$ rpki-client -vvf rpki.roa.net/rrdp/xTom/63/323430373a396534303a3a2f33322d3438203d3e2038383838.roa File: 323430373a396534303a3a2f33322d3438203d3e2038383838.roa (raw, json) Hash identifier: CT8MGxoF5jRnFfM8LvVS4erJkAdXGfhtp9GsS8cjI0c= Subject key identifier: 82:23:BD:C0:73:6A:2C:32:3B:33:D6:57:F0:36:FC:E4:E0:08:68:66 Certificate issuer: /CN=A91C44A00000/serialNumber=5C6CE387337886989FB3C3D4E6186A370B728D50 Certificate serial: 34008AB5BC3336571286DE37B0248174BDCD7F2D Authority key identifier: 5C:6C:E3:87:33:78:86:98:9F:B3:C3:D4:E6:18:6A:37:0B:72:8D:50 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XGzjhzN4hpifs8PU5hhqNwtyjVA.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/63/323430373a396534303a3a2f33322d3438203d3e2038383838.roa Signing time: Thu 09 Apr 2026 20:39:09 +0000 ROA not before: Thu 09 Apr 2026 20:34:09 +0000 ROA not after: Thu 08 Apr 2027 20:39:09 +0000 asID: 8888 IP address blocks: 2407:9e40::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/63/5C6CE387337886989FB3C3D4E6186A370B728D50.crl rsync://rpki.roa.net/rrdp/xTom/63/5C6CE387337886989FB3C3D4E6186A370B728D50.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XGzjhzN4hpifs8PU5hhqNwtyjVA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Apr 2026 23:33:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:00:8a:b5:bc:33:36:57:12:86:de:37:b0:24:81:74:bd:cd:7f:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C44A00000, serialNumber=5C6CE387337886989FB3C3D4E6186A370B728D50 Validity Not Before: Apr 9 20:34:09 2026 GMT Not After : Apr 8 20:39:09 2027 GMT Subject: CN=8223BDC0736A2C323B33D657F036FCE4E0086866 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:0c:08:dc:33:46:a0:60:ad:4b:c1:81:f2:34: 09:27:14:1a:79:72:ee:75:63:c7:e1:c9:fc:a0:97: 22:bd:53:29:97:bd:3f:fd:71:1f:73:40:c1:af:da: b9:45:34:3f:de:aa:47:75:e1:ba:e6:ca:94:c4:e1: e8:ab:cc:f9:cc:c4:6f:30:cf:c7:d4:14:19:8f:ea: f9:7a:3c:2a:74:dc:1d:40:37:87:64:5f:a0:20:d0: cd:73:2a:38:f6:61:31:28:51:26:ae:d2:37:81:bb: 23:73:23:85:c9:56:26:26:3d:a2:f1:06:21:1e:5c: a2:75:e3:84:ab:64:c6:76:14:08:ad:86:e8:c3:a1: 9a:0b:e7:ae:5b:11:66:9d:55:1b:3f:80:b5:c5:78: f2:b8:82:5b:d9:be:38:41:61:2d:b8:2b:34:8f:19: ee:eb:83:3a:d4:d3:da:41:88:a0:2c:ab:d0:95:c7: 27:52:a0:67:37:cc:a4:fe:28:b6:8a:8d:7c:1e:7b: 71:e5:36:81:23:19:6a:9a:63:dd:f8:2d:50:6b:99: ba:a9:53:4f:c9:d8:3f:40:1c:15:2c:05:5a:fe:73: 73:2c:23:9a:a7:91:4b:93:c4:33:2e:23:ff:53:5f: 26:ff:78:e7:14:62:d6:31:41:08:d8:29:f6:33:24: 90:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:23:BD:C0:73:6A:2C:32:3B:33:D6:57:F0:36:FC:E4:E0:08:68:66 X509v3 Authority Key Identifier: keyid:5C:6C:E3:87:33:78:86:98:9F:B3:C3:D4:E6:18:6A:37:0B:72:8D:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/63/5C6CE387337886989FB3C3D4E6186A370B728D50.