$ rpki-client -vvf rpki.roa.net/rrdp/xTom/56/323430303a646463303a3a2f33322d3438203d3e2034373835.roa File: 323430303a646463303a3a2f33322d3438203d3e2034373835.roa (raw, json) Hash identifier: NKj7/sWfdpunwWe+rIAS24n4snm54JrLQ/b+EqozKvw= Subject key identifier: F3:74:C1:28:BA:92:96:DC:1D:34:B7:E5:AF:9B:87:2C:EB:73:70:BF Certificate issuer: /CN=A9181FC40000/serialNumber=E13D7744B2156E4150A1AF5D732E2A10994D8729 Certificate serial: 76737D2C6F70CFD3D0704F0010B269DF1E5CBBDA Authority key identifier: E1:3D:77:44:B2:15:6E:41:50:A1:AF:5D:73:2E:2A:10:99:4D:87:29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/56/323430303a646463303a3a2f33322d3438203d3e2034373835.roa Signing time: Sat 16 Aug 2025 01:48:26 +0000 ROA not before: Sat 16 Aug 2025 01:43:26 +0000 ROA not after: Sat 15 Aug 2026 01:48:26 +0000 asID: 4785 IP address blocks: 2400:ddc0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.crl rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 22:02:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:73:7d:2c:6f:70:cf:d3:d0:70:4f:00:10:b2:69:df:1e:5c:bb:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9181FC40000, serialNumber=E13D7744B2156E4150A1AF5D732E2A10994D8729 Validity Not Before: Aug 16 01:43:26 2025 GMT Not After : Aug 15 01:48:26 2026 GMT Subject: CN=F374C128BA9296DC1D34B7E5AF9B872CEB7370BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:a5:50:e1:f3:a4:50:8e:5c:b8:0f:be:7a:19: 77:99:ca:0d:b0:be:f7:c2:5d:46:99:f7:3f:d6:04: a6:2d:77:d8:e7:30:d3:a6:59:3a:59:99:2f:d8:46: 58:5d:08:5b:aa:50:14:e0:00:ef:08:47:66:f2:76: 46:4a:d7:b5:bc:ab:cb:be:43:8e:70:61:19:08:74: a4:4c:00:5b:ab:7c:cb:47:1a:ce:67:a6:b2:e4:51: 8d:4e:5f:e7:ba:cb:e8:1e:26:4d:bf:a1:1b:7e:43: 94:9a:14:d9:bf:c8:e7:af:a2:f3:9c:87:c5:03:f6: e9:27:2a:c5:b3:db:f9:61:3f:c8:c6:00:cf:a5:7c: 87:50:9b:a5:5e:0b:07:a5:bf:b6:b9:ef:a2:b3:91: 02:cc:36:c7:47:c5:11:76:d5:c6:30:1b:96:ed:a9: c7:b4:2f:37:9e:47:22:65:03:4d:ef:bb:96:d6:58: 0b:6c:30:e5:ba:9c:13:cc:d4:74:f4:c1:57:9c:17: 48:d1:a9:0b:41:aa:08:bb:56:26:0d:88:e7:fb:77: 32:d1:1b:4d:4a:81:3c:49:84:dd:6f:7a:8a:c6:97: 67:de:4d:b3:22:d8:07:85:ff:e9:f8:0f:97:8f:d2: cb:92:39:9a:56:f0:42:95:13:60:51:c5:f4:f8:da: 5c:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:74:C1:28:BA:92:96:DC:1D:34:B7:E5:AF:9B:87:2C:EB:73:70:BF X509v3 Authority Key Identifier: keyid:E1:3D:77:44:B2:15:6E:41:50:A1:AF:5D:73:2E:2A:10:99:4D:87:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/56/323430303a646463303a3a2f33322d3438203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:ddc0::/32 