$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/323430333a326538303a3a2f33322d3438203d3e203233383538.roa File: 323430333a326538303a3a2f33322d3438203d3e203233383538.roa (raw, json) Hash identifier: yk45ao5jNqxMlDQT9mHO4gwIetHo/y3vLlvKtrGMEU4= Subject key identifier: 20:CF:85:15:C0:14:29:5E:3B:DC:2B:50:CF:75:98:26:90:C3:39:D3 Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 6FE926C841420E36D9563737B6FB63305B3DCA Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/323430333a326538303a3a2f33322d3438203d3e203233383538.roa Signing time: Sat 16 Aug 2025 01:48:22 +0000 ROA not before: Sat 16 Aug 2025 01:43:22 +0000 ROA not after: Sat 15 Aug 2026 01:48:22 +0000 asID: 23858 IP address blocks: 2403:2e80::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 20:14:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:e9:26:c8:41:42:0e:36:d9:56:37:37:b6:fb:63:30:5b:3d:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000, serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Aug 16 01:43:22 2025 GMT Not After : Aug 15 01:48:22 2026 GMT Subject: CN=20CF8515C014295E3BDC2B50CF75982690C339D3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:ab:7a:c0:1c:5a:83:b2:82:e0:93:0b:91:32: f7:43:16:cd:16:78:b7:d5:cc:bd:c7:38:81:ed:94: 6a:7b:d4:f3:d8:7b:4f:52:ce:6e:7e:07:a7:d4:1e: 4d:07:31:a8:b6:b1:56:e7:c4:9f:da:c7:41:da:f6: cd:76:83:2b:67:c4:d4:57:bb:56:4f:8e:fa:06:bb: 13:0d:d2:09:08:3b:0d:db:93:45:1e:15:a5:e8:42: 99:de:d8:00:5f:34:67:88:0c:77:85:47:81:31:2b: e4:0c:6d:87:bb:e4:4d:16:35:92:9b:f5:5a:a6:ba: c7:16:ae:16:96:16:f6:92:64:64:c9:ce:62:2e:d0: 45:9c:6a:92:b3:f7:0e:7f:43:b5:75:af:36:99:fc: 8a:fc:6e:99:0e:0a:b3:27:5c:ee:46:ab:c9:18:a2: ec:fe:11:6a:19:fc:9f:66:1b:5c:96:f9:da:62:40: 51:87:7c:e6:c0:bb:e7:d1:21:05:4f:96:e8:52:23: 0b:c7:77:10:34:f7:f0:5f:5c:a1:3c:6d:25:7c:2a: 34:c6:3a:b1:8b:34:1b:fc:b7:6f:e4:42:0d:d3:89: 4c:5a:80:47:5c:09:ae:ec:6b:d2:83:5c:8a:52:23: ae:67:f8:86:9f:37:87:8d:1e:94:a8:54:fa:a7:4a: c1:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:CF:85:15:C0:14:29:5E:3B:DC:2B:50:CF:75:98:26:90:C3:39:D3 X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/323430333a326538303a3a2f33322d3438203d3e203233383538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:2e80::/32 Signature Algorithm: sha256WithRSAEncryption 2d:fc:65:a1:a0:31:a8:d9:34:c3:f6:bf:b7:a4:05:e6:74:80: 5b:f0:b7:a2:1e:b7:fa:17:07:a8:14:03:4b:6f:4b:c3:0a:29: 92:91:21:b9:15:22:6a:bf:37:f2:3e:43:65:3a:ab:95:51:39: 