$ rpki-client -vvf rpki.roa.net/rrdp/xTom/43/323030313a6466343a646438303a3a2f34382d3438203d3e20393439.roa File: 323030313a6466343a646438303a3a2f34382d3438203d3e20393439.roa (raw, json) Hash identifier: inNJaB2NR3Jylp+OlhFBHGwPCE7GRTLkiqHSS3SQAik= Subject key identifier: 99:A0:99:A8:FB:39:2D:FD:15:65:38:B7:A9:08:61:38:D3:CD:8A:83 Certificate issuer: /CN=A913FFE90000/serialNumber=E9BFE0215B84F449D0BB55F37B2D6160D464C190 Certificate serial: 0A7BF463DA3137CD8744726406E4FEB9C4AF1CA3 Authority key identifier: E9:BF:E0:21:5B:84:F4:49:D0:BB:55:F3:7B:2D:61:60:D4:64:C1:90 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6b_gIVuE9EnQu1Xzey1hYNRkwZA.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/43/323030313a6466343a646438303a3a2f34382d3438203d3e20393439.roa Signing time: Sat 16 Aug 2025 01:48:28 +0000 ROA not before: Sat 16 Aug 2025 01:43:28 +0000 ROA not after: Sat 15 Aug 2026 01:48:28 +0000 asID: 949 IP address blocks: 2001:df4:dd80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/43/E9BFE0215B84F449D0BB55F37B2D6160D464C190.crl rsync://rpki.roa.net/rrdp/xTom/43/E9BFE0215B84F449D0BB55F37B2D6160D464C190.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6b_gIVuE9EnQu1Xzey1hYNRkwZA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 03:18:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:7b:f4:63:da:31:37:cd:87:44:72:64:06:e4:fe:b9:c4:af:1c:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913FFE90000, serialNumber=E9BFE0215B84F449D0BB55F37B2D6160D464C190 Validity Not Before: Aug 16 01:43:28 2025 GMT Not After : Aug 15 01:48:28 2026 GMT Subject: CN=99A099A8FB392DFD156538B7A9086138D3CD8A83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:56:d4:70:38:d0:6e:83:f4:31:16:ad:48:a6: d8:fe:b3:b5:61:84:21:5c:d5:fb:ed:a7:70:52:9b: 3e:9c:a2:64:9b:16:09:2d:5f:ae:03:64:76:07:92: c6:f6:e1:1a:d4:f2:de:28:24:19:cf:81:45:ab:8d: 03:c2:e3:7d:e5:59:b2:16:ce:da:19:8a:79:4d:c5: e9:34:68:76:b2:8a:91:dc:09:2e:d3:c7:53:35:2b: 0e:1e:ed:13:35:d3:f6:b3:48:fe:c6:f1:63:d7:a8: 12:aa:52:59:23:fb:e4:f1:4d:47:1d:d3:e5:21:1e: e3:9a:19:ca:cd:e8:7f:bb:e7:b5:e0:d3:a2:f2:97: b0:8f:41:c8:cc:d1:d6:6c:d5:1e:ff:27:f3:bf:31: 11:bb:13:1e:76:0f:98:93:82:c3:a0:d4:8f:39:f4: 2b:9c:31:d9:38:e6:b0:42:0c:3c:2e:7e:ec:f1:c4: ca:93:a2:e2:75:80:db:bd:3a:8c:ff:fe:b8:b2:00: 9d:60:76:64:65:32:b0:6e:b5:e6:7e:6f:55:fd:a3: c4:dc:bc:9c:0c:e1:59:f1:ec:61:5c:62:a2:e0:7e: fd:2e:46:fb:00:8c:99:fa:e7:48:10:30:34:90:0e: f1:6e:f9:73:d0:68:f3:d9:da:cc:7e:6b:1b:54:b5: c8:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:A0:99:A8:FB:39:2D:FD:15:65:38:B7:A9:08:61:38:D3:CD:8A:83 X509v3 Authority Key Identifier: keyid:E9:BF:E0:21:5B:84:F4:49:D0:BB:55:F3:7B:2D:61:60:D4:64:C1:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/43/E9BFE0215B84F449D0BB55F37B2D6160D464C190.