Signature Algorithm: sha256WithRSAEncryption 2d:f5:ae:a4:85:58:48:0e:10:e3:63:f5:76:77:29:90:04:6e: dc:c0:b8:dd:aa:ab:59:12:ae:49:0a:10:ac:68:31:ec:e4:8d: 78:f7:20:a8:fb:34:10:9f:ec:16:3b:8c:fb:ba:c9:60:9d:3c: 2a:ee:00:3a:96:2f:d8:ff:36:b4:e4:25:39:79:6b:05:88:c0: db:16:36:33:9c:14:bd:33:70:db:32:54:01:ad:c6:0c:0d:cb: 11:da:2e:bb:67:dd:a0:d1:d0:ce:b5:2b:bc:28:9d:fc:8c:2e: 52:76:ed:43:e8:97:fa:7c:30:12:68:0d:d0:e2:65:68:58:0d: 52:eb:a5:cb:8a:6d:18:7f:d6:e9:e1:bf:63:07:f2:11:b6:ad: 2f:ae:43:61:fc:b0:54:1b:00:71:e8:1a:2e:9a:b0:7a:32:a8: 72:97:5e:83:1b:8c:b1:a5:13:0d:1a:93:9d:49:10:ea:ba:a6: 3b:54:ba:e9:cf:30:4b:37:32:7f:92:de:17:59:c0:ae:b4:7e: c4:56:1b:5a:d4:2e:fd:66:a9:17:96:8d:3d:19:5b:04:05:bb: 63:45:95:e7:34:4d:64:2f:bf:28:8e:65:84:d6:62:1f:97:13: 3d:09:d2:53:e6:85:71:91:ae:47:51:5f:e3:5e:92:6c:9d:77: d5:3b:1a:9d -----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgIUdnN9LG9wz9PQcE8AELJp3x5cu9owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODFGQzQwMDAwMTEwLwYDVQQFEyhFMTNENzc0NEIy MTU2RTQxNTBBMUFGNUQ3MzJFMkExMDk5NEQ4NzI5MB4XDTI1MDgxNjAxNDMyNloX DTI2MDgxNTAxNDgyNlowMzExMC8GA1UEAxMoRjM3NEMxMjhCQTkyOTZEQzFEMzRC N0U1QUY5Qjg3MkNFQjczNzBCRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN6lUOHzpFCOXLgPvnoZd5nKDbC+98JdRpn3P9YEpi132Ocw06ZZOlmZL9hG WF0IW6pQFOAA7whHZvJ2RkrXtbyry75DjnBhGQh0pEwAW6t8y0cazmemsuRRjU5f 57rL6B4mTb+hG35DlJoU2b/I56+i85yHxQP26ScqxbPb+WE/yMYAz6V8h1CbpV4L B6W/trnvorORAsw2x0fFEXbVxjAblu2px7QvN55HImUDTe+7ltZYC2ww5bqcE8zU dPTBV5wXSNGpC0GqCLtWJg2I5/t3MtEbTUqBPEmE3W96isaXZ95NsyLYB4X/6fgP l4/Sy5I5mlbwQpUTYFHF9PjaXOUCAwEAAaOCAecwggHjMB0GA1UdDgQWBBTzdMEo upKW3B00t+Wvm4cs63NwvzAfBgNVHSMEGDAWgBThPXdEshVuQVChr11zLioQmU2H KTAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU2L0UxM0Q3NzQ0QjIxNTZFNDE1MEExQUY1RDcz MkUyQTEwOTk0RDg3MjkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyLzRUMTNSTElWYmtGUW9hOWRjeTRxRUpsTmh5ay5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTYvMzIzNDMwMzAzYTY0NjQ2MzMwM2EzYTJmMzMzMjJk MzQzODIwM2QzZTIwMzQzNzM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAN3AMA0GCSqGSIb3DQEB CwUAA4IBAQAt9a6khVhIDhDjY/V2dymQBG7cwLjdqqtZEq5JChCsaDHs5I149yCo +zQQn+wWO4z7uslgnTwq7gA6li/Y/za05CU5eWsFiMDbFjYznBS9M3DbMlQBrcYM DcsR2i67Z92g0dDOtSu8KJ38jC5Sdu1D6Jf6fDASaA3Q4mVoWA1S66XLim0Yf9bp 4b9jB/IRtq0vrkNh/LBUGwBx6BoumrB6Mqhyl16DG4yxpRMNGpOdSRDquqY7VLrp zzBLNzJ/kt4XWcCutH7EVhta1C79ZqkXlo09GVsEBbtjRZXnNE1kL78ojmWE1mIf lxM9CdJT5oVxka5HUV/jXpJsnXfVOxqd -----END CERTIFICATE-----Generated at Sat Aug 23 23:48:07 2025 by rpki-client