$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133372e302f32342d3332203d3e2039333132.roa File: 3138302e3233352e3133372e302f32342d3332203d3e2039333132.roa (raw, json) Hash identifier: QLlOhGApGpab+CelOkA2cuBfqCbVJhUFQdhgy+GcygA= Subject key identifier: 61:CD:90:30:DD:C4:62:04:1C:14:FB:DF:72:2F:CE:53:65:5D:EA:29 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 763E2C9DD85DB71EAA6437A389BFD059182378A1 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133372e302f32342d3332203d3e2039333132.roa Signing time: Thu 06 Mar 2025 06:39:59 +0000 ROA not before: Thu 06 Mar 2025 06:34:59 +0000 ROA not after: Thu 05 Mar 2026 06:39:59 +0000 asID: 9312 IP address blocks: 180.235.137.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 02:30:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:3e:2c:9d:d8:5d:b7:1e:aa:64:37:a3:89:bf:d0:59:18:23:78:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000 Validity Not Before: Mar 6 06:34:59 2025 GMT Not After : Mar 5 06:39:59 2026 GMT Subject: CN=61CD9030DDC462041C14FBDF722FCE53655DEA29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:71:89:5a:d0:9f:bb:c2:c1:ba:d8:d7:ae:3b: f0:49:50:63:b1:25:6d:43:1f:16:97:cf:b5:4e:b1: 94:46:ae:81:d0:a1:4f:39:ea:f3:bb:19:71:3b:2a: 69:cc:09:73:63:e7:55:8e:45:1b:f5:b5:6d:19:04: e3:dc:bb:31:8d:bc:30:07:54:4e:34:c5:c2:5c:3b: 66:34:3d:58:af:2c:55:01:85:b4:cf:11:f5:bf:9c: 26:f0:4c:e3:20:1d:9f:c9:fa:17:d8:0e:5a:cb:3e: 4a:ed:3f:44:bc:85:88:fd:0c:35:43:09:f6:49:60: 92:32:51:aa:e5:f3:b2:54:0f:dc:ee:00:51:54:bb: ce:0b:d5:1f:5b:fd:f2:a6:1e:46:08:f1:c6:3b:ea: 1c:fe:ad:ed:af:0d:17:b3:8a:55:be:ed:b1:a7:fb: 33:30:57:05:32:ab:32:41:2d:3a:e6:c9:ae:6f:d7: 12:fc:92:ec:23:ab:aa:cd:9b:28:21:b5:03:57:20: 18:ca:86:48:48:99:e7:2d:c2:76:26:02:21:c6:02: 20:f2:9a:22:84:32:1d:33:7b:39:e5:01:bd:85:d2: 01:4e:fc:62:4a:50:ce:64:00:e8:58:60:84:ee:ce: e4:34:f5:7e:49:38:a4:a5:aa:03:9f:ff:af:a4:db: d2:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:CD:90:30:DD:C4:62:04:1C:14:FB:DF:72:2F:CE:53:65:5D:EA:29 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133372e302f32342d3332203d3e2039333132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 180.235.137.0/24 Signature Algorithm: sha256WithRSAEncryption 5e:74:ce:fc:ca:4e:41:98:20:91:44:63:46:df:49:7d:ab:c4: e3:67:b3:73:6d:e4:2f:de:65:42:28:52:67:f9:db:09:c9:40: 1e:35:94:8b:22:1d:e3:91:9e:e1:7c:2a:df:57:16:68:42:71: 1d:00:13:06:e6:9e:6a:d9:4e:f1:2a:0c:58:29:74:9d:1b:b2: 36:72:0b:9c:8c:67:8d:b9:76:0a:62:73:65:9f:27:e6:db:51: 08:35:bf:0c:54:49:44:4e:64:e9:57:10:4e:b0:5e:8e:fa:62: 90:e1:d3:ec:c1:26:54:dd:d5:ff:74:03:e5:64:f6:0b:ce:62: 1d:fd:b2:44:26:7f:04:64:74:63:1d:ff:77:69:c9:d4:c3:47: 47:69:e7:20:18:e6:a5:a1:44:d3:fb:41:55:af:79:a1:3b:47: 78:45:09:9d:36:da:c1:e2:8d:da:9b:c4:60:c5:13:62:61:71: a1:f8:95:41:84:d8:4c:43:9d:a2:eb:11:da:37:a2:64:3d:77: 9f:16:95:36:42:10:c4:15:94:9e:6a:df:4b:bd:35:48:0d:a8: e6:b2:62:8e:fa:14:43:b8:05:bf:df:a0:df:95:88:67:6f:14: ec:e1:90:5c:76:87:ea:2a:1f:0a:d3:c0:24:c0:4f:4e:ee:f4: 1a:80:19:2e -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUdj4sndhdtx6qZDejib/QWRgjeKEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI1MDMwNjA2MzQ1OVoX DTI2MDMwNTA2Mzk1OVowMzExMC8GA1UEAxMoNjFDRDkwMzBEREM0NjIwNDFDMTRG QkRGNzIyRkNFNTM2NTVERUEyOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL9xiVrQn7vCwbrY16478ElQY7ElbUMfFpfPtU6xlEaugdChTznq87sZcTsq acwJc2PnVY5FG/W1bRkE49y7MY28MAdUTjTFwlw7ZjQ9WK8sVQGFtM8R9b+cJvBM 4yAdn8n6F9gOWss+Su0/RLyFiP0MNUMJ9klgkjJRquXzslQP3O4AUVS7zgvVH1v9 8qYeRgjxxjvqHP6t7a8NF7OKVb7tsaf7MzBXBTKrMkEtOubJrm/XEvyS7COrqs2b KCG1A1cgGMqGSEiZ5y3CdiYCIcYCIPKaIoQyHTN7OeUBvYXSAU78YkpQzmQA6Fhg hO7O5DT1fkk4pKWqA5//r6Tb0oMCAwEAAaOCAeowggHmMB0GA1UdDgQWBBRhzZAw 3cRiBBwU+99yL85TZV3qKTAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzODMwMmUzMjMzMzUyZTMxMzMzNzJlMzAyZjMy MzQyZDMzMzIyMDNkM2UyMDM5MzMzMTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtOuJMA0GCSqGSIb3 DQEBCwUAA4IBAQBedM78yk5BmCCRRGNG30l9q8TjZ7NzbeQv3mVCKFJn+dsJyUAe NZSLIh3jkZ7hfCrfVxZoQnEdABMG5p5q2U7xKgxYKXSdG7I2cgucjGeNuXYKYnNl nyfm21EINb8MVElETmTpVxBOsF6O+mKQ4dPswSZU3dX/dAPlZPYLzmId/bJEJn8E ZHRjHf93acnUw0dHaecgGOaloUTT+0FVr3mhO0d4RQmdNtrB4o3am8RgxRNiYXGh +JVBhNhMQ52i6xHaN6JkPXefFpU2QhDEFZSeat9LvTVIDajmsmKO+hRDuAW/36Df lYhnbxTs4ZBcdofqKh8K08AkwE9O7vQagBku -----END CERTIFICATE-----Generated at Sat Apr 5 11:19:22 2025 by rpki-client