$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32322d3234203d3e2033323538.roa File: 34352e3131372e3130302e302f32322d3234203d3e2033323538.roa (raw, json) Hash identifier: KWTsLxWIFcXKjNjL6LfQgdvsCq/JmPqGWhOtCfjvM28= Subject key identifier: 43:98:DC:2C:42:07:53:7B:69:CE:36:E2:20:1B:F1:12:27:F7:12:6D Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 1F75312B13F115A84C3420EE7CA239351AD0D4F0 Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32322d3234203d3e2033323538.roa Signing time: Thu 30 Apr 2026 09:10:30 +0000 ROA not before: Thu 30 Apr 2026 09:05:30 +0000 ROA not after: Thu 29 Apr 2027 09:10:30 +0000 asID: 3258 IP address blocks: 45.117.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 02 May 2026 07:33:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:75:31:2b:13:f1:15:a8:4c:34:20:ee:7c:a2:39:35:1a:d0:d4:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000, serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Apr 30 09:05:30 2026 GMT Not After : Apr 29 09:10:30 2027 GMT Subject: CN=4398DC2C4207537B69CE36E2201BF11227F7126D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:9f:63:96:4b:b7:5a:a9:00:9a:25:00:b9:d9: f3:8b:d0:d3:ef:ab:2e:66:d6:1d:2d:95:5f:1d:9e: b8:a0:ed:94:51:f4:e1:70:7c:2d:d8:11:6b:b7:9e: 9d:b0:a4:b1:12:66:44:e5:f3:1b:83:96:87:f5:5b: fb:49:08:68:92:6d:57:d0:fd:11:cb:2e:a7:d7:83: 96:a9:d8:63:a9:a8:e8:07:9d:fb:2c:d4:76:5b:c0: 29:39:5d:65:04:b6:ff:a3:5d:54:26:85:c9:02:4f: 0c:02:bc:ce:2d:dc:1b:62:e2:31:23:a8:c4:9a:84: 3f:97:a6:93:d7:63:e3:50:d3:72:8d:47:c6:ab:d3: 45:31:bc:bf:60:bf:fd:60:fb:69:f3:3a:55:2c:72: 29:5c:20:19:a6:3d:3b:af:8a:1d:5b:fe:21:95:4a: 1b:93:9a:f4:60:2f:4e:3c:7a:d0:80:23:03:1d:e6: df:bd:01:6b:8b:ca:38:95:96:fc:25:e5:80:8a:af: cd:64:e2:e2:f6:6d:81:2c:1c:f4:61:bd:e0:28:15: 8a:22:0c:2e:08:6d:6c:c9:87:fc:71:5c:05:5c:0d: 84:f3:e8:31:56:81:68:76:88:d6:4e:0d:1a:ce:bf: c6:67:aa:bb:5e:f5:fa:b6:fc:17:ac:10:b6:3c:01: 41:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:98:DC:2C:42:07:53:7B:69:CE:36:E2:20:1B:F1:12:27:F7:12:6D X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32322d3234203d3e2033323538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.117.100.0/22 Signature Algorithm: sha256WithRSAEncryption 5b:02:97:0c:14:3a:1c:eb:16:69:e9:d9:3b:61:8a:ad:fe:7a: 07:dd:15:00:ec:cb:3f:a5:bf:31:4f:07:1c:f5:9c:cb:c4:12: 82:14:68:45:7e:19:3a:22:91:fd:a7:a8:e4:8e:33:4b:a2:6e: 25:d1:f3:06:d6:60:c1:24:6a:e2:39:38:87:14:cb:91:b1:82: 3e:2f:c1:f1:b6:f1:49:1d:e7:a3:91:8d:3b:32:c7:8f:39:21: f2:58:f8:4d:ee:5c:d7:a2:a0:fa:fb:80:00:bb:23:5e:60:82: 9b:e5:28:be:7e:8b:29:2b:26:47:61:19:71:5b:02:2a:3e:39: 48:71:3f:3d:f5:aa:a9:f0:19:b4:24:7c:dd:a7:42:3e:bf:1c: 28:1f:40:48:01:5b:27:ee:dd:f6:ee:8e:08:f2:64:e5:0c:cd: 12:bb:1d:b4:56:75:8e:a1:bf:6e:d2:d5:58:7b:83:82:c0:93: d7:be:46:52:77:49:7e:41:d2:3d:2c:9d:5b:89:1d:9d:e9:dc: 15:9b:6d:f8:04:96:02:91:50:24:26:ff:42:2c:e6:48:a5:40: 20:3c:fe:50:ef:7a:dc:c3:98:29:d3:4e:f7:a0:e4:63:39:99: ff:3d:08:98:13:90:43:1a:55:9e:1c:2b:2a:8e:f3:c2:49:5b: b1:e1:15:23 -----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgIUH3UxKxPxFahMNCDufKI5NRrQ1PAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI2MDQzMDA5MDUzMFoX DTI3MDQyOTA5MTAzMFowMzExMC8GA1UEAxMoNDM5OERDMkM0MjA3NTM3QjY5Q0Uz NkUyMjAxQkYxMTIyN0Y3MTI2RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALGfY5ZLt1qpAJolALnZ84vQ0++rLmbWHS2VXx2euKDtlFH04XB8LdgRa7ee nbCksRJmROXzG4OWh/Vb+0kIaJJtV9D9Ecsup9eDlqnYY6mo6Aed+yzUdlvAKTld ZQS2/6NdVCaFyQJPDAK8zi3cG2LiMSOoxJqEP5emk9dj41DTco1HxqvTRTG8v2C/ /WD7afM6VSxyKVwgGaY9O6+KHVv+IZVKG5Oa9GAvTjx60IAjAx3m370Ba4vKOJWW /CXlgIqvzWTi4vZtgSwc9GG94CgViiIMLghtbMmH/HFcBVwNhPPoMVaBaHaI1k4N Gs6/xmequ171+rb8F6wQtjwBQVUCAwEAAaOCAegwggHkMB0GA1UdDgQWBBRDmNws QgdTe2nONuIgG/ESJ/cSbTAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzQzNTJlMzEzMTM3MmUzMTMwMzAyZTMwMmYzMjMy MmQzMjM0MjAzZDNlMjAzMzMyMzUzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi11ZDANBgkqhkiG9w0B AQsFAAOCAQEAWwKXDBQ6HOsWaenZO2GKrf56B90VAOzLP6W/MU8HHPWcy8QSghRo RX4ZOiKR/aeo5I4zS6JuJdHzBtZgwSRq4jk4hxTLkbGCPi/B8bbxSR3no5GNOzLH jzkh8lj4Te5c16Kg+vuAALsjXmCCm+Uovn6LKSsmR2EZcVsCKj45SHE/PfWqqfAZ tCR83adCPr8cKB9ASAFbJ+7d9u6OCPJk5QzNErsdtFZ1jqG/btLVWHuDgsCT175G UndJfkHSPSydW4kdnencFZtt+ASWApFQJCb/QizmSKVAIDz+UO963MOYKdNO96Dk YzmZ/z0ImBOQQxpVnhwrKo7zwklbseEVIw== -----END CERTIFICATE-----Generated at Sat May 2 00:51:44 2026 by rpki-client