$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3135372e3131392e3130302e302f32322d3234203d3e2036323333.roa File: 3135372e3131392e3130302e302f32322d3234203d3e2036323333.roa (raw, json) Hash identifier: UaHMNF2pmLdBArMzocZxMV/mbZRNujlu+4BAM4H8DeQ= Subject key identifier: 19:EE:34:64:DA:19:2C:99:0D:6B:79:CB:E8:A3:02:CB:FB:5A:32:C9 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 2F9DEA3E6628BFCE844E76E0067298D9DE707F58 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3135372e3131392e3130302e302f32322d3234203d3e2036323333.roa Signing time: Thu 12 Oct 2023 16:10:41 +0000 ROA not before: Thu 12 Oct 2023 16:05:41 +0000 ROA not after: Thu 10 Oct 2024 16:10:41 +0000 asID: 6233 IP address blocks: 157.119.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Jun 2024 10:30:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:9d:ea:3e:66:28:bf:ce:84:4e:76:e0:06:72:98:d9:de:70:7f:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Oct 12 16:05:41 2023 GMT Not After : Oct 10 16:10:41 2024 GMT Subject: CN=19EE3464DA192C990D6B79CBE8A302CBFB5A32C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:e8:a5:41:f9:ce:0a:26:df:5b:4a:bc:3a:5d: c0:33:30:27:6e:7b:e6:5c:65:14:24:b1:69:ab:4b: 3f:70:9f:c0:70:09:80:47:5d:14:79:00:da:d0:21: 28:7f:81:24:f8:a5:74:4c:14:0a:df:b0:f3:42:2c: 54:1e:b2:9b:47:9e:35:82:93:f9:4c:34:af:10:b7: 4e:ed:c1:9a:1f:be:25:2e:b7:6d:df:7a:3a:9b:78: cd:50:98:31:cb:0a:ca:06:0f:ab:9c:f3:cb:e2:81: f6:3d:4a:30:c0:b7:bf:39:87:56:d8:8f:8a:de:5a: 2f:6b:7e:5f:13:7f:ff:51:df:e2:c0:71:03:91:c0: e0:e6:ef:bb:6c:3f:b0:46:78:a1:a1:1a:18:09:3c: 9a:c2:c5:2f:4c:41:c5:8a:85:12:b1:58:c9:55:26: 2e:da:6a:ed:c1:e0:e4:06:27:e7:ca:82:e6:48:bb: 0b:61:5c:01:a1:1f:4e:03:fc:ab:f4:3e:b4:b7:6e: d4:5f:11:e4:86:be:c7:fb:af:1f:07:1f:41:57:05: 4f:95:13:ff:45:8a:38:06:45:24:1b:5f:57:b9:f5: 2b:2d:ed:0f:a4:41:18:cf:56:04:c1:14:aa:02:4d: 6e:84:49:1c:06:0f:79:ce:72:fc:1e:2b:1b:d6:b0: 38:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:EE:34:64:DA:19:2C:99:0D:6B:79:CB:E8:A3:02:CB:FB:5A:32:C9 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3135372e3131392e3130302e302f32322d3234203d3e2036323333.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.119.100.0/22 Signature Algorithm: sha256WithRSAEncryption b6:aa:bc:18:bb:ae:af:c0:3f:d6:1e:db:a2:d6:bd:9b:ab:1f: 86:72:ab:93:61:d9:9f:26:62:7b:3b:7c:d8:89:05:c1:8f:83: 4a:4e:17:ae:3e:83:51:fd:ea:0a:61:a5:f6:38:3d:91:13:1b: a7:9d:6d:be:f5:93:b0:e7:55:9e:46:83:de:1b:ee:cf:bd:cd: 93:5a:0f:f3:6b:2d:5f:7f:5c:7c:08:da:bd:41:44:c1:08:0d: a6:a7:6d:d7:f2:24:e1:08:bc:0c:cf:18:f5:89:ac:6a:2b:47: 9d:e4:09:5e:38:ea:c4:33:da:aa:6c:3a:68:cd:70:ec:fa:bd: af:4f:3f:79:0c:8f:e3:52:50:eb:d8:cc:c7:5a:bb:28:78:ad: 7c:63:8d:f1:09:2a:f6:5a:61:58:12:ae:22:d4:44:f5:68:d0: b0:0c:5f:0c:af:84:36:66:59:3f:20:50:ae:74:d3:1d:b5:2a: a6:31:8f:1a:19:aa:91:a2:09:1f:3d:93:cd:7b:e6:bb:a6:45: 90:7c:cd:3d:24:82:d1:68:1c:6d:e3:31:ca:29:aa:37:4f:29: 1d:ae:69:1c:e7:4f:3d:37:4b:d3:70:3d:91:d8:65:75:33:bc: ba:5b:6c:fe:a5:09:6d:8c:a5:fe:9a:51:9a:0f:54:e0:7f:01: 27:91:7f:06 -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUL53qPmYov86ETnbgBnKY2d5wf1gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTIzMTAxMjE2MDU0MVoX DTI0MTAxMDE2MTA0MVowMzExMC8GA1UEAxMoMTlFRTM0NjREQTE5MkM5OTBENkI3 OUNCRThBMzAyQ0JGQjVBMzJDOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJLopUH5zgom31tKvDpdwDMwJ2575lxlFCSxaatLP3CfwHAJgEddFHkA2tAh KH+BJPildEwUCt+w80IsVB6ym0eeNYKT+Uw0rxC3Tu3Bmh++JS63bd96Opt4zVCY McsKygYPq5zzy+KB9j1KMMC3vzmHVtiPit5aL2t+XxN//1Hf4sBxA5HA4Obvu2w/ sEZ4oaEaGAk8msLFL0xBxYqFErFYyVUmLtpq7cHg5AYn58qC5ki7C2FcAaEfTgP8 q/Q+tLdu1F8R5Ia+x/uvHwcfQVcFT5UT/0WKOAZFJBtfV7n1Ky3tD6RBGM9WBMEU qgJNboRJHAYPec5y/B4rG9awOBcCAwEAAaOCAeowggHmMB0GA1UdDgQWBBQZ7jRk 2hksmQ1recvoowLL+1oyyTAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzNTM3MmUzMTMxMzkyZTMxMzAzMDJlMzAyZjMy MzIyZDMyMzQyMDNkM2UyMDM2MzIzMzMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnXdkMA0GCSqGSIb3 DQEBCwUAA4IBAQC2qrwYu66vwD/WHtui1r2bqx+GcquTYdmfJmJ7O3zYiQXBj4NK TheuPoNR/eoKYaX2OD2RExunnW2+9ZOw51WeRoPeG+7Pvc2TWg/zay1ff1x8CNq9 QUTBCA2mp23X8iThCLwMzxj1iaxqK0ed5AleOOrEM9qqbDpozXDs+r2vTz95DI/j UlDr2MzHWrsoeK18Y43xCSr2WmFYEq4i1ET1aNCwDF8Mr4Q2Zlk/IFCudNMdtSqm MY8aGaqRogkfPZPNe+a7pkWQfM09JILRaBxt4zHKKao3Tykdrmkc5089N0vTcD2R 2GV1M7y6W2z+pQltjKX+mlGaD1TgfwEnkX8G -----END CERTIFICATE-----Generated at Tue Jun 4 12:17:16 2024 by rpki-client on console-ams.rpki-client.org