$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/323430333a326338313a313131303a3a2f34382d3438203d3e20323132353132.roa File: 323430333a326338313a313131303a3a2f34382d3438203d3e20323132353132.roa (raw, json) Hash identifier: u+O33ciWAk1dD0a7moGyfiT9OhXEB36SeFnpi3eT3uI= Subject key identifier: FF:C0:7E:C7:9A:82:07:8B:E1:FC:1F:3D:FE:D2:C9:07:EC:04:CE:01 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 5D8D8C1D36736F72DE39461D5E6353FC5A94A12C Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/323430333a326338313a313131303a3a2f34382d3438203d3e20323132353132.roa Signing time: Wed 25 Mar 2026 12:56:13 +0000 ROA not before: Wed 25 Mar 2026 12:51:13 +0000 ROA not after: Wed 24 Mar 2027 12:56:13 +0000 asID: 212512 IP address blocks: 2403:2c81:1110::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Mar 2026 15:13:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:8d:8c:1d:36:73:6f:72:de:39:46:1d:5e:63:53:fc:5a:94:a1:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000, serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Mar 25 12:51:13 2026 GMT Not After : Mar 24 12:56:13 2027 GMT Subject: CN=FFC07EC79A82078BE1FC1F3DFED2C907EC04CE01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:b8:c7:4a:82:ec:5b:34:0e:a7:34:37:df:0e: 28:78:96:de:7c:ab:a7:46:bd:75:db:8d:15:72:ea: 9e:ef:22:de:0b:6d:7d:ab:16:e6:2c:ed:37:87:48: 77:46:8f:56:f2:24:10:f7:64:04:6a:ee:ba:7d:69: 93:73:35:97:b8:35:03:a9:aa:77:ff:1c:55:6f:69: 1d:a8:ba:f6:cd:f2:0c:1e:07:dd:d4:2d:5b:dc:53: 00:d5:bb:95:8e:be:f0:54:66:e1:fa:1d:c5:85:b6: 14:a5:91:86:7e:e0:60:a7:96:d3:d1:12:10:a0:a5: a5:de:c7:8d:ab:8b:ae:82:4d:28:c2:c8:e3:87:1c: 6c:a1:2d:5c:3b:f2:37:aa:12:6a:18:bb:d9:ef:22: 15:f6:06:8c:3f:78:e5:4f:d3:83:cd:cc:d2:02:bd: e2:35:4b:a7:d4:10:3c:09:0b:f0:62:48:54:d3:a0: c4:32:87:e3:9a:c1:64:db:80:b5:a2:8b:5f:9e:09: 69:60:49:63:b2:4c:86:6d:5c:de:0f:d7:99:e8:bc: c1:f4:8a:d2:57:23:a6:35:fb:a3:f6:06:9d:4b:27: 5e:7e:8d:e8:d7:22:94:58:64:89:0d:86:1d:5c:47: e7:72:22:33:40:e8:d0:33:28:25:d8:86:f1:28:09: 3b:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:C0:7E:C7:9A:82:07:8B:E1:FC:1F:3D:FE:D2:C9:07:EC:04:CE:01 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/323430333a326338313a313131303a3a2f34382d3438203d3e20323132353132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:2c81:1110::/48 Signature Algorithm: sha256WithRSAEncryption 05:2c:cd:07:8f:a3:17:b3:00:59:05:76:f6:63:04:53:dc:01: ff:f3:dc:13:32:3b:46:93:74:46:d1:26:0d:cb:72:21:14:64: 51:4c:d7:7c:7a:9a:2e:7e:12:76:cb:05:20:9a:66:47:c8:16: 75:7d:c5:cf:e4:ee:bc:14:de:11:cd:28:48:43:3a:b6:37:70: f5:87:36:7c:c4:c2:75:f3:0b:17:e6:c4:a8:4a:69:28:0e:89: ff:8c:25:6b:51:1f:e4:cb:ee:9f:6b:e8:c6:5a:2f:77:ff:46: 76:fd:04:6e:14:19:04:43:dd:c9:16:64:19:bf:a2:98:e2:15: 38:33:23:18:1f:0d:51:b0:f5:c3:8a:88:11:c3:5d:8c:e8:25: 04:2e:7c:f7:ae:ec:2f:57:1a:a8:83:ee:d3:83:6d:fc:d0:65: 0e:9f:15:a2:16:14:fc:42:9b:82:78:50:8e:8d:df:59:a1:a6: 52:84:82:3b:19:e2:b1:bb:16:cb:33:0f:16:05:9f:e9:70:8d: bf:ac:f2:0a:fb:ea:8c:4a:30:24:24:97:82:8b:ad:fe:7f:bd: 24:1c:c8:be:52:48:b6:75:0f:53:59:20:43:89:f5:ab:36:d8: 95:aa:0e:0f:be:65:88:21:05:ae:28:2e:a1:46:c3:ae:65:2c: 09:89:f9:8c -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgIUXY2MHTZzb3LeOUYdXmNT/FqUoSwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI2MDMyNTEyNTExM1oX DTI3MDMyNDEyNTYxM1owMzExMC8GA1UEAxMoRkZDMDdFQzc5QTgyMDc4QkUxRkMx RjNERkVEMkM5MDdFQzA0Q0UwMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALu4x0qC7Fs0Dqc0N98OKHiW3nyrp0a9dduNFXLqnu8i3gttfasW5iztN4dI d0aPVvIkEPdkBGruun1pk3M1l7g1A6mqd/8cVW9pHai69s3yDB4H3dQtW9xTANW7 lY6+8FRm4fodxYW2FKWRhn7gYKeW09ESEKClpd7HjauLroJNKMLI44ccbKEtXDvy N6oSahi72e8iFfYGjD945U/Tg83M0gK94jVLp9QQPAkL8GJIVNOgxDKH45rBZNuA taKLX54JaWBJY7JMhm1c3g/Xmei8wfSK0lcjpjX7o/YGnUsnXn6N6NcilFhkiQ2G HVxH53IiM0Do0DMoJdiG8SgJOzsCAwEAAaOCAfgwggH0MB0GA1UdDgQWBBT/wH7H moIHi+H8Hz3+0skH7ATOATAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIwgYIGCCsGAQUFBwELBHYwdDByBggrBgEFBQcwC4ZmcnN5bmM6Ly9ycGtpLnJv YS5uZXQvcnJkcC94VG9tLzQyLzMyMzQzMDMzM2EzMjYzMzgzMTNhMzEzMTMxMzAz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzIzNTMxMzIucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk AyyBERAwDQYJKoZIhvcNAQELBQADggEBAAUszQePoxezAFkFdvZjBFPcAf/z3BMy O0aTdEbRJg3LciEUZFFM13x6mi5+EnbLBSCaZkfIFnV9xc/k7rwU3hHNKEhDOrY3 cPWHNnzEwnXzCxfmxKhKaSgOif+MJWtRH+TL7p9r6MZaL3f/Rnb9BG4UGQRD3ckW ZBm/opjiFTgzIxgfDVGw9cOKiBHDXYzoJQQufPeu7C9XGqiD7tODbfzQZQ6fFaIW FPxCm4J4UI6N31mhplKEgjsZ4rG7FsszDxYFn+lwjb+s8gr76oxKMCQkl4KLrf5/ vSQcyL5SSLZ1D1NZIEOJ9as22JWqDg++ZYghBa4oLqFGw65lLAmJ+Yw= -----END CERTIFICATE-----Generated at Thu Mar 26 08:53:40 2026 by rpki-client