$ rpki-client -vvf rpki.roa.net/rrdp/xTom/43/3130332e3135352e3233322e302f32332d3234203d3e2038383838.roa File: 3130332e3135352e3233322e302f32332d3234203d3e2038383838.roa (raw, json) Hash identifier: dpUCu3eB5P8MA9xv2iZc+RYJk1W4LSLGzYy+Snk4Jgw= Subject key identifier: 72:A9:3C:49:E7:EE:32:72:40:D7:73:AE:BF:7F:3E:9D:BC:FA:73:76 Certificate issuer: /CN=A913FFE90000/serialNumber=E9BFE0215B84F449D0BB55F37B2D6160D464C190 Certificate serial: 315E67458F5A0ACC762A9AD1648EB7A1D1DFAC9B Authority key identifier: E9:BF:E0:21:5B:84:F4:49:D0:BB:55:F3:7B:2D:61:60:D4:64:C1:90 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6b_gIVuE9EnQu1Xzey1hYNRkwZA.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/43/3130332e3135352e3233322e302f32332d3234203d3e2038383838.roa Signing time: Thu 30 Apr 2026 09:14:04 +0000 ROA not before: Thu 30 Apr 2026 09:09:04 +0000 ROA not after: Thu 29 Apr 2027 09:14:04 +0000 asID: 8888 IP address blocks: 103.155.232.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/43/E9BFE0215B84F449D0BB55F37B2D6160D464C190.crl rsync://rpki.roa.net/rrdp/xTom/43/E9BFE0215B84F449D0BB55F37B2D6160D464C190.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6b_gIVuE9EnQu1Xzey1hYNRkwZA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 00:09:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:5e:67:45:8f:5a:0a:cc:76:2a:9a:d1:64:8e:b7:a1:d1:df:ac:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913FFE90000, serialNumber=E9BFE0215B84F449D0BB55F37B2D6160D464C190 Validity Not Before: Apr 30 09:09:04 2026 GMT Not After : Apr 29 09:14:04 2027 GMT Subject: CN=72A93C49E7EE327240D773AEBF7F3E9DBCFA7376 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:69:dc:84:13:f9:ef:d9:85:2b:2a:36:f4:9b: e9:ed:df:cd:82:f2:8e:f8:36:c9:7e:c6:19:ce:01: 32:82:91:68:27:5e:03:73:a6:1f:ce:02:2b:ee:0e: 47:0d:9e:99:87:c1:4a:71:25:1e:d2:cd:d3:29:44: a6:8c:67:85:52:e6:90:87:9c:84:d5:83:d7:6a:1f: 30:5e:e5:29:77:78:87:20:94:1a:02:1d:f8:6d:60: fc:28:89:5d:87:2d:2c:f7:19:c7:f8:e1:78:89:e6: e9:c2:d8:8f:2a:81:75:0f:ac:4f:10:e2:0b:6e:eb: b9:d2:02:09:9b:11:00:8d:50:ce:a6:1d:1f:1a:9b: 20:6c:9c:f7:76:26:06:d3:7f:6b:c9:37:46:c4:6f: 1a:a7:0c:83:56:83:5a:d5:1d:a3:eb:2e:d6:d8:e5: c0:8c:ee:34:90:8e:05:c1:70:2d:9f:71:ce:7e:ba: 61:60:e3:be:7e:b1:da:ed:77:ad:ba:22:52:90:84: 08:d9:d5:a6:b8:04:88:59:14:6e:73:17:82:4f:e4: 1e:13:45:e2:76:2c:7d:a2:bd:7a:4d:a8:61:19:9f: cd:a7:f4:e3:5e:ad:86:96:77:71:b5:45:85:26:49: e1:5e:26:e4:27:68:59:ae:83:59:dd:3a:ca:ae:9f: 9e:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:A9:3C:49:E7:EE:32:72:40:D7:73:AE:BF:7F:3E:9D:BC:FA:73:76 X509v3 Authority Key Identifier: keyid:E9:BF:E0:21:5B:84:F4:49:D0:BB:55:F3:7B:2D:61:60:D4:64:C1:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/43/E9BFE0215B84F449D0BB55F37B2D6160D464C190.