$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/323430333a326338303a3a2f33312d3438203d3e2039333132.roa File: 323430333a326338303a3a2f33312d3438203d3e2039333132.roa (raw, json) Hash identifier: Tvmdq44TGUk5GAEmehxpSHPI/PL+I5mlyW0a+CL7Ds8= Subject key identifier: DD:9C:A8:A0:C8:D5:09:8B:5C:3A:60:1F:C2:51:CE:A3:35:AB:4C:9C Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 5B0104C10702455DC886C51BBB779ABCAC2E55D9 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/323430333a326338303a3a2f33312d3438203d3e2039333132.roa Signing time: Sat 16 Aug 2025 01:48:27 +0000 ROA not before: Sat 16 Aug 2025 01:43:27 +0000 ROA not after: Sat 15 Aug 2026 01:48:27 +0000 asID: 9312 IP address blocks: 2403:2c80::/31 maxlen: 48 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 05:45:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:01:04:c1:07:02:45:5d:c8:86:c5:1b:bb:77:9a:bc:ac:2e:55:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000, serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Aug 16 01:43:27 2025 GMT Not After : Aug 15 01:48:27 2026 GMT Subject: CN=DD9CA8A0C8D5098B5C3A601FC251CEA335AB4C9C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:16:76:5f:86:a0:a1:f8:0f:2f:b7:62:ed:46: f7:08:87:4b:81:f9:54:fe:a9:8d:79:17:b9:56:80: d4:ea:17:13:72:7b:b0:9c:91:29:95:36:9c:c2:1d: b3:37:82:de:01:cd:96:2b:fe:5f:d8:22:e1:a6:53: 1b:08:03:e4:89:2c:e8:e8:4d:93:90:93:92:c0:d5: 78:8c:94:64:56:b1:a4:73:5b:a2:a5:fc:c3:9e:76: 9e:3a:90:6a:5a:2b:31:93:b1:6d:90:8c:15:db:68: 92:ae:35:fb:19:16:b7:3a:08:90:77:15:59:d4:83: 8a:81:6d:6c:54:e4:e7:ee:27:af:fe:71:47:50:b2: 74:d0:58:15:8f:92:d5:f4:16:13:21:59:65:17:f8: 13:1e:fa:d1:17:e9:24:ae:29:b2:54:d8:ef:89:35: 21:b3:26:ef:13:1d:49:c4:30:96:5c:60:04:b9:ba: 80:82:40:17:e1:85:e6:d8:c1:73:29:60:17:4e:98: 9e:d2:e1:ae:f7:8a:6d:fa:5d:51:c0:4d:00:69:b7: be:d2:fe:a6:d4:dc:91:f3:8b:9c:87:a6:36:e2:60: 9b:97:5d:aa:61:e7:88:05:61:64:86:45:21:74:e1: 79:e4:00:6a:9e:47:df:30:4b:22:ba:c7:93:30:3c: d3:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:9C:A8:A0:C8:D5:09:8B:5C:3A:60:1F:C2:51:CE:A3:35:AB:4C:9C X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/323430333a326338303a3a2f33312d3438203d3e2039333132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:2c80::/31 Signature Algorithm: sha256WithRSAEncryption b8:3a:3b:ae:83:fe:5e:33:dd:0e:94:8a:31:08:04:64:7c:19: bc:c5:b6:89:95:2a:a4:df:27:fd:80:ed:c0:2a:a9:ac:54:ca: 6d:db:23:ed:d2:f1:46:83:93:9d:12:fd:54:a7:9f:53:1b:94: b8:2a:9e:49:3d:c4:99:5f:7f:75:5b:e0:2c:c7:00:4f:a5:97: 8a:88:53:55:ea:be:36:41:0b:5b:f2:1a:6a:33:d2:cd:96:95: e3:f1:23:90:5c:4b:f5:0d:37:e1:94:bc:ba:f9:c0:a1:f7:3a: 5d:ef:08:7c:56:26:d2:fc:2f:7b:b9:d7:bf:fc:8b:a2:00:a7: 5c:50:bd:c4:71:96:89:58:a4:4a:99:49:fe:4e:45:57:13:38: 22:63:e9:45:d5:55:fe:7c:d9:52:d3:78:97:95:e6:19:59:74: 93:f2:f9:07:81:39:51:e9:0c:1e:92:ed:6d:61:30:62:f7:93: 93:64:06:12:f8:1d:c3:a5:e6:47:59:73:f6:d6:9b:aa:26:29: 00:65:c7:39:99:e5:54:1e:b0:ee:b5:38:17:d3:23:33:63:93: 3e:90:e2:2e:cc:cf:94:ec:1f:60:95:8d:6e:34:63:19:40:4c: e7:c3:fd:3d:05:9d:88:37:0d:ce:a7:3b:77:74:a4:13:63:32: a7:17:02:d1 -----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgIUWwEEwQcCRV3IhsUbu3eavKwuVdkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI1MDgxNjAxNDMyN1oX DTI2MDgxNTAxNDgyN1owMzExMC8GA1UEAxMoREQ5Q0E4QTBDOEQ1MDk4QjVDM0E2 MDFGQzI1MUNFQTMzNUFCNEM5QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJUWdl+GoKH4Dy+3Yu1G9wiHS4H5VP6pjXkXuVaA1OoXE3J7sJyRKZU2nMId szeC3gHNliv+X9gi4aZTGwgD5Iks6OhNk5CTksDVeIyUZFaxpHNboqX8w552njqQ alorMZOxbZCMFdtokq41+xkWtzoIkHcVWdSDioFtbFTk5+4nr/5xR1CydNBYFY+S 1fQWEyFZZRf4Ex760RfpJK4pslTY74k1IbMm7xMdScQwllxgBLm6gIJAF+GF5tjB cylgF06YntLhrveKbfpdUcBNAGm3vtL+ptTckfOLnIemNuJgm5ddqmHniAVhZIZF IXTheeQAap5H3zBLIrrHkzA80+sCAwEAAaOCAecwggHjMB0GA1UdDgQWBBTdnKig yNUJi1w6YB/CUc6jNatMnDAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzIzNDMwMzMzYTMyNjMzODMwM2EzYTJmMzMzMTJk MzQzODIwM2QzZTIwMzkzMzMxMzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQEkAyyAMA0GCSqGSIb3DQEB CwUAA4IBAQC4Ojuug/5eM90OlIoxCARkfBm8xbaJlSqk3yf9gO3AKqmsVMpt2yPt 0vFGg5OdEv1Up59TG5S4Kp5JPcSZX391W+AsxwBPpZeKiFNV6r42QQtb8hpqM9LN lpXj8SOQXEv1DTfhlLy6+cCh9zpd7wh8VibS/C97ude//IuiAKdcUL3EcZaJWKRK mUn+TkVXEzgiY+lF1VX+fNlS03iXleYZWXST8vkHgTlR6Qweku1tYTBi95OTZAYS +B3DpeZHWXP21puqJikAZcc5meVUHrDutTgX0yMzY5M+kOIuzM+U7B9glY1uNGMZ QEznw/09BZ2INw3Opzt3dKQTYzKnFwLR -----END CERTIFICATE-----Generated at Sat Aug 23 23:26:16 2025 by rpki-client