Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/97DC58040B5B11EAB69DC64FC4F9AE02.roa
File: 97DC58040B5B11EAB69DC64FC4F9AE02.roa (raw, json)
Hash identifier: IIl+hrMnm94EE997te9hu/Nd32AVZAIsxiVc91AGezY=
Subject key identifier: 64:A3:95:A3:25:A6:9B:41:64:C8:01:F4:0A:9F:9E:D7:DD:7B:AE:FA
Certificate issuer: /CN=A919EAAD/serialNumber=F53983B7AB8386C69958784FFAF0E697262457A7
Certificate serial: 0C3D
Authority key identifier: F5:39:83:B7:AB:83:86:C6:99:58:78:4F:FA:F0:E6:97:26:24:57:A7
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9TmDt6uDhsaZWHhP-vDmlyYkV6c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/97DC58040B5B11EAB69DC64FC4F9AE02.roa
Signing time: Mon 19 May 2025 03:33:57 +0000
ROA not before: Mon 19 May 2025 03:33:57 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133385
IP address blocks: 37.111.0.0/21 maxlen: 22
37.111.0.0/24 maxlen: 24
37.111.1.0/24 maxlen: 24
37.111.2.0/24 maxlen: 24
37.111.3.0/24 maxlen: 24
37.111.4.0/24 maxlen: 24
37.111.5.0/24 maxlen: 24
37.111.6.0/24 maxlen: 24
37.111.7.0/24 maxlen: 24
37.111.8.0/21 maxlen: 22
37.111.8.0/24 maxlen: 24
37.111.9.0/24 maxlen: 24
37.111.10.0/24 maxlen: 24
37.111.11.0/24 maxlen: 24
37.111.12.0/24 maxlen: 24
37.111.13.0/24 maxlen: 24
37.111.14.0/24 maxlen: 24
37.111.15.0/24 maxlen: 24
37.111.16.0/21 maxlen: 22
37.111.16.0/24 maxlen: 24
37.111.17.0/24 maxlen: 24
37.111.18.0/24 maxlen: 24
37.111.19.0/24 maxlen: 24
37.111.20.0/24 maxlen: 24
37.111.21.0/24 maxlen: 24
37.111.22.0/24 maxlen: 24
37.111.23.0/24 maxlen: 24
37.111.32.0/21 maxlen: 24
37.111.40.0/22 maxlen: 24
37.111.44.0/22 maxlen: 22
37.111.44.0/23 maxlen: 23
37.111.44.0/24 maxlen: 24
37.111.45.0/24 maxlen: 24
37.111.46.0/23 maxlen: 23
37.111.46.0/24 maxlen: 24
37.111.47.0/24 maxlen: 24
37.111.48.0/22 maxlen: 22
37.111.48.0/23 maxlen: 23
37.111.48.0/24 maxlen: 24
37.111.49.0/24 maxlen: 24
37.111.50.0/23 maxlen: 23
37.111.50.0/24 maxlen: 24
37.111.51.0/24 maxlen: 24
37.111.52.0/23 maxlen: 23
37.111.52.0/24 maxlen: 24
37.111.53.0/24 maxlen: 24
37.111.56.0/24 maxlen: 24
37.111.60.0/22 maxlen: 22
37.111.60.0/23 maxlen: 23
37.111.60.0/24 maxlen: 24
37.111.61.0/24 maxlen: 24
37.111.62.0/23 maxlen: 23
37.111.62.0/24 maxlen: 24
37.111.63.0/24 maxlen: 24
37.111.64.0/20 maxlen: 22
37.111.64.0/24 maxlen: 24
37.111.65.0/24 maxlen: 24
37.111.66.0/24 maxlen: 24
37.111.67.0/24 maxlen: 24
37.111.68.0/24 maxlen: 24
37.111.69.0/24 maxlen: 24
37.111.70.0/24 maxlen: 24
37.111.71.0/24 maxlen: 24
37.111.72.0/24 maxlen: 24
37.111.73.0/24 maxlen: 24
37.111.74.0/24 maxlen: 24
37.111.75.0/24 maxlen: 24
37.111.76.0/24 maxlen: 24
37.111.77.0/24 maxlen: 24
37.111.78.0/24 maxlen: 24
37.111.79.0/24 maxlen: 24
