$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/34352e3131372e3130322e302f32342d3234203d3e2034373835.roa File: 34352e3131372e3130322e302f32342d3234203d3e2034373835.roa (raw, json) Hash identifier: M7BFiLI/85eHFKyc8YCJdi5+AugJtg2SqbTW7w1G6LQ= Subject key identifier: FB:AA:A5:3C:B1:D9:97:EF:73:EB:91:28:E4:E8:9A:FE:CF:B2:09:39 Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 25F47AF78DF7432FFA42BBE5ABE0A41835758D5C Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130322e302f32342d3234203d3e2034373835.roa Signing time: Sat 16 Aug 2025 01:48:22 +0000 ROA not before: Sat 16 Aug 2025 01:43:22 +0000 ROA not after: Sat 15 Aug 2026 01:48:22 +0000 asID: 4785 IP address blocks: 45.117.102.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Aug 2025 18:50:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:f4:7a:f7:8d:f7:43:2f:fa:42:bb:e5:ab:e0:a4:18:35:75:8d:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000, serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Aug 16 01:43:22 2025 GMT Not After : Aug 15 01:48:22 2026 GMT Subject: CN=FBAAA53CB1D997EF73EB9128E4E89AFECFB20939 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:74:eb:9c:04:84:17:ab:b0:65:d3:c3:64:8d: 2e:c7:29:85:f1:77:be:a0:c7:ca:a3:de:e3:f3:95: 6b:13:c1:84:85:4f:e0:bf:90:21:a5:08:d3:4a:bc: 93:b9:bb:fd:fa:6d:03:b0:47:53:1c:70:f5:f4:22: 2e:82:5e:45:f6:74:fe:b6:62:b9:d8:16:25:c3:3d: 28:55:f4:28:90:0b:bc:3e:bf:4d:0c:f9:5e:f2:44: 5e:15:2a:ed:f5:54:bd:cb:b2:59:4e:f8:f2:0b:97: 00:21:e4:be:c6:21:9f:5f:8a:16:72:d8:eb:44:69: 07:20:0e:aa:6b:cc:1c:20:d5:62:81:57:1b:76:81: 79:89:e9:a5:05:61:a6:57:57:78:f7:dc:23:d7:4b: 5d:05:ae:07:aa:c7:2c:aa:05:f7:fc:63:d0:bd:34: a3:0f:41:c0:80:7c:b6:33:61:c1:c2:56:77:c9:49: 97:2a:0a:67:ef:ff:80:6f:70:27:26:b5:c7:0c:3a: a8:50:03:35:fc:95:78:38:49:86:d7:fb:d1:5d:2d: f4:e3:97:1a:48:2c:65:c5:df:63:d8:78:c1:24:7b: de:64:49:cf:9a:ac:0c:c1:95:38:d6:2a:e6:1e:71: 10:55:20:b7:70:f9:f2:02:03:e2:fc:7e:95:36:c4: bf:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:AA:A5:3C:B1:D9:97:EF:73:EB:91:28:E4:E8:9A:FE:CF:B2:09:39 X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130322e302f32342d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.117.102.0/24 Signature Algorithm: sha256WithRSAEncryption 4b:e2:d9:a0:5e:9c:17:dd:58:a2:3e:f8:20:34:fe:c3:83:62: 1e:c1:84:70:98:c9:b4:77:4c:54:57:85:e9:55:2d:a7:0b:75: c3:33:f1:e4:ba:cd:6d:57:30:b6:13:ab:65:15:ec:43:a3:20: 82:2b:17:9a:be:bf:37:77:07:22:d7:00:da:52:0e:95:25:16: c7:b1:d9:c7:3b:53:12:f8:71:76:0e:60:45:10:a3:9b:d6:d4: 4b:4e:b8:b4:c2:41:8d:c3:a0:34:0d:b9:fa:1b:ac:34:0d:df: 8e:ac:7e:cd:93:c0:15:8c:8b:ac:e6:84:21:ee:01:d2:2c:6e: 3f:c0:76:b7:17:17:1e:34:1b:f1:99:26:05:1f:2b:bb:00:a1: 85:c7:c1:8f:d7:45:e9:b2:19:dd:a3:33:39:04:1f:80:7b:35: 8e:0a:da:a6:ba:e1:6b:71:3d:81:7d:fa:8a:83:91:6e:09:38: 26:1c:c6:d8:48:81:6d:e2:fd:7b:c7:00:04:a1:c8:46:07:05: 01:57:2c:3c:9b:48:1a:3a:4d:f5:0d:0c:ee:f9:6e:b8:60:86: 6b:23:25:14:b4:1d:28:3f:fe:05:8e:9e:ca:65:27:77:26:ce: 95:49:11:55:55:e0:c8:5d:a3:5a:63:bf:67:cc:95:b2:30:34: 0e:dd:dd:ba -----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgIUJfR69433Qy/6Qrvlq+CkGDV1jVwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI1MDgxNjAxNDMyMloX DTI2MDgxNTAxNDgyMlowMzExMC8GA1UEAxMoRkJBQUE1M0NCMUQ5OTdFRjczRUI5 MTI4RTRFODlBRkVDRkIyMDkzOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALZ065wEhBersGXTw2SNLscphfF3vqDHyqPe4/OVaxPBhIVP4L+QIaUI00q8 k7m7/fptA7BHUxxw9fQiLoJeRfZ0/rZiudgWJcM9KFX0KJALvD6/TQz5XvJEXhUq 7fVUvcuyWU748guXACHkvsYhn1+KFnLY60RpByAOqmvMHCDVYoFXG3aBeYnppQVh pldXePfcI9dLXQWuB6rHLKoF9/xj0L00ow9BwIB8tjNhwcJWd8lJlyoKZ+//gG9w Jya1xww6qFADNfyVeDhJhtf70V0t9OOXGkgsZcXfY9h4wSR73mRJz5qsDMGVONYq 5h5xEFUgt3D58gID4vx+lTbEv3cCAwEAAaOCAegwggHkMB0GA1UdDgQWBBT7qqU8 sdmX73PrkSjk6Jr+z7IJOTAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzQzNTJlMzEzMTM3MmUzMTMwMzIyZTMwMmYzMjM0 MmQzMjM0MjAzZDNlMjAzNDM3MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC11ZjANBgkqhkiG9w0B AQsFAAOCAQEAS+LZoF6cF91Yoj74IDT+w4NiHsGEcJjJtHdMVFeF6VUtpwt1wzPx 5LrNbVcwthOrZRXsQ6MggisXmr6/N3cHItcA2lIOlSUWx7HZxztTEvhxdg5gRRCj m9bUS064tMJBjcOgNA25+husNA3fjqx+zZPAFYyLrOaEIe4B0ixuP8B2txcXHjQb 8ZkmBR8ruwChhcfBj9dF6bIZ3aMzOQQfgHs1jgraprrha3E9gX36ioORbgk4JhzG 2EiBbeL9e8cABKHIRgcFAVcsPJtIGjpN9Q0M7vluuGCGayMlFLQdKD/+BY6eymUn dybOlUkRVVXgyF2jWmO/Z8yVsjA0Dt3dug== -----END CERTIFICATE-----Generated at Fri Aug 22 18:55:30 2025 by rpki-client