$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133372e302f32342d3332203d3e2033323538.roa File: 3138302e3233352e3133372e302f32342d3332203d3e2033323538.roa (raw, json) Hash identifier: Lw3S7PTchYPYJZr/k8u6PLmtg+S85T3OmOxCNmhG4Wc= Subject key identifier: 68:63:F1:27:BB:76:B8:57:E4:14:F8:21:A5:F8:84:AF:73:0F:ED:4A Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 54C94DE41F2408C7F90AB3B363A09C997DD5ED17 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133372e302f32342d3332203d3e2033323538.roa Signing time: Thu 04 Apr 2024 05:49:09 +0000 ROA not before: Thu 04 Apr 2024 05:44:09 +0000 ROA not after: Thu 03 Apr 2025 05:49:09 +0000 asID: 3258 IP address blocks: 180.235.137.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 11:34:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:c9:4d:e4:1f:24:08:c7:f9:0a:b3:b3:63:a0:9c:99:7d:d5:ed:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Apr 4 05:44:09 2024 GMT Not After : Apr 3 05:49:09 2025 GMT Subject: CN=6863F127BB76B857E414F821A5F884AF730FED4A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:8b:86:0f:d3:57:d2:78:b2:3d:bd:c8:69:82: 86:79:93:1d:c1:8c:d9:17:0f:f9:b9:29:30:1e:e7: 43:cf:18:5b:cd:af:58:c7:80:98:02:33:ed:16:29: 95:ff:e8:87:6e:b6:52:2a:5a:0f:7d:f6:ce:07:f6: 1b:07:44:7c:7d:fc:26:e7:ed:b8:ea:c7:8c:e0:01: 85:4b:b3:2c:29:bb:cb:f9:7e:32:7c:14:13:ad:23: 9c:7b:ba:a4:fb:9c:ac:c9:58:63:ca:13:a9:8f:0e: 70:9f:de:35:3d:d0:3d:88:6c:8f:7e:77:04:d3:f2: 88:5f:db:56:35:a9:3d:f5:97:3e:da:a6:f0:35:c7: 40:c3:30:77:41:a3:c3:26:17:e8:48:bb:6b:be:2c: 77:32:f8:86:85:20:51:10:53:9c:96:6a:5d:73:49: 75:71:a6:f2:a6:e6:5b:e4:e2:c5:38:aa:63:a6:0e: 20:83:6e:9f:7f:08:91:f0:2f:5e:3e:37:77:b3:26: e4:99:b7:84:96:04:2c:ac:34:65:e8:5c:8f:8e:7b: fd:af:68:6f:70:3a:81:d7:88:7e:2b:7e:54:51:5a: 1a:43:48:96:c3:eb:1e:9f:a8:a2:60:dd:97:54:3b: 7d:72:80:c5:59:bb:68:80:06:d9:1a:68:e4:87:3c: 5a:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:63:F1:27:BB:76:B8:57:E4:14:F8:21:A5:F8:84:AF:73:0F:ED:4A X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133372e302f32342d3332203d3e2033323538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 180.235.137.0/24 Signature Algorithm: sha256WithRSAEncryption 52:89:9c:e3:d5:5c:38:61:a5:73:7f:69:95:e0:ad:1c:38:a0: a0:98:4e:b8:0a:2c:3a:94:98:ab:79:33:06:0d:ee:b0:12:f7: 70:45:45:ed:7e:56:24:28:dd:e6:8c:33:97:b8:f3:cf:82:0a: 4e:e0:88:bf:02:d3:af:87:ac:31:82:f6:1f:4b:a7:7d:0d:bc: be:5c:85:70:bf:5d:58:1d:56:ed:cc:af:52:5f:56:cb:d7:89: 39:43:6a:ad:2b:88:8f:60:02:b8:ab:0d:d5:8a:3f:da:60:e8: f8:0d:d7:93:c8:b8:97:09:0d:be:ab:3b:a4:9a:fe:e9:3a:2f: 51:77:7c:0d:17:aa:46:97:52:ca:ca:d6:bb:93:23:e3:d1:c8: 93:13:b2:ce:64:b4:c7:e2:d2:28:a5:99:f6:e8:65:37:a2:22: fd:28:fc:0a:70:5e:5f:32:87:71:ec:55:ca:fc:4d:3f:0e:3c: 02:a4:3f:ee:88:ba:0c:a5:36:fc:53:a4:ec:32:d8:13:0b:dd: 2f:63:bc:7b:e5:15:31:a4:86:71:f1:d5:26:19:e4:9f:28:ab: 7c:14:df:ee:2b:09:70:89:cc:c7:a1:72:db:00:0d:fd:7c:29: 89:ae:21:da:d0:73:eb:e8:38:25:5e:6b:bd:62:58:38:b8:43: 76:cb:d9:ae -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUVMlN5B8kCMf5CrOzY6CcmX3V7RcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI0MDQwNDA1NDQwOVoX DTI1MDQwMzA1NDkwOVowMzExMC8GA1UEAxMoNjg2M0YxMjdCQjc2Qjg1N0U0MTRG ODIxQTVGODg0QUY3MzBGRUQ0QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN6Lhg/TV9J4sj29yGmChnmTHcGM2RcP+bkpMB7nQ88YW82vWMeAmAIz7RYp lf/oh262UipaD332zgf2GwdEfH38JuftuOrHjOABhUuzLCm7y/l+MnwUE60jnHu6 pPucrMlYY8oTqY8OcJ/eNT3QPYhsj353BNPyiF/bVjWpPfWXPtqm8DXHQMMwd0Gj wyYX6Ei7a74sdzL4hoUgURBTnJZqXXNJdXGm8qbmW+TixTiqY6YOIINun38IkfAv Xj43d7Mm5Jm3hJYELKw0Zehcj457/a9ob3A6gdeIfit+VFFaGkNIlsPrHp+oomDd l1Q7fXKAxVm7aIAG2Rpo5Ic8WvsCAwEAAaOCAeowggHmMB0GA1UdDgQWBBRoY/En u3a4V+QU+CGl+ISvcw/tSjAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzODMwMmUzMjMzMzUyZTMxMzMzNzJlMzAyZjMy MzQyZDMzMzIyMDNkM2UyMDMzMzIzNTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtOuJMA0GCSqGSIb3 DQEBCwUAA4IBAQBSiZzj1Vw4YaVzf2mV4K0cOKCgmE64Ciw6lJireTMGDe6wEvdw RUXtflYkKN3mjDOXuPPPggpO4Ii/AtOvh6wxgvYfS6d9Dby+XIVwv11YHVbtzK9S X1bL14k5Q2qtK4iPYAK4qw3Vij/aYOj4DdeTyLiXCQ2+qzukmv7pOi9Rd3wNF6pG l1LKyta7kyPj0ciTE7LOZLTH4tIopZn26GU3oiL9KPwKcF5fModx7FXK/E0/DjwC pD/uiLoMpTb8U6TsMtgTC90vY7x75RUxpIZx8dUmGeSfKKt8FN/uKwlwiczHoXLb AA39fCmJriHa0HPr6DglXmu9Ylg4uEN2y9mu -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:48 2024 by rpki-client on console-fra.rpki-client.org