$ rpki-client -vvf rpki.roa.net/rrdp/xTom/56/3130332e31392e302e302f32322d3234203d3e2034373835.roa File: 3130332e31392e302e302f32322d3234203d3e2034373835.roa (raw, json) Hash identifier: l5CeHNLX4OcayLMVYXXsTREShlMAAW9Qd+Wguhd8yNE= Subject key identifier: D0:4E:E8:F1:AE:9C:70:81:18:78:84:F4:60:21:A3:04:6B:6F:67:51 Certificate issuer: /CN=A9181FC40000/serialNumber=E13D7744B2156E4150A1AF5D732E2A10994D8729 Certificate serial: 2CB33BDAE018B27A0D6B6C9CF9E61A242B2BF2DB Authority key identifier: E1:3D:77:44:B2:15:6E:41:50:A1:AF:5D:73:2E:2A:10:99:4D:87:29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/56/3130332e31392e302e302f32322d3234203d3e2034373835.roa Signing time: Sat 16 Aug 2025 01:48:26 +0000 ROA not before: Sat 16 Aug 2025 01:43:26 +0000 ROA not after: Sat 15 Aug 2026 01:48:26 +0000 asID: 4785 IP address blocks: 103.19.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.crl rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Aug 2025 16:05:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:b3:3b:da:e0:18:b2:7a:0d:6b:6c:9c:f9:e6:1a:24:2b:2b:f2:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9181FC40000, serialNumber=E13D7744B2156E4150A1AF5D732E2A10994D8729 Validity Not Before: Aug 16 01:43:26 2025 GMT Not After : Aug 15 01:48:26 2026 GMT Subject: CN=D04EE8F1AE9C7081187884F46021A3046B6F6751 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:d2:bf:b5:fc:85:90:0b:ed:a6:81:40:e1:7a: 5f:db:d6:fd:ae:a3:e4:8a:d5:9d:f5:a0:a5:b3:c6: 40:fb:51:e3:80:a3:68:1d:aa:56:3d:48:b1:89:21: b1:76:ab:94:b1:32:37:dc:31:9d:00:05:f5:82:04: 25:7c:66:57:a9:fc:d6:24:f9:da:df:07:93:2d:e3: 6d:bc:1a:89:da:e6:3d:a1:38:31:2d:6a:72:c0:fe: 0f:94:ef:b6:f9:3a:16:de:9a:71:f3:0f:30:8f:a6: b9:9d:6c:3f:93:c0:69:0c:ce:a8:e0:d0:4f:f6:b1: 91:e0:5d:59:60:2f:ac:a3:23:87:4d:e0:64:2c:b2: 32:91:e2:ad:46:37:f7:68:dd:33:01:76:e9:03:cf: de:99:ee:08:d1:73:7a:18:79:99:2e:8c:e1:6f:d8: bc:25:63:2a:6b:38:54:d4:13:5b:b8:38:a7:06:c8: b0:a6:f7:7e:d3:0d:d2:75:a1:70:4a:83:9f:a2:cb: 4d:90:5f:41:00:cc:2c:ea:f8:91:18:75:66:df:79: 70:f3:71:0a:aa:56:b0:5e:38:4e:7b:c9:b1:9f:eb: ed:cb:30:51:21:1d:bb:ab:a9:83:cf:6a:22:2a:f8: bb:7f:b9:61:14:0c:da:65:c3:a0:65:47:3d:bc:6a: 82:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:4E:E8:F1:AE:9C:70:81:18:78:84:F4:60:21:A3:04:6B:6F:67:51 X509v3 Authority Key Identifier: keyid:E1:3D:77:44:B2:15:6E:41:50:A1:AF:5D:73:2E:2A:10:99:4D:87:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/56/3130332e31392e302e302f32322d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.19.0.0/22 Signature