$ rpki-client -vvf rpki.roa.net/rrdp/xTom/56/3230332e39362e3233362e302f32322d3234203d3e2034373835.roa File: 3230332e39362e3233362e302f32322d3234203d3e2034373835.roa (raw, json) Hash identifier: Htu/V2y38yOKGvQGIl/2tyBeGdGkz4OS4hYU0pDILN8= Subject key identifier: DF:E4:59:89:3A:7A:EA:67:B4:CC:1F:E6:60:33:65:66:0B:AD:15:62 Certificate issuer: /CN=A9181FC40000/serialNumber=E13D7744B2156E4150A1AF5D732E2A10994D8729 Certificate serial: 40871CC24FE5237B9F18B96A22DE2FA8F2D84A22 Authority key identifier: E1:3D:77:44:B2:15:6E:41:50:A1:AF:5D:73:2E:2A:10:99:4D:87:29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/56/3230332e39362e3233362e302f32322d3234203d3e2034373835.roa Signing time: Sat 16 Aug 2025 01:48:26 +0000 ROA not before: Sat 16 Aug 2025 01:43:26 +0000 ROA not after: Sat 15 Aug 2026 01:48:26 +0000 asID: 4785 IP address blocks: 203.96.236.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.crl rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 04:20:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:87:1c:c2:4f:e5:23:7b:9f:18:b9:6a:22:de:2f:a8:f2:d8:4a:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9181FC40000, serialNumber=E13D7744B2156E4150A1AF5D732E2A10994D8729 Validity Not Before: Aug 16 01:43:26 2025 GMT Not After : Aug 15 01:48:26 2026 GMT Subject: CN=DFE459893A7AEA67B4CC1FE6603365660BAD1562 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:44:f3:9e:1b:c9:8b:e6:32:e1:7f:37:f3:c3: 31:fa:e5:57:f0:ea:01:cf:10:9b:02:0a:bb:04:4b: d3:4e:c8:cd:69:53:ed:d2:46:3d:03:23:f7:8e:36: 2d:6d:be:9b:ba:5f:35:99:46:56:86:27:8b:3c:76: bd:49:b2:15:a7:c8:c1:49:f3:ee:95:64:60:1e:c4: e5:57:ea:e4:5e:e8:2b:ad:1a:82:59:12:e5:b5:30: 41:ce:e1:ef:33:a7:7c:80:ff:c2:ec:a4:a8:01:4a: a2:e0:d4:2c:05:cc:cc:8b:b3:b0:38:20:e4:f6:1d: 96:1f:ff:09:56:d6:71:3f:25:71:0c:c1:b8:fb:11: 0d:4f:6a:92:96:b0:e3:19:f4:a9:4e:1d:c5:2a:f4: 0f:e3:bb:bd:c3:20:cb:05:5a:40:5c:1b:7f:31:82: c1:c4:7f:3e:3b:0b:7a:28:d8:63:95:6e:03:a5:49: 43:d1:2f:bb:cd:34:64:59:03:8a:8a:4e:8b:86:2a: 4c:48:cc:9d:16:50:25:64:7c:fd:f3:a5:3d:cd:4a: 59:db:5e:0c:8c:84:9c:aa:20:0b:45:6f:48:ad:6b: d2:c9:b2:bb:92:18:ed:d0:f7:cb:0b:39:98:d9:f1: 20:85:e8:3c:1c:51:e1:31:f5:03:a7:1c:ef:66:30: 7f:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:E4:59:89:3A:7A:EA:67:B4:CC:1F:E6:60:33:65:66:0B:AD:15:62 X509v3 Authority Key Identifier: keyid:E1:3D:77:44:B2:15:6E:41:50:A1:AF:5D:73:2E:2A:10:99:4D:87:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/56/3230332e39362e3233362e302f32322d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.96.236.0/22 