$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133382e302f32342d3234203d3e2034373835.roa File: 3138302e3233352e3133382e302f32342d3234203d3e2034373835.roa (raw, json) Hash identifier: uAR+aUItgXIl8LltOABhOV67sr0o2kSaUnBThmT0md8= Subject key identifier: EF:60:C6:3B:74:B0:D3:7F:57:D1:D4:EF:57:4F:7D:AF:68:94:44:07 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 68EDDAD6D455D9BAD02188EF4152A11FBD9C4AAC Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133382e302f32342d3234203d3e2034373835.roa Signing time: Sat 16 Aug 2025 01:48:28 +0000 ROA not before: Sat 16 Aug 2025 01:43:28 +0000 ROA not after: Sat 15 Aug 2026 01:48:28 +0000 asID: 4785 IP address blocks: 180.235.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Aug 2025 01:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:ed:da:d6:d4:55:d9:ba:d0:21:88:ef:41:52:a1:1f:bd:9c:4a:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000, serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Aug 16 01:43:28 2025 GMT Not After : Aug 15 01:48:28 2026 GMT Subject: CN=EF60C63B74B0D37F57D1D4EF574F7DAF68944407 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:2a:f2:5e:f6:ff:8f:4b:0b:6e:6b:c1:68:9d: ad:88:a4:b1:93:94:27:6e:a1:f3:ad:b9:08:de:64: c4:0e:07:57:f5:34:19:f1:21:2b:56:2e:4c:83:6f: 65:82:58:d3:04:9b:ac:1f:ac:19:c5:4a:cd:ee:e7: 6a:b0:d5:ba:67:dc:67:17:36:e0:77:fc:43:14:54: f4:22:ed:fb:df:1a:c3:0e:6b:92:75:31:22:bf:4a: d8:89:4d:48:46:4e:31:5f:19:cc:77:88:87:56:a1: 1e:12:14:f0:f4:17:a1:8a:6a:9b:29:8a:f8:9a:8c: 19:72:13:d7:b6:4e:dd:d2:b4:e4:f9:b7:a3:58:ac: 42:1a:ca:43:f8:0e:79:05:66:99:f8:2d:59:ab:0a: 9f:60:e7:a8:cd:e1:7c:95:c2:87:f5:de:78:ad:e9: ac:b5:c6:be:51:f2:2d:fe:50:61:41:e9:e5:5d:8d: 60:41:f3:1a:d5:cf:c7:a9:de:4b:a0:73:29:e2:79: 86:8a:90:94:9f:d0:21:c0:46:d5:ef:34:4c:37:74: ac:e9:46:46:84:fa:bd:08:d8:20:36:6c:3f:41:72: e2:f4:b0:e7:fb:d0:2d:c1:13:3c:6e:7d:31:0d:ac: aa:a4:3d:15:96:6f:61:29:05:94:89:c0:2a:a6:c0: f8:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:60:C6:3B:74:B0:D3:7F:57:D1:D4:EF:57:4F:7D:AF:68:94:44:07 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133382e302f32342d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 180.235.138.0/24 Signature Algorithm: sha256WithRSAEncryption 48:07:30:22:16:d6:0d:dc:34:68:cc:ab:86:d7:51:6b:54:3e: 6d:44:0c:43:3a:4d:c3:65:93:e2:cb:5c:cf:c1:57:bb:60:33: d2:a5:50:75:18:ea:ba:7e:ed:92:ed:2d:92:94:8f:ce:7a:6b: 81:18:b0:cb:88:f8:9a:46:f2:15:06:bc:c2:61:1b:0f:84:fc: 0a:3b:fc:34:88:b3:03:43:0d:a9:0f:6e:1b:c7:11:68:1a:45: 6b:b4:1f:3d:68:9e:04:29:1f:84:58:8d:91:c6:45:78:1a:42: 0e:4d:0e:22:20:ce:a6:53:29:0d:84:0c:c4:32:b7:3b:4f:b4: bf:dd:57:79:ce:26:5f:36:2c:42:9f:a5:1a:e4:82:df:21:7e: b0:2a:f7:5f:6e:df:30:22:d7:7d:39:cb:33:a5:3f:96:d1:ff: 2a:ae:80:bf:79:01:f2:93:d4:f7:bc:db:36:9c:22:d2:e4:ec: da:de:08:94:ac:f4:c2:fa:c5:99:92:02:6a:0c:fc:08:0d:be: ba:d4:70:fa:f2:77:46:63:7d:c7:74:23:e5:10:ad:4d:b1:43: 96:2f:b6:c1:6d:de:a3:72:7c:7e:38:7d:82:11:3b:cf:38:30: 01:c4:9d:ff:9a:47:f9:f0:bb:5d:f0:2e:c4:7a:c8:57:e2:dd: e1:e4:4c:fd -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUaO3a1tRV2brQIYjvQVKhH72cSqwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI1MDgxNjAxNDMyOFoX DTI2MDgxNTAxNDgyOFowMzExMC8GA1UEAxMoRUY2MEM2M0I3NEIwRDM3RjU3RDFE NEVGNTc0RjdEQUY2ODk0NDQwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALYq8l72/49LC25rwWidrYiksZOUJ26h8625CN5kxA4HV/U0GfEhK1YuTINv ZYJY0wSbrB+sGcVKze7narDVumfcZxc24Hf8QxRU9CLt+98aww5rknUxIr9K2IlN SEZOMV8ZzHeIh1ahHhIU8PQXoYpqmymK+JqMGXIT17ZO3dK05Pm3o1isQhrKQ/gO eQVmmfgtWasKn2DnqM3hfJXCh/XeeK3prLXGvlHyLf5QYUHp5V2NYEHzGtXPx6ne S6BzKeJ5hoqQlJ/QIcBG1e80TDd0rOlGRoT6vQjYIDZsP0Fy4vSw5/vQLcETPG59 MQ2sqqQ9FZZvYSkFlInAKqbA+OECAwEAAaOCAeowggHmMB0GA1UdDgQWBBTvYMY7 dLDTf1fR1O9XT32vaJREBzAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzODMwMmUzMjMzMzUyZTMxMzMzODJlMzAyZjMy MzQyZDMyMzQyMDNkM2UyMDM0MzczODM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtOuKMA0GCSqGSIb3 DQEBCwUAA4IBAQBIBzAiFtYN3DRozKuG11FrVD5tRAxDOk3DZZPiy1zPwVe7YDPS pVB1GOq6fu2S7S2SlI/OemuBGLDLiPiaRvIVBrzCYRsPhPwKO/w0iLMDQw2pD24b xxFoGkVrtB89aJ4EKR+EWI2RxkV4GkIOTQ4iIM6mUykNhAzEMrc7T7S/3Vd5ziZf NixCn6Ua5ILfIX6wKvdfbt8wItd9OcszpT+W0f8qroC/eQHyk9T3vNs2nCLS5Oza 3giUrPTC+sWZkgJqDPwIDb661HD68ndGY33HdCPlEK1NsUOWL7bBbd6jcnx+OH2C ETvPODABxJ3/mkf58Ltd8C7EeshX4t3h5Ez9 -----END CERTIFICATE-----Generated at Sun Aug 24 04:33:22 2025 by rpki-client