$ rpki-client -vvf rpki.roa.net/rrdp/xTom/58/3130332e3230312e3132382e302f32322d3234203d3e2038383838.roa File: 3130332e3230312e3132382e302f32322d3234203d3e2038383838.roa (raw, json) Hash identifier: jroVYKFHmgPVzgsQ26TPXXr/n6bFbi/cJido3jfFoMg= Subject key identifier: 2F:F9:00:DF:C0:0D:B0:2A:52:F3:13:90:C4:6B:A1:EB:25:D8:D5:67 Certificate issuer: /CN=A91FFE3F0000/serialNumber=5B1AD82F0E7DC771819A9A26674992A3951B9373 Certificate serial: 3D6A26764A09199728D0B8BB31265C1C986C83B2 Authority key identifier: 5B:1A:D8:2F:0E:7D:C7:71:81:9A:9A:26:67:49:92:A3:95:1B:93:73 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WxrYLw59x3GBmpomZ0mSo5Ubk3M.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/58/3130332e3230312e3132382e302f32322d3234203d3e2038383838.roa Signing time: Thu 30 Apr 2026 09:15:29 +0000 ROA not before: Thu 30 Apr 2026 09:10:29 +0000 ROA not after: Thu 29 Apr 2027 09:15:29 +0000 asID: 8888 IP address blocks: 103.201.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/58/5B1AD82F0E7DC771819A9A26674992A3951B9373.crl rsync://rpki.roa.net/rrdp/xTom/58/5B1AD82F0E7DC771819A9A26674992A3951B9373.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WxrYLw59x3GBmpomZ0mSo5Ubk3M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:41:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:6a:26:76:4a:09:19:97:28:d0:b8:bb:31:26:5c:1c:98:6c:83:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FFE3F0000, serialNumber=5B1AD82F0E7DC771819A9A26674992A3951B9373 Validity Not Before: Apr 30 09:10:29 2026 GMT Not After : Apr 29 09:15:29 2027 GMT Subject: CN=2FF900DFC00DB02A52F31390C46BA1EB25D8D567 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:a7:be:0d:a5:38:84:96:ae:81:05:9c:18:c6: d6:1f:db:ab:c8:0b:e1:a1:c3:fc:9a:80:be:ae:05: b7:47:91:18:15:f8:ca:a2:05:92:a1:27:62:61:98: dc:48:07:29:4d:a3:2d:93:1d:24:6c:9e:fe:eb:27: d4:64:f9:84:8c:be:e7:83:e8:6d:87:f1:ae:b6:48: f4:74:df:1e:4c:37:20:c9:b6:ca:af:f3:9c:44:76: 75:5d:67:3f:e9:3e:c2:73:e2:46:50:29:57:75:79: 27:e9:69:37:b5:22:d6:df:f4:3f:6a:32:d4:04:cf: 51:b9:b4:a5:66:86:d1:9e:fa:00:72:22:a0:34:3f: bb:b0:d4:0c:66:03:94:a8:9f:46:cf:17:a5:62:81: 2a:c6:d9:f6:33:38:c7:d6:99:b1:d1:f5:18:c2:29: d3:24:d2:1b:07:5f:f3:63:54:6b:ac:53:24:34:98: c6:ea:10:2d:ad:a6:71:ed:fd:e7:6a:28:7b:84:4d: 43:ef:56:df:c1:c7:d8:e6:8b:da:a9:93:78:3b:14: fa:4f:3e:6a:f2:71:df:27:4c:48:d0:7a:99:62:85: 53:4c:12:05:cf:71:b6:cd:d6:c6:7b:51:03:d1:07: 99:af:c0:9a:9a:ba:98:23:62:bb:d7:8d:5f:cb:95: ea:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:F9:00:DF:C0:0D:B0:2A:52:F3:13:90:C4:6B:A1:EB:25:D8:D5:67 X509v3 Authority Key Identifier: keyid:5B:1A:D8:2F:0E:7D:C7:71:81:9A:9A:26:67:49:92:A3:95:1B:93:73 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/58/5B1AD82F0E7DC771819A9A26674992A3951B9373.