$ rpki-client -vvf rpki.roa.net/rrdp/xTom/62/323430343a393534303a3a2f33322d3438203d3e203234323432.roa File: 323430343a393534303a3a2f33322d3438203d3e203234323432.roa (raw, json) Hash identifier: 9Jlu+M3rXD12EuJzqhRW5ZFTf/kwx838RQdRoAP5znc= Subject key identifier: 03:08:8B:63:35:4E:A5:03:BA:5C:F6:FC:D7:DE:EE:C0:34:43:E9:E0 Certificate issuer: /CN=A9124B5E0000/serialNumber=DAEAFB37164B3F2015820693231F24002ADC2113 Certificate serial: 3651A7A561CC4314FE774EB0ECFD5CD81B8D8031 Authority key identifier: DA:EA:FB:37:16:4B:3F:20:15:82:06:93:23:1F:24:00:2A:DC:21:13 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2ur7NxZLPyAVggaTIx8kACrcIRM.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/62/323430343a393534303a3a2f33322d3438203d3e203234323432.roa Signing time: Wed 01 Apr 2026 20:53:21 +0000 ROA not before: Wed 01 Apr 2026 20:48:21 +0000 ROA not after: Wed 31 Mar 2027 20:53:21 +0000 asID: 24242 IP address blocks: 2404:9540::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/62/DAEAFB37164B3F2015820693231F24002ADC2113.crl rsync://rpki.roa.net/rrdp/xTom/62/DAEAFB37164B3F2015820693231F24002ADC2113.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2ur7NxZLPyAVggaTIx8kACrcIRM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 Apr 2026 12:14:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:51:a7:a5:61:cc:43:14:fe:77:4e:b0:ec:fd:5c:d8:1b:8d:80:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9124B5E0000, serialNumber=DAEAFB37164B3F2015820693231F24002ADC2113 Validity Not Before: Apr 1 20:48:21 2026 GMT Not After : Mar 31 20:53:21 2027 GMT Subject: CN=03088B63354EA503BA5CF6FCD7DEEEC03443E9E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:49:b4:ec:fd:e0:be:43:9e:04:2e:c2:e7:ce: 9b:32:3e:c8:42:8a:7f:37:e6:30:ea:23:2f:97:53: 32:8c:0e:52:9c:54:b3:61:b2:47:b5:27:82:6d:93: 93:a2:df:26:db:ba:af:9c:9c:39:a4:a3:6a:1d:7f: 50:9a:54:76:a3:a9:67:dc:93:03:ae:01:d4:27:3f: 3b:86:93:68:32:28:67:82:5b:d0:c7:28:20:4b:61: 96:2e:73:87:de:6f:f8:fb:79:ba:76:8b:f3:92:ab: ff:a9:79:7a:80:80:4d:97:c8:60:15:7f:90:01:95: fe:5a:17:a0:ff:96:22:fa:e9:b1:f5:11:92:94:72: 85:27:df:64:1b:7b:6c:06:9f:8e:bb:1c:32:d6:47: 67:44:e1:34:01:32:80:b4:e6:8e:10:86:20:02:51: 60:3b:5e:9a:12:20:71:14:77:3e:9e:8d:03:d0:0a: b6:8b:9d:7f:c4:a8:e5:12:0d:63:91:9f:ef:52:bc: 4f:41:a6:67:17:b7:e4:bc:6a:3a:b1:0e:1a:f5:3c: 89:09:e4:7f:f9:95:62:d8:83:e7:e3:84:39:74:bd: 2b:55:26:71:2d:fc:d0:85:7b:2f:f6:ec:39:0c:e5: 73:d0:cf:e6:09:64:a9:c5:00:ee:32:be:49:8f:ae: c6:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:08:8B:63:35:4E:A5:03:BA:5C:F6:FC:D7:DE:EE:C0:34:43:E9:E0 X509v3 Authority Key Identifier: keyid:DA:EA:FB:37:16:4B:3F:20:15:82:06:93:23:1F:24:00:2A:DC:21:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/62/DAEAFB37164B3F2015820693231F24002ADC2113.