$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3135372e3131392e3130302e302f32322d3234203d3e2039333132.roa File: 3135372e3131392e3130302e302f32322d3234203d3e2039333132.roa (raw, json) Hash identifier: GMRaZkN3zIDxVuJVnldek+MoIhPgvQ/+nioWSoYNFg0= Subject key identifier: 09:ED:C6:51:BB:47:04:19:98:46:B5:94:F1:56:E1:66:B1:84:3B:69 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 461BEDDCEC81427F8A39474EBA667B76ADF7C172 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3135372e3131392e3130302e302f32322d3234203d3e2039333132.roa Signing time: Sat 14 Sep 2024 01:22:30 +0000 ROA not before: Sat 14 Sep 2024 01:17:30 +0000 ROA not after: Sat 13 Sep 2025 01:22:30 +0000 asID: 9312 IP address blocks: 157.119.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 11:34:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:1b:ed:dc:ec:81:42:7f:8a:39:47:4e:ba:66:7b:76:ad:f7:c1:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Sep 14 01:17:30 2024 GMT Not After : Sep 13 01:22:30 2025 GMT Subject: CN=09EDC651BB4704199846B594F156E166B1843B69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:48:7e:39:4a:17:58:4e:9e:bd:e6:17:2b:b1: 66:e6:08:ad:9a:3b:2c:ae:29:e2:4f:ec:a4:36:e0: dc:22:28:3d:2e:45:7e:32:fe:26:27:76:49:82:c9: 8f:fb:f5:38:fd:22:cf:b2:cf:0c:4a:27:37:72:9c: 2a:c1:d1:0c:93:7a:0d:01:7b:d1:35:a7:3e:f7:14: 2e:7b:66:c2:0b:b7:ff:ab:03:62:87:9c:67:9b:d3: 1d:53:f1:07:83:17:da:c0:8f:ad:45:b6:78:e5:34: 7d:fc:88:64:fa:2d:e2:7e:06:4e:90:b9:6c:e0:3e: b6:5c:f5:c3:49:d1:83:84:0d:c5:db:e1:98:e6:2a: 02:99:f0:0a:a8:b7:9a:99:e3:6c:41:a4:85:cf:ba: dd:1e:f1:b9:84:c0:04:4e:d4:11:54:a2:67:79:71: 0f:6b:c4:1a:e1:0b:52:3b:ac:c3:83:00:cd:05:78: 85:03:76:ad:57:90:64:c2:86:89:dd:c5:f4:de:e8: 07:0b:ab:59:3a:54:e7:5c:8f:2a:07:18:0e:a4:bb: 2c:5e:f1:17:5e:31:17:4e:0b:bb:78:07:2b:e2:52: 27:b1:09:96:e0:86:40:4f:69:61:98:f5:b7:e6:42: cc:ff:23:8f:1f:f7:3f:fe:c4:7c:20:50:2d:80:d5: 4d:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:ED:C6:51:BB:47:04:19:98:46:B5:94:F1:56:E1:66:B1:84:3B:69 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3135372e3131392e3130302e302f32322d3234203d3e2039333132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.119.100.0/22 Signature Algorithm: sha256WithRSAEncryption 69:10:07:45:84:ef:9d:cf:20:4d:4e:e6:69:58:e1:20:42:b3: 75:d1:2d:55:17:15:a6:2d:77:3d:ab:9a:0c:ae:60:cf:45:2a: 66:d1:4d:b8:fa:4f:83:97:43:99:6c:72:86:13:3b:9d:3c:d9: 28:8a:91:d0:f0:c1:b9:78:b7:a3:d3:64:65:8c:d5:db:90:a9: 6d:f5:11:48:4c:5f:08:48:41:1b:10:5f:54:13:3e:69:d5:11: 46:b8:cc:ae:1b:94:fa:53:96:7e:7a:2b:7d:e0:92:46:7e:31: 5a:9f:44:85:b9:88:06:83:fc:0c:c2:b2:e1:0a:31:ff:58:dc: f3:db:f9:01:10:a3:f1:96:90:ff:69:55:fa:d9:5c:f3:68:a1: 3b:f3:0d:93:8c:79:29:ed:64:ce:56:26:10:dc:ba:1d:76:f2: 44:aa:47:cf:fc:6a:4c:66:31:6d:f5:4d:42:cb:9c:05:f8:ac: 4b:ed:0f:2f:f0:51:5e:b3:af:9a:92:b7:9c:36:8c:69:c1:98: 9d:84:d9:20:0c:fe:08:0a:25:69:2a:1a:7b:20:03:0f:fa:02: 03:1c:ec:91:12:86:63:0a:25:cc:d9:ed:17:3a:cb:4c:10:9f: 21:5d:b3:cb:82:02:a7:93:47:d9:ad:11:2f:08:bf:bc:1b:d2: 68:8b:cc:d5 -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIURhvt3OyBQn+KOUdOumZ7dq33wXIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI0MDkxNDAxMTczMFoX DTI1MDkxMzAxMjIzMFowMzExMC8GA1UEAxMoMDlFREM2NTFCQjQ3MDQxOTk4NDZC NTk0RjE1NkUxNjZCMTg0M0I2OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL9IfjlKF1hOnr3mFyuxZuYIrZo7LK4p4k/spDbg3CIoPS5FfjL+Jid2SYLJ j/v1OP0iz7LPDEonN3KcKsHRDJN6DQF70TWnPvcULntmwgu3/6sDYoecZ5vTHVPx B4MX2sCPrUW2eOU0ffyIZPot4n4GTpC5bOA+tlz1w0nRg4QNxdvhmOYqApnwCqi3 mpnjbEGkhc+63R7xuYTABE7UEVSiZ3lxD2vEGuELUjusw4MAzQV4hQN2rVeQZMKG id3F9N7oBwurWTpU51yPKgcYDqS7LF7xF14xF04Lu3gHK+JSJ7EJluCGQE9pYZj1 t+ZCzP8jjx/3P/7EfCBQLYDVTd0CAwEAAaOCAeowggHmMB0GA1UdDgQWBBQJ7cZR u0cEGZhGtZTxVuFmsYQ7aTAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzNTM3MmUzMTMxMzkyZTMxMzAzMDJlMzAyZjMy MzIyZDMyMzQyMDNkM2UyMDM5MzMzMTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnXdkMA0GCSqGSIb3 DQEBCwUAA4IBAQBpEAdFhO+dzyBNTuZpWOEgQrN10S1VFxWmLXc9q5oMrmDPRSpm 0U24+k+Dl0OZbHKGEzudPNkoipHQ8MG5eLej02RljNXbkKlt9RFITF8ISEEbEF9U Ez5p1RFGuMyuG5T6U5Z+eit94JJGfjFan0SFuYgGg/wMwrLhCjH/WNzz2/kBEKPx lpD/aVX62VzzaKE78w2TjHkp7WTOViYQ3LoddvJEqkfP/GpMZjFt9U1Cy5wF+KxL 7Q8v8FFes6+akrecNoxpwZidhNkgDP4ICiVpKhp7IAMP+gIDHOyREoZjCiXM2e0X OstMEJ8hXbPLggKnk0fZrREvCL+8G9Joi8zV -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:28 2024 by rpki-client on console-ams.rpki-client.org