUcDBACmUUwDBACmUVIwDAME
AqZRVAMEAKZRZDAMAwQAplFrAwQBplH0MA0GCSqGSIb3DQEBCwUAA4IBAQCOhkvq
CTQISFyA2fcMkMFBcvQA7KEhh7CUJZm8EaQdJuz8xf/aRA6IysLAPv1x6GIKFtyl
mupom5z2wBKqe/++JUjMkn+ehTJM4XKqsFIuWrM/hfMlIZSHNkiHYijQivLA4OGD
2kslVFDk6truIXlCtuXdF4OTznyVWmRoG4Xq2vnll68RDlPN7TO7NJGbvsENQ+ws
9oZSCJvDf1772Im1cCWRxQ+p0VU0Zk6h+vWN9PO9Nis7CJv5ar8ZD6Ov9yAnLDm8
z5EtEuxbWaqk+2KOwEGPwlTMZMMxrmUyb+ybwhoDrRlDyzqCRwJU42SIbYnRzYPH
eZvwVjYbYw1lbyHA
-----END CERTIFICATE-----
Generated at Fri Apr 11 06:27:39 2025 by rpki-client