$ rpki-client -vvf rpki.roa.net/rrdp/xTom/58/3230322e352e3232302e302f32322d3234203d3e2038383838.roa File: 3230322e352e3232302e302f32322d3234203d3e2038383838.roa (raw, json) Hash identifier: 8fu1VICLJqfb2qBAICSYNfZTWIi/AxU4hCyty2bGjds= Subject key identifier: D6:40:1C:48:B0:F8:8B:7C:CB:DB:74:46:98:FA:67:82:9A:C5:EC:50 Certificate issuer: /CN=A91FFE3F0000/serialNumber=5B1AD82F0E7DC771819A9A26674992A3951B9373 Certificate serial: 06134D9E96316C13B1676CD46C32EBED39472438 Authority key identifier: 5B:1A:D8:2F:0E:7D:C7:71:81:9A:9A:26:67:49:92:A3:95:1B:93:73 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WxrYLw59x3GBmpomZ0mSo5Ubk3M.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/58/3230322e352e3232302e302f32322d3234203d3e2038383838.roa Signing time: Thu 30 Apr 2026 09:16:58 +0000 ROA not before: Thu 30 Apr 2026 09:11:58 +0000 ROA not after: Thu 29 Apr 2027 09:16:58 +0000 asID: 8888 IP address blocks: 202.5.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/58/5B1AD82F0E7DC771819A9A26674992A3951B9373.crl rsync://rpki.roa.net/rrdp/xTom/58/5B1AD82F0E7DC771819A9A26674992A3951B9373.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WxrYLw59x3GBmpomZ0mSo5Ubk3M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:41:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:13:4d:9e:96:31:6c:13:b1:67:6c:d4:6c:32:eb:ed:39:47:24:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FFE3F0000, serialNumber=5B1AD82F0E7DC771819A9A26674992A3951B9373 Validity Not Before: Apr 30 09:11:58 2026 GMT Not After : Apr 29 09:16:58 2027 GMT Subject: CN=D6401C48B0F88B7CCBDB744698FA67829AC5EC50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:a7:a1:79:7f:16:6c:bf:40:4f:4d:0d:c2:c1: 87:de:1c:73:e6:75:bd:48:8f:fe:69:e7:d3:38:da: 29:d7:68:df:b9:7a:f8:ab:0c:a8:7d:eb:9e:7f:12: f5:78:07:79:96:a4:33:71:ea:68:28:f3:19:f8:eb: b2:a4:94:4d:0a:57:b4:d0:90:69:7c:ed:81:0e:4e: 67:f6:06:87:29:8e:79:1b:c8:27:86:23:86:bb:15: 85:66:29:57:aa:50:0f:8c:25:0c:0b:b4:a2:c4:b8: 8c:db:5c:41:d1:ae:d1:b2:0c:75:12:c6:9e:72:32: cb:b1:55:0b:13:8d:87:82:9a:23:74:c5:ff:35:a2: 09:d1:3c:2d:3d:64:82:44:d0:16:b6:ac:68:1f:33: 79:ac:73:10:f4:af:cd:ac:cd:b5:33:4e:6e:21:0c: 44:e3:e3:37:8e:f2:e7:85:a3:11:2d:e5:05:e0:db: ce:48:70:0d:7c:3e:28:ef:dc:4e:f3:b8:4b:23:64: 8c:9a:1c:48:07:06:c0:da:ef:54:87:9b:b5:b7:87: 1f:c5:be:01:f1:70:7d:85:a7:b5:e8:74:5e:fc:f8: 12:cd:7e:c0:dc:eb:90:69:db:1b:27:78:c8:06:5e: fa:96:14:29:49:ad:9c:1d:56:a1:81:9c:ce:ec:70: 61:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:40:1C:48:B0:F8:8B:7C:CB:DB:74:46:98:FA:67:82:9A:C5:EC:50 X509v3 Authority Key Identifier: keyid:5B:1A:D8:2F:0E:7D:C7:71:81:9A:9A:26:67:49:92:A3:95:1B:93:73 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/58/5B1AD82F0E7DC771819A9A26674992A3951B9373.