$ rpki-client -vvf rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/BA3E92207D2311EEA3696814C4F9AE02.roa File: BA3E92207D2311EEA3696814C4F9AE02.roa (raw, json) Hash identifier: JeqqccV0moh9xl5LOsL93SB6Ep+iaPUP/pq2BF+emVw= Subject key identifier: 37:84:94:04:B0:4A:36:CD:69:AD:2D:61:ED:4F:CC:FC:D7:0E:F9:EC Certificate issuer: /CN=A9125E1B/serialNumber=864C51395A65D5DE70ECD30AAD27A69F4B9B22BC Certificate serial: 01BF Authority key identifier: 86:4C:51:39:5A:65:D5:DE:70:EC:D3:0A:AD:27:A6:9F:4B:9B:22:BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hkxROVpl1d5w7NMKrSemn0ubIrw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/BA3E92207D2311EEA3696814C4F9AE02.roa Signing time: Sun 01 Mar 2026 13:04:35 +0000 ROA not before: Fri 09 Jan 2026 03:22:50 +0000 ROA not after: Tue 02 Mar 2027 00:00:00 +0000 asID: 152104 IP address blocks: 180.131.132.0/23 maxlen: 23 180.131.132.0/24 maxlen: 24 180.131.133.0/24 maxlen: 24 2001:df3:1dc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.crl rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hkxROVpl1d5w7NMKrSemn0ubIrw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 01:16:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 447 (0x1bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125E1B, serialNumber=864C51395A65D5DE70ECD30AAD27A69F4B9B22BC Validity Not Before: Jan 9 03:22:50 2026 GMT Not After : Mar 2 00:00:00 2027 GMT Subject: CN=69a43963-a5db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:a5:f0:ec:68:28:8a:0a:c0:e9:6d:db:8a:2f: 4e:02:56:28:0c:63:1d:56:5f:80:94:09:4e:22:9f: 9a:26:0b:98:a3:f1:a6:64:a3:31:d6:4b:5e:8c:4b: 18:0a:42:ea:14:3d:dc:0a:1c:86:d1:c6:88:bd:eb: 6a:e8:b5:e6:91:db:af:48:04:7c:54:e5:05:cf:14: df:8c:1c:be:92:b7:e4:21:f3:6c:11:69:79:1f:e5: 27:7e:ce:ed:59:25:0f:cf:95:3b:04:8a:e8:0f:08: 7f:6b:ea:5d:63:97:66:86:e9:93:97:4c:1a:65:de: 82:62:59:77:e7:53:75:bf:b9:b4:50:94:b3:78:19: e8:f0:3e:8f:8f:3b:16:65:b7:e8:8d:f9:10:a8:a9: 62:ee:46:bf:71:53:ab:e5:77:fb:e8:db:ed:a0:54: c4:57:be:79:9e:9a:7e:7a:15:12:41:ff:1e:05:f0: 5e:5f:66:ed:de:f6:3c:f2:b7:a2:5d:d3:83:f4:6d: 15:3f:9d:04:9a:57:0d:5b:62:5e:60:45:57:6a:9b: 19:3b:67:4e:9b:f1:23:85:c0:51:cd:ae:7d:ff:fe: 2e:e2:e6:d9:c1:d8:12:8c:b0:65:41:a1:21:3c:10: 9f:1e:d5:93:76:85:f0:b4:d7:d7:f0:51:35:51:6c: 37:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:84:94:04:B0:4A:36:CD:69:AD:2D:61:ED:4F:CC:FC:D7:0E:F9:EC X509v3 Authority Key Identifier: keyid:86:4C:51:39:5A:65:D5:DE:70:EC:D3:0A:AD:27:A6:9F:4B:9B:22:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hkxROVpl1d5w7NMKrSemn0ubIrw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/BA3E92207D2311EEA3696814C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 