37.111.80.0/20 maxlen: 22
37.111.80.0/24 maxlen: 24
37.111.81.0/24 maxlen: 24
37.111.82.0/24 maxlen: 24
37.111.83.0/24 maxlen: 24
37.111.84.0/24 maxlen: 24
37.111.85.0/24 maxlen: 24
37.111.86.0/24 maxlen: 24
37.111.87.0/24 maxlen: 24
37.111.88.0/24 maxlen: 24
37.111.89.0/24 maxlen: 24
37.111.90.0/24 maxlen: 24
37.111.91.0/24 maxlen: 24
37.111.92.0/24 maxlen: 24
37.111.93.0/24 maxlen: 24
37.111.94.0/24 maxlen: 24
37.111.95.0/24 maxlen: 24
37.111.124.0/22 maxlen: 22
37.111.124.0/23 maxlen: 23
37.111.124.0/24 maxlen: 24
37.111.125.0/24 maxlen: 24
37.111.126.0/23 maxlen: 23
37.111.126.0/24 maxlen: 24
37.111.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/9TmDt6uDhsaZWHhP-vDmlyYkV6c.crl
rsync://rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/9TmDt6uDhsaZWHhP-vDmlyYkV6c.mft
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9TmDt6uDhsaZWHhP-vDmlyYkV6c.cer
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 11 Jun 2025 18:32:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3133 (0xc3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EAAD, serialNumber=F53983B7AB8386C69958784FFAF0E697262457A7
Validity
Not Before: May 19 03:33:57 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=682aa6a5-db13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8c:0d:23:7a:35:b8:17:e6:17:18:16:f6:6a:
6a:bd:23:ca:b2:99:1f:29:47:2c:87:a9:bb:82:2b:
4d:44:a8:1c:d9:f1:6d:c4:60:c0:46:08:5f:81:25:
d0:13:91:ec:de:de:b3:0c:d7:4a:92:60:6d:a9:c7:
64:1b:35:1c:ae:6a:ea:04:6b:62:ec:5f:69:f2:49:
67:07:b0:47:44:75:93:70:2f:ac:6a:d7:ec:20:cd:
e1:55:97:46:b8:f2:72:4f:f1:a5:2e:8b:4e:01:ea:
04:8e:3c:47:bb:2a:92:69:88:ee:c5:e6:09:b7:9f:
b2:22:3c:a9:af:44:20:72:16:61:9b:c8:b4:93:89:
76:9c:93:a8:5b:87:b4:64:20:67:7e:fa:66:c6:83:
c4:f4:05:b8:1c:97:85:2f:79:75:bd:d1:e9:a8:e2:
60:02:c9:6b:a8:ee:2b:28:08:75:ef:5d:a7:ad:23:
ef:37:73:f2:d9:e6:da:da:bc:cb:d4:bd:50:4e:dd:
f2:75:70:5c:e4:c9:6b:dd:ac:ee:a8:61:0a:8c:60:
d9:ff:d4:e1:78:01:b2:b8:78:b7:be:f2:54:09:a1:
3c:eb:87:95:89:c8:85:0c:31:a3:c3:ba:fd:2c:27:
9a:c8:3a:ab:a0:7f:d8:bb:9b:27:64:fd:07:ca:a6:
19:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:A3:95:A3:25:A6:9B:41:64:C8:01:F4:0A:9F:9E:D7:DD:7B:AE:FA
X509v3 Authority Key Identifier:
keyid:F5:39:83:B7:AB:83:86:C6:99:58:78:4F:FA:F0:E6:97:26:24:57:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/9TmDt6uDhsaZWHhP-vDmlyYkV6c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9TmDt6uDhsaZWHhP-vDmlyYkV6c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAAD/87C3168809D511EAB76C7317C4F9AE02/97DC58040B5B11EAB69DC64FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
37.111.0.0-37.111.23.255
37.111.32.0-37.111.53.255