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6b_gIVuE9EnQu1Xzey1hYNRkwZA.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/43/3130332e3135352e3233322e302f32332d3234203d3e2038383838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.155.232.0/23 Signature Algorithm: sha256WithRSAEncryption 4a:ae:0b:26:d4:1f:fe:50:d8:95:2a:43:2c:d6:f0:3c:b4:dc: 0d:fc:ff:30:12:21:98:57:6c:41:b0:4b:25:e9:39:a7:61:5e: 79:f2:54:da:7d:a0:d5:b2:e9:04:ec:65:3e:e3:d7:c8:36:5e: dd:de:23:18:8c:4b:d5:b3:4c:8d:e0:f8:de:03:77:36:c7:a8: eb:a3:34:6b:45:9c:10:91:1b:9c:59:3e:9e:e6:3c:aa:c9:66: aa:68:45:10:c1:57:48:48:54:3c:5b:f5:ef:6a:a7:c7:e8:a1: 2c:40:04:e3:e3:ce:ca:15:3a:1a:90:f9:66:07:97:5b:1f:f8: d6:28:05:c4:80:38:3c:bf:18:4f:bb:5d:5b:ca:bd:3d:91:a7: 3b:7a:37:a9:d3:b4:fc:0d:2a:61:28:71:a9:48:7b:44:67:da: 0a:20:36:0f:fa:3d:de:47:37:a9:9d:e2:3b:be:d3:24:e7:f8: 54:3c:bc:0c:f2:be:a5:db:fe:28:5b:d2:0b:f0:ac:6f:42:55: 9c:2e:6d:e5:26:33:42:38:9e:08:53:1f:2e:40:2b:14:c9:de: b3:a3:81:7d:46:00:fc:01:49:e2:3f:ce:ff:7c:f3:9a:74:bc: 72:f4:41:5d:66:71:d6:43:09:1f:b3:03:7e:e9:bf:66:8f:c1: 14:c6:60:30 -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUMV5nRY9aCsx2KprRZI63odHfrJswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxM0ZGRTkwMDAwMTEwLwYDVQQFEyhFOUJGRTAyMTVC ODRGNDQ5RDBCQjU1RjM3QjJENjE2MEQ0NjRDMTkwMB4XDTI2MDQzMDA5MDkwNFoX DTI3MDQyOTA5MTQwNFowMzExMC8GA1UEAxMoNzJBOTNDNDlFN0VFMzI3MjQwRDc3 M0FFQkY3RjNFOURCQ0ZBNzM3NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANFp3IQT+e/ZhSsqNvSb6e3fzYLyjvg2yX7GGc4BMoKRaCdeA3OmH84CK+4O Rw2emYfBSnElHtLN0ylEpoxnhVLmkIechNWD12ofMF7lKXd4hyCUGgId+G1g/CiJ XYctLPcZx/jheInm6cLYjyqBdQ+sTxDiC27rudICCZsRAI1QzqYdHxqbIGyc93Ym BtN/a8k3RsRvGqcMg1aDWtUdo+su1tjlwIzuNJCOBcFwLZ9xzn66YWDjvn6x2u13 rboiUpCECNnVprgEiFkUbnMXgk/kHhNF4nYsfaK9ek2oYRmfzaf0416thpZ3cbVF hSZJ4V4m5CdoWa6DWd06yq6fnrsCAwEAAaOCAeowggHmMB0GA1UdDgQWBBRyqTxJ 5+4yckDXc66/fz6dvPpzdjAfBgNVHSMEGDAWgBTpv+AhW4T0SdC7VfN7LWFg1GTB kDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQzL0U5QkZFMDIxNUI4NEY0NDlEMEJCNTVGMzdC MkQ2MTYwRDQ2NEMxOTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyLzZiX2dJVnVFOUVuUXUxWHpleTFoWU5Sa3daQS5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDMvMzEzMDMzMmUzMTM1MzUyZTMyMzMzMjJlMzAyZjMy MzMyZDMyMzQyMDNkM2UyMDM4MzgzODM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ5voMA0GCSqGSIb3 DQEBCwUAA4IBAQBKrgsm1B/+UNiVKkMs1vA8tNwN/P8wEiGYV2xBsEsl6TmnYV55 8lTafaDVsukE7GU+49fINl7d3iMYjEvVs0yN4PjeA3c2x6jrozRrRZwQkRucWT6e 5jyqyWaqaEUQwVdISFQ8W/XvaqfH6KEsQATj487KFToakPlmB5dbH/jWKAXEgDg8 vxhPu11byr09kac7ejep07T8DSphKHGpSHtEZ9oKIDYP+j3eRzepneI7vtMk5/hU PLwM8r6l2/4oW9IL8KxvQlWcLm3lJjNCOJ4IUx8uQCsUyd6zo4F9RgD8AUniP87/ fPOadLxy9EFdZnHWQwkfswN+6b9mj8EUxmAw -----END CERTIFICATE-----Generated at Sat May 2 02:16:19 2026 by rpki-client