$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3130332e35362e35332e302f32342d3234203d3e2038383838.roa File: 3130332e35362e35332e302f32342d3234203d3e2038383838.roa (raw, json) Hash identifier: uL0NI5HaYP5v+elT90/EatVuCLlrKQFX1n9YTboLp2k= Subject key identifier: AF:3E:0F:8A:D7:4C:F0:10:CD:34:38:B0:7C:68:EE:ED:1A:27:50:5B Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 58ADD9C6A287DAC5D25919B7D2E58D3801DF78C8 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3130332e35362e35332e302f32342d3234203d3e2038383838.roa Signing time: Thu 24 Jul 2025 09:50:01 +0000 ROA not before: Thu 24 Jul 2025 09:45:01 +0000 ROA not after: Thu 23 Jul 2026 09:50:01 +0000 asID: 8888 IP address blocks: 103.56.53.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 Aug 2025 14:37:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:ad:d9:c6:a2:87:da:c5:d2:59:19:b7:d2:e5:8d:38:01:df:78:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000, serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Jul 24 09:45:01 2025 GMT Not After : Jul 23 09:50:01 2026 GMT Subject: CN=AF3E0F8AD74CF010CD3438B07C68EEED1A27505B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d0:49:08:0c:08:44:c3:78:d2:84:41:bd:47: b0:26:7b:2e:d5:4d:42:ee:7d:b5:54:42:ec:51:00: 2c:0a:1e:aa:b4:67:7a:ae:5f:15:cc:a6:3d:61:c4: 80:1e:02:56:aa:b0:1b:03:39:21:33:a4:c6:b2:2f: d7:73:10:be:06:75:ef:98:c9:3a:12:b6:c7:6b:b7: 7a:75:cb:81:39:40:eb:51:3a:80:fe:3c:3c:59:42: 4e:06:c2:3a:1a:85:2b:99:3a:15:fa:fe:b5:d6:f3: 08:2e:96:ac:f1:e5:a5:e9:0c:f6:da:57:0c:a9:16: b5:25:0f:83:a0:44:bc:e2:01:d9:9b:37:f2:f4:a4: d4:bf:aa:0c:19:9c:44:37:88:4d:5f:05:ff:bd:7a: 10:e6:64:2b:27:87:cc:2f:7d:2e:64:52:1a:bb:cf: 62:1e:b3:94:ad:b6:a8:d8:4c:76:a1:8f:09:a1:99: aa:38:9d:c0:f6:2a:62:f4:c0:36:69:f2:b9:71:90: f9:31:88:40:80:9e:b6:0c:49:19:3b:25:a3:0c:a5: d8:35:68:e3:88:24:78:d8:e3:bb:fe:d4:24:e2:d4: 96:d0:9e:da:86:2b:b7:2d:65:70:0d:8e:bf:cb:b2: b5:78:7a:ea:74:fe:34:04:06:4d:98:76:a0:9b:b4: 2b:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:3E:0F:8A:D7:4C:F0:10:CD:34:38:B0:7C:68:EE:ED:1A:27:50:5B X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3130332e35362e35332e302f32342d3234203d3e2038383838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.56.53.0/24 Signature Algorithm: sha256WithRSAEncryption 4e:22:8f:34:95:61:47:6e:c1:b9:64:57:61:14:3a:b1:80:25: a3:12:9b:35:ed:58:e2:e6:d0:0c:5f:b5:26:37:29:47:66:e3: fe:5b:a1:81:c6:9c:c8:f6:3f:b6:86:55:66:b3:f0:48:19:92: b2:c0:e5:03:67:64:4e:ca:9e:9e:c0:de:a0:dc:04:90:d1:53: fa:0b:a7:81:8e:31:dd:7e:c1:fb:97:be:ec:ff:4c:94:df:cd: d0:bb:18:1d:32:03:17:27:ad:cc:66:76:13:3d:c6:26:da:d1: 5e:c8:c5:b2:1a:84:ef:ce:56:44:6b:02:d6:04:56:ec:68:8b: 72:fc:8f:0b:a9:10:c0:68:a3:90:d0:3b:66:7a:28:44:f8:54: 76:71:72:ef:64:56:22:78:85:fd:14:18:78:32:b1:e7:68:6d: ca:87:95:53:12:35:41:aa:d3:0c:ae:e0:87:ca:a3:e3:76:ad: 75:b9:e5:39:c7:ac:52:f3:6d:d7:f9:9b:9e:65:9a:e7:c6:3e: b6:5b:48:73:e8:6b:e8:51:80:59:d8:41:41:5b:dd:3a:82:37: da:f5:bd:54:7e:70:00:2e:f3:e8:11:0e:ea:62:35:4b:be:b2: 2d:21:72:f2:47:7e:20:89:4a:8e:3d:d3:a2:0c:94:4c:18:cb: 8d:5d:ca:ef -----BEGIN CERTIFICATE----- MIIE8zCCA9ugAwIBAgIUWK3ZxqKH2sXSWRm30uWNOAHfeMgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI1MDcyNDA5NDUwMVoX DTI2MDcyMzA5NTAwMVowMzExMC8GA1UEAxMoQUYzRTBGOEFENzRDRjAxMENEMzQz OEIwN0M2OEVFRUQxQTI3NTA1QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK7QSQgMCETDeNKEQb1HsCZ7LtVNQu59tVRC7FEALAoeqrRneq5fFcymPWHE gB4CVqqwGwM5ITOkxrIv13MQvgZ175jJOhK2x2u3enXLgTlA61E6gP48PFlCTgbC OhqFK5k6Ffr+tdbzCC6WrPHlpekM9tpXDKkWtSUPg6BEvOIB2Zs38vSk1L+qDBmc RDeITV8F/716EOZkKyeHzC99LmRSGrvPYh6zlK22qNhMdqGPCaGZqjidwPYqYvTA NmnyuXGQ+TGIQICetgxJGTslowyl2DVo44gkeNjju/7UJOLUltCe2oYrty1lcA2O v8uytXh66nT+NAQGTZh2oJu0KxECAwEAAaOCAeYwggHiMB0GA1UdDgQWBBSvPg+K 10zwEM00OLB8aO7tGidQWzAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzMDMzMmUzNTM2MmUzNTMzMmUzMDJmMzIzNDJk MzIzNDIwM2QzZTIwMzgzODM4Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnODUwDQYJKoZIhvcNAQEL BQADggEBAE4ijzSVYUduwblkV2EUOrGAJaMSmzXtWOLm0AxftSY3KUdm4/5boYHG nMj2P7aGVWaz8EgZkrLA5QNnZE7Knp7A3qDcBJDRU/oLp4GOMd1+wfuXvuz/TJTf zdC7GB0yAxcnrcxmdhM9xiba0V7IxbIahO/OVkRrAtYEVuxoi3L8jwupEMBoo5DQ O2Z6KET4VHZxcu9kViJ4hf0UGHgysedobcqHlVMSNUGq0wyu4IfKo+N2rXW55TnH rFLzbdf5m55lmufGPrZbSHPoa+hRgFnYQUFb3TqCN9r1vVR+cAAu8+gRDupiNUu+ si0hcvJHfiCJSo4906IMlEwYy41dyu8= -----END CERTIFICATE-----Generated at Thu Aug 7 04:34:42 2025 by rpki-client