$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32342d3234203d3e203233383538.roa File: 34352e3131372e3130302e302f32342d3234203d3e203233383538.roa (raw, json) Hash identifier: 5hG4RwSHZVnSqsO9x6f7nAjxYEbAb/HRse6WJYcZAOE= Subject key identifier: F2:F8:E3:56:94:FF:DE:C9:14:F2:C7:85:6D:83:1A:29:6B:CA:11:60 Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 12A3B1828A8E07DCDC8B4C4A1AC67F2FA0AED486 Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32342d3234203d3e203233383538.roa Signing time: Sat 16 Aug 2025 01:48:22 +0000 ROA not before: Sat 16 Aug 2025 01:43:22 +0000 ROA not after: Sat 15 Aug 2026 01:48:22 +0000 asID: 23858 IP address blocks: 45.117.100.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Aug 2025 18:50:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:a3:b1:82:8a:8e:07:dc:dc:8b:4c:4a:1a:c6:7f:2f:a0:ae:d4:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000, serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Aug 16 01:43:22 2025 GMT Not After : Aug 15 01:48:22 2026 GMT Subject: CN=F2F8E35694FFDEC914F2C7856D831A296BCA1160 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:c9:ff:96:47:8b:47:86:ef:b5:69:01:df:5f: 15:7e:36:28:bb:cd:8a:66:54:19:64:9b:9a:87:39: b4:f3:01:e8:c6:fa:bc:10:09:05:79:33:bc:92:33: 66:eb:cd:84:5d:42:b7:21:76:bc:74:ac:d0:ee:c8: 01:9e:3c:29:fb:9c:70:d6:f1:9b:13:04:04:c4:95: c4:a8:f1:86:de:99:4e:f3:c3:5f:e3:04:c9:8f:6c: 02:3a:0d:a9:88:ff:f4:3f:82:3c:b8:38:bb:f8:61: 0f:92:be:1a:18:39:d3:40:21:1c:d4:26:f0:c3:91: 43:5c:a2:21:21:3d:d3:64:6c:2d:b3:a1:00:72:64: d3:50:bf:79:64:bc:66:fe:e9:92:66:24:56:0b:0f: 17:14:e6:88:e7:e9:f2:fa:19:11:05:31:d6:09:76: 25:a8:67:e3:89:40:cc:ed:cd:4b:dc:19:c6:b5:c8: 28:67:34:a6:59:b1:63:3e:bc:b2:45:a1:a0:e8:ed: 8a:b1:cd:c9:ab:e1:e0:28:a0:04:f4:2d:93:8b:d0: b3:e5:5a:d9:b7:47:3b:77:be:f7:9a:69:c4:99:0d: 87:dd:a9:94:7a:48:bc:9a:2e:45:38:2e:27:22:96: 4b:44:80:97:7a:33:bb:54:63:de:d0:3b:fe:42:c6: 3f:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:F8:E3:56:94:FF:DE:C9:14:F2:C7:85:6D:83:1A:29:6B:CA:11:60 X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32342d3234203d3e203233383538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.117.100.0/24 Signature Algorithm: sha256WithRSAEncryption 73:d4:c1:5e:2e:50:ca:cf:87:db:97:dc:58:f4:05:c2:a2:a8: e4:6b:f8:18:10:24:c9:f2:c5:79:73:f0:a6:71:03:d1:9d:22: 26:50:55:ff:28:34:13:0e:17:3e:58:67:fd:47:98:05:8f:e0: 56:1c:04:21:e8:3f:c1:61:bc:58:f5:d5:f6:13:96:93:cd:60: 1a:1e:80:c2:4e:8a:8d:9e:7b:48:45:a1:25:a7:14:dc:61:6a: 66:01:7a:42:1d:59:5a:77:71:83:70:98:85:aa:bf:37:9d:69: 1d:87:96:d4:ec:a4:d5:4c:71:ab:4d:c8:fd:ee:ff:7f:52:0f: f3:ac:74:51:46:94:af:a7:70:dd:62:09:05:e4:dd:9d:95:35: a6:c1:dd:9a:88:83:bc:13:20:bf:39:ab:7a:c9:29:c3:05:b2: fc:21:0a:7b:4f:dd:3e:b1:aa:52:e7:f0:00:c1:25:03:7e:87: 81:34:38:4a:cd:2b:c6:04:10:93:05:5d:1f:be:00:9d:f8:5b: f6:cc:20:74:fc:99:4f:f2:91:2c:28:33:6b:9f:38:c7:5f:84: a0:db:ae:0f:de:d5:ca:e5:af:1d:92:f3:4b:72:56:09:6a:b4: 7f:8d:36:e5:e8:9b:b5:ea:09:40:c6:08:b7:65:fc:95:10:34: db:eb:a3:70 -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUEqOxgoqOB9zci0xKGsZ/L6Cu1IYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI1MDgxNjAxNDMyMloX DTI2MDgxNTAxNDgyMlowMzExMC8GA1UEAxMoRjJGOEUzNTY5NEZGREVDOTE0RjJD Nzg1NkQ4MzFBMjk2QkNBMTE2MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALzJ/5ZHi0eG77VpAd9fFX42KLvNimZUGWSbmoc5tPMB6Mb6vBAJBXkzvJIz ZuvNhF1CtyF2vHSs0O7IAZ48KfuccNbxmxMEBMSVxKjxht6ZTvPDX+MEyY9sAjoN qYj/9D+CPLg4u/hhD5K+Ghg500AhHNQm8MORQ1yiISE902RsLbOhAHJk01C/eWS8 Zv7pkmYkVgsPFxTmiOfp8voZEQUx1gl2Jahn44lAzO3NS9wZxrXIKGc0plmxYz68 skWhoOjtirHNyavh4CigBPQtk4vQs+Va2bdHO3e+95ppxJkNh92plHpIvJouRTgu JyKWS0SAl3ozu1Rj3tA7/kLGP/kCAwEAAaOCAeowggHmMB0GA1UdDgQWBBTy+ONW lP/eyRTyx4Vtgxopa8oRYDAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzQzNTJlMzEzMTM3MmUzMTMwMzAyZTMwMmYzMjM0 MmQzMjM0MjAzZDNlMjAzMjMzMzgzNTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALXVkMA0GCSqGSIb3 DQEBCwUAA4IBAQBz1MFeLlDKz4fbl9xY9AXCoqjka/gYECTJ8sV5c/CmcQPRnSIm UFX/KDQTDhc+WGf9R5gFj+BWHAQh6D/BYbxY9dX2E5aTzWAaHoDCToqNnntIRaEl pxTcYWpmAXpCHVlad3GDcJiFqr83nWkdh5bU7KTVTHGrTcj97v9/Ug/zrHRRRpSv p3DdYgkF5N2dlTWmwd2aiIO8EyC/Oat6ySnDBbL8IQp7T90+sapS5/AAwSUDfoeB NDhKzSvGBBCTBV0fvgCd+Fv2zCB0/JlP8pEsKDNrnzjHX4Sg264P3tXK5a8dkvNL clYJarR/jTbl6Ju16glAxgi3ZfyVEDTb66Nw -----END CERTIFICATE-----Generated at Fri Aug 22 18:58:43 2025 by rpki-client