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6b_gIVuE9EnQu1Xzey1hYNRkwZA.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/43/323030313a6466343a646438303a3a2f34382d3438203d3e20393439.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:dd80::/48 Signature Algorithm: sha256WithRSAEncryption 64:dd:4d:09:f9:53:2b:f4:3f:62:6b:9f:72:ab:26:ba:17:03: 5f:01:32:57:a2:4d:e9:eb:c6:59:97:cc:ba:c7:ac:cd:dc:ed: a9:11:7a:ea:d2:ee:7a:49:20:38:5b:68:fb:10:93:dc:e9:76: 32:d6:ec:66:9f:74:99:32:f5:79:d5:7a:d1:ad:eb:3b:db:37: a4:73:97:ce:aa:ae:f9:d9:0b:59:11:6d:2f:8e:a9:5b:37:5b: a8:0d:f2:d6:b9:eb:92:c8:e1:58:ee:16:d7:32:6e:f9:58:ef: 69:e6:b6:81:94:c8:55:c9:8a:36:39:f9:ed:5b:8b:da:69:69: 8e:08:34:65:8d:a9:33:7f:db:34:d3:10:b8:c5:c6:cd:0e:3d: e5:0d:fc:8b:23:b5:cc:ed:2c:d4:ac:57:81:ba:20:56:9e:66: d0:59:66:70:ba:f1:2a:19:27:8d:10:e6:5f:24:f8:a3:0b:7a: 60:b1:d4:65:6e:e7:ba:fd:8a:b3:16:28:e0:3d:ca:6c:38:9d: 2a:2d:a3:a3:e0:6b:72:f9:93:fe:6a:ef:03:df:49:04:19:9a: 03:47:63:d4:82:2a:4a:2f:a3:e3:e4:3b:4c:09:04:c3:3e:4d: 3a:6f:2c:c8:ea:cd:61:d1:b9:05:2b:da:7c:39:e5:55:91:c9: 5d:26:88:e7 -----BEGIN CERTIFICATE----- MIIE/DCCA+SgAwIBAgIUCnv0Y9oxN82HRHJkBuT+ucSvHKMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxM0ZGRTkwMDAwMTEwLwYDVQQFEyhFOUJGRTAyMTVC ODRGNDQ5RDBCQjU1RjM3QjJENjE2MEQ0NjRDMTkwMB4XDTI1MDgxNjAxNDMyOFoX DTI2MDgxNTAxNDgyOFowMzExMC8GA1UEAxMoOTlBMDk5QThGQjM5MkRGRDE1NjUz OEI3QTkwODYxMzhEM0NEOEE4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI5W1HA40G6D9DEWrUim2P6ztWGEIVzV++2ncFKbPpyiZJsWCS1frgNkdgeS xvbhGtTy3igkGc+BRauNA8LjfeVZshbO2hmKeU3F6TRodrKKkdwJLtPHUzUrDh7t EzXT9rNI/sbxY9eoEqpSWSP75PFNRx3T5SEe45oZys3of7vnteDTovKXsI9ByMzR 1mzVHv8n878xEbsTHnYPmJOCw6DUjzn0K5wx2TjmsEIMPC5+7PHEypOi4nWA2706 jP/+uLIAnWB2ZGUysG615n5vVf2jxNy8nAzhWfHsYVxiouB+/S5G+wCMmfrnSBAw NJAO8W75c9Bo89nazH5rG1S1yHECAwEAAaOCAe8wggHrMB0GA1UdDgQWBBSZoJmo +zkt/RVlOLepCGE4082KgzAfBgNVHSMEGDAWgBTpv+AhW4T0SdC7VfN7LWFg1GTB kDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQzL0U5QkZFMDIxNUI4NEY0NDlEMEJCNTVGMzdC MkQ2MTYwRDQ2NEMxOTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyLzZiX2dJVnVFOUVuUXUxWHpleTFoWU5Sa3daQS5j ZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDMvMzIzMDMwMzEzYTY0NjYzNDNhNjQ2NDM4MzAzYTNh MmYzNDM4MmQzNDM4MjAzZDNlMjAzOTM0Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYI KwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQ303YAwDQYJ KoZIhvcNAQELBQADggEBAGTdTQn5Uyv0P2Jrn3KrJroXA18BMleiTenrxlmXzLrH rM3c7akReurS7npJIDhbaPsQk9zpdjLW7GafdJky9XnVetGt6zvbN6Rzl86qrvnZ C1kRbS+OqVs3W6gN8ta565LI4VjuFtcybvlY72nmtoGUyFXJijY5+e1bi9ppaY4I NGWNqTN/2zTTELjFxs0OPeUN/IsjtcztLNSsV4G6IFaeZtBZZnC68SoZJ40Q5l8k +KMLemCx1GVu57r9irMWKOA9ymw4nSoto6Pga3L5k/5q7wPfSQQZmgNHY9SCKkov o+PkO0wJBMM+TTpvLMjqzWHRuQUr2nw55VWRyV0miOc= -----END CERTIFICATE-----Generated at Sat Aug 23 19:56:29 2025 by rpki-client