$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32342d3234203d3e2038383838.roa File: 34352e3131372e3130302e302f32342d3234203d3e2038383838.roa (raw, json) Hash identifier: dxlqlSymD3+QS7EUByE6MriZabTKsAyLs26IGboQuBk= Subject key identifier: BA:B8:D9:E7:6F:A1:F1:F4:BD:B6:16:DC:59:F4:90:59:73:26:3E:6B Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 7240AB7FF9294CD084A1ED9D022990DB4D16CDF1 Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32342d3234203d3e2038383838.roa Signing time: Sat 16 Aug 2025 01:48:22 +0000 ROA not before: Sat 16 Aug 2025 01:43:22 +0000 ROA not after: Sat 15 Aug 2026 01:48:22 +0000 asID: 8888 IP address blocks: 45.117.100.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Aug 2025 18:50:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:40:ab:7f:f9:29:4c:d0:84:a1:ed:9d:02:29:90:db:4d:16:cd:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000, serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Aug 16 01:43:22 2025 GMT Not After : Aug 15 01:48:22 2026 GMT Subject: CN=BAB8D9E76FA1F1F4BDB616DC59F4905973263E6B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:0a:26:13:f7:6e:7f:d4:21:34:92:c1:d2:6a: 9b:26:ef:db:fe:c9:73:b3:c3:ca:da:dd:b4:b5:8d: b6:23:52:49:d8:58:b8:c8:ee:38:96:81:38:d6:4a: 18:2f:5e:eb:4c:9e:04:72:78:54:ec:b9:d2:ea:88: c6:88:56:99:27:a0:17:7a:7b:b9:e7:1c:95:73:8c: 90:1e:72:80:c3:8a:cd:5d:36:e7:7c:c7:66:53:d6: ce:f3:50:c4:a7:74:b4:a2:cd:33:fb:b1:d5:7a:5c: 80:09:25:c5:db:0f:b0:a7:89:98:36:93:dc:66:5e: d2:0e:a8:72:7d:fd:1e:22:54:71:e7:6f:fd:47:95: 10:58:55:17:0f:3e:e6:45:8f:d1:63:03:52:37:9d: 05:26:36:59:61:5d:99:04:1a:9e:a2:f6:48:b2:43: 93:ea:62:ac:89:37:fa:12:5f:a8:b3:0b:aa:82:4f: 17:72:f5:52:74:a1:0f:96:18:02:ac:2a:af:ec:11: e2:18:6f:03:81:36:97:0c:4e:f1:5b:aa:04:70:f7: d9:25:58:25:58:a7:ed:3a:8b:3b:c2:60:d8:8f:88: e3:fc:3d:91:71:53:ed:bf:3a:92:b1:92:d0:33:29: 71:d8:0d:cd:90:68:a4:70:1f:9b:79:fd:58:a8:fe: a0:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:B8:D9:E7:6F:A1:F1:F4:BD:B6:16:DC:59:F4:90:59:73:26:3E:6B X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32342d3234203d3e2038383838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.117.100.0/24 Signature Algorithm: sha256WithRSAEncryption 54:b7:09:a7:14:d5:9a:61:dc:db:7a:99:e9:18:af:23:e8:4c: cc:eb:68:fb:b7:e0:38:06:48:9d:1d:20:6c:82:b0:ea:78:81: 6a:76:c2:fd:40:b6:62:84:2e:82:e2:63:71:1d:e9:fb:09:b5: 66:97:57:87:b2:c6:b2:52:f9:c3:6b:2a:4f:a9:24:1c:89:ca: f0:9b:b7:93:42:17:2a:fd:54:c8:3c:ed:cd:42:b6:ab:4f:6c: c0:d6:5e:cf:3d:78:da:a4:2e:e2:a7:5d:42:a7:a0:c1:28:55: 79:a9:bd:ee:f8:37:d0:6c:c7:23:d8:79:90:49:87:84:d0:4c: 9d:db:3f:89:05:85:12:06:25:3c:2c:12:67:1a:c0:f6:0b:8e: 77:7a:cf:bc:ca:8e:21:a8:71:d8:14:e3:c2:54:6a:4f:95:ba: 0b:3b:81:31:3a:59:64:7b:3a:bb:cb:f5:48:46:3d:fa:26:0a: 08:ca:11:bc:af:08:d9:2b:10:7f:f9:f9:bb:47:2b:1d:80:d2: 98:c8:ec:e1:85:91:ae:7f:15:0a:a8:4d:46:b1:e3:13:a5:38: d9:e3:cb:98:a0:21:38:b0:82:e9:b0:27:b2:af:11:03:0d:5d: b6:23:6c:be:0e:13:ff:26:08:2b:a2:6e:85:7e:ef:78:b1:48: 45:94:2e:8b -----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgIUckCrf/kpTNCEoe2dAimQ200WzfEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI1MDgxNjAxNDMyMloX DTI2MDgxNTAxNDgyMlowMzExMC8GA1UEAxMoQkFCOEQ5RTc2RkExRjFGNEJEQjYx NkRDNTlGNDkwNTk3MzI2M0U2QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALUKJhP3bn/UITSSwdJqmybv2/7Jc7PDytrdtLWNtiNSSdhYuMjuOJaBONZK GC9e60yeBHJ4VOy50uqIxohWmSegF3p7uecclXOMkB5ygMOKzV0253zHZlPWzvNQ xKd0tKLNM/ux1XpcgAklxdsPsKeJmDaT3GZe0g6ocn39HiJUcedv/UeVEFhVFw8+ 5kWP0WMDUjedBSY2WWFdmQQanqL2SLJDk+pirIk3+hJfqLMLqoJPF3L1UnShD5YY Aqwqr+wR4hhvA4E2lwxO8VuqBHD32SVYJVin7TqLO8Jg2I+I4/w9kXFT7b86krGS 0DMpcdgNzZBopHAfm3n9WKj+oBcCAwEAAaOCAegwggHkMB0GA1UdDgQWBBS6uNnn b6Hx9L22FtxZ9JBZcyY+azAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzQzNTJlMzEzMTM3MmUzMTMwMzAyZTMwMmYzMjM0 MmQzMjM0MjAzZDNlMjAzODM4MzgzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC11ZDANBgkqhkiG9w0B AQsFAAOCAQEAVLcJpxTVmmHc23qZ6RivI+hMzOto+7fgOAZInR0gbIKw6niBanbC /UC2YoQuguJjcR3p+wm1ZpdXh7LGslL5w2sqT6kkHInK8Ju3k0IXKv1UyDztzUK2 q09swNZezz142qQu4qddQqegwShVeam97vg30GzHI9h5kEmHhNBMnds/iQWFEgYl PCwSZxrA9guOd3rPvMqOIahx2BTjwlRqT5W6CzuBMTpZZHs6u8v1SEY9+iYKCMoR vK8I2SsQf/n5u0crHYDSmMjs4YWRrn8VCqhNRrHjE6U42ePLmKAhOLCC6bAnsq8R Aw1dtiNsvg4T/yYIK6JuhX7veLFIRZQuiw== -----END CERTIFICATE-----Generated at Fri Aug 22 18:56:31 2025 by rpki-client