$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/34352e3131362e31332e302f32342d3234203d3e2034373835.roa File: 34352e3131362e31332e302f32342d3234203d3e2034373835.roa (raw, json) Hash identifier: dn6w8m+Idjhzk+2N3vzHUhGna7wbOr80X096SkTL/iM= Subject key identifier: 98:B5:FB:56:6A:E0:10:E4:8C:08:09:17:0D:A9:57:81:75:21:96:47 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 35D5ADDC0047E7E4B9440609401B87D2947D32AF Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/34352e3131362e31332e302f32342d3234203d3e2034373835.roa Signing time: Sat 16 Aug 2025 01:48:27 +0000 ROA not before: Sat 16 Aug 2025 01:43:27 +0000 ROA not after: Sat 15 Aug 2026 01:48:27 +0000 asID: 4785 IP address blocks: 45.116.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 05:45:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:d5:ad:dc:00:47:e7:e4:b9:44:06:09:40:1b:87:d2:94:7d:32:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000, serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Aug 16 01:43:27 2025 GMT Not After : Aug 15 01:48:27 2026 GMT Subject: CN=98B5FB566AE010E48C0809170DA9578175219647 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ee:28:ff:48:13:ea:4e:61:1a:87:e1:f4:fb: e2:89:e1:ca:a7:02:c8:f6:68:b6:56:37:97:44:ed: b2:a4:e6:de:14:a2:1d:b7:bb:cf:70:22:6e:52:8e: c1:d7:f8:75:f1:9d:40:51:a5:ad:e1:0b:04:a5:3a: 92:da:22:ac:e4:f3:dc:75:3d:70:78:00:c1:d0:44: ce:47:ed:d2:1c:38:25:26:e6:ed:1d:32:f7:e8:97: 14:74:79:03:28:0e:df:b2:1e:36:4a:39:d4:1f:3e: f7:75:67:9f:ac:aa:62:a1:39:4a:22:59:96:c4:ae: a5:bf:8b:29:56:c5:19:bc:13:6a:44:7d:ca:ac:57: 76:bb:49:6c:97:19:18:09:19:8a:70:08:8e:fb:a8: c6:ac:33:bf:03:51:8c:80:27:12:f2:15:6f:c0:3c: 66:1e:42:03:11:be:27:a1:82:8f:fa:73:c0:ba:e9: 8c:da:52:40:00:03:e3:a9:3f:09:0b:b7:5e:25:ca: 55:0f:cf:ce:e0:d8:be:e2:6a:7e:05:fe:a5:b1:71: 86:e3:d3:e2:f9:01:28:01:46:52:32:f8:ba:93:de: 0e:b1:b1:98:f1:98:6e:5d:40:78:a6:d9:57:ad:04: 68:a8:a2:e0:80:90:77:aa:e8:a4:ea:65:60:41:81: 1d:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:B5:FB:56:6A:E0:10:E4:8C:08:09:17:0D:A9:57:81:75:21:96:47 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/34352e3131362e31332e302f32342d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.116.13.0/24 Signature Algorithm: sha256WithRSAEncryption 10:0a:de:37:c4:df:fb:d1:8f:9b:90:1b:31:d8:88:ea:d7:8a: 6c:58:73:a5:e8:c9:eb:68:e4:7b:e3:fd:f3:c2:25:35:69:f7: e5:07:3c:ea:08:07:99:af:49:57:ce:6e:92:b5:5b:06:ae:49: c9:7c:b0:a7:85:2c:f4:bb:a3:27:0a:19:64:df:ca:ca:3a:55: 31:15:52:69:cd:b7:b5:3c:71:cf:a0:62:9b:0b:ca:39:4b:3e: 60:2f:02:79:58:6a:01:f4:4e:44:ea:2b:38:72:24:c7:48:e4: f8:d6:ae:eb:4c:c4:9f:fa:69:5e:2a:38:a7:ff:0d:89:9a:25: 98:74:b2:f0:68:44:bd:27:a4:3c:3e:ca:81:6f:b8:40:00:50: ce:1d:fe:f0:90:f4:e7:c7:79:75:3d:2a:a0:40:37:25:5e:ab: fe:a1:18:3c:cb:51:b2:4f:38:f7:44:ec:a3:79:16:07:b0:8a: 23:dd:d6:5b:ea:25:2c:8e:ae:21:97:26:af:70:c8:75:29:4e: bc:7a:b6:6f:7f:d0:09:ed:36:65:30:59:7b:0f:77:d9:3b:1b: 49:57:3e:79:34:c4:16:29:4a:7f:7c:ee:04:26:55:82:92:37: 59:89:cb:b0:4c:db:91:d6:36:b3:c9:ae:b0:bf:06:78:66:37: 8e:9c:02:c1 -----BEGIN CERTIFICATE----- MIIE8zCCA9ugAwIBAgIUNdWt3ABH5+S5RAYJQBuH0pR9Mq8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI1MDgxNjAxNDMyN1oX DTI2MDgxNTAxNDgyN1owMzExMC8GA1UEAxMoOThCNUZCNTY2QUUwMTBFNDhDMDgw OTE3MERBOTU3ODE3NTIxOTY0NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMTuKP9IE+pOYRqH4fT74onhyqcCyPZotlY3l0TtsqTm3hSiHbe7z3AiblKO wdf4dfGdQFGlreELBKU6ktoirOTz3HU9cHgAwdBEzkft0hw4JSbm7R0y9+iXFHR5 AygO37IeNko51B8+93Vnn6yqYqE5SiJZlsSupb+LKVbFGbwTakR9yqxXdrtJbJcZ GAkZinAIjvuoxqwzvwNRjIAnEvIVb8A8Zh5CAxG+J6GCj/pzwLrpjNpSQAAD46k/ CQu3XiXKVQ/PzuDYvuJqfgX+pbFxhuPT4vkBKAFGUjL4upPeDrGxmPGYbl1AeKbZ V60EaKii4ICQd6ropOplYEGBHW8CAwEAAaOCAeYwggHiMB0GA1UdDgQWBBSYtftW auAQ5IwICRcNqVeBdSGWRzAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzQzNTJlMzEzMTM2MmUzMTMzMmUzMDJmMzIzNDJk MzIzNDIwM2QzZTIwMzQzNzM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtdA0wDQYJKoZIhvcNAQEL BQADggEBABAK3jfE3/vRj5uQGzHYiOrXimxYc6Xoyeto5Hvj/fPCJTVp9+UHPOoI B5mvSVfObpK1WwauScl8sKeFLPS7oycKGWTfyso6VTEVUmnNt7U8cc+gYpsLyjlL PmAvAnlYagH0TkTqKzhyJMdI5PjWrutMxJ/6aV4qOKf/DYmaJZh0svBoRL0npDw+ yoFvuEAAUM4d/vCQ9OfHeXU9KqBANyVeq/6hGDzLUbJPOPdE7KN5FgewiiPd1lvq JSyOriGXJq9wyHUpTrx6tm9/0AntNmUwWXsPd9k7G0lXPnk0xBYpSn987gQmVYKS N1mJy7BM25HWNrPJrrC/BnhmN46cAsE= -----END CERTIFICATE-----Generated at Sat Aug 23 22:09:41 2025 by rpki-client