$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133372e302f32342d3332203d3e2039333132.roa File: 3138302e3233352e3133372e302f32342d3332203d3e2039333132.roa (raw, json) Hash identifier: VCer1FC3ET4+hNfmEPOX+gJkqb65wt2p0FPfU+geXHc= Subject key identifier: 86:B8:AE:C1:C7:86:DA:9D:53:6C:B5:3D:D1:13:6C:47:9A:A0:15:03 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 047A32B96A2D0F5B3C5DA079F66ECF242850D427 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133372e302f32342d3332203d3e2039333132.roa Signing time: Thu 04 Apr 2024 05:49:24 +0000 ROA not before: Thu 04 Apr 2024 05:44:24 +0000 ROA not after: Thu 03 Apr 2025 05:49:24 +0000 asID: 9312 IP address blocks: 180.235.137.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 May 2024 09:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:7a:32:b9:6a:2d:0f:5b:3c:5d:a0:79:f6:6e:cf:24:28:50:d4:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Apr 4 05:44:24 2024 GMT Not After : Apr 3 05:49:24 2025 GMT Subject: CN=86B8AEC1C786DA9D536CB53DD1136C479AA01503 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:6a:14:a4:c7:36:87:d4:92:1c:3f:99:c1:f5: 30:06:85:6a:8d:cc:07:10:a5:0d:41:fd:d8:1e:ad: 10:a2:7d:c1:12:d3:0a:5d:cb:36:00:05:1c:e6:eb: e2:67:a9:44:9a:b0:37:2c:2e:50:f4:17:01:fe:48: e7:f3:a1:3a:32:ce:2f:7f:e4:8e:c6:68:52:69:2e: eb:f0:0c:b2:97:45:e8:ab:69:c8:3b:56:5b:61:66: 2b:31:14:ea:b2:08:d6:a5:4d:26:5a:2e:9f:83:10: 42:76:1d:a3:17:76:52:9d:13:87:25:5d:53:6f:94: a9:8f:23:24:08:48:45:e4:d7:84:38:e7:04:01:28: 2b:55:5f:b0:63:dd:c5:c8:cc:84:b4:40:a0:18:8a: 43:89:83:47:c8:1e:60:86:39:6d:6b:8e:23:2a:4b: 03:4d:e2:d1:5c:ab:56:9c:83:95:9a:a8:bf:79:9b: ec:89:47:81:4b:ad:99:7c:7e:86:76:60:1d:14:a7: b9:7e:6a:fc:b6:32:e7:15:81:6c:86:a3:78:3e:52: 05:3d:b1:35:3c:29:67:1e:f1:72:5c:04:40:f7:9c: 84:8e:a4:9a:5e:55:70:2c:40:c0:ea:e0:40:c4:53: 17:ef:e8:df:e9:e9:a1:e7:5b:df:a8:0d:20:55:8b: 9a:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:B8:AE:C1:C7:86:DA:9D:53:6C:B5:3D:D1:13:6C:47:9A:A0:15:03 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133372e302f32342d3332203d3e2039333132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 180.235.137.0/24 Signature Algorithm: sha256WithRSAEncryption a5:3a:aa:0c:29:55:ee:eb:d2:83:f7:8f:72:6e:9b:32:ba:fc: 40:2d:91:61:aa:b2:04:d2:83:6d:a8:5b:61:d1:5a:44:49:cd: cf:58:34:f1:17:2e:61:49:c3:ce:e4:2a:23:41:98:13:d3:8a: ff:b6:00:69:5d:91:6f:63:07:d3:7a:be:01:e7:97:4e:74:2f: cc:e3:bb:07:f8:64:f1:6a:bd:0f:15:29:ff:53:74:c9:2d:f1: 0f:1c:43:f5:d0:34:17:44:b0:4c:4d:b4:86:d0:a8:64:50:85: a9:8e:64:0b:4b:6e:0c:c8:7f:e4:b2:73:f6:cb:34:e4:ae:86: 2a:f6:15:40:d1:62:0f:de:9a:e9:36:ea:9a:37:32:80:66:c1: 5a:d8:16:77:dd:34:a1:ce:6b:a2:6f:7b:15:ba:17:21:52:76: 50:65:72:bf:4c:f7:9f:dc:ac:35:6b:36:25:3a:6b:ac:1a:eb: 21:01:42:30:72:f1:0b:dd:42:df:71:f2:9a:1e:ac:b6:c4:62: 58:13:2f:f6:06:ad:89:1b:72:eb:2d:6c:9f:74:2f:2f:e3:0b: e1:ea:bd:42:ea:39:e9:48:20:98:ae:8c:b4:0c:40:c3:82:d2: fc:05:cf:33:f9:34:b1:50:b8:0c:fb:ea:76:38:5b:8a:e7:a4: 75:51:c4:c6 -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUBHoyuWotD1s8XaB59m7PJChQ1CcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI0MDQwNDA1NDQyNFoX DTI1MDQwMzA1NDkyNFowMzExMC8GA1UEAxMoODZCOEFFQzFDNzg2REE5RDUzNkNC NTNERDExMzZDNDc5QUEwMTUwMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALBqFKTHNofUkhw/mcH1MAaFao3MBxClDUH92B6tEKJ9wRLTCl3LNgAFHObr 4mepRJqwNywuUPQXAf5I5/OhOjLOL3/kjsZoUmku6/AMspdF6KtpyDtWW2FmKzEU 6rII1qVNJloun4MQQnYdoxd2Up0ThyVdU2+UqY8jJAhIReTXhDjnBAEoK1VfsGPd xcjMhLRAoBiKQ4mDR8geYIY5bWuOIypLA03i0VyrVpyDlZqov3mb7IlHgUutmXx+ hnZgHRSnuX5q/LYy5xWBbIajeD5SBT2xNTwpZx7xclwEQPechI6kml5VcCxAwOrg QMRTF+/o3+npoedb36gNIFWLmv0CAwEAAaOCAeowggHmMB0GA1UdDgQWBBSGuK7B x4banVNstT3RE2xHmqAVAzAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzODMwMmUzMjMzMzUyZTMxMzMzNzJlMzAyZjMy MzQyZDMzMzIyMDNkM2UyMDM5MzMzMTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtOuJMA0GCSqGSIb3 DQEBCwUAA4IBAQClOqoMKVXu69KD949ybpsyuvxALZFhqrIE0oNtqFth0VpESc3P WDTxFy5hScPO5CojQZgT04r/tgBpXZFvYwfTer4B55dOdC/M47sH+GTxar0PFSn/ U3TJLfEPHEP10DQXRLBMTbSG0KhkUIWpjmQLS24MyH/ksnP2yzTkroYq9hVA0WIP 3prpNuqaNzKAZsFa2BZ33TShzmuib3sVuhchUnZQZXK/TPef3Kw1azYlOmusGush AUIwcvEL3ULfcfKaHqy2xGJYEy/2Bq2JG3LrLWyfdC8v4wvh6r1C6jnpSCCYroy0 DEDDgtL8Bc8z+TSxULgM++p2OFuK56R1UcTG -----END CERTIFICATE-----Generated at Mon May 20 13:46:56 2024 by rpki-client on console-ams.rpki-client.org