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2ur7NxZLPyAVggaTIx8kACrcIRM.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/62/323430343a393534303a3a2f33322d3438203d3e203234323432.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:9540::/32 Signature Algorithm: sha256WithRSAEncryption 1c:5c:a9:94:8d:09:03:6c:db:54:99:6a:b8:ee:b2:b4:6b:51: a9:6d:96:f2:59:ea:b7:90:33:d8:8b:b0:67:e4:9b:8c:51:c4: f4:7d:cc:4b:b8:71:62:a4:f1:34:26:5b:b0:5e:3e:cc:22:75: 4c:f1:7a:59:c8:9e:4d:7f:e4:b4:a2:60:b2:49:ec:4d:7b:d6: 39:70:60:f1:e3:99:31:d1:bb:bc:dc:e9:4c:a2:fe:f2:81:9d: 31:bc:82:09:d3:35:fb:b5:14:44:7b:fe:93:05:68:da:ae:fd: bf:82:69:6c:d9:d9:23:94:5d:a1:6e:a7:8a:5b:18:98:87:04: ff:0d:a4:50:55:40:a5:1a:9f:9f:2c:fb:ed:29:af:12:43:5a: 21:26:b3:39:47:39:5a:a3:ea:b0:08:ac:c0:d7:ec:fd:18:80: d4:7b:23:d2:da:30:c8:01:0f:43:eb:0a:26:ba:37:3f:42:32: 3b:26:3b:2b:08:d1:9a:c1:6e:c5:c2:a9:09:c5:ad:65:a8:86: 5b:17:1a:ae:a8:7d:97:47:93:89:57:3d:f7:17:fc:7c:05:de: 83:af:f7:68:43:f7:5c:18:a4:bc:10:f6:55:55:53:47:52:f0: 08:fb:03:e0:58:7f:d5:7f:94:78:1b:29:48:5c:0b:2b:e3:6a: 84:9b:98:60 -----BEGIN CERTIFICATE----- MIIE9jCCA96gAwIBAgIUNlGnpWHMQxT+d06w7P1c2BuNgDEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMjRCNUUwMDAwMTEwLwYDVQQFEyhEQUVBRkIzNzE2 NEIzRjIwMTU4MjA2OTMyMzFGMjQwMDJBREMyMTEzMB4XDTI2MDQwMTIwNDgyMVoX DTI3MDMzMTIwNTMyMVowMzExMC8GA1UEAxMoMDMwODhCNjMzNTRFQTUwM0JBNUNG NkZDRDdERUVFQzAzNDQzRTlFMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANdJtOz94L5DngQuwufOmzI+yEKKfzfmMOojL5dTMowOUpxUs2GyR7Ungm2T k6LfJtu6r5ycOaSjah1/UJpUdqOpZ9yTA64B1Cc/O4aTaDIoZ4Jb0McoIEthli5z h95v+Pt5unaL85Kr/6l5eoCATZfIYBV/kAGV/loXoP+WIvrpsfURkpRyhSffZBt7 bAafjrscMtZHZ0ThNAEygLTmjhCGIAJRYDtemhIgcRR3Pp6NA9AKtoudf8So5RIN Y5Gf71K8T0GmZxe35LxqOrEOGvU8iQnkf/mVYtiD5+OEOXS9K1UmcS380IV7L/bs OQzlc9DP5glkqcUA7jK+SY+uxqUCAwEAAaOCAekwggHlMB0GA1UdDgQWBBQDCItj NU6lA7pc9vzX3u7ANEPp4DAfBgNVHSMEGDAWgBTa6vs3Fks/IBWCBpMjHyQAKtwh EzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzYyL0RBRUFGQjM3MTY0QjNGMjAxNTgyMDY5MzIz MUYyNDAwMkFEQzIxMTMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyLzJ1cjdOeFpMUHlBVmdnYVRJeDhrQUNyY0lSTS5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNjIvMzIzNDMwMzQzYTM5MzUzNDMwM2EzYTJmMzMzMjJk MzQzODIwM2QzZTIwMzIzNDMyMzQzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQElUAwDQYJKoZIhvcN AQELBQADggEBABxcqZSNCQNs21SZarjusrRrUaltlvJZ6reQM9iLsGfkm4xRxPR9 zEu4cWKk8TQmW7BePswidUzxelnInk1/5LSiYLJJ7E171jlwYPHjmTHRu7zc6Uyi /vKBnTG8ggnTNfu1FER7/pMFaNqu/b+CaWzZ2SOUXaFup4pbGJiHBP8NpFBVQKUa n58s++0prxJDWiEmszlHOVqj6rAIrMDX7P0YgNR7I9LaMMgBD0PrCia6Nz9CMjsm OysI0ZrBbsXCqQnFrWWohlsXGq6ofZdHk4lXPfcX/HwF3oOv92hD91wYpLwQ9lVV U0dS8Aj7A+BYf9V/lHgbKUhcCyvjaoSbmGA= -----END CERTIFICATE-----Generated at Sun Apr 5 22:22:15 2026 by rpki-client