$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3130332e3139322e3232342e302f32322d3234203d3e2033323538.roa File: 3130332e3139322e3232342e302f32322d3234203d3e2033323538.roa (raw, json) Hash identifier: Slt5vsqq5UsOx6jm7IB9mJDWbBmiBM00uFA5aoC89U8= Subject key identifier: 4D:B1:51:F9:27:A6:0D:B2:D4:A8:3A:16:C3:1D:5D:87:B5:FB:9E:73 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 5BD74FE721142DE9492A658566BFC5D4C9380FE6 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3130332e3139322e3232342e302f32322d3234203d3e2033323538.roa Signing time: Thu 30 Apr 2026 09:14:50 +0000 ROA not before: Thu 30 Apr 2026 09:09:50 +0000 ROA not after: Thu 29 Apr 2027 09:14:50 +0000 asID: 3258 IP address blocks: 103.192.224.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 02 May 2026 22:32:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:d7:4f:e7:21:14:2d:e9:49:2a:65:85:66:bf:c5:d4:c9:38:0f:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000, serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Apr 30 09:09:50 2026 GMT Not After : Apr 29 09:14:50 2027 GMT Subject: CN=4DB151F927A60DB2D4A83A16C31D5D87B5FB9E73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:11:66:85:5f:6d:79:24:55:9b:a7:23:f3:cb: 0f:11:dc:4f:c6:93:b6:3d:15:2a:8c:4c:74:c1:59: ac:d6:52:f9:8a:bf:c5:03:c3:9f:3e:e3:54:5a:bd: 95:e9:e5:55:2a:00:64:a1:d1:06:b5:f4:6c:ce:64: 2e:67:9a:aa:71:77:73:ac:f1:a3:ec:46:f8:de:79: be:a8:36:ea:01:31:57:bd:d5:4d:48:c0:1e:25:11: 77:4d:e9:46:76:02:b6:dd:73:e7:9b:33:fe:61:90: 28:85:82:f2:a5:d2:28:40:c7:b4:95:81:76:82:10: 2b:30:7d:45:12:60:ae:25:c4:4f:77:fd:99:c1:8c: 84:6e:79:ce:55:f0:9e:79:94:85:bd:7f:4d:e2:ed: e0:51:30:67:53:8a:e7:ec:d7:9c:30:bd:26:07:6c: 9c:0f:8f:69:1c:c4:98:d4:ab:cb:0c:38:66:f7:46: 84:84:1f:2e:06:71:8d:0a:f9:be:ba:e5:d1:6a:fc: 5e:50:6f:4d:eb:27:3b:18:2e:33:33:1d:f6:08:ce: e4:51:3b:0b:be:9a:42:94:15:b2:2a:e8:bd:df:31: b3:86:7b:a9:e7:46:5e:4a:3f:8a:53:cc:1c:cd:4d: b3:b7:04:18:35:f9:a4:65:9c:4f:87:76:91:7c:a6: df:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:B1:51:F9:27:A6:0D:B2:D4:A8:3A:16:C3:1D:5D:87:B5:FB:9E:73 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3130332e3139322e3232342e302f32322d3234203d3e2033323538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.192.224.0/22 Signature Algorithm: sha256WithRSAEncryption 85:76:96:6d:ad:bb:20:97:6a:bd:13:7c:4b:33:0b:48:88:c7: 16:08:26:21:4f:76:2a:8a:1e:a4:23:a9:cd:c6:ad:e1:fc:35: d3:e1:38:4c:4f:98:99:63:a0:9d:80:96:c9:bf:c8:32:51:7c: 00:c2:ae:ce:58:8c:14:51:40:07:4d:a4:a2:9e:d7:1a:03:b4: be:27:bc:cc:af:c2:ed:ca:f2:bb:c9:78:5f:10:db:0b:b1:10: a5:8b:d1:8e:cd:a4:c7:bb:da:47:9e:16:8d:4e:43:ed:65:6e: a9:b7:32:b5:43:d3:1f:a3:95:81:86:56:f4:49:f4:cf:da:d8: 6c:f3:01:31:ed:ff:3b:77:96:90:6e:f1:4b:4a:5a:a2:e6:b0: 5b:f8:6f:57:b4:83:f0:d8:d9:6e:33:d3:ac:7a:dd:ae:c4:ff: 0e:97:fd:cc:4c:08:dc:55:6e:7c:9e:35:c7:96:aa:9a:c4:31: e1:d3:ec:41:a7:07:37:d8:e5:a6:69:f9:93:2b:4b:8c:42:88: c7:2d:cf:64:a1:70:90:24:cc:ad:62:6c:49:fc:70:b4:22:6b: e1:f9:66:6c:75:fe:a6:53:22:43:5a:e8:18:b0:c2:7f:b0:86: 4f:87:24:a2:2d:eb:72:5b:8d:c3:4a:0c:16:54:54:ff:d7:06: 2c:e0:4c:ae -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUW9dP5yEULelJKmWFZr/F1Mk4D+YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI2MDQzMDA5MDk1MFoX DTI3MDQyOTA5MTQ1MFowMzExMC8GA1UEAxMoNERCMTUxRjkyN0E2MERCMkQ0QTgz QTE2QzMxRDVEODdCNUZCOUU3MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANMRZoVfbXkkVZunI/PLDxHcT8aTtj0VKoxMdMFZrNZS+Yq/xQPDnz7jVFq9 lenlVSoAZKHRBrX0bM5kLmeaqnF3c6zxo+xG+N55vqg26gExV73VTUjAHiURd03p RnYCtt1z55sz/mGQKIWC8qXSKEDHtJWBdoIQKzB9RRJgriXET3f9mcGMhG55zlXw nnmUhb1/TeLt4FEwZ1OK5+zXnDC9JgdsnA+PaRzEmNSryww4ZvdGhIQfLgZxjQr5 vrrl0Wr8XlBvTesnOxguMzMd9gjO5FE7C76aQpQVsirovd8xs4Z7qedGXko/ilPM HM1Ns7cEGDX5pGWcT4d2kXym34sCAwEAAaOCAeowggHmMB0GA1UdDgQWBBRNsVH5 J6YNstSoOhbDHV2HtfueczAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzMDMzMmUzMTM5MzIyZTMyMzIzNDJlMzAyZjMy MzIyZDMyMzQyMDNkM2UyMDMzMzIzNTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ8DgMA0GCSqGSIb3 DQEBCwUAA4IBAQCFdpZtrbsgl2q9E3xLMwtIiMcWCCYhT3Yqih6kI6nNxq3h/DXT 4ThMT5iZY6CdgJbJv8gyUXwAwq7OWIwUUUAHTaSintcaA7S+J7zMr8LtyvK7yXhf ENsLsRCli9GOzaTHu9pHnhaNTkPtZW6ptzK1Q9Mfo5WBhlb0SfTP2ths8wEx7f87 d5aQbvFLSlqi5rBb+G9XtIPw2NluM9Oset2uxP8Ol/3MTAjcVW58njXHlqqaxDHh 0+xBpwc32OWmafmTK0uMQojHLc9koXCQJMytYmxJ/HC0Imvh+WZsdf6mUyJDWugY sMJ/sIZPhySiLetyW43DSgwWVFT/1wYs4Eyu -----END CERTIFICATE-----Generated at Sat May 2 00:51:18 2026 by rpki-client