Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/97DC58040B5B11EAB69DC64FC4F9AE02.roa
File: 97DC58040B5B11EAB69DC64FC4F9AE02.roa (raw, json)
Hash identifier: YO/LHGpdZrKxxuw5Nj9V4zkQvWAz2/rqA3ybBI8prVU=
Subject key identifier: 91:DC:44:D0:C1:64:33:AD:B1:74:F8:E5:96:E3:FF:3B:5C:F8:52:0B
Certificate issuer: /CN=A919EAAD/serialNumber=F53983B7AB8386C69958784FFAF0E697262457A7
Certificate serial: 0D08
Authority key identifier: F5:39:83:B7:AB:83:86:C6:99:58:78:4F:FA:F0:E6:97:26:24:57:A7
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9TmDt6uDhsaZWHhP-vDmlyYkV6c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/97DC58040B5B11EAB69DC64FC4F9AE02.roa
Signing time: Sun 31 May 2026 19:22:02 +0000
ROA not before: Sun 31 May 2026 19:22:02 +0000
ROA not after: Thu 01 Oct 2026 00:00:00 +0000
asID: 133385
IP address blocks: 37.111.0.0/21 maxlen: 22
37.111.0.0/24 maxlen: 24
37.111.1.0/24 maxlen: 24
37.111.2.0/24 maxlen: 24
37.111.3.0/24 maxlen: 24
37.111.4.0/24 maxlen: 24
37.111.5.0/24 maxlen: 24
37.111.6.0/24 maxlen: 24
37.111.7.0/24 maxlen: 24
37.111.8.0/21 maxlen: 22
37.111.8.0/24 maxlen: 24
37.111.9.0/24 maxlen: 24
37.111.10.0/24 maxlen: 24
37.111.11.0/24 maxlen: 24
37.111.12.0/24 maxlen: 24
37.111.13.0/24 maxlen: 24
37.111.14.0/24 maxlen: 24
37.111.15.0/24 maxlen: 24
37.111.16.0/21 maxlen: 22
37.111.16.0/24 maxlen: 24
37.111.17.0/24 maxlen: 24
37.111.18.0/24 maxlen: 24
37.111.19.0/24 maxlen: 24
37.111.20.0/24 maxlen: 24
37.111.21.0/24 maxlen: 24
37.111.22.0/24 maxlen: 24
37.111.23.0/24 maxlen: 24
37.111.32.0/21 maxlen: 24
37.111.40.0/22 maxlen: 24
37.111.44.0/22 maxlen: 22
37.111.44.0/23 maxlen: 23
37.111.44.0/24 maxlen: 24
37.111.45.0/24 maxlen: 24
37.111.46.0/23 maxlen: 23
37.111.46.0/24 maxlen: 24
37.111.47.0/24 maxlen: 24
37.111.48.0/22 maxlen: 22
37.111.48.0/23 maxlen: 23
37.111.48.0/24 maxlen: 24
37.111.49.0/24 maxlen: 24
37.111.50.0/23 maxlen: 23
37.111.50.0/24 maxlen: 24
37.111.51.0/24 maxlen: 24
37.111.52.0/23 maxlen: 23
37.111.52.0/24 maxlen: 24
37.111.53.0/24 maxlen: 24
37.111.56.0/24 maxlen: 24
37.111.60.0/22 maxlen: 22
37.111.60.0/23 maxlen: 23
37.111.60.0/24 maxlen: 24
37.111.61.0/24 maxlen: 24
37.111.62.0/23 maxlen: 23
37.111.62.0/24 maxlen: 24
37.111.63.0/24 maxlen: 24
37.111.64.0/20 maxlen: 22
37.111.64.0/24 maxlen: 24
37.111.65.0/24 maxlen: 24
37.111.66.0/24 maxlen: 24
37.111.67.0/24 maxlen: 24
37.111.68.0/24 maxlen: 24
37.111.69.0/24 maxlen: 24
37.111.70.0/24 maxlen: 24
37.111.71.0/24 maxlen: 24
37.111.72.0/24 maxlen: 24
37.111.73.0/24 maxlen: 24
37.111.74.0/24 maxlen: 24
37.111.75.0/24 maxlen: 24
37.111.76.0/24 maxlen: 24
37.111.77.0/24 maxlen: 24
37.111.78.0/24 maxlen: 24
