$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3130332e3139322e3232352e302f32342d3234203d3e2039333132.roa File: 3130332e3139322e3232352e302f32342d3234203d3e2039333132.roa (raw, json) Hash identifier: 63rTonaVr/scpYy2rERfe9anPcLVhlO8Qst1xKm5Xmo= Subject key identifier: 58:9E:FE:D5:F4:71:B0:BB:B4:CF:6B:96:98:04:06:B2:87:64:C2:28 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 493F5DB83CE2FC386054E8F51D282A309254967C Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3130332e3139322e3232352e302f32342d3234203d3e2039333132.roa Signing time: Sat 16 Aug 2025 01:48:27 +0000 ROA not before: Sat 16 Aug 2025 01:43:27 +0000 ROA not after: Sat 15 Aug 2026 01:48:27 +0000 asID: 9312 IP address blocks: 103.192.225.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Aug 2025 01:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:3f:5d:b8:3c:e2:fc:38:60:54:e8:f5:1d:28:2a:30:92:54:96:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000, serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Aug 16 01:43:27 2025 GMT Not After : Aug 15 01:48:27 2026 GMT Subject: CN=589EFED5F471B0BBB4CF6B96980406B28764C228 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:7f:1d:2b:a7:f7:ef:2c:5a:67:73:45:1d:45: cd:ea:37:c6:ee:29:39:03:e2:4d:86:9b:91:38:b5: 88:07:c2:ac:a4:fe:79:71:59:bc:94:b7:04:4b:e8: 5e:8f:35:10:ba:20:50:aa:e5:74:ae:c3:92:e5:2b: 91:61:19:a1:c5:42:f9:cb:26:95:e8:1d:61:f9:b5: a0:39:f6:56:d8:7b:9f:2b:59:d3:e9:80:37:97:be: d0:0f:e7:29:0d:37:f5:04:29:a1:9c:02:d3:ec:7e: 44:f4:4f:d7:2e:9f:cf:c1:a7:c4:77:da:47:16:6c: f1:90:80:46:9a:9c:b1:e5:75:88:f4:ff:11:e4:51: 74:ea:8a:3e:73:69:f4:ef:c5:e1:6d:da:f5:15:66: 75:ca:61:7f:0b:16:29:04:72:6f:d5:73:08:1b:b2: f8:5d:dd:c4:64:1a:1a:ed:61:99:49:1d:ae:de:6f: 1e:9a:af:cf:d2:85:c5:1c:73:3a:01:e0:f4:23:fa: b9:e8:20:d9:d2:c9:bb:9b:00:ad:8c:3b:b6:bc:2f: 8a:8c:d5:21:a5:62:81:2b:7e:79:09:c1:48:45:41: 3b:7d:bf:9a:f2:5c:5b:92:40:ef:80:ec:db:db:2f: 53:f5:ad:93:8e:68:34:e7:7f:bc:fc:66:26:a0:1b: af:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:9E:FE:D5:F4:71:B0:BB:B4:CF:6B:96:98:04:06:B2:87:64:C2:28 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3130332e3139322e3232352e302f32342d3234203d3e2039333132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.192.225.0/24 Signature Algorithm: sha256WithRSAEncryption 3b:df:33:96:15:cd:24:3f:3b:cb:e5:3c:6b:5a:1b:47:15:22: 1d:46:af:c3:e8:28:a4:2f:ad:c8:93:ad:2c:ad:d7:dc:59:08: 16:e4:b3:79:4a:ea:77:32:10:01:bd:59:31:e5:0b:6f:e6:ef: 5e:e1:ba:8b:49:50:de:c9:8b:48:75:f3:cd:e5:58:11:de:b0: 0f:29:16:2a:95:70:2f:f3:9d:85:fd:44:4c:87:33:fa:e7:43: 0f:8e:34:4a:a8:aa:f7:e0:89:0b:74:7b:df:d3:d8:f9:0a:02: 99:9e:6c:12:2d:ea:9a:c6:42:12:7a:4b:b9:78:38:e7:b8:29: 80:5a:b8:90:a3:77:21:62:cc:a6:e3:80:b3:52:a1:3f:44:76: 62:c7:22:15:e9:03:4c:de:70:3c:c0:04:68:06:ae:62:5b:f1: d7:e1:fd:e2:c6:a7:1f:0b:23:6c:71:22:c6:f3:82:9f:af:dd: 87:4f:0c:7e:13:9e:0b:0e:99:6c:65:08:4e:0d:f1:3f:8f:50: 8a:61:3a:2f:57:7f:74:da:88:77:dd:5f:8e:42:f9:08:62:36: ae:6f:c3:9c:e1:64:dc:15:90:5a:ee:0e:27:fd:e0:54:5d:94: a6:32:7f:24:f5:db:c6:18:bd:66:c1:2f:cb:c4:8a:e8:d4:f1: fd:de:fe:44 -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUST9duDzi/DhgVOj1HSgqMJJUlnwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI1MDgxNjAxNDMyN1oX DTI2MDgxNTAxNDgyN1owMzExMC8GA1UEAxMoNTg5RUZFRDVGNDcxQjBCQkI0Q0Y2 Qjk2OTgwNDA2QjI4NzY0QzIyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMV/HSun9+8sWmdzRR1Fzeo3xu4pOQPiTYabkTi1iAfCrKT+eXFZvJS3BEvo Xo81ELogUKrldK7DkuUrkWEZocVC+csmlegdYfm1oDn2Vth7nytZ0+mAN5e+0A/n KQ039QQpoZwC0+x+RPRP1y6fz8GnxHfaRxZs8ZCARpqcseV1iPT/EeRRdOqKPnNp 9O/F4W3a9RVmdcphfwsWKQRyb9VzCBuy+F3dxGQaGu1hmUkdrt5vHpqvz9KFxRxz OgHg9CP6uegg2dLJu5sArYw7trwviozVIaVigSt+eQnBSEVBO32/mvJcW5JA74Ds 29svU/Wtk45oNOd/vPxmJqAbr18CAwEAAaOCAeowggHmMB0GA1UdDgQWBBRYnv7V 9HGwu7TPa5aYBAayh2TCKDAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzMDMzMmUzMTM5MzIyZTMyMzIzNTJlMzAyZjMy MzQyZDMyMzQyMDNkM2UyMDM5MzMzMTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ8DhMA0GCSqGSIb3 DQEBCwUAA4IBAQA73zOWFc0kPzvL5TxrWhtHFSIdRq/D6CikL63Ik60srdfcWQgW 5LN5Sup3MhABvVkx5Qtv5u9e4bqLSVDeyYtIdfPN5VgR3rAPKRYqlXAv852F/URM hzP650MPjjRKqKr34IkLdHvf09j5CgKZnmwSLeqaxkISeku5eDjnuCmAWriQo3ch Ysym44CzUqE/RHZixyIV6QNM3nA8wARoBq5iW/HX4f3ixqcfCyNscSLG84Kfr92H Twx+E54LDplsZQhODfE/j1CKYTovV3902oh33V+OQvkIYjaub8Oc4WTcFZBa7g4n /eBUXZSmMn8k9dvGGL1mwS/LxIro1PH93v5E -----END CERTIFICATE-----Generated at Sun Aug 24 04:29:58 2025 by rpki-client