Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/D8B92776A16A11EAA517B11EC4F9AE02.roa
File: D8B92776A16A11EAA517B11EC4F9AE02.roa (raw, json)
Hash identifier: 0/HP0DwNYOfkRXXhvxhJ7qmLcNQDOwmKr3HHIF1F5nU=
Subject key identifier: F8:AA:BD:60:05:4C:FF:74:43:59:35:6A:43:57:2C:1D:AB:58:57:5B
Certificate issuer: /CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2
Certificate serial: 1AFC
Authority key identifier: 6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/D8B92776A16A11EAA517B11EC4F9AE02.roa
Signing time: Wed 22 Oct 2025 16:02:51 +0000
ROA not before: Wed 22 Oct 2025 16:02:51 +0000
ROA not after: Sun 31 Jan 2027 00:00:00 +0000
asID: 24499
IP address blocks: 37.111.128.0/18 maxlen: 18
37.111.128.0/21 maxlen: 21
37.111.128.0/24 maxlen: 24
37.111.129.0/24 maxlen: 24
37.111.130.0/24 maxlen: 24
37.111.131.0/24 maxlen: 24
37.111.132.0/24 maxlen: 24
37.111.133.0/24 maxlen: 24
37.111.134.0/24 maxlen: 24
37.111.135.0/24 maxlen: 24
37.111.136.0/21 maxlen: 21
37.111.136.0/24 maxlen: 24
37.111.137.0/24 maxlen: 24
37.111.138.0/24 maxlen: 24
37.111.139.0/24 maxlen: 24
37.111.140.0/24 maxlen: 24
37.111.141.0/24 maxlen: 24
37.111.142.0/24 maxlen: 24
37.111.143.0/24 maxlen: 24
37.111.144.0/21 maxlen: 21
37.111.144.0/24 maxlen: 24
37.111.145.0/24 maxlen: 24
37.111.146.0/24 maxlen: 24
37.111.147.0/24 maxlen: 24
37.111.148.0/24 maxlen: 24
37.111.149.0/24 maxlen: 24
37.111.150.0/24 maxlen: 24
37.111.151.0/24 maxlen: 24
37.111.152.0/21 maxlen: 21
37.111.152.0/24 maxlen: 24
37.111.153.0/24 maxlen: 24
37.111.154.0/24 maxlen: 24
37.111.155.0/24 maxlen: 24
37.111.156.0/24 maxlen: 24
37.111.157.0/24 maxlen: 24
37.111.158.0/24 maxlen: 24
37.111.159.0/24 maxlen: 24
37.111.160.0/24 maxlen: 24
37.111.161.0/24 maxlen: 24
37.111.162.0/24 maxlen: 24
37.111.163.0/24 maxlen: 24
37.111.164.0/24 maxlen: 24
37.111.165.0/24 maxlen: 24
37.111.166.0/24 maxlen: 24
37.111.167.0/24 maxlen: 24
37.111.168.0/24 maxlen: 24
37.111.169.0/24 maxlen: 24
37.111.170.0/24 maxlen: 24
37.111.171.0/24 maxlen: 24
37.111.172.0/24 maxlen: 24
37.111.173.0/24 maxlen: 24
37.111.174.0/24 maxlen: 24
37.111.175.0/24 maxlen: 24
37.111.176.0/24 maxlen: 24
37.111.177.0/24 maxlen: 24
37.111.178.0/24 maxlen: 24
37.111.179.0/24 maxlen: 24
37.111.180.0/24 maxlen: 24
37.111.181.0/24 maxlen: 24
37.111.182.0/24 maxlen: 24
37.111.183.0/24 maxlen: 24
37.111.184.0/24 maxlen: 24
37.111.185.0/24 maxlen: 24
37.111.186.0/24 maxlen: 24
37.111.187.0/24 maxlen: 24
37.111.188.0/24 maxlen: 24
37.111.189.0/24 maxlen: 24
37.111.190.0/24 maxlen: 24
37.111.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl
rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 06 Nov 2025 15:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6908 (0x1afc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FBD28, serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2
Validity
Not Before: Oct 22 16:02:51 2025 GMT
Not After : Jan 31 00:00:00 2027 GMT
Subject: CN=68f9002b-d812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:05:6a:81:d0:36:52:31:1c:c6:f1:f4:43:f0:
68:55:07:f3:9d:b5:e7:e5:cb:ad:29:e7:b8:e6:35:
f3:2d:06:51:23:17:36:12:2f:58:7a:4f:f8:f8:59:
60:91:d1:f1:7e:44:10:36:25:cf:2f:e4:a8:81:ed:
e7:01:f4:f4:4b:65:42:7a:f8:5a:19:50:c3:d3:44:
b4:2d:8b:b1:4f:06:70:7b:c2:b7:74:2a:8c:23:d9:
c5:5f:e6:cb:62:41:0c:21:fb:ec:11:8c:3d:28:c4:
82:a9:7c:71:ca:71:92:ea:88:28:c6:84:e2:b1:a7:
48:d3:5d:4c:f8:31:5d:51:53:11:6b:77:dd:d0:b0:
2b:81:8e:1e:e0:c3:54:a3:35:e2:1e:d1:ce:be:bf:
ba:5a:55:8e:a1:0d:df:54:46:4b:d9:fa:37:50:99:
04:42:bc:96:bb:5e:aa:d4:0a:65:60:d3:d3:0c:4d:
f5:9a:aa:b0:a5:83:53:67:bd:aa:4a:73:ec:35:6c:
bf:dc:a2:a0:db:f6:30:da:0c:f8:d6:e0:53:16:2e:
9c:5f:91:79:cb:47:ba:ee:10:f2:6b:34:53:f1:52:
72:aa:c6:ad:6e:d8:22:12:e3:0c:b1:4f:05:e2:00:
95:2a:c9:37:77:43:05:85:c2:a3:ae:06:97:28:b1:
a4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AA:BD:60:05:4C:FF:74:43:59:35:6A:43:57:2C:1D:AB:58:57:5B
X509v3 Authority Key Identifier:
keyid:6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/D8B92776A16A11EAA517B11EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
37.111.128.0/18
Signature Algorithm: sha256WithRSAEncryption
13:65:ca:55:a7:d8:2a:1e:57:fd:39:bd:b6:d0:80:4f:d4:5c:
2f:51:00:7b:2c:a4:df:8a:e3:69:8b:a4:87:17:aa:a5:b4:e7:
d3:a0:cd:d2:c1:10:45:73:19:2d:70:51:54:b7:1a:8d:19:bb:
6b:93:90:2f:72:e3:80:14:35:1b:d4:da:0f:dd:4f:2f:12:62:
50:91:0d:30:51:6d:53:63:97:6a:1b:1e:58:d0:c4:a1:e3:95:
69:93:57:8b:ee:4e:c9:8d:c5:85:89:c7:2a:52:95:b0:66:0f:
55:78:f3:4a:b2:b8:57:64:f1:5e:7e:66:2d:ab:6c:fc:e4:74:
d6:06:56:49:38:c0:56:d7:e5:c9:6b:a4:aa:af:ea:8f:77:2d:
a2:ee:31:13:b5:e3:fb:2f:48:91:c7:16:e8:87:6a:91:93:10:
88:6e:3b:46:1e:0c:d3:5a:2c:b3:16:93:86:ff:f7:fb:be:d8:
33:90:d6:34:93:14:fc:93:9e:5c:3f:46:28:84:83:39:a7:1f:
2f:9f:d7:84:31:9d:a1:b0:a7:ed:93:66:57:50:45:77:60:6b:
6e:b0:5c:76:72:f0:66:fa:8e:b1:20:9e:b0:c7:67:f9:c6:1e:
47:34:29:12:6e:7e:86:cf:66:78:b6:a6:f0:f3:aa:8f:fc:fd:
ee:d4:bf:2c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGvwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkJEMjgxMTAvBgNVBAUTKDZFNDg2MTBBQTBFNkIwRTJDNUVFRDQwMkREMDc4MzNB
QTczRTdFQTIwHhcNMjUxMDIyMTYwMjUxWhcNMjcwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OGY5MDAyYi1kODEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAswVqgdA2UjEcxvH0Q/BoVQfznbXn5cutKee45jXzLQZRIxc2Ei9Yek/4+Flg
kdHxfkQQNiXPL+Soge3nAfT0S2VCevhaGVDD00S0LYuxTwZwe8K3dCqMI9nFX+bL
YkEMIfvsEYw9KMSCqXxxynGS6ogoxoTisadI011M+DFdUVMRa3fd0LArgY4e4MNU
ozXiHtHOvr+6WlWOoQ3fVEZL2fo3UJkEQryWu16q1AplYNPTDE31mqqwpYNTZ72q
SnPsNWy/3KKg2/Yw2gz41uBTFi6cX5F5y0e67hDyazRT8VJyqsatbtgiEuMMsU8F
4gCVKsk3d0MFhcKjrgaXKLGkoQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPiqvWAF
TP90Q1k1akNXLB2rWFdbMB8GA1UdIwQYMBaAFG5IYQqg5rDixe7UAt0HgzqnPn6i
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC8yNjc1OEJCNDNB
QjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNPTEY3dFFDM1FlRE9xYy1m
cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL2JraGhDcURtc09MRjd0UUMzUWVET3FjLWZxSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkJEMjgvMjY3NThCQjQzQUI1MTFFN0I4NjA5RjFDQzRGOUFFMDIvRDhCOTI3NzZB
MTZBMTFFQUE1MTdCMTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAYlb4AwDQYJKoZIhvcNAQELBQADggEBABNlylWn2CoeV/05
vbbQgE/UXC9RAHsspN+K42mLpIcXqqW059OgzdLBEEVzGS1wUVS3Go0Zu2uTkC9y
44AUNRvU2g/dTy8SYlCRDTBRbVNjl2obHljQxKHjlWmTV4vuTsmNxYWJxypSlbBm
D1V480qyuFdk8V5+Zi2rbPzkdNYGVkk4wFbX5clrpKqv6o93LaLuMRO14/svSJHH
FuiHapGTEIhuO0YeDNNaLLMWk4b/9/u+2DOQ1jSTFPyTnlw/RiiEgzmnHy+f14Qx
naGwp+2TZldQRXdga26wXHZy8Gb6jrEgnrDHZ/nGHkc0KRJufobPZni2pvDzqo/8
/e7Uvyw=
-----END CERTIFICATE-----
Generated at Fri Oct 31 14:38:02 2025 by rpki-client