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WxrYLw59x3GBmpomZ0mSo5Ubk3M.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/58/3130332e3230312e3132382e302f32322d3234203d3e2038383838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.201.128.0/22 Signature Algorithm: sha256WithRSAEncryption 8b:3f:47:cd:5e:93:18:0f:54:a7:c2:e2:99:2b:58:25:d0:d8: 50:18:ac:2f:cb:81:e5:b8:a5:bd:c6:e2:07:66:62:c5:53:d7: 50:a1:57:63:d2:30:15:a9:61:26:90:ec:93:37:c0:ab:7f:ec: d9:ca:7b:24:e8:a7:1e:ad:2a:57:70:9c:4c:c6:10:35:b1:cc: be:6b:18:df:7f:47:37:76:c3:e5:99:b8:e9:0c:6d:03:ac:e2: 36:cd:2c:5a:f1:9a:73:27:fc:dd:5e:f7:1b:1f:0e:eb:a6:88: be:14:8e:a5:a4:2c:38:09:2b:b2:e8:de:65:b4:64:c2:53:7d: 97:55:ff:68:9a:0e:43:77:df:5d:79:6d:e5:4d:c1:e8:ec:e7: 7e:73:d7:5c:42:4b:b9:47:99:31:f9:02:ca:00:ca:b2:6c:6e: 9a:6e:50:b0:34:0a:4a:f3:6b:c5:98:f0:6c:51:d5:cd:25:72: 1e:29:8e:08:31:90:97:6b:5a:48:75:d7:67:21:2a:e4:30:1b: 3d:bf:72:30:90:50:c0:5c:14:32:5e:24:11:fd:75:d3:fa:2e: 62:ad:78:45:62:a1:5e:81:69:45:f9:3d:bf:6c:5c:62:d1:a7: 2e:0e:3c:b6:0b:3f:e7:7b:30:f6:1d:00:94:b4:f7:71:c3:bd: 74:7a:7e:01 -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUPWomdkoJGZco0Li7MSZcHJhsg7IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRkZFM0YwMDAwMTEwLwYDVQQFEyg1QjFBRDgyRjBF N0RDNzcxODE5QTlBMjY2NzQ5OTJBMzk1MUI5MzczMB4XDTI2MDQzMDA5MTAyOVoX DTI3MDQyOTA5MTUyOVowMzExMC8GA1UEAxMoMkZGOTAwREZDMDBEQjAyQTUyRjMx MzkwQzQ2QkExRUIyNUQ4RDU2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMKnvg2lOISWroEFnBjG1h/bq8gL4aHD/JqAvq4Ft0eRGBX4yqIFkqEnYmGY 3EgHKU2jLZMdJGye/usn1GT5hIy+54PobYfxrrZI9HTfHkw3IMm2yq/znER2dV1n P+k+wnPiRlApV3V5J+lpN7Ui1t/0P2oy1ATPUbm0pWaG0Z76AHIioDQ/u7DUDGYD lKifRs8XpWKBKsbZ9jM4x9aZsdH1GMIp0yTSGwdf82NUa6xTJDSYxuoQLa2mce39 52ooe4RNQ+9W38HH2OaL2qmTeDsU+k8+avJx3ydMSNB6mWKFU0wSBc9xts3WxntR A9EHma/Ampq6mCNiu9eNX8uV6tkCAwEAAaOCAeowggHmMB0GA1UdDgQWBBQv+QDf wA2wKlLzE5DEa6HrJdjVZzAfBgNVHSMEGDAWgBRbGtgvDn3HcYGamiZnSZKjlRuT czAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU4LzVCMUFEODJGMEU3REM3NzE4MTlBOUEyNjY3 NDk5MkEzOTUxQjkzNzMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1d4cllMdzU5eDNHQm1wb21aMG1TbzVVYmszTS5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTgvMzEzMDMzMmUzMjMwMzEyZTMxMzIzODJlMzAyZjMy MzIyZDMyMzQyMDNkM2UyMDM4MzgzODM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ8mAMA0GCSqGSIb3 DQEBCwUAA4IBAQCLP0fNXpMYD1SnwuKZK1gl0NhQGKwvy4HluKW9xuIHZmLFU9dQ oVdj0jAVqWEmkOyTN8Crf+zZynsk6KcerSpXcJxMxhA1scy+axjff0c3dsPlmbjp DG0DrOI2zSxa8ZpzJ/zdXvcbHw7rpoi+FI6lpCw4CSuy6N5ltGTCU32XVf9omg5D d99deW3lTcHo7Od+c9dcQku5R5kx+QLKAMqybG6ablCwNApK82vFmPBsUdXNJXIe KY4IMZCXa1pIdddnISrkMBs9v3IwkFDAXBQyXiQR/XXT+i5irXhFYqFegWlF+T2/ bFxi0acuDjy2Cz/nezD2HQCUtPdxw710en4B -----END CERTIFICATE-----Generated at Tue May 12 22:56:18 2026 by rpki-client