$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/34352e3131372e3130312e302f32342d3234203d3e2034373835.roa File: 34352e3131372e3130312e302f32342d3234203d3e2034373835.roa (raw, json) Hash identifier: 77sdRzVq6pP1l7Vu8K2ysVi1R2suvoRUxVXi384mZhs= Subject key identifier: 53:F2:1C:65:DF:03:F4:8F:DF:6E:08:10:FE:2E:04:50:0D:B9:E2:73 Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 35511C7408379FD52131EA8139DE0105D717C23E Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130312e302f32342d3234203d3e2034373835.roa Signing time: Sat 16 Aug 2025 01:48:22 +0000 ROA not before: Sat 16 Aug 2025 01:43:22 +0000 ROA not after: Sat 15 Aug 2026 01:48:22 +0000 asID: 4785 IP address blocks: 45.117.101.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Aug 2025 18:50:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:51:1c:74:08:37:9f:d5:21:31:ea:81:39:de:01:05:d7:17:c2:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000, serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Aug 16 01:43:22 2025 GMT Not After : Aug 15 01:48:22 2026 GMT Subject: CN=53F21C65DF03F48FDF6E0810FE2E04500DB9E273 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:7c:bc:2a:4c:f4:12:f9:78:c5:d2:a9:b2:33: 45:70:fc:36:8c:18:3b:5c:ea:0b:2b:76:08:66:51: d5:36:34:63:40:0a:ae:f3:a7:22:0d:5c:1e:6b:cb: 5d:0e:78:30:95:f8:ce:96:6a:5d:51:27:f0:19:c6: 3d:0f:ec:cf:0d:60:86:9e:4d:82:0e:d2:ef:a7:d7: 0e:64:8c:48:2d:05:2e:ca:69:08:d1:f6:6a:b5:59: 18:21:36:5c:cd:5b:b3:3f:62:2a:8d:7d:98:cd:77: c3:45:0f:a1:06:26:6c:d9:14:d1:52:f2:ae:9d:4a: b7:dc:f2:0b:2e:d3:5a:60:91:31:c0:cf:94:2f:c4: 22:85:67:fc:7b:46:25:4b:6a:c9:d1:6f:9b:48:95: d9:81:86:85:97:eb:99:84:32:f0:79:d6:60:02:bf: 1b:3a:4f:f1:0f:bb:e6:45:35:22:67:20:32:be:ae: ba:ee:90:7d:b9:d8:01:44:e1:8b:7b:f3:bf:df:60: 63:bc:96:5b:4c:6e:6c:1c:81:1e:da:af:7a:d5:12: 90:31:e7:b6:5f:ef:3a:72:90:64:da:d8:d8:be:24: fe:fa:f1:9d:f6:f9:3b:e0:82:35:d9:db:a0:16:3b: 39:b6:e2:a4:4c:c3:d6:c2:17:28:3c:27:74:71:87: f3:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:F2:1C:65:DF:03:F4:8F:DF:6E:08:10:FE:2E:04:50:0D:B9:E2:73 X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130312e302f32342d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.117.101.0/24 Signature Algorithm: sha256WithRSAEncryption 75:a5:96:04:59:2a:fb:97:c0:2a:e4:a9:4d:3b:8f:e6:dd:a4: 4b:46:b6:b0:00:65:6a:77:bb:01:9f:6b:e2:17:f4:ab:cf:34: a8:1f:b6:b3:51:59:b4:60:f0:2e:c0:ad:b9:78:52:b0:7f:a6: b3:c3:25:83:b4:02:38:34:dd:d1:db:25:f9:67:ef:65:ec:af: 3e:1a:bf:a3:ce:36:74:5b:be:f4:f7:48:d7:76:b5:f2:4a:5c: 1f:37:24:51:c4:91:cd:f9:4e:f2:dd:ff:c1:37:1f:a0:d7:f2: a4:75:3b:91:6e:1a:ce:60:c1:6e:2e:60:4c:8e:39:be:ea:50: f7:18:96:99:95:04:e4:60:16:e3:f8:dd:7b:3b:7b:49:47:ab: 07:b5:b2:5b:b6:a2:cb:58:9b:49:7e:3f:52:58:fe:b0:c5:a7: 3a:e9:a1:48:0d:07:8a:7d:11:47:06:e9:f6:01:d2:6b:b9:fa: 6d:1c:19:70:bb:55:af:65:e7:59:ef:5a:cd:4b:e8:09:dd:d5: d5:99:3b:26:96:de:ef:53:b4:76:94:63:36:81:4e:52:0a:a5: 72:03:8b:df:02:13:d9:fc:92:a0:73:f6:ab:ef:77:63:1d:71: c6:81:2d:70:97:14:fb:08:fa:28:fb:17:6a:9f:78:d1:0f:f5: 42:27:7e:87 -----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgIUNVEcdAg3n9UhMeqBOd4BBdcXwj4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI1MDgxNjAxNDMyMloX DTI2MDgxNTAxNDgyMlowMzExMC8GA1UEAxMoNTNGMjFDNjVERjAzRjQ4RkRGNkUw ODEwRkUyRTA0NTAwREI5RTI3MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKF8vCpM9BL5eMXSqbIzRXD8NowYO1zqCyt2CGZR1TY0Y0AKrvOnIg1cHmvL XQ54MJX4zpZqXVEn8BnGPQ/szw1ghp5Ngg7S76fXDmSMSC0FLsppCNH2arVZGCE2 XM1bsz9iKo19mM13w0UPoQYmbNkU0VLyrp1Kt9zyCy7TWmCRMcDPlC/EIoVn/HtG JUtqydFvm0iV2YGGhZfrmYQy8HnWYAK/GzpP8Q+75kU1ImcgMr6uuu6QfbnYAUTh i3vzv99gY7yWW0xubByBHtqvetUSkDHntl/vOnKQZNrY2L4k/vrxnfb5O+CCNdnb oBY7ObbipEzD1sIXKDwndHGH89cCAwEAAaOCAegwggHkMB0GA1UdDgQWBBRT8hxl 3wP0j99uCBD+LgRQDbniczAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzQzNTJlMzEzMTM3MmUzMTMwMzEyZTMwMmYzMjM0 MmQzMjM0MjAzZDNlMjAzNDM3MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC11ZTANBgkqhkiG9w0B AQsFAAOCAQEAdaWWBFkq+5fAKuSpTTuP5t2kS0a2sABlane7AZ9r4hf0q880qB+2 s1FZtGDwLsCtuXhSsH+ms8Mlg7QCODTd0dsl+WfvZeyvPhq/o842dFu+9PdI13a1 8kpcHzckUcSRzflO8t3/wTcfoNfypHU7kW4azmDBbi5gTI45vupQ9xiWmZUE5GAW 4/jdezt7SUerB7WyW7aiy1ibSX4/Ulj+sMWnOumhSA0Hin0RRwbp9gHSa7n6bRwZ cLtVr2XnWe9azUvoCd3V1Zk7Jpbe71O0dpRjNoFOUgqlcgOL3wIT2fySoHP2q+93 Yx1xxoEtcJcU+wj6KPsXap940Q/1Qid+hw== -----END CERTIFICATE-----Generated at Fri Aug 22 18:55:29 2025 by rpki-client