$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/3130332e35372e3136342e302f32322d3234203d3e203233383538.roa File: 3130332e35372e3136342e302f32322d3234203d3e203233383538.roa (raw, json) Hash identifier: 2qTnddQssGcU8sg+KC1UrSSj7O/cHGdq7aS7vBfMtvw= Subject key identifier: C4:56:7B:AC:6D:95:74:1B:BA:95:E3:AB:07:DF:6A:40:BE:C0:8A:C9 Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 1FCD4F1AC5EADAFF3FF665A8EE80463D4F1F7EA4 Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/3130332e35372e3136342e302f32322d3234203d3e203233383538.roa Signing time: Sat 16 Aug 2025 01:48:21 +0000 ROA not before: Sat 16 Aug 2025 01:43:21 +0000 ROA not after: Sat 15 Aug 2026 01:48:21 +0000 asID: 23858 IP address blocks: 103.57.164.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Aug 2025 18:50:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:cd:4f:1a:c5:ea:da:ff:3f:f6:65:a8:ee:80:46:3d:4f:1f:7e:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000, serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Aug 16 01:43:21 2025 GMT Not After : Aug 15 01:48:21 2026 GMT Subject: CN=C4567BAC6D95741BBA95E3AB07DF6A40BEC08AC9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:b4:f1:d0:f6:d4:c9:b4:2d:d3:46:2c:a7:c0: ec:5f:3d:88:48:73:83:9d:e6:2c:9f:c9:e0:05:8f: 04:a7:de:c1:bc:45:f2:7c:ea:29:8e:c3:94:1b:0e: 2e:f4:b6:38:32:ea:b3:e8:80:8d:22:b7:1a:5b:25: fc:02:34:c6:4f:ba:3f:87:1f:95:c4:d1:e4:2a:8c: bf:13:4c:a1:7c:ee:c6:5d:f8:a7:2f:24:5d:c6:a6: 74:72:3a:76:45:11:ea:88:61:51:72:9d:5c:c7:cb: 55:5e:20:f7:5e:8f:74:8b:fb:46:01:07:85:78:0d: bf:20:94:6d:39:ff:dc:ba:a7:07:29:bb:1c:50:03: d6:8c:94:e5:aa:3b:a7:23:a9:1f:72:89:20:f8:d9: db:52:91:b9:86:10:50:e5:41:56:86:3a:db:cf:9b: f7:0f:26:25:75:55:fd:2d:f8:3b:e7:e8:70:87:17: a2:b1:f1:89:30:37:c6:1b:2c:d2:46:45:51:d9:af: b7:72:b1:d1:34:c9:31:95:83:4d:08:c8:b3:58:9a: ab:fa:b4:80:22:0d:11:d4:01:a1:9f:46:59:bc:72: 61:dd:dc:53:0d:1d:75:26:94:1d:08:4d:6b:ee:17: e1:2f:39:82:d9:1d:11:e8:88:0e:47:e0:33:7a:6a: 64:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:56:7B:AC:6D:95:74:1B:BA:95:E3:AB:07:DF:6A:40:BE:C0:8A:C9 X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/3130332e35372e3136342e302f32322d3234203d3e203233383538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.57.164.0/22 Signature Algorithm: sha256WithRSAEncryption 29:55:11:09:a1:f8:6a:51:f2:74:f5:07:cd:e6:54:ff:80:84: 2a:5b:4d:e8:d8:15:28:a1:a8:57:13:ce:03:e0:ab:da:db:71: 15:c6:f2:41:73:0e:cb:e0:22:84:85:14:7e:14:5a:40:51:7e: e6:7b:41:bd:5a:05:86:64:4f:7e:34:02:1f:6c:26:b3:a3:a7: 23:41:6b:24:d7:91:c5:9a:1f:3d:39:a2:bc:54:31:15:24:74: 44:34:de:89:81:f5:58:12:10:b3:18:59:65:54:58:0d:9a:87: c4:0d:44:a7:31:88:e7:0d:0d:28:89:63:9e:96:c6:7e:21:53: 62:78:a8:06:88:0c:8b:c4:66:ca:cf:6a:a6:c1:67:70:94:bf: 1e:8b:1d:ce:08:91:02:9e:cf:0f:38:3d:48:88:78:af:e2:81: 80:43:51:02:0b:c2:6e:73:53:4e:f2:a9:03:d4:fc:6b:60:20: 0d:b0:ce:c1:f9:56:3d:fe:ca:21:da:aa:73:85:c2:d9:87:64: fa:a2:8c:88:2c:77:31:b0:0c:eb:62:70:f7:05:5c:ac:a8:c9: fc:40:3c:05:78:a4:67:75:4e:15:4d:1d:12:5d:fb:86:70:00: d3:a0:df:ba:e0:25:36:57:25:6e:cb:88:d2:90:58:30:eb:54: b0:dd:fc:14 -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUH81PGsXq2v8/9mWo7oBGPU8ffqQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI1MDgxNjAxNDMyMVoX DTI2MDgxNTAxNDgyMVowMzExMC8GA1UEAxMoQzQ1NjdCQUM2RDk1NzQxQkJBOTVF M0FCMDdERjZBNDBCRUMwOEFDOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANG08dD21Mm0LdNGLKfA7F89iEhzg53mLJ/J4AWPBKfewbxF8nzqKY7DlBsO LvS2ODLqs+iAjSK3Glsl/AI0xk+6P4cflcTR5CqMvxNMoXzuxl34py8kXcamdHI6 dkUR6ohhUXKdXMfLVV4g916PdIv7RgEHhXgNvyCUbTn/3LqnBym7HFAD1oyU5ao7 pyOpH3KJIPjZ21KRuYYQUOVBVoY628+b9w8mJXVV/S34O+focIcXorHxiTA3xhss 0kZFUdmvt3Kx0TTJMZWDTQjIs1iaq/q0gCINEdQBoZ9GWbxyYd3cUw0ddSaUHQhN a+4X4S85gtkdEeiIDkfgM3pqZFUCAwEAAaOCAeowggHmMB0GA1UdDgQWBBTEVnus bZV0G7qV46sH32pAvsCKyTAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzEzMDMzMmUzNTM3MmUzMTM2MzQyZTMwMmYzMjMy MmQzMjM0MjAzZDNlMjAzMjMzMzgzNTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZzmkMA0GCSqGSIb3 DQEBCwUAA4IBAQApVREJofhqUfJ09QfN5lT/gIQqW03o2BUooahXE84D4Kva23EV xvJBcw7L4CKEhRR+FFpAUX7me0G9WgWGZE9+NAIfbCazo6cjQWsk15HFmh89OaK8 VDEVJHRENN6JgfVYEhCzGFllVFgNmofEDUSnMYjnDQ0oiWOelsZ+IVNieKgGiAyL xGbKz2qmwWdwlL8eix3OCJECns8POD1IiHiv4oGAQ1ECC8Juc1NO8qkD1PxrYCAN sM7B+VY9/soh2qpzhcLZh2T6ooyILHcxsAzrYnD3BVysqMn8QDwFeKRndU4VTR0S XfuGcADToN+64CU2VyVuy4jSkFgw61Sw3fwU -----END CERTIFICATE-----Generated at Fri Aug 22 18:54:38 2025 by rpki-client