2f:3f:14:42:c3:a3:f3:22:19:52:94:4f:e3:1a:44:90:a2:e7: 94:61:9d:55:ac:27:18:45:d7:46:3d:aa:99:01:e1:69:63:c2: 8d:d3:15:dc:2f:9a:b9:80:c4:3d:4a:6c:f0:1f:1c:25:5e:0d: dc:d0:0d:3f:4b:b0:3a:c8:73:4f:27:a1:bc:c1:c9:19:88:dc: 8f:1d:88:06:fd:d5:6e:44:9c:bd:ba:8f:2d:97:6d:fc:b8:f5: 41:0f:66:87:f0:b3:23:c6:68:a5:27:ef:f8:d6:ff:4e:b9:15: 7f:4d:97:64:76:04:46:57:6c:f7:39:f5:12:e7:c6:aa:ef:0e: 67:4f:f5:ce:33:82:bc:34:1e:db:1b:6d:ae:d6:63:df:85:12: 1c:72:cc:49:08:44:98:4b:87:a0:95:46:16:b5:17:e3:75:cc: c8:c3:35:dc:c4:2f:17:c0:17:13:e2:24:59:60:09:42:a7:de: e4:57:01:a9:be:20:cb:dc:8a:2e:55:9c:99:38:39:31:17:62: a5:2c:cf:49 -----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgITb+kmyEFCDjbZVjc3tvtjMFs9yjANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGQTM3RDAwMDAxMTAvBgNVBAUTKDVBMTlEMkZEQzgz OTI3Mjc2OTZGNzA0NDlCOEIzMkFGNzcyMDkxQTgwHhcNMjUwODE2MDE0MzIyWhcN MjYwODE1MDE0ODIyWjAzMTEwLwYDVQQDEygyMENGODUxNUMwMTQyOTVFM0JEQzJC NTBDRjc1OTgyNjkwQzMzOUQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9qt6wBxag7KC4JMLkTL3QxbNFni31cy9xziB7ZRqe9Tz2HtPUs5ufgen1B5N BzGotrFW58Sf2sdB2vbNdoMrZ8TUV7tWT476BrsTDdIJCDsN25NFHhWl6EKZ3tgA XzRniAx3hUeBMSvkDG2Hu+RNFjWSm/VaprrHFq4Wlhb2kmRkyc5iLtBFnGqSs/cO f0O1da82mfyK/G6ZDgqzJ1zuRqvJGKLs/hFqGfyfZhtclvnaYkBRh3zmwLvn0SEF T5boUiMLx3cQNPfwX1yhPG0lfCo0xjqxizQb/Ldv5EIN04lMWoBHXAmu7GvSg1yK UiOuZ/iGnzeHjR6UqFT6p0rBdwIDAQABo4IB6TCCAeUwHQYDVR0OBBYEFCDPhRXA FCleO9wrUM91mCaQwznTMB8GA1UdIwQYMBaAFFoZ0v3IOScnaW9wRJuLMq93IJGo MA4GA1UdDwEB/wQEAwIHgDBfBgNVHR8EWDBWMFSgUqBQhk5yc3luYzovL3Jwa2ku cm9hLm5ldC9ycmRwL3hUb20vNTcvNUExOUQyRkRDODM5MjcyNzY5NkY3MDQ0OUI4 QjMyQUY3NzIwOTFBOC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJy c3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFF MkJCNDY4RjdDNzJGRDFGRjIvV2huU19jZzVKeWRwYjNCRW00c3lyM2Nna2FnLmNl cjB2BggrBgEFBQcBCwRqMGgwZgYIKwYBBQUHMAuGWnJzeW5jOi8vcnBraS5yb2Eu bmV0L3JyZHAveFRvbS81Ny8zMjM0MzAzMzNhMzI2NTM4MzAzYTNhMmYzMzMyMmQz NDM4MjAzZDNlMjAzMjMzMzgzNTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAMugDANBgkqhkiG9w0B AQsFAAOCAQEALfxloaAxqNk0w/a/t6QF5nSAW/C3oh63+hcHqBQDS29LwwopkpEh uRUiar838j5DZTqrlVE5Lz8UQsOj8yIZUpRP4xpEkKLnlGGdVawnGEXXRj2qmQHh aWPCjdMV3C+auYDEPUps8B8cJV4N3NANP0uwOshzTyehvMHJGYjcjx2IBv3VbkSc vbqPLZdt/Lj1QQ9mh/CzI8ZopSfv+Nb/TrkVf02XZHYERlds9zn1EufGqu8OZ0/1 zjOCvDQe2xttrtZj34USHHLMSQhEmEuHoJVGFrUX43XMyMM13MQvF8AXE+IkWWAJ Qqfe5FcBqb4gy9yKLlWcmTg5MRdipSzPSQ== -----END CERTIFICATE-----Generated at Wed Nov 5 05:11:53 2025 by rpki-client