Algorithm: sha256WithRSAEncryption 7c:3b:36:fe:4c:47:15:a3:ef:0b:95:b1:31:1d:f2:e7:a5:44: 8c:82:35:fd:6f:04:ec:ed:61:69:e3:f6:79:fa:c3:c5:01:3a: c2:48:d1:90:2e:6d:dc:dc:e8:0e:db:7e:e8:3f:06:28:87:a8: d9:99:5f:6a:6b:8d:f6:57:59:e3:cb:16:fa:8e:4d:29:11:4e: 12:c0:4e:00:9c:f5:a0:c3:76:e0:d1:88:8b:6a:98:09:c8:94: e1:77:d7:05:ae:b7:cc:7a:2d:45:1b:6e:01:14:31:24:16:9f: 5b:da:5c:d9:f1:97:96:6c:88:05:bc:a5:d8:0b:40:03:00:89: 71:fb:bc:2e:1c:55:7c:e9:ab:4f:bc:44:76:91:0a:fa:47:fe: 3e:e8:fb:0b:8d:3c:46:b6:a4:1c:08:fb:9e:58:74:47:e1:2f: 0e:f6:89:9d:15:30:2f:63:15:d5:96:c4:64:b6:06:f3:5f:d6: 86:51:55:43:86:ff:15:62:d5:89:40:79:bd:35:58:78:c5:77: b2:08:b5:31:a3:a0:89:d1:19:dc:4e:09:bf:d9:5a:65:74:b8: 00:5b:05:77:b2:b0:79:45:2e:2f:c9:9f:d4:e0:4d:a2:b6:f6: 0e:78:71:e3:f6:26:c5:ef:fc:02:68:12:3a:ff:55:fd:18:11: 8c:44:79:24 -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIULLM72uAYsnoNa2yc+eYaJCsr8tswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODFGQzQwMDAwMTEwLwYDVQQFEyhFMTNENzc0NEIy MTU2RTQxNTBBMUFGNUQ3MzJFMkExMDk5NEQ4NzI5MB4XDTI1MDgxNjAxNDMyNloX DTI2MDgxNTAxNDgyNlowMzExMC8GA1UEAxMoRDA0RUU4RjFBRTlDNzA4MTE4Nzg4 NEY0NjAyMUEzMDQ2QjZGNjc1MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMjSv7X8hZAL7aaBQOF6X9vW/a6j5IrVnfWgpbPGQPtR44CjaB2qVj1IsYkh sXarlLEyN9wxnQAF9YIEJXxmV6n81iT52t8Hky3jbbwaidrmPaE4MS1qcsD+D5Tv tvk6Ft6acfMPMI+muZ1sP5PAaQzOqODQT/axkeBdWWAvrKMjh03gZCyyMpHirUY3 92jdMwF26QPP3pnuCNFzehh5mS6M4W/YvCVjKms4VNQTW7g4pwbIsKb3ftMN0nWh cEqDn6LLTZBfQQDMLOr4kRh1Zt95cPNxCqpWsF44TnvJsZ/r7cswUSEdu6upg89q Iir4u3+5YRQM2mXDoGVHPbxqgosCAwEAAaOCAeQwggHgMB0GA1UdDgQWBBTQTujx rpxwgRh4hPRgIaMEa29nUTAfBgNVHSMEGDAWgBThPXdEshVuQVChr11zLioQmU2H KTAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU2L0UxM0Q3NzQ0QjIxNTZFNDE1MEExQUY1RDcz MkUyQTEwOTk0RDg3MjkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyLzRUMTNSTElWYmtGUW9hOWRjeTRxRUpsTmh5ay5j ZXIwcgYIKwYBBQUHAQsEZjBkMGIGCCsGAQUFBzALhlZyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTYvMzEzMDMzMmUzMTM5MmUzMDJlMzAyZjMyMzIyZDMy MzQyMDNkM2UyMDM0MzczODM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZxMAMA0GCSqGSIb3DQEBCwUA A4IBAQB8Ozb+TEcVo+8LlbExHfLnpUSMgjX9bwTs7WFp4/Z5+sPFATrCSNGQLm3c 3OgO237oPwYoh6jZmV9qa432V1njyxb6jk0pEU4SwE4AnPWgw3bg0YiLapgJyJTh d9cFrrfMei1FG24BFDEkFp9b2lzZ8ZeWbIgFvKXYC0ADAIlx+7wuHFV86atPvER2 kQr6R/4+6PsLjTxGtqQcCPueWHRH4S8O9omdFTAvYxXVlsRktgbzX9aGUVVDhv8V YtWJQHm9NVh4xXeyCLUxo6CJ0RncTgm/2VpldLgAWwV3srB5RS4vyZ/U4E2itvYO eHHj9ibF7/wCaBI6/1X9GBGMRHkk -----END CERTIFICATE-----Generated at Mon Aug 25 03:02:42 2025 by rpki-client