180.131.132.0/23 IPv6: 2001:df3:1dc0::/48 Signature Algorithm: sha256WithRSAEncryption 8f:75:4e:0d:6f:4e:ce:14:a1:ed:28:5e:09:f3:c9:5b:82:8a: 26:3d:98:24:f6:6b:9e:e0:07:1d:53:9c:59:f6:44:2f:81:43: 56:4a:3b:b0:08:0d:e2:b8:39:2e:d8:4e:26:2e:89:1e:ea:a2: 29:98:a7:4f:2d:68:ea:a5:3c:e8:13:f4:24:c7:e6:3e:bf:7f: 5a:b5:0a:a2:c3:a7:89:c7:cb:9b:a6:b5:42:af:15:8f:c0:b6: 87:45:cc:20:11:ea:c8:bf:ee:ef:11:73:c2:f0:b6:bc:ba:64: 91:0a:0e:20:51:d1:eb:aa:80:7c:3a:39:4e:00:e9:a7:c4:0b: 3c:77:41:3d:b2:5d:85:ee:a0:74:a8:e6:93:76:61:22:34:03: 26:f5:eb:d0:dc:91:e4:43:3b:0a:64:27:6c:5b:da:2c:7e:6d: 5b:8d:c1:9c:be:17:6d:d5:0f:1d:4b:78:0f:a8:0c:e5:19:38: e0:d8:b1:dd:01:cb:6b:28:51:7a:c6:a9:d9:f0:29:6a:28:e5: 12:ae:f8:64:f2:ef:72:a3:3b:75:08:37:29:f6:c4:b6:db:15: 4e:95:71:f5:6d:88:01:eb:b2:32:4c:73:0d:38:5a:28:84:b9: 82:fc:fd:c6:1f:69:05:3e:cd:03:7b:75:23:31:91:80:a4:83: df:45:b0:d6 -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgICAb8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVFMUIxMTAvBgNVBAUTKDg2NEM1MTM5NUE2NUQ1REU3MEVDRDMwQUFEMjdBNjlG NEI5QjIyQkMwHhcNMjYwMTA5MDMyMjUwWhcNMjcwMzAyMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0Mzk2My1hNWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs6Xw7GgoigrA6W3bii9OAlYoDGMdVl+AlAlOIp+aJguYo/GmZKMx1ktejEsY CkLqFD3cChyG0caIvetq6LXmkduvSAR8VOUFzxTfjBy+krfkIfNsEWl5H+Unfs7t WSUPz5U7BIroDwh/a+pdY5dmhumTl0waZd6CYll351N1v7m0UJSzeBno8D6PjzsW ZbfojfkQqKli7ka/cVOr5Xf76NvtoFTEV755npp+ehUSQf8eBfBeX2bt3vY88rei XdOD9G0VP50EmlcNW2JeYEVXapsZO2dOm/EjhcBRza59//4u4ubZwdgSjLBlQaEh PBCfHtWTdoXwtNfX8FE1UWw3cQIDAQABo4ICcTCCAm0wHQYDVR0OBBYEFDeElASw SjbNaa0tYe1PzPzXDvnsMB8GA1UdIwQYMBaAFIZMUTlaZdXecOzTCq0npp9LmyK8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUUxQi83NDk1MjUxNDdE MjIxMUVFQTdCMDc0NjBDNEY5QUUwMi9oa3hST1ZwbDFkNXc3Tk1LclNlbW4wdWJJ cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hreFJPVnBsMWQ1dzdOTUtyU2VtbjB1Yklydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx MjVFMUIvNzQ5NTI1MTQ3RDIyMTFFRUE3QjA3NDYwQzRGOUFFMDIvQkEzRTkyMjA3 RDIzMTFFRUEzNjk2ODE0QzRGOUFFMDIucm9hMDAGCCsGAQUFBwEHAQH/BCEwHzAM BAIAATAGAwQBtIOEMA8EAgACMAkDBwAgAQ3zHcAwDQYJKoZIhvcNAQELBQADggEB AI91Tg1vTs4Uoe0oXgnzyVuCiiY9mCT2a57gBx1TnFn2RC+BQ1ZKO7AIDeK4OS7Y TiYuiR7qoimYp08taOqlPOgT9CTH5j6/f1q1CqLDp4nHy5umtUKvFY/AtodFzCAR 6si/7u8Rc8Lwtry6ZJEKDiBR0euqgHw6OU4A6afECzx3QT2yXYXuoHSo5pN2YSI0 Ayb169DckeRDOwpkJ2xb2ix+bVuNwZy+F23VDx1LeA+oDOUZOODYsd0By2soUXrG qdnwKWoo5RKu+GTy73KjO3UINyn2xLbbFU6VcfVtiAHrsjJMcw04WiiEuYL8/cYf aQU+zQN7dSMxkYCkg99FsNY= -----END CERTIFICATE-----Generated at Mon Mar 2 12:48:38 2026 by rpki-client