$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/34352e3131362e31342e302f32342d3234203d3e2034373835.roa File: 34352e3131362e31342e302f32342d3234203d3e2034373835.roa (raw, json) Hash identifier: kGnGjS6kWgTYXKB6JTx1b/ps2bSkO1gKN6mbcgXMCe4= Subject key identifier: 15:16:E8:A8:6B:72:AE:9A:61:80:7A:2A:32:4B:FD:F7:A1:6B:87:A1 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 6DC400DD728E37F76F8B391EE041705D30EE6D44 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/34352e3131362e31342e302f32342d3234203d3e2034373835.roa Signing time: Sat 16 Aug 2025 01:48:27 +0000 ROA not before: Sat 16 Aug 2025 01:43:27 +0000 ROA not after: Sat 15 Aug 2026 01:48:27 +0000 asID: 4785 IP address blocks: 45.116.14.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 05:45:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:c4:00:dd:72:8e:37:f7:6f:8b:39:1e:e0:41:70:5d:30:ee:6d:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000, serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Aug 16 01:43:27 2025 GMT Not After : Aug 15 01:48:27 2026 GMT Subject: CN=1516E8A86B72AE9A61807A2A324BFDF7A16B87A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:38:b3:d5:b3:40:da:b8:3a:ac:d4:1a:43:1e: 37:7c:2a:6f:1c:00:d4:b3:e4:f8:ea:29:c1:a6:b2: 3d:67:c3:b0:9b:34:5b:00:bd:eb:01:6f:b7:b5:e3: fa:a7:d3:71:6a:36:8a:d7:44:32:1f:cf:89:0f:57: 07:78:b3:cc:be:54:b1:87:a2:87:57:16:92:1b:db: 01:ed:19:52:eb:b5:b4:30:dc:c7:1f:0c:6d:2a:12: 31:d2:3c:9a:5d:3a:62:e7:55:84:3d:2f:76:f6:1b: 48:27:b9:ab:e9:a0:d9:e6:9c:aa:78:47:f9:77:77: 4d:e3:ce:3f:db:62:07:7d:d0:01:35:da:25:da:8b: 14:8f:9e:ba:c4:df:cc:b3:65:f0:c8:16:0d:54:97: 07:bd:09:2c:53:db:13:ec:20:b0:fe:5d:5f:3e:4d: 39:ad:94:3e:38:ed:4a:4c:dd:e0:06:3b:1b:e9:98: 1c:0d:9d:4c:64:12:0b:02:7b:de:93:b1:07:63:52: a3:37:20:e1:f6:8a:a4:05:54:bd:f4:13:45:70:54: 05:f0:90:14:0e:69:e3:e6:41:fe:28:bc:52:41:38: 98:f2:ac:39:86:42:77:98:ae:8e:a8:b5:d1:89:47: 7c:64:74:e2:0b:c3:85:07:49:96:6d:38:1b:37:26: 1b:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:16:E8:A8:6B:72:AE:9A:61:80:7A:2A:32:4B:FD:F7:A1:6B:87:A1 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/34352e3131362e31342e302f32342d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.116.14.0/24 Signature Algorithm: sha256WithRSAEncryption 22:d6:1f:cd:76:f1:2e:5f:3e:33:c5:02:0d:06:f7:f3:1c:74: a2:9b:93:a2:af:bb:b6:df:4e:8f:e4:4b:b9:14:45:cf:fe:06: 39:81:4d:50:8d:2a:ac:58:d7:9f:85:0f:a3:d8:eb:cc:20:7b: 83:5b:07:c4:dd:88:ce:7e:ec:a2:e8:9d:39:e6:18:3d:1f:04: 18:dd:6d:39:8c:dc:83:32:59:ea:5f:17:35:8a:af:7e:67:64: de:b0:16:0c:b7:0a:f0:8f:4e:73:26:86:30:19:48:40:27:19: eb:5d:2e:bb:d9:72:ad:e0:ff:57:a6:14:d5:de:28:cc:17:54: 21:8c:c1:20:c7:4d:66:86:ef:41:bf:0e:73:c1:07:d1:65:d0: b4:63:8f:36:94:82:8c:50:e0:ff:25:42:42:e0:4f:81:30:ce: 2a:ab:74:75:eb:17:9e:d7:0f:f7:2f:48:a7:b1:c6:a8:fe:ad: 00:d5:82:6b:77:90:13:71:f1:95:20:38:1c:67:bd:4d:27:01: d3:9f:91:44:72:f6:2e:74:ae:87:9c:b0:80:5a:74:10:ba:04: 4e:c5:e7:ea:5b:74:75:7f:af:27:22:58:f4:08:8d:9f:c4:c1: be:ac:77:06:58:46:53:1a:31:d6:0a:06:14:14:31:ed:6c:5e: ce:13:89:1f -----BEGIN CERTIFICATE----- MIIE8zCCA9ugAwIBAgIUbcQA3XKON/dvizke4EFwXTDubUQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI1MDgxNjAxNDMyN1oX DTI2MDgxNTAxNDgyN1owMzExMC8GA1UEAxMoMTUxNkU4QTg2QjcyQUU5QTYxODA3 QTJBMzI0QkZERjdBMTZCODdBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKk4s9WzQNq4OqzUGkMeN3wqbxwA1LPk+OopwaayPWfDsJs0WwC96wFvt7Xj +qfTcWo2itdEMh/PiQ9XB3izzL5UsYeih1cWkhvbAe0ZUuu1tDDcxx8MbSoSMdI8 ml06YudVhD0vdvYbSCe5q+mg2eacqnhH+Xd3TePOP9tiB33QATXaJdqLFI+eusTf zLNl8MgWDVSXB70JLFPbE+wgsP5dXz5NOa2UPjjtSkzd4AY7G+mYHA2dTGQSCwJ7 3pOxB2NSozcg4faKpAVUvfQTRXBUBfCQFA5p4+ZB/ii8UkE4mPKsOYZCd5iujqi1 0YlHfGR04gvDhQdJlm04GzcmG3ECAwEAAaOCAeYwggHiMB0GA1UdDgQWBBQVFuio a3KummGAeioyS/33oWuHoTAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzQzNTJlMzEzMTM2MmUzMTM0MmUzMDJmMzIzNDJk MzIzNDIwM2QzZTIwMzQzNzM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtdA4wDQYJKoZIhvcNAQEL BQADggEBACLWH8128S5fPjPFAg0G9/McdKKbk6Kvu7bfTo/kS7kURc/+BjmBTVCN KqxY15+FD6PY68wge4NbB8TdiM5+7KLonTnmGD0fBBjdbTmM3IMyWepfFzWKr35n ZN6wFgy3CvCPTnMmhjAZSEAnGetdLrvZcq3g/1emFNXeKMwXVCGMwSDHTWaG70G/ DnPBB9Fl0LRjjzaUgoxQ4P8lQkLgT4EwziqrdHXrF57XD/cvSKexxqj+rQDVgmt3 kBNx8ZUgOBxnvU0nAdOfkURy9i50roecsIBadBC6BE7F5+pbdHV/ryciWPQIjZ/E wb6sdwZYRlMaMdYKBhQUMe1sXs4TiR8= -----END CERTIFICATE-----Generated at Sat Aug 23 22:12:06 2025 by rpki-client