$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133382e302f32342d3234203d3e2034373835.roa File: 3138302e3233352e3133382e302f32342d3234203d3e2034373835.roa (raw, json) Hash identifier: jqJFG1Fw5C48XP/CIB5c/CizVSrPmt6xrc3ti/ecvBk= Subject key identifier: 2A:A8:C0:14:14:21:09:F4:EA:99:3A:2F:BB:7E:CC:88:E5:27:55:91 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 71A4AD22B0CFD9CCA4578B09F8B1365C1BB5CE71 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133382e302f32342d3234203d3e2034373835.roa Signing time: Thu 12 Oct 2023 16:10:41 +0000 ROA not before: Thu 12 Oct 2023 16:05:41 +0000 ROA not after: Thu 10 Oct 2024 16:10:41 +0000 asID: 4785 IP address blocks: 180.235.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 22:58:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:a4:ad:22:b0:cf:d9:cc:a4:57:8b:09:f8:b1:36:5c:1b:b5:ce:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Oct 12 16:05:41 2023 GMT Not After : Oct 10 16:10:41 2024 GMT Subject: CN=2AA8C014142109F4EA993A2FBB7ECC88E5275591 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:2d:1c:8c:4a:cc:4a:2d:54:a8:de:0d:ef:74: a7:80:9a:fc:da:d3:1f:f3:95:d3:2e:f1:1e:c7:ed: 64:44:3f:3a:31:7f:7f:57:4b:9f:b4:c3:e5:48:29: 9e:25:59:29:90:b3:d0:15:61:8e:44:d0:f4:34:c6: a7:0c:c9:7e:f7:8e:9c:0e:cd:7b:7a:8b:7d:9e:ff: ec:10:33:d5:ea:53:90:e9:83:c7:c7:83:1e:5f:c1: f6:99:25:8b:9a:f5:81:5e:31:b5:3b:e4:06:c6:d2: 61:65:db:cf:22:16:e6:2c:da:66:84:34:b5:fe:64: 09:22:b4:e4:6b:bd:fb:cf:83:97:38:e4:48:df:00: 2a:67:10:06:de:be:db:bc:6a:5c:5f:fc:49:9d:ee: b0:39:b1:07:40:73:7e:83:e2:76:26:13:44:76:36: b3:cb:bc:11:ee:0a:23:eb:85:aa:9b:4d:57:5a:38: 49:09:77:b1:f4:27:fa:78:9a:02:46:fd:98:71:ff: 45:c6:e5:ef:1f:8f:e7:75:68:6b:4f:b6:15:48:b7: 9d:6d:06:9b:05:93:3d:7a:d0:bf:8c:2c:8c:46:69: fd:90:cd:1f:a1:f8:9b:7c:00:d2:31:ea:dc:67:97: a1:e2:d5:56:27:db:b5:7f:dc:e8:4d:36:2b:3b:c6: cc:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:A8:C0:14:14:21:09:F4:EA:99:3A:2F:BB:7E:CC:88:E5:27:55:91 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133382e302f32342d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 180.235.138.0/24 Signature Algorithm: sha256WithRSAEncryption 92:b7:2f:35:ba:8d:2b:9d:9f:01:08:3e:cd:1e:b8:f0:9c:6e: ea:cd:ce:60:0a:55:5b:b7:bb:df:bb:64:41:d1:fa:7e:cf:93: 87:fe:91:94:11:68:d8:cb:98:63:9e:a4:1c:5d:cc:f4:54:b3: 84:fa:c0:12:a2:36:f3:b0:8c:49:9a:36:df:99:78:af:ce:89: 66:1b:a2:08:6e:e8:61:95:a4:68:dc:8b:21:d5:0f:6f:91:7c: df:3d:3e:b4:29:ba:d5:66:af:bd:c1:be:74:5f:ad:52:be:ea: ed:9d:23:86:b5:9d:5b:74:95:c0:b0:0e:60:e1:00:ba:66:83: d2:19:13:ad:4f:60:47:05:35:f7:f1:1b:a8:94:f2:2e:96:e0: a8:ce:99:d7:22:85:0c:23:85:f2:a3:45:2b:d7:cf:ec:5f:e7: 9f:c5:47:e5:fe:f6:42:43:fc:16:08:74:a3:21:fc:88:82:eb: 42:44:70:40:1c:cb:f4:1f:85:5f:a5:38:29:c8:c5:c1:7d:a5: 2c:a7:b4:bf:83:8a:0b:6a:48:9e:4e:77:0e:87:b3:b7:29:3e: f6:2d:55:67:f8:12:db:79:62:6c:34:0b:d9:96:4d:ef:ab:8c: 2a:a1:09:01:fb:f7:d0:8d:4d:28:96:f8:d6:bd:f5:c7:c0:d5: 49:61:7f:79 -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUcaStIrDP2cykV4sJ+LE2XBu1znEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTIzMTAxMjE2MDU0MVoX DTI0MTAxMDE2MTA0MVowMzExMC8GA1UEAxMoMkFBOEMwMTQxNDIxMDlGNEVBOTkz QTJGQkI3RUNDODhFNTI3NTU5MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMotHIxKzEotVKjeDe90p4Ca/NrTH/OV0y7xHsftZEQ/OjF/f1dLn7TD5Ugp niVZKZCz0BVhjkTQ9DTGpwzJfveOnA7Ne3qLfZ7/7BAz1epTkOmDx8eDHl/B9pkl i5r1gV4xtTvkBsbSYWXbzyIW5izaZoQ0tf5kCSK05Gu9+8+DlzjkSN8AKmcQBt6+ 27xqXF/8SZ3usDmxB0BzfoPidiYTRHY2s8u8Ee4KI+uFqptNV1o4SQl3sfQn+nia Akb9mHH/Rcbl7x+P53Voa0+2FUi3nW0GmwWTPXrQv4wsjEZp/ZDNH6H4m3wA0jHq 3GeXoeLVVifbtX/c6E02KzvGzF8CAwEAAaOCAeowggHmMB0GA1UdDgQWBBQqqMAU FCEJ9OqZOi+7fsyI5SdVkTAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzODMwMmUzMjMzMzUyZTMxMzMzODJlMzAyZjMy MzQyZDMyMzQyMDNkM2UyMDM0MzczODM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtOuKMA0GCSqGSIb3 DQEBCwUAA4IBAQCSty81uo0rnZ8BCD7NHrjwnG7qzc5gClVbt7vfu2RB0fp+z5OH /pGUEWjYy5hjnqQcXcz0VLOE+sASojbzsIxJmjbfmXivzolmG6IIbuhhlaRo3Ish 1Q9vkXzfPT60KbrVZq+9wb50X61SvurtnSOGtZ1bdJXAsA5g4QC6ZoPSGROtT2BH BTX38RuolPIuluCozpnXIoUMI4Xyo0Ur18/sX+efxUfl/vZCQ/wWCHSjIfyIgutC RHBAHMv0H4VfpTgpyMXBfaUsp7S/g4oLakieTncOh7O3KT72LVVn+BLbeWJsNAvZ lk3vq4wqoQkB+/fQjU0olvjWvfXHwNVJYX95 -----END CERTIFICATE-----Generated at Sun May 5 21:26:29 2024 by rpki-client on console-fra.rpki-client.org