37.111.79.0/24 maxlen: 24
37.111.80.0/20 maxlen: 22
37.111.80.0/24 maxlen: 24
37.111.81.0/24 maxlen: 24
37.111.82.0/24 maxlen: 24
37.111.83.0/24 maxlen: 24
37.111.84.0/24 maxlen: 24
37.111.85.0/24 maxlen: 24
37.111.86.0/24 maxlen: 24
37.111.87.0/24 maxlen: 24
37.111.88.0/24 maxlen: 24
37.111.89.0/24 maxlen: 24
37.111.90.0/24 maxlen: 24
37.111.91.0/24 maxlen: 24
37.111.92.0/24 maxlen: 24
37.111.93.0/24 maxlen: 24
37.111.94.0/24 maxlen: 24
37.111.95.0/24 maxlen: 24
37.111.124.0/22 maxlen: 22
37.111.124.0/23 maxlen: 23
37.111.124.0/24 maxlen: 24
37.111.125.0/24 maxlen: 24
37.111.126.0/23 maxlen: 23
37.111.126.0/24 maxlen: 24
37.111.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/9TmDt6uDhsaZWHhP-vDmlyYkV6c.crl
rsync://rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/9TmDt6uDhsaZWHhP-vDmlyYkV6c.mft
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9TmDt6uDhsaZWHhP-vDmlyYkV6c.cer
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 11 Jun 2026 18:20:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3336 (0xd08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EAAD, serialNumber=F53983B7AB8386C69958784FFAF0E697262457A7
Validity
Not Before: May 31 19:22:02 2026 GMT
Not After : Oct 1 00:00:00 2026 GMT
Subject: CN=6a1c8a5a-a686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f6:03:98:69:ac:e0:f5:8a:c3:8b:ee:c0:fa:
a8:e7:2c:44:9d:f5:1b:ca:20:55:f6:69:a4:73:fa:
20:93:f0:3a:b4:34:1c:99:9b:d7:2f:3f:64:c4:b0:
00:9d:10:44:aa:7c:3d:cc:11:96:24:33:60:6d:25:
68:9c:9f:d7:6d:1d:1e:8f:8b:9e:88:e0:1c:e9:79:
77:9e:53:36:d4:36:32:db:a4:57:aa:ae:9b:14:7f:
73:ba:f3:8a:b8:ef:dd:c7:bf:89:0e:96:f8:a7:bf:
1b:66:db:e3:d4:67:09:dc:56:0b:7e:02:10:0c:6d:
43:85:fe:84:53:50:89:2d:c1:38:9b:dc:a3:24:0e:
a0:89:2c:bc:37:58:e5:f1:b3:06:08:82:80:c8:e8:
69:90:7b:10:e9:1b:f0:a5:fd:cd:67:39:27:05:e5:
3a:07:bc:96:81:74:5f:41:88:43:6a:8a:aa:3d:87:
f4:a7:0a:10:06:05:18:71:d2:de:7b:0d:fb:2c:76:
05:d9:8f:d0:e7:68:cc:84:31:48:5a:63:db:f4:21:
2f:ef:ff:77:62:d0:66:54:27:a8:fc:bd:d7:f5:0d:
05:df:8b:b5:4e:a9:1b:ca:80:58:12:a4:ec:a3:70:
4e:e7:6d:3e:21:cd:d6:d6:12:60:1f:6f:7f:6e:e0:
1a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:DC:44:D0:C1:64:33:AD:B1:74:F8:E5:96:E3:FF:3B:5C:F8:52:0B
X509v3 Authority Key Identifier:
keyid:F5:39:83:B7:AB:83:86:C6:99:58:78:4F:FA:F0:E6:97:26:24:57:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/9TmDt6uDhsaZWHhP-vDmlyYkV6c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9TmDt6uDhsaZWHhP-vDmlyYkV6c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/97DC58040B5B11EAB69DC64FC4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
37.111.0.0-37.111.23.255
