$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3332203d3e2039333132.roa File: 3138302e3233352e3133362e302f32322d3332203d3e2039333132.roa (raw, json) Hash identifier: lW2/fc4/wvMxp/fL9pvtCp6oAHhd5IEZ0JrDs5edNJo= Subject key identifier: A7:5B:44:00:22:EA:5E:05:EC:11:D4:6D:E2:25:89:F3:E7:B1:28:70 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 1AD4C86FAC0047349BB516D0AF19C483BB30EDCF Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3332203d3e2039333132.roa Signing time: Thu 06 Mar 2025 06:39:59 +0000 ROA not before: Thu 06 Mar 2025 06:34:59 +0000 ROA not after: Thu 05 Mar 2026 06:39:59 +0000 asID: 9312 IP address blocks: 180.235.136.0/22 maxlen: 32 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 05:15:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:d4:c8:6f:ac:00:47:34:9b:b5:16:d0:af:19:c4:83:bb:30:ed:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000, serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Mar 6 06:34:59 2025 GMT Not After : Mar 5 06:39:59 2026 GMT Subject: CN=A75B440022EA5E05EC11D46DE22589F3E7B12870 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:d4:4c:e5:d5:07:e4:ab:62:6f:4a:81:87:09: 57:fc:9d:77:a0:70:b7:a6:b7:81:37:17:1f:14:3b: a3:0a:1f:1f:69:d5:ed:d7:67:8f:7d:c1:28:f6:58: 68:9f:c6:d2:76:fe:69:69:48:2a:40:37:59:33:47: 50:ef:03:83:7f:b9:dc:75:df:27:f6:68:2e:4b:c7: 67:a6:12:19:cb:67:b4:94:11:8b:07:8a:4c:3c:86: fd:ae:b2:ef:d2:3c:2a:2d:92:20:3a:d6:45:fe:e4: 02:71:ed:86:74:0c:0b:b0:c7:da:35:64:bc:03:e6: 61:47:8b:1e:20:68:58:20:bb:33:77:b3:20:9d:63: d4:f6:f3:99:c6:cc:43:7d:9b:46:c4:fd:05:5f:2f: c2:4f:bb:b4:13:3c:f5:7f:85:bb:13:b8:71:7b:71: 2c:2f:ed:b6:b9:b0:0f:52:b6:44:5c:3a:3c:11:30: b9:b5:3a:cb:5f:f6:d8:3c:31:09:22:43:19:60:b7: f8:1d:f3:47:43:b3:8b:5b:f6:f2:2f:28:92:56:2a: be:ca:d0:02:cd:77:2a:41:eb:41:b3:94:30:0a:c5: e6:cf:63:e8:0d:6c:80:3f:67:08:8e:7d:47:ca:09: 08:aa:a6:ef:55:9a:c5:37:1f:2f:e0:3b:fb:46:43: d6:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:5B:44:00:22:EA:5E:05:EC:11:D4:6D:E2:25:89:F3:E7:B1:28:70 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3332203d3e2039333132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 180.235.136.0/22 Signature Algorithm: sha256WithRSAEncryption 89:6b:49:b0:d5:74:25:8e:20:7c:c7:12:7c:99:58:ff:61:12: 10:a1:ce:c3:6d:d3:57:99:79:43:f1:08:3f:2f:90:6e:ad:64: af:1f:10:1d:ca:88:d9:7e:01:0a:f9:c9:83:c8:28:e4:cf:64: 60:ec:a3:f5:06:cc:e9:06:86:90:85:c4:27:3a:44:1c:d1:a1: b2:fc:d6:42:57:0b:49:4a:b4:5c:e9:49:27:3b:f9:e7:71:a8: 7c:56:f5:a9:aa:c5:95:c6:19:ec:06:4f:77:ea:6a:12:6b:3f: a9:75:17:4d:b5:46:cd:f1:a9:46:16:aa:6e:fe:a5:e7:2f:4c: 8f:57:75:fe:fb:82:f1:00:e5:42:df:d1:33:a3:62:46:5d:44: ea:26:22:df:bc:55:5b:a4:6e:6a:a8:01:79:91:1c:26:93:e5: 4a:36:8e:55:54:8a:f7:5a:68:13:e1:39:a9:b0:95:b9:93:2d: 84:2a:ad:33:54:33:ef:da:e9:80:6a:83:07:81:ab:c4:93:d4: f6:6b:20:c0:57:29:46:a6:0c:41:04:f7:a3:aa:ca:ff:f1:4a: d4:d4:58:22:df:84:ad:e5:29:e2:f9:90:6a:05:1a:6e:2f:c4: b3:2b:c1:f4:6b:ea:0c:f9:47:40:51:f6:9e:a7:c2:38:bb:18: 0f:a0:d0:b8 -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUGtTIb6wARzSbtRbQrxnEg7sw7c8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI1MDMwNjA2MzQ1OVoX DTI2MDMwNTA2Mzk1OVowMzExMC8GA1UEAxMoQTc1QjQ0MDAyMkVBNUUwNUVDMTFE NDZERTIyNTg5RjNFN0IxMjg3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALbUTOXVB+SrYm9KgYcJV/ydd6Bwt6a3gTcXHxQ7owofH2nV7ddnj33BKPZY aJ/G0nb+aWlIKkA3WTNHUO8Dg3+53HXfJ/ZoLkvHZ6YSGctntJQRiweKTDyG/a6y 79I8Ki2SIDrWRf7kAnHthnQMC7DH2jVkvAPmYUeLHiBoWCC7M3ezIJ1j1PbzmcbM Q32bRsT9BV8vwk+7tBM89X+FuxO4cXtxLC/ttrmwD1K2RFw6PBEwubU6y1/22Dwx CSJDGWC3+B3zR0Ozi1v28i8oklYqvsrQAs13KkHrQbOUMArF5s9j6A1sgD9nCI59 R8oJCKqm71WaxTcfL+A7+0ZD1jcCAwEAAaOCAeowggHmMB0GA1UdDgQWBBSnW0QA IupeBewR1G3iJYnz57EocDAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzODMwMmUzMjMzMzUyZTMxMzMzNjJlMzAyZjMy MzIyZDMzMzIyMDNkM2UyMDM5MzMzMTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCtOuIMA0GCSqGSIb3 DQEBCwUAA4IBAQCJa0mw1XQljiB8xxJ8mVj/YRIQoc7DbdNXmXlD8Qg/L5BurWSv HxAdyojZfgEK+cmDyCjkz2Rg7KP1BszpBoaQhcQnOkQc0aGy/NZCVwtJSrRc6Ukn O/nncah8VvWpqsWVxhnsBk936moSaz+pdRdNtUbN8alGFqpu/qXnL0yPV3X++4Lx AOVC39Ezo2JGXUTqJiLfvFVbpG5qqAF5kRwmk+VKNo5VVIr3WmgT4TmpsJW5ky2E Kq0zVDPv2umAaoMHgavEk9T2ayDAVylGpgxBBPejqsr/8UrU1Fgi34St5Sni+ZBq BRpuL8SzK8H0a+oM+UdAUfaep8I4uxgPoNC4 -----END CERTIFICATE-----Generated at Fri Apr 25 06:08:48 2025 by rpki-client on console.sobornost.net