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WxrYLw59x3GBmpomZ0mSo5Ubk3M.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/58/3230322e352e3232302e302f32322d3234203d3e2038383838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.5.220.0/22 Signature Algorithm: sha256WithRSAEncryption b1:76:ef:e1:14:e2:8b:12:8b:f9:e7:81:7b:d3:0e:c8:26:26: 00:f5:92:27:0d:72:10:1f:14:03:9c:16:b3:1f:e0:cc:25:ae: de:ec:b1:b9:68:7b:03:ad:a9:d7:80:cb:51:62:1d:00:b0:9d: e3:f2:0f:46:5e:24:9b:9b:89:6b:3d:64:a9:43:68:91:f6:e2: a0:a3:3d:e2:cb:ea:0a:54:63:05:c5:21:f5:fc:27:ea:0d:ee: 9d:8f:d7:b1:0f:39:19:75:36:fb:86:75:f0:e4:f8:a0:49:95: 11:99:ee:ff:b8:09:fe:ac:f1:16:08:59:2c:cb:b0:3f:c5:30: c4:4f:cd:84:45:80:b9:fa:72:0c:1a:f6:89:d0:61:b1:db:a3: b1:a9:62:2c:4f:78:b9:61:f1:f3:65:07:39:4c:3f:80:5c:9d: f9:b3:ff:91:3c:68:5c:e6:30:61:f4:73:e3:0d:cb:af:89:4c: 8d:f0:b7:9a:a0:1c:89:8b:d6:6a:af:31:67:b9:0d:12:10:e7: af:71:ab:a9:7c:ea:dc:7d:f9:82:be:8d:68:23:b2:61:d8:b6: d2:2e:4e:01:74:7b:47:bc:c0:0b:9e:51:3b:81:9e:0f:df:c5: 4f:e5:7e:73:45:3d:e6:78:33:0a:0a:77:70:da:bc:2a:94:9c: 86:11:ac:49 -----BEGIN CERTIFICATE----- MIIE8zCCA9ugAwIBAgIUBhNNnpYxbBOxZ2zUbDLr7TlHJDgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRkZFM0YwMDAwMTEwLwYDVQQFEyg1QjFBRDgyRjBF N0RDNzcxODE5QTlBMjY2NzQ5OTJBMzk1MUI5MzczMB4XDTI2MDQzMDA5MTE1OFoX DTI3MDQyOTA5MTY1OFowMzExMC8GA1UEAxMoRDY0MDFDNDhCMEY4OEI3Q0NCREI3 NDQ2OThGQTY3ODI5QUM1RUM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALCnoXl/Fmy/QE9NDcLBh94cc+Z1vUiP/mnn0zjaKddo37l6+KsMqH3rnn8S 9XgHeZakM3HqaCjzGfjrsqSUTQpXtNCQaXztgQ5OZ/YGhymOeRvIJ4YjhrsVhWYp V6pQD4wlDAu0osS4jNtcQdGu0bIMdRLGnnIyy7FVCxONh4KaI3TF/zWiCdE8LT1k gkTQFrasaB8zeaxzEPSvzazNtTNObiEMROPjN47y54WjES3lBeDbzkhwDXw+KO/c TvO4SyNkjJocSAcGwNrvVIebtbeHH8W+AfFwfYWnteh0Xvz4Es1+wNzrkGnbGyd4 yAZe+pYUKUmtnB1WoYGczuxwYTkCAwEAAaOCAeYwggHiMB0GA1UdDgQWBBTWQBxI sPiLfMvbdEaY+meCmsXsUDAfBgNVHSMEGDAWgBRbGtgvDn3HcYGamiZnSZKjlRuT czAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU4LzVCMUFEODJGMEU3REM3NzE4MTlBOUEyNjY3 NDk5MkEzOTUxQjkzNzMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1d4cllMdzU5eDNHQm1wb21aMG1TbzVVYmszTS5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTgvMzIzMDMyMmUzNTJlMzIzMjMwMmUzMDJmMzIzMjJk MzIzNDIwM2QzZTIwMzgzODM4Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALKBdwwDQYJKoZIhvcNAQEL BQADggEBALF27+EU4osSi/nngXvTDsgmJgD1kicNchAfFAOcFrMf4Mwlrt7ssblo ewOtqdeAy1FiHQCwnePyD0ZeJJubiWs9ZKlDaJH24qCjPeLL6gpUYwXFIfX8J+oN 7p2P17EPORl1NvuGdfDk+KBJlRGZ7v+4Cf6s8RYIWSzLsD/FMMRPzYRFgLn6cgwa 9onQYbHbo7GpYixPeLlh8fNlBzlMP4Bcnfmz/5E8aFzmMGH0c+MNy6+JTI3wt5qg HImL1mqvMWe5DRIQ569xq6l86tx9+YK+jWgjsmHYttIuTgF0e0e8wAueUTuBng/f xU/lfnNFPeZ4MwoKd3DavCqUnIYRrEk= -----END CERTIFICATE-----Generated at Tue May 12 22:50:58 2026 by rpki-client