37.111.32.0-37.111.53.255
37.111.56.0/24
37.111.60.0-37.111.95.255
37.111.124.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:64:5a:92:78:33:d4:4f:a7:89:d7:5d:d7:e4:b0:a1:fc:ad:
b8:f7:ae:f8:c5:df:b7:c9:f7:13:f8:2a:7c:69:a6:8e:c0:08:
d0:b5:a1:64:64:a1:8a:55:1e:cf:cf:60:4a:55:a8:b8:81:55:
54:b9:31:a6:f3:b4:ca:3d:bc:09:11:19:05:94:37:b1:d0:0c:
58:1f:85:16:fa:3b:59:45:6a:92:78:06:e5:63:40:e2:53:bf:
c3:ea:39:fa:e0:c1:5f:51:60:0d:4c:3d:90:1b:f2:58:29:2f:
5b:5f:3e:e2:6a:e4:c6:db:0a:ed:8f:73:4d:81:8d:d5:0b:4f:
a6:be:48:6a:69:a8:91:dd:ae:09:13:f9:ce:9e:08:7f:32:ff:
cf:fa:bc:7c:48:bc:73:6e:70:71:14:52:a0:c6:7b:f5:d8:fa:
f0:ec:89:d5:3e:84:1e:61:9b:05:0e:38:31:81:ad:fc:e3:65:
c0:a6:43:22:83:86:f1:eb:f8:ad:ca:96:3a:50:c8:7b:84:a9:
fe:9e:b9:9a:74:28:64:29:60:c8:cb:45:24:ce:0a:73:59:d7:
25:56:61:a7:f6:e1:20:e6:c8:ea:2a:4a:71:83:7a:cc:76:c2:
72:39:59:d5:6d:c2:59:38:71:50:af:71:b3:74:cc:6c:4a:f6:
97:77:44:83
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgICDQgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVBQUQxMTAvBgNVBAUTKEY1Mzk4M0I3QUI4Mzg2QzY5OTU4Nzg0RkZBRjBFNjk3
MjYyNDU3QTcwHhcNMjYwNTMxMTkyMjAyWhcNMjYxMDAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTFjOGE1YS1hNjg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzvYDmGms4PWKw4vuwPqo5yxEnfUbyiBV9mmkc/ogk/A6tDQcmZvXLz9kxLAA
nRBEqnw9zBGWJDNgbSVonJ/XbR0ej4ueiOAc6Xl3nlM21DYy26RXqq6bFH9zuvOK
uO/dx7+JDpb4p78bZtvj1GcJ3FYLfgIQDG1Dhf6EU1CJLcE4m9yjJA6giSy8N1jl
8bMGCIKAyOhpkHsQ6Rvwpf3NZzknBeU6B7yWgXRfQYhDaoqqPYf0pwoQBgUYcdLe
ew37LHYF2Y/Q52jMhDFIWmPb9CEv7/93YtBmVCeo/L3X9Q0F34u1TqkbyoBYEqTs
o3BO520+Ic3W1hJgH29/buAaxwIDAQABo4ICjzCCAoswHQYDVR0OBBYEFJHcRNDB
ZDOtsXT45Zbj/ztc+FILMB8GA1UdIwQYMBaAFPU5g7erg4bGmVh4T/rw5pcmJFen
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFBRC84N0MzMTY4ODA5
RDUxMUVBQjc2QzczMTdDNEY5QUUwMi85VG1EdDZ1RGhzYVpXSGhQLXZEbWx5WWtW
NmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyLzlUbUR0NnVEaHNhWldIaFAtdkRtbHlZa1Y2Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBQUQvODdDMzE2ODgwOUQ1MTFFQUI3NkM3MzE3QzRGOUFFMDIvOTdEQzU4MDQw
QjVCMTFFQUI2OURDNjRGQzRGOUFFMDIucm9hME4GCCsGAQUFBwEHAQH/BD8wPTA7
BAIAATA1MAsDAwAlbwMEAyVvEDAMAwQFJW8gAwQBJW80AwQAJW84MAwDBAIlbzwD
BAUlb0ADBAIlb3wwDQYJKoZIhvcNAQELBQADggEBAA9kWpJ4M9RPp4nXXdfksKH8
rbj3rvjF37fJ9xP4Knxppo7ACNC1oWRkoYpVHs/PYEpVqLiBVVS5MabztMo9vAkR
GQWUN7HQDFgfhRb6O1lFapJ4BuVjQOJTv8PqOfrgwV9RYA1MPZAb8lgpL1tfPuJq
5MbbCu2Pc02BjdULT6a+SGppqJHdrgkT+c6eCH8y/8/6vHxIvHNucHEUUqDGe/XY
+vDsidU+hB5hmwUOODGBrfzjZcCmQyKDhvHr+K3KljpQyHuEqf6euZp0KGQpYMjL
RSTOCnNZ1yVWYaf24SDmyOoqSnGDesx2wnI5WdVtwlk4cVCvcbN0zGxK9pd3RIM=
-----END CERTIFICATE-----
Generated at Sat Jun 6 12:08:21 2026 by rpki-client