$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3130332e35362e35352e302f32342d3234203d3e2034373835.roa File: 3130332e35362e35352e302f32342d3234203d3e2034373835.roa (raw, json) Hash identifier: JbbzXkm0bYOxia+UVe/zvP/yVeDEIdLni7wkedOprT8= Subject key identifier: 37:2F:AA:C1:B9:19:E6:59:D9:20:32:71:58:7D:F8:A0:01:F7:B1:6B Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 7E26B23BB0E21EC18C4625BAA0252EDB58BFCED4 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3130332e35362e35352e302f32342d3234203d3e2034373835.roa Signing time: Sat 16 Aug 2025 01:48:27 +0000 ROA not before: Sat 16 Aug 2025 01:43:27 +0000 ROA not after: Sat 15 Aug 2026 01:48:27 +0000 asID: 4785 IP address blocks: 103.56.55.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 05:45:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:26:b2:3b:b0:e2:1e:c1:8c:46:25:ba:a0:25:2e:db:58:bf:ce:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000, serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Aug 16 01:43:27 2025 GMT Not After : Aug 15 01:48:27 2026 GMT Subject: CN=372FAAC1B919E659D9203271587DF8A001F7B16B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:50:a2:7b:63:a4:9d:d2:b6:1a:2a:97:b9:57: a3:5f:00:dc:49:39:0a:02:26:69:32:ba:b5:42:93: 28:70:80:eb:8d:87:ae:44:45:d8:87:5e:4d:7b:13: 2b:1e:eb:83:c2:65:60:f6:c2:93:dd:85:e1:33:09: 88:b2:1a:4f:98:80:02:ec:ab:47:a6:f8:d1:a3:cf: ad:d5:2a:6c:0b:69:3b:5f:65:c9:35:c7:96:52:ec: 3a:7e:00:5d:b7:53:10:cb:76:e5:80:f5:37:5e:ed: 8a:4e:ad:28:7a:ed:45:5e:2e:0f:11:c7:ec:2d:45: f1:95:39:f1:17:4a:1d:74:61:5d:c2:1f:5a:16:26: dc:12:8f:18:d4:c5:5d:be:df:fb:81:58:8e:09:52: fb:d5:b0:f1:f3:f6:98:eb:44:c4:e3:a7:c1:80:30: 37:7e:8c:fd:7e:b4:a4:c0:a3:e9:e6:6c:6d:73:4a: 39:94:ef:dd:c5:fa:d6:1d:cf:37:2c:66:a2:bb:6b: b5:4d:6c:72:1b:7b:63:1c:e3:9a:6d:ce:8b:87:42: 1c:29:df:1b:6c:58:71:17:80:de:39:05:a9:a5:05: 59:6f:d6:45:9a:d5:81:0c:1e:79:1d:ec:c8:35:2d: 12:c8:cc:09:2d:f4:93:4f:df:96:61:d2:ab:f8:23: 45:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:2F:AA:C1:B9:19:E6:59:D9:20:32:71:58:7D:F8:A0:01:F7:B1:6B X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3130332e35362e35352e302f32342d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.56.55.0/24 Signature Algorithm: sha256WithRSAEncryption 05:c9:eb:99:d8:98:a2:b4:2f:a4:b6:54:f3:ee:4e:52:a3:39: 99:77:ab:6d:e0:5d:14:e2:ec:7a:37:12:df:8d:c0:74:df:05: 9f:ad:f6:17:23:0b:7f:77:cc:09:05:98:64:40:91:03:f1:56: a1:ed:b6:e2:7f:02:16:49:8a:03:f4:75:21:6d:1e:09:5a:04: db:95:28:72:8a:b7:cb:3d:de:b5:d2:78:cb:d5:e8:ee:5c:da: 77:52:1d:5b:ad:fc:87:89:6d:87:de:e8:cb:47:60:5c:71:cf: 18:39:cf:8e:07:3d:35:36:63:04:90:a8:0e:4b:fc:3f:28:ec: e5:12:e1:86:dc:f9:5a:ee:46:e7:95:5d:c5:e3:a2:86:49:1c: 5b:2d:3b:bd:10:f3:16:d4:3f:fd:5e:94:58:a5:b0:06:68:76: 89:85:2d:11:49:8c:cc:b6:91:4c:d0:bd:29:89:05:ff:e2:a4: 46:f1:6a:a0:a6:4c:c6:5e:99:4e:b5:0f:06:f6:aa:63:35:77: 7f:97:81:6d:54:06:e5:1d:c7:58:39:3c:77:ba:fd:d9:68:2e: 5e:aa:31:ab:bb:8c:2e:cb:43:a9:3d:db:f3:86:ad:19:ec:40: 6d:1f:60:de:df:a7:b1:8f:95:a3:b6:a9:c7:b5:a3:d2:f1:0a: 4b:b5:17:40 -----BEGIN CERTIFICATE----- MIIE8zCCA9ugAwIBAgIUfiayO7DiHsGMRiW6oCUu21i/ztQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI1MDgxNjAxNDMyN1oX DTI2MDgxNTAxNDgyN1owMzExMC8GA1UEAxMoMzcyRkFBQzFCOTE5RTY1OUQ5MjAz MjcxNTg3REY4QTAwMUY3QjE2QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALdQontjpJ3Sthoql7lXo18A3Ek5CgImaTK6tUKTKHCA642HrkRF2IdeTXsT Kx7rg8JlYPbCk92F4TMJiLIaT5iAAuyrR6b40aPPrdUqbAtpO19lyTXHllLsOn4A XbdTEMt25YD1N17tik6tKHrtRV4uDxHH7C1F8ZU58RdKHXRhXcIfWhYm3BKPGNTF Xb7f+4FYjglS+9Ww8fP2mOtExOOnwYAwN36M/X60pMCj6eZsbXNKOZTv3cX61h3P NyxmortrtU1scht7Yxzjmm3Oi4dCHCnfG2xYcReA3jkFqaUFWW/WRZrVgQweeR3s yDUtEsjMCS30k0/flmHSq/gjRQUCAwEAAaOCAeYwggHiMB0GA1UdDgQWBBQ3L6rB uRnmWdkgMnFYffigAfexazAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzMDMzMmUzNTM2MmUzNTM1MmUzMDJmMzIzNDJk MzIzNDIwM2QzZTIwMzQzNzM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnODcwDQYJKoZIhvcNAQEL BQADggEBAAXJ65nYmKK0L6S2VPPuTlKjOZl3q23gXRTi7Ho3Et+NwHTfBZ+t9hcj C393zAkFmGRAkQPxVqHttuJ/AhZJigP0dSFtHglaBNuVKHKKt8s93rXSeMvV6O5c 2ndSHVut/IeJbYfe6MtHYFxxzxg5z44HPTU2YwSQqA5L/D8o7OUS4Ybc+VruRueV XcXjooZJHFstO70Q8xbUP/1elFilsAZodomFLRFJjMy2kUzQvSmJBf/ipEbxaqCm TMZemU61Dwb2qmM1d3+XgW1UBuUdx1g5PHe6/dloLl6qMau7jC7LQ6k92/OGrRns QG0fYN7fp7GPlaO2qce1o9LxCku1F0A= -----END CERTIFICATE-----Generated at Sat Aug 23 22:04:13 2025 by rpki-client