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XGzjhzN4hpifs8PU5hhqNwtyjVA.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/63/323430373a396534303a3a2f33322d3438203d3e2038383838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2407:9e40::/32 Signature Algorithm: sha256WithRSAEncryption d2:a4:10:5b:49:6d:4f:4a:ff:7a:6c:66:0e:d6:ee:2a:4a:48: e4:f1:fe:7a:93:dd:9d:93:41:2f:3a:bf:42:82:fa:f5:9f:ac: 08:98:ef:1f:a7:eb:81:d2:cf:28:82:e7:c8:b2:8c:fa:b7:02: 13:e2:dc:32:0c:3e:13:36:c3:61:bd:81:0d:9c:0a:3d:bf:2a: d1:a8:6e:9d:b5:26:4e:a1:10:bc:7f:e9:92:31:5a:fe:8d:63: a9:51:d6:1d:7c:9c:e5:bc:84:01:f6:36:e7:cb:4e:15:8d:14: ce:44:b6:a2:fa:7a:ae:1f:66:ce:53:76:99:0c:59:fc:eb:55: 76:57:1b:e5:47:93:fd:da:a9:9a:72:a1:33:ec:8d:89:d0:66: ac:03:35:00:e2:17:cc:37:4d:07:e3:e8:6a:97:cb:57:7a:db: 44:20:12:4f:cb:83:6e:d3:b4:26:0f:47:3f:20:1d:fc:bd:09: 21:0a:46:d6:21:e4:86:53:16:fa:14:4f:28:f3:b9:89:10:a2: a0:bc:4b:fa:45:80:5b:b9:32:ab:e6:2d:18:25:ea:8e:d1:63: 59:71:3f:7e:ce:39:7c:fa:fb:26:97:f0:3c:a9:27:d6:aa:c7: e4:70:5f:7b:27:e1:e6:92:aa:f0:44:d8:15:c9:76:2e:74:92: 38:9d:1e:87 -----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgIUNACKtbwzNlcSht43sCSBdL3Nfy0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQzQ0QTAwMDAwMTEwLwYDVQQFEyg1QzZDRTM4NzMz Nzg4Njk4OUZCM0MzRDRFNjE4NkEzNzBCNzI4RDUwMB4XDTI2MDQwOTIwMzQwOVoX DTI3MDQwODIwMzkwOVowMzExMC8GA1UEAxMoODIyM0JEQzA3MzZBMkMzMjNCMzNE NjU3RjAzNkZDRTRFMDA4Njg2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ8MCNwzRqBgrUvBgfI0CScUGnly7nVjx+HJ/KCXIr1TKZe9P/1xH3NAwa/a uUU0P96qR3XhuubKlMTh6KvM+czEbzDPx9QUGY/q+Xo8KnTcHUA3h2RfoCDQzXMq OPZhMShRJq7SN4G7I3MjhclWJiY9ovEGIR5conXjhKtkxnYUCK2G6MOhmgvnrlsR Zp1VGz+AtcV48riCW9m+OEFhLbgrNI8Z7uuDOtTT2kGIoCyr0JXHJ1KgZzfMpP4o toqNfB57ceU2gSMZappj3fgtUGuZuqlTT8nYP0AcFSwFWv5zcywjmqeRS5PEMy4j /1NfJv945xRi1jFBCNgp9jMkkLkCAwEAAaOCAecwggHjMB0GA1UdDgQWBBSCI73A c2osMjsz1lfwNvzk4AhoZjAfBgNVHSMEGDAWgBRcbOOHM3iGmJ+zw9TmGGo3C3KN UDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzYzLzVDNkNFMzg3MzM3ODg2OTg5RkIzQzNENEU2 MTg2QTM3MEI3MjhENTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1hHempoek40aHBpZnM4UFU1aGhxTnd0eWpWQS5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNjMvMzIzNDMwMzczYTM5NjUzNDMwM2EzYTJmMzMzMjJk MzQzODIwM2QzZTIwMzgzODM4Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkB55AMA0GCSqGSIb3DQEB CwUAA4IBAQDSpBBbSW1PSv96bGYO1u4qSkjk8f56k92dk0EvOr9Cgvr1n6wImO8f p+uB0s8ogufIsoz6twIT4twyDD4TNsNhvYENnAo9vyrRqG6dtSZOoRC8f+mSMVr+ jWOpUdYdfJzlvIQB9jbny04VjRTORLai+nquH2bOU3aZDFn861V2VxvlR5P92qma cqEz7I2J0GasAzUA4hfMN00H4+hql8tXettEIBJPy4Nu07QmD0c/IB38vQkhCkbW IeSGUxb6FE8o87mJEKKgvEv6RYBbuTKr5i0YJeqO0WNZcT9+zjl8+vsml/A8qSfW qsfkcF97J+HmkqrwRNgVyXYudJI4nR6H -----END CERTIFICATE-----Generated at Sat Apr 18 03:52:27 2026 by rpki-client