$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133372e302f32342d3332203d3e2033323538.roa File: 3138302e3233352e3133372e302f32342d3332203d3e2033323538.roa (raw, json) Hash identifier: ndq0LGrdRAIfChD7aMbaP54wYrqoXqIBNh0lVfJSFaU= Subject key identifier: B7:63:54:AF:04:36:A8:9B:06:F9:4F:96:32:FF:41:C0:76:1A:4B:96 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 21B65ACBB0D52514E427696BF46C95CD9BE0F794 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133372e302f32342d3332203d3e2033323538.roa Signing time: Thu 06 Mar 2025 06:39:59 +0000 ROA not before: Thu 06 Mar 2025 06:34:59 +0000 ROA not after: Thu 05 Mar 2026 06:39:59 +0000 asID: 3258 IP address blocks: 180.235.137.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 00:18:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:b6:5a:cb:b0:d5:25:14:e4:27:69:6b:f4:6c:95:cd:9b:e0:f7:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000, serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Mar 6 06:34:59 2025 GMT Not After : Mar 5 06:39:59 2026 GMT Subject: CN=B76354AF0436A89B06F94F9632FF41C0761A4B96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:75:f7:4c:05:5d:2d:5b:87:78:62:06:79:4e: 3e:5f:26:29:53:9c:68:70:3d:c6:f9:47:87:70:6c: 1a:d1:73:c6:2c:04:31:77:05:78:33:61:92:af:64: fd:11:e4:fa:bf:5f:ea:9b:89:af:95:5b:39:99:ae: 29:57:85:ed:78:e2:bf:40:ce:12:35:41:12:1c:c9: 27:bf:2a:9f:5c:47:46:29:1d:fc:5c:7f:ca:b8:5c: 7f:1c:ed:84:6b:5d:e6:ea:a6:1d:f3:01:77:31:ed: 3b:cf:a9:22:13:d1:94:5a:df:9d:de:dd:12:5e:fc: 03:f5:5e:ac:d9:1f:3a:86:1b:da:1b:6e:29:48:29: dd:7c:e8:7b:9c:b8:87:8c:41:fb:16:0f:98:b9:f5: 0d:92:6d:0c:93:15:21:6a:79:79:db:2b:9f:7c:62: b6:22:59:79:57:b3:2f:58:7c:41:de:4f:f8:1b:6a: 88:97:9a:13:b1:59:e4:34:d0:ad:19:68:5d:bc:55: cf:31:5d:9a:12:b3:9f:0d:a0:2f:bd:a3:41:07:78: 29:4c:98:f9:84:4d:3a:c0:01:1d:da:6e:af:34:20: 79:06:26:6d:45:c3:5c:ca:bd:c6:65:1b:1a:6a:d3: 10:bf:76:0a:64:01:4a:13:6b:3d:2d:1a:5f:d9:ad: 90:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:63:54:AF:04:36:A8:9B:06:F9:4F:96:32:FF:41:C0:76:1A:4B:96 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133372e302f32342d3332203d3e2033323538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 180.235.137.0/24 Signature Algorithm: sha256WithRSAEncryption 5d:d9:ba:c3:7e:bb:7b:a5:ed:30:87:25:a6:45:89:b4:66:77: b0:9d:b4:a1:a1:f3:de:96:1b:d3:4d:8e:1c:21:03:b0:ec:e8: b0:6b:81:2a:e0:b6:86:9c:c2:f1:da:e8:4c:29:36:46:2b:2d: 17:84:69:b0:0b:7c:ab:be:f9:81:90:cb:28:f2:e4:67:23:06: 45:44:f9:95:86:0d:e0:a8:b9:25:7a:dd:9b:10:43:8f:eb:f7: e3:3a:bd:61:bd:95:62:35:f4:54:c9:32:bb:1f:dc:73:c6:e5: 37:c6:bb:ad:2d:8c:0f:7c:ed:34:20:d8:9d:ec:0c:62:db:db: dd:93:2b:e4:0b:f0:8c:8b:a2:a7:ec:73:19:32:3b:2f:b8:0e: 3a:ce:44:19:2e:b4:e6:cd:f9:6e:a3:e5:8e:5a:98:ee:08:0b: da:b4:ec:07:e1:70:3e:09:e6:17:e5:e7:b1:1e:fd:b6:da:8c: 92:5b:39:5e:f9:87:a0:ba:26:74:37:b9:1e:b9:32:7a:01:5c: 70:c0:5f:c7:a6:76:a1:65:18:76:92:2c:ff:fb:fb:0d:35:b1: 84:47:f5:2d:ea:cf:70:9a:91:e8:84:da:13:fc:1b:b5:cd:f0: 94:38:19:c6:e0:a7:58:b6:52:3f:12:80:bf:c8:b8:31:12:4a: 57:72:dd:0a -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUIbZay7DVJRTkJ2lr9GyVzZvg95QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI1MDMwNjA2MzQ1OVoX DTI2MDMwNTA2Mzk1OVowMzExMC8GA1UEAxMoQjc2MzU0QUYwNDM2QTg5QjA2Rjk0 Rjk2MzJGRjQxQzA3NjFBNEI5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALF190wFXS1bh3hiBnlOPl8mKVOcaHA9xvlHh3BsGtFzxiwEMXcFeDNhkq9k /RHk+r9f6puJr5VbOZmuKVeF7Xjiv0DOEjVBEhzJJ78qn1xHRikd/Fx/yrhcfxzt hGtd5uqmHfMBdzHtO8+pIhPRlFrfnd7dEl78A/VerNkfOoYb2htuKUgp3Xzoe5y4 h4xB+xYPmLn1DZJtDJMVIWp5edsrn3xitiJZeVezL1h8Qd5P+BtqiJeaE7FZ5DTQ rRloXbxVzzFdmhKznw2gL72jQQd4KUyY+YRNOsABHdpurzQgeQYmbUXDXMq9xmUb GmrTEL92CmQBShNrPS0aX9mtkPsCAwEAAaOCAeowggHmMB0GA1UdDgQWBBS3Y1Sv BDaomwb5T5Yy/0HAdhpLljAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzODMwMmUzMjMzMzUyZTMxMzMzNzJlMzAyZjMy MzQyZDMzMzIyMDNkM2UyMDMzMzIzNTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtOuJMA0GCSqGSIb3 DQEBCwUAA4IBAQBd2brDfrt7pe0whyWmRYm0ZnewnbShofPelhvTTY4cIQOw7Oiw a4Eq4LaGnMLx2uhMKTZGKy0XhGmwC3yrvvmBkMso8uRnIwZFRPmVhg3gqLklet2b EEOP6/fjOr1hvZViNfRUyTK7H9xzxuU3xrutLYwPfO00INid7Axi29vdkyvkC/CM i6Kn7HMZMjsvuA46zkQZLrTmzfluo+WOWpjuCAvatOwH4XA+CeYX5eexHv222oyS Wzle+YeguiZ0N7keuTJ6AVxwwF/HpnahZRh2kiz/+/sNNbGER/Ut6s9wmpHohNoT /Bu1zfCUOBnG4KdYtlI/EoC/yLgxEkpXct0K -----END CERTIFICATE-----Generated at Sat Apr 26 16:50:11 2025 by rpki-client