37.111.56.0/24
37.111.60.0-37.111.95.255
37.111.124.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:01:8a:7a:b0:88:8a:57:98:1c:85:46:db:0b:c5:9c:64:e5:
f3:6f:5e:a5:74:b7:fc:70:0a:44:53:7a:d1:90:23:51:17:f4:
43:dc:87:b3:64:0b:81:db:de:bf:11:cd:d1:e4:b7:72:32:e1:
0f:ae:8b:26:ab:8c:ab:04:39:10:84:d2:cb:e9:b6:8a:5c:68:
6f:34:4c:e9:86:f3:bd:7e:d1:c2:93:9e:81:2c:bb:e2:ee:3c:
c5:07:d7:af:bd:80:9c:7c:11:7d:b8:92:8c:70:6b:a7:7e:3a:
f1:ab:dd:1e:d0:4a:ca:9b:56:be:f2:e1:ef:7e:9a:4e:02:e6:
c8:8a:65:2c:66:07:16:9e:b6:16:45:92:52:55:b4:75:e4:e8:
55:6f:50:77:61:ee:7f:14:29:ed:71:71:e9:6d:9c:5e:60:30:
13:9f:e6:75:7c:88:0d:34:09:73:4f:11:5b:2f:3f:cf:ff:1e:
08:39:e6:b3:4d:1d:1e:7f:28:66:b6:04:5a:5e:74:cc:eb:7a:
3a:5e:5a:95:39:7e:d0:5c:c3:1c:12:6e:3f:80:f7:c5:81:5e:
04:e9:ae:71:32:f9:3e:39:a5:0d:0c:8e:95:c1:4d:40:ee:cf:
5f:3b:a7:76:75:0d:6c:36:2d:ed:11:4e:25:83:40:ce:2f:79:
3a:97:a4:66
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgICDD0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVBQUQxMTAvBgNVBAUTKEY1Mzk4M0I3QUI4Mzg2QzY5OTU4Nzg0RkZBRjBFNjk3
MjYyNDU3QTcwHhcNMjUwNTE5MDMzMzU3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJhYTZhNS1kYjEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyowNI3o1uBfmFxgW9mpqvSPKspkfKUcsh6m7gitNRKgc2fFtxGDARghfgSXQ
E5Hs3t6zDNdKkmBtqcdkGzUcrmrqBGti7F9p8klnB7BHRHWTcC+satfsIM3hVZdG
uPJyT/GlLotOAeoEjjxHuyqSaYjuxeYJt5+yIjypr0QgchZhm8i0k4l2nJOoW4e0
ZCBnfvpmxoPE9AW4HJeFL3l1vdHpqOJgAslrqO4rKAh1712nrSPvN3Py2eba2rzL
1L1QTt3ydXBc5Mlr3azuqGEKjGDZ/9TheAGyuHi3vvJUCaE864eViciFDDGjw7r9
LCeayDqroH/Yu5snZP0HyqYZ5wIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFGSjlaMl
pptBZMgB9Aqfntfde676MB8GA1UdIwQYMBaAFPU5g7erg4bGmVh4T/rw5pcmJFen
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFBRC84N0MzMTY4ODA5
RDUxMUVBQjc2QzczMTdDNEY5QUUwMi85VG1EdDZ1RGhzYVpXSGhQLXZEbWx5WWtW
NmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyLzlUbUR0NnVEaHNhWldIaFAtdkRtbHlZa1Y2Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBQUQvODdDMzE2ODgwOUQ1MTFFQUI3NkM3MzE3QzRGOUFFMDIvOTdEQzU4MDQw
QjVCMTFFQUI2OURDNjRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E
PzA9MDsEAgABMDUwCwMDACVvAwQDJW8QMAwDBAUlbyADBAElbzQDBAAlbzgwDAME
AiVvPAMEBSVvQAMEAiVvfDANBgkqhkiG9w0BAQsFAAOCAQEAfAGKerCIileYHIVG
2wvFnGTl829epXS3/HAKRFN60ZAjURf0Q9yHs2QLgdvevxHN0eS3cjLhD66LJquM
qwQ5EITSy+m2ilxobzRM6YbzvX7RwpOegSy74u48xQfXr72AnHwRfbiSjHBrp346
8avdHtBKyptWvvLh736aTgLmyIplLGYHFp62FkWSUlW0deToVW9Qd2HufxQp7XFx
6W2cXmAwE5/mdXyIDTQJc08RWy8/z/8eCDnms00dHn8oZrYEWl50zOt6Ol5alTl+
0FzDHBJuP4D3xYFeBOmucTL5PjmlDQyOlcFNQO7PXzundnUNbDYt7RFOJYNAzi95
OpekZg==
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:22:38 2025 by rpki-client