$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3135372e3131392e3130302e302f32322d3234203d3e2039333132.roa File: 3135372e3131392e3130302e302f32322d3234203d3e2039333132.roa (raw, json) Hash identifier: 8Flif2nx+ipPus6EjLwmvv0mPjTf0cG/OAZcyLzrFAM= Subject key identifier: 8F:D6:45:27:7A:85:E4:DB:4D:01:BF:60:49:20:ED:61:57:18:19:ED Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 4FAD0AF13D350C7B20A096689E75A5C08B23DFBE Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3135372e3131392e3130302e302f32322d3234203d3e2039333132.roa Signing time: Thu 12 Oct 2023 16:10:41 +0000 ROA not before: Thu 12 Oct 2023 16:05:41 +0000 ROA not after: Thu 10 Oct 2024 16:10:41 +0000 asID: 9312 IP address blocks: 157.119.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 May 2024 09:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:ad:0a:f1:3d:35:0c:7b:20:a0:96:68:9e:75:a5:c0:8b:23:df:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Oct 12 16:05:41 2023 GMT Not After : Oct 10 16:10:41 2024 GMT Subject: CN=8FD645277A85E4DB4D01BF604920ED61571819ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:c7:8b:f3:a9:0b:d7:c7:27:4d:86:ea:41:d2: 68:64:6f:4a:52:82:7a:12:08:d4:c3:9e:ac:7c:78: b4:98:7f:13:f1:d3:e1:63:cf:b4:a9:df:b4:53:f9: b0:e0:aa:6d:1f:13:b6:3e:96:d0:b6:11:28:49:10: 0e:c7:d8:65:70:b4:15:7a:dc:a3:9c:da:55:10:ea: 52:f6:86:b3:50:5b:7f:34:de:d3:6b:fd:fd:5c:16: b5:67:28:75:ca:b6:53:3d:97:37:94:98:46:69:e5: 68:5b:09:1c:15:19:ed:7a:4d:71:dc:9d:2b:f0:18: 1f:57:00:2c:b4:86:a4:b2:d4:da:cb:83:dd:6a:2d: 01:60:ae:fb:0d:1a:b0:3e:af:39:46:a5:71:0f:79: 94:67:e5:a5:75:ad:f8:7d:97:69:9f:03:00:df:3f: af:03:78:a9:c6:fe:80:eb:2d:a6:7d:cf:7c:97:1d: 39:08:7e:21:74:99:83:8f:15:6a:b6:93:f0:d2:67: e7:ec:a2:64:e2:b7:f3:00:54:71:64:63:32:91:7a: eb:70:48:0b:7b:b9:76:47:01:99:b5:e8:7a:36:df: d6:be:35:d4:e2:24:02:99:10:6e:a6:86:80:bc:96: 7b:6f:04:49:d5:fe:6d:75:a9:72:8d:f5:a1:c8:4a: 29:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:D6:45:27:7A:85:E4:DB:4D:01:BF:60:49:20:ED:61:57:18:19:ED X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3135372e3131392e3130302e302f32322d3234203d3e2039333132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.119.100.0/22 Signature Algorithm: sha256WithRSAEncryption ae:30:3a:6b:fc:80:ec:52:c0:86:57:b0:42:93:db:a8:83:4f: 68:e3:a7:20:8e:c3:81:f2:79:1d:a1:af:59:67:9d:e8:26:77: 59:84:7d:f5:32:f0:53:a5:73:00:9f:84:0e:84:e1:b1:7b:d5: bf:c8:49:c8:15:75:b6:e1:f3:a1:3e:dd:3c:f3:95:bd:4c:31: 62:15:2c:98:61:a7:e8:a3:d2:96:91:0f:bc:ad:b9:7e:fd:3f: 8a:04:ee:1c:4a:38:ee:38:d9:d5:f9:ae:bc:84:2c:1c:cb:bb: 10:12:c1:f4:9e:d8:9e:db:59:e5:b3:28:b9:10:4a:8d:86:cc: 78:90:e5:6f:b5:9c:3a:fe:2b:ee:50:9d:65:50:f4:de:34:40: ad:6c:f4:15:11:c9:51:55:a1:80:bf:85:a0:12:53:a0:34:40: 70:d5:83:ff:8d:4b:ef:12:fb:ca:4c:97:62:c9:91:e0:6c:62: b3:aa:99:b3:aa:b4:81:3c:f6:82:4a:69:fd:e6:24:95:69:8f: 7d:a6:c5:d1:81:3c:25:a3:0e:f7:fa:aa:58:34:19:97:7b:79: d7:83:91:bb:9f:f1:b5:6e:1e:88:c7:3f:2b:5e:8a:69:38:9a: ed:63:3e:c4:2f:50:ae:d7:38:a7:49:e9:2a:da:bf:13:da:40: 32:20:f2:35 -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUT60K8T01DHsgoJZonnWlwIsj374wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTIzMTAxMjE2MDU0MVoX DTI0MTAxMDE2MTA0MVowMzExMC8GA1UEAxMoOEZENjQ1Mjc3QTg1RTREQjREMDFC RjYwNDkyMEVENjE1NzE4MTlFRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALXHi/OpC9fHJ02G6kHSaGRvSlKCehII1MOerHx4tJh/E/HT4WPPtKnftFP5 sOCqbR8Ttj6W0LYRKEkQDsfYZXC0FXrco5zaVRDqUvaGs1BbfzTe02v9/VwWtWco dcq2Uz2XN5SYRmnlaFsJHBUZ7XpNcdydK/AYH1cALLSGpLLU2suD3WotAWCu+w0a sD6vOUalcQ95lGflpXWt+H2XaZ8DAN8/rwN4qcb+gOstpn3PfJcdOQh+IXSZg48V araT8NJn5+yiZOK38wBUcWRjMpF663BIC3u5dkcBmbXoejbf1r411OIkApkQbqaG gLyWe28ESdX+bXWpco31ochKKfsCAwEAAaOCAeowggHmMB0GA1UdDgQWBBSP1kUn eoXk200Bv2BJIO1hVxgZ7TAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzNTM3MmUzMTMxMzkyZTMxMzAzMDJlMzAyZjMy MzIyZDMyMzQyMDNkM2UyMDM5MzMzMTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnXdkMA0GCSqGSIb3 DQEBCwUAA4IBAQCuMDpr/IDsUsCGV7BCk9uog09o46cgjsOB8nkdoa9ZZ53oJndZ hH31MvBTpXMAn4QOhOGxe9W/yEnIFXW24fOhPt0885W9TDFiFSyYYafoo9KWkQ+8 rbl+/T+KBO4cSjjuONnV+a68hCwcy7sQEsH0ntie21nlsyi5EEqNhsx4kOVvtZw6 /ivuUJ1lUPTeNECtbPQVEclRVaGAv4WgElOgNEBw1YP/jUvvEvvKTJdiyZHgbGKz qpmzqrSBPPaCSmn95iSVaY99psXRgTwlow73+qpYNBmXe3nXg5G7n/G1bh6Ixz8r XoppOJrtYz7EL1Cu1zinSekq2r8T2kAyIPI1 -----END CERTIFICATE-----Generated at Mon May 20 12:32:56 2024 by rpki-client on console-fra.rpki-client.org