$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3332203d3e2039333132.roa File: 3138302e3233352e3133362e302f32322d3332203d3e2039333132.roa (raw, json) Hash identifier: cmFyy+88J8Y/efGG6XIznmPhDb8QWFT+0UT0MLEAxN8= Subject key identifier: 60:7A:AA:D6:0C:DE:97:41:E4:D8:C3:C0:02:39:CF:44:A5:22:B7:0D Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 344E901D8BEDC55A744A41C44E6E3BF6F35D4576 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3332203d3e2039333132.roa Signing time: Thu 05 Feb 2026 06:56:12 +0000 ROA not before: Thu 05 Feb 2026 06:51:12 +0000 ROA not after: Thu 04 Feb 2027 06:56:12 +0000 asID: 9312 IP address blocks: 180.235.136.0/22 maxlen: 32 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 12:28:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:4e:90:1d:8b:ed:c5:5a:74:4a:41:c4:4e:6e:3b:f6:f3:5d:45:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000, serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Feb 5 06:51:12 2026 GMT Not After : Feb 4 06:56:12 2027 GMT Subject: CN=607AAAD60CDE9741E4D8C3C00239CF44A522B70D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:0d:ea:68:1c:4b:bb:e8:09:d1:45:ec:b2:47: 8d:a9:4f:43:84:87:d0:c0:69:44:17:da:f4:12:97: 8d:2e:73:b7:8a:a0:0c:78:1c:c4:4b:e1:7b:2b:15: 89:a3:2e:8a:92:fa:2a:eb:6e:73:5b:29:66:fa:29: 73:26:bd:95:e6:c3:3d:1a:44:b4:c1:07:c1:2a:52: 0f:7f:44:b8:05:fb:6e:5c:ac:28:59:a2:e0:33:59: 99:85:2b:0c:1c:12:63:78:48:de:f3:7b:e6:cb:49: 6e:e8:2c:98:11:ad:aa:82:d3:7c:22:15:dd:db:80: 7a:4e:3c:7c:f4:5b:c6:e3:b4:1a:0d:57:ae:98:0d: c0:cf:3c:8b:c7:28:13:e5:bb:94:c6:4c:7a:13:1f: 69:c8:f3:51:b9:fc:27:fa:b7:9d:4e:90:2d:25:25: bd:90:fc:63:6c:58:5c:f4:29:c9:e0:4a:2c:3e:29: 9a:e6:4e:5d:6a:8f:97:ee:28:32:d4:59:10:c0:c9: a2:82:8b:5e:28:4b:48:3c:bd:57:c3:8e:9b:ef:0b: b7:6e:dc:29:35:9b:c1:ea:7a:51:d0:d7:54:37:86: 0c:55:2c:61:8a:42:06:d7:a7:f9:59:68:2d:bb:b3: 14:24:12:82:17:be:93:60:dd:d0:e8:e0:21:e9:ca: 98:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:7A:AA:D6:0C:DE:97:41:E4:D8:C3:C0:02:39:CF:44:A5:22:B7:0D X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3332203d3e2039333132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 180.235.136.0/22 Signature Algorithm: sha256WithRSAEncryption 89:88:eb:cd:2b:bc:74:37:2a:a7:e5:39:50:84:4b:b9:56:01: c0:40:96:38:81:e0:48:71:e0:b1:bc:8d:ca:41:5d:a9:50:11: 2c:b7:00:ab:3d:8c:b6:84:13:c9:27:59:7e:4c:ce:3d:19:66: f0:b8:c7:71:9d:e3:ff:9d:dd:63:1a:67:56:fb:b6:4f:0a:6d: ad:14:b5:bc:8e:dc:6d:df:69:ca:82:dc:a1:fb:2d:d2:b9:5c: eb:22:68:a1:76:19:52:0f:93:0d:58:c5:20:dd:6d:33:e8:d1: 81:24:99:b6:12:d5:4e:6e:33:69:01:b4:51:96:55:03:d5:57: 0f:16:cf:4c:b8:9a:84:ef:a2:14:0a:5e:5d:65:e8:85:72:ac: f9:f0:b0:2e:f5:d0:08:0c:bb:1d:df:8e:84:90:6b:8f:1d:7e: fb:c3:70:10:31:f8:85:59:38:61:f6:b1:1d:c0:11:41:2c:23: 6e:eb:72:81:a8:4e:1c:90:a4:a0:a4:e3:03:7b:11:ee:18:88: 85:7c:23:67:44:2a:28:0e:ca:c1:6a:9b:e0:d8:d8:fe:5c:c9: 2d:8c:83:28:54:b7:b2:b8:04:0e:32:e6:50:a9:d4:95:89:dd: 24:d0:01:c9:7c:25:35:ab:12:ff:a1:25:33:24:5e:40:45:79: 8d:eb:3c:eb -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUNE6QHYvtxVp0SkHETm479vNdRXYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI2MDIwNTA2NTExMloX DTI3MDIwNDA2NTYxMlowMzExMC8GA1UEAxMoNjA3QUFBRDYwQ0RFOTc0MUU0RDhD M0MwMDIzOUNGNDRBNTIyQjcwRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKgN6mgcS7voCdFF7LJHjalPQ4SH0MBpRBfa9BKXjS5zt4qgDHgcxEvheysV iaMuipL6Kutuc1spZvopcya9lebDPRpEtMEHwSpSD39EuAX7blysKFmi4DNZmYUr DBwSY3hI3vN75stJbugsmBGtqoLTfCIV3duAek48fPRbxuO0Gg1XrpgNwM88i8co E+W7lMZMehMfacjzUbn8J/q3nU6QLSUlvZD8Y2xYXPQpyeBKLD4pmuZOXWqPl+4o MtRZEMDJooKLXihLSDy9V8OOm+8Lt27cKTWbwep6UdDXVDeGDFUsYYpCBten+Vlo LbuzFCQSghe+k2Dd0OjgIenKmPUCAwEAAaOCAeowggHmMB0GA1UdDgQWBBRgeqrW DN6XQeTYw8ACOc9EpSK3DTAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzODMwMmUzMjMzMzUyZTMxMzMzNjJlMzAyZjMy MzIyZDMzMzIyMDNkM2UyMDM5MzMzMTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCtOuIMA0GCSqGSIb3 DQEBCwUAA4IBAQCJiOvNK7x0Nyqn5TlQhEu5VgHAQJY4geBIceCxvI3KQV2pUBEs twCrPYy2hBPJJ1l+TM49GWbwuMdxneP/nd1jGmdW+7ZPCm2tFLW8jtxt32nKgtyh +y3SuVzrImihdhlSD5MNWMUg3W0z6NGBJJm2EtVObjNpAbRRllUD1VcPFs9MuJqE 76IUCl5dZeiFcqz58LAu9dAIDLsd346EkGuPHX77w3AQMfiFWThh9rEdwBFBLCNu 63KBqE4ckKSgpOMDexHuGIiFfCNnRCooDsrBapvg2Nj+XMktjIMoVLeyuAQOMuZQ qdSVid0k0AHJfCU1qxL/oSUzJF5ARXmN6zzr -----END CERTIFICATE-----Generated at Mon Mar 2 00:11:20 2026 by rpki-client