Signature Algorithm: sha256WithRSAEncryption aa:83:12:63:5c:91:6f:da:89:3d:38:eb:2e:07:df:e1:df:39: 80:db:79:af:16:23:76:e9:af:86:84:06:c1:b7:34:83:43:af: 64:62:6c:35:4e:60:f7:ff:b2:14:95:d3:cf:b4:3b:82:cd:a5: 42:cd:b3:50:67:68:49:40:58:1c:ae:63:13:47:8e:16:ec:4e: 03:95:ba:3c:23:8b:90:4b:c3:0e:53:dd:cd:b2:73:7d:49:fe: 55:d8:26:6d:90:e8:40:33:d0:f9:cb:2a:13:8d:94:e3:16:9a: 43:16:48:d2:3c:0d:e5:50:44:79:c7:31:c8:82:51:44:3d:f8: f6:90:2e:43:42:e7:f7:71:47:fd:ad:b2:68:cd:87:99:cd:2e: bc:82:73:f6:95:a5:33:dc:45:d0:1c:ed:5b:ec:24:44:07:49: 89:13:18:30:56:a0:92:99:b6:13:7e:7f:a3:81:d7:10:a9:9f: 6b:b8:b8:b8:80:93:fd:bf:e0:a5:bf:ed:9e:be:4c:5a:8a:da: 43:55:8c:ab:e6:b6:e5:78:d2:eb:ad:f8:ac:86:13:c2:6c:5c: e2:b5:4c:8c:ec:b2:c2:d3:07:e1:95:53:b8:a6:86:2a:26:74: 6c:61:0b:48:4a:d7:35:46:e1:eb:c4:92:fc:4b:e9:33:92:88: cc:72:c9:20 -----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgIUQIccwk/lI3ufGLlqIt4vqPLYSiIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODFGQzQwMDAwMTEwLwYDVQQFEyhFMTNENzc0NEIy MTU2RTQxNTBBMUFGNUQ3MzJFMkExMDk5NEQ4NzI5MB4XDTI1MDgxNjAxNDMyNloX DTI2MDgxNTAxNDgyNlowMzExMC8GA1UEAxMoREZFNDU5ODkzQTdBRUE2N0I0Q0Mx RkU2NjAzMzY1NjYwQkFEMTU2MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMZE854byYvmMuF/N/PDMfrlV/DqAc8QmwIKuwRL007IzWlT7dJGPQMj9442 LW2+m7pfNZlGVoYnizx2vUmyFafIwUnz7pVkYB7E5Vfq5F7oK60aglkS5bUwQc7h 7zOnfID/wuykqAFKouDULAXMzIuzsDgg5PYdlh//CVbWcT8lcQzBuPsRDU9qkpaw 4xn0qU4dxSr0D+O7vcMgywVaQFwbfzGCwcR/PjsLeijYY5VuA6VJQ9Evu800ZFkD iopOi4YqTEjMnRZQJWR8/fOlPc1KWdteDIyEnKogC0VvSK1r0smyu5IY7dD3yws5 mNnxIIXoPBxR4TH1A6cc72Ywf6MCAwEAAaOCAegwggHkMB0GA1UdDgQWBBTf5FmJ OnrqZ7TMH+ZgM2VmC60VYjAfBgNVHSMEGDAWgBThPXdEshVuQVChr11zLioQmU2H KTAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU2L0UxM0Q3NzQ0QjIxNTZFNDE1MEExQUY1RDcz MkUyQTEwOTk0RDg3MjkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyLzRUMTNSTElWYmtGUW9hOWRjeTRxRUpsTmh5ay5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTYvMzIzMDMzMmUzOTM2MmUzMjMzMzYyZTMwMmYzMjMy MmQzMjM0MjAzZDNlMjAzNDM3MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAstg7DANBgkqhkiG9w0B AQsFAAOCAQEAqoMSY1yRb9qJPTjrLgff4d85gNt5rxYjdumvhoQGwbc0g0OvZGJs NU5g9/+yFJXTz7Q7gs2lQs2zUGdoSUBYHK5jE0eOFuxOA5W6PCOLkEvDDlPdzbJz fUn+VdgmbZDoQDPQ+csqE42U4xaaQxZI0jwN5VBEeccxyIJRRD349pAuQ0Ln93FH /a2yaM2Hmc0uvIJz9pWlM9xF0BztW+wkRAdJiRMYMFagkpm2E35/o4HXEKmfa7i4 uICT/b/gpb/tnr5MWoraQ1WMq+a25XjS6634rIYTwmxc4rVMjOyywtMH4ZVTuKaG KiZ0bGELSErXNUbh68SS/EvpM5KIzHLJIA== -----END CERTIFICATE-----Generated at Sat Aug 23 22:10:55 2025 by rpki-client