$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/34352e3132352e302e302f32322d3234203d3e2039333132.roa File: 34352e3132352e302e302f32322d3234203d3e2039333132.roa (raw, json) Hash identifier: tJzCsiLRF3gx4bs/Xlurd8tg809FpXlCHVF3LaDIDdM= Subject key identifier: 13:06:DE:96:1C:83:E7:24:41:65:37:A3:46:3B:6A:B8:1B:1B:FF:48 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 1A0371F0143F31A0362064D7E58F4F66594856C3 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/34352e3132352e302e302f32322d3234203d3e2039333132.roa Signing time: Sat 16 Aug 2025 01:48:27 +0000 ROA not before: Sat 16 Aug 2025 01:43:27 +0000 ROA not after: Sat 15 Aug 2026 01:48:27 +0000 asID: 9312 IP address blocks: 45.125.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 05:45:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:03:71:f0:14:3f:31:a0:36:20:64:d7:e5:8f:4f:66:59:48:56:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000, serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Aug 16 01:43:27 2025 GMT Not After : Aug 15 01:48:27 2026 GMT Subject: CN=1306DE961C83E724416537A3463B6AB81B1BFF48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a1:e1:25:01:4d:24:c1:fb:34:90:de:ff:c9: 90:1d:e7:ee:21:2a:5e:2c:57:45:ba:6b:83:62:88: 8e:a4:23:91:a6:86:e7:59:d0:1a:ed:06:83:80:60: 40:5c:2b:17:55:e2:c1:f2:6f:b3:30:d4:31:ec:54: 28:b7:fd:25:2b:56:3a:ac:9f:f4:75:0d:17:14:45: ea:0e:31:c5:3f:31:08:e2:5f:10:c8:c8:e4:18:7f: 04:9e:09:d3:3a:37:f8:50:4a:43:11:35:f1:55:15: f6:b9:18:7b:dc:ae:30:13:9f:34:1b:66:7a:fc:13: 73:de:fb:5b:c7:12:1a:84:e5:76:bc:ab:1e:ad:da: 83:3d:0d:c0:b6:2d:1d:ab:d6:17:31:fc:37:05:85: ec:3d:d3:0f:a6:48:34:33:75:0f:79:dd:ff:a4:73: d7:f8:98:5f:65:09:17:ec:8f:4a:d2:12:f9:f4:58: 62:83:f3:b3:d8:57:d2:34:e8:eb:b4:6e:60:91:e1: 86:53:0b:be:16:77:ba:eb:3d:19:44:94:34:f7:eb: 1b:2f:6d:59:8f:06:2d:88:fc:c0:01:a0:7d:59:eb: 3c:fd:47:5b:8a:af:0a:f6:c2:02:89:cd:32:96:54: 86:70:0b:bf:51:2b:4b:6d:0a:15:ae:3e:1e:f5:61: 42:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:06:DE:96:1C:83:E7:24:41:65:37:A3:46:3B:6A:B8:1B:1B:FF:48 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/34352e3132352e302e302f32322d3234203d3e2039333132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.125.0.0/22 Signature Algorithm: sha256WithRSAEncryption b6:cd:58:36:fb:fb:2c:9d:6d:06:30:a5:15:2f:96:64:f9:f5: 7d:46:c4:d1:be:1b:34:af:db:ef:74:d1:db:dd:ed:a7:df:fd: ff:ac:0e:68:d3:cb:b8:00:da:7a:a5:d1:6f:de:72:98:bd:bf: 57:77:0e:42:08:96:11:c0:2d:19:27:41:95:5a:5e:1c:e6:35: 33:5a:31:ce:88:0d:37:d4:1d:3a:5d:cf:c0:1d:ce:2d:57:ac: b2:58:4f:b1:9b:8d:ef:e1:23:7e:43:e5:36:f9:ab:13:70:ac: 96:d1:13:95:48:06:0e:95:5b:0e:01:31:04:a7:be:1f:69:18: 73:d9:f2:fe:a5:f8:91:00:29:61:ff:fa:9f:9e:d8:18:0a:5e: f5:9e:8f:c3:8d:85:62:03:f0:a5:25:5b:19:bb:35:9c:ab:aa: 6c:15:2a:af:50:2a:3a:b5:3c:e8:47:a9:77:7e:50:ed:74:10: 7a:30:a9:d6:46:0f:5c:c4:87:08:a5:f8:ab:1f:13:00:5d:09: 21:36:68:d6:9d:4b:d4:ef:de:dc:02:62:8f:ad:f1:33:0e:01: 6f:bd:08:07:37:0e:8d:a8:14:a3:a8:5e:60:8d:b8:ed:dd:6b: b2:f0:5c:53:d7:84:2d:ba:47:42:63:64:b3:1b:ff:e9:f2:3b: ef:4a:36:95 -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIUGgNx8BQ/MaA2IGTX5Y9PZllIVsMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI1MDgxNjAxNDMyN1oX DTI2MDgxNTAxNDgyN1owMzExMC8GA1UEAxMoMTMwNkRFOTYxQzgzRTcyNDQxNjUz N0EzNDYzQjZBQjgxQjFCRkY0ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL6h4SUBTSTB+zSQ3v/JkB3n7iEqXixXRbprg2KIjqQjkaaG51nQGu0Gg4Bg QFwrF1XiwfJvszDUMexUKLf9JStWOqyf9HUNFxRF6g4xxT8xCOJfEMjI5Bh/BJ4J 0zo3+FBKQxE18VUV9rkYe9yuMBOfNBtmevwTc977W8cSGoTldryrHq3agz0NwLYt HavWFzH8NwWF7D3TD6ZINDN1D3nd/6Rz1/iYX2UJF+yPStIS+fRYYoPzs9hX0jTo 67RuYJHhhlMLvhZ3uus9GUSUNPfrGy9tWY8GLYj8wAGgfVnrPP1HW4qvCvbCAonN MpZUhnALv1ErS20KFa4+HvVhQkcCAwEAAaOCAeQwggHgMB0GA1UdDgQWBBQTBt6W HIPnJEFlN6NGO2q4Gxv/SDAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIwcgYIKwYBBQUHAQsEZjBkMGIGCCsGAQUFBzALhlZyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzQzNTJlMzEzMjM1MmUzMDJlMzAyZjMyMzIyZDMy MzQyMDNkM2UyMDM5MzMzMTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLX0AMA0GCSqGSIb3DQEBCwUA A4IBAQC2zVg2+/ssnW0GMKUVL5Zk+fV9RsTRvhs0r9vvdNHb3e2n3/3/rA5o08u4 ANp6pdFv3nKYvb9Xdw5CCJYRwC0ZJ0GVWl4c5jUzWjHOiA031B06Xc/AHc4tV6yy WE+xm43v4SN+Q+U2+asTcKyW0ROVSAYOlVsOATEEp74faRhz2fL+pfiRAClh//qf ntgYCl71no/DjYViA/ClJVsZuzWcq6psFSqvUCo6tTzoR6l3flDtdBB6MKnWRg9c xIcIpfirHxMAXQkhNmjWnUvU797cAmKPrfEzDgFvvQgHNw6NqBSjqF5gjbjt3Wuy 8FxT14QtukdCY2SzG//p8jvvSjaV -----END CERTIFICATE-----Generated at Sat Aug 23 23:36:36 2025 by rpki-client