$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/323430333a326338303a3a2f33312d3438203d3e2039333132.roa File: 323430333a326338303a3a2f33312d3438203d3e2039333132.roa (raw, json) Hash identifier: dq/S35/9gJN156qGdq3sHgd3c6kS54iBI0wR9FySm00= Subject key identifier: 66:A0:7C:31:C9:1A:2E:E6:9A:80:90:3C:24:2A:9C:6D:88:13:D6:5E Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 74BC6ED8591E9612280E96E54823D3C86006FBC7 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/323430333a326338303a3a2f33312d3438203d3e2039333132.roa Signing time: Thu 12 Oct 2023 16:10:41 +0000 ROA not before: Thu 12 Oct 2023 16:05:41 +0000 ROA not after: Thu 10 Oct 2024 16:10:41 +0000 asID: 9312 IP address blocks: 2403:2c80::/31 maxlen: 48 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 May 2024 09:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:bc:6e:d8:59:1e:96:12:28:0e:96:e5:48:23:d3:c8:60:06:fb:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Oct 12 16:05:41 2023 GMT Not After : Oct 10 16:10:41 2024 GMT Subject: CN=66A07C31C91A2EE69A80903C242A9C6D8813D65E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:ea:69:c2:3f:5b:f7:6b:ce:52:6e:12:f3:a7: 05:e5:3d:be:b5:34:bc:5a:12:38:f7:f6:39:d0:1e: fb:c1:11:f7:e4:f4:c7:b2:3f:bb:6a:64:f1:34:36: 9e:ab:2f:25:1e:9e:9b:84:b8:8e:2a:8e:9f:21:2a: 1a:38:71:a8:e3:db:7a:05:88:51:16:f5:95:92:b1: 01:0b:72:e8:9f:50:f1:ef:d8:3f:b9:72:70:74:80: ec:64:ce:88:60:57:d5:55:86:60:78:cf:1b:95:44: 28:20:c5:10:66:4a:e5:ba:52:89:b9:cc:7d:ec:e7: 18:dc:91:7b:a9:73:4f:16:69:86:6e:a0:f3:02:4b: 10:fa:f1:a0:24:75:b6:1a:be:d0:b7:50:ed:d4:6f: 08:01:b4:1a:eb:2f:23:94:22:86:94:2b:44:55:8a: 91:8a:3d:09:ce:8a:83:b4:ca:20:dd:1e:e6:f1:4b: 53:f1:03:73:bc:a4:cf:b2:1d:95:e7:58:6c:1d:22: d1:c8:5e:f4:0a:54:61:4e:3f:cf:9c:ac:19:64:49: e7:fe:8a:6a:53:b2:cd:c5:8c:24:72:34:aa:bb:0b: aa:94:68:73:ef:36:da:aa:2b:b5:e6:75:65:9e:b3: 02:a3:bd:a0:9f:a3:a4:11:46:3c:8e:9a:96:9b:81: 88:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:A0:7C:31:C9:1A:2E:E6:9A:80:90:3C:24:2A:9C:6D:88:13:D6:5E X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/323430333a326338303a3a2f33312d3438203d3e2039333132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:2c80::/31 Signature Algorithm: sha256WithRSAEncryption 25:d2:7b:bd:cc:ad:39:65:42:f7:f6:8d:e1:76:11:05:9a:6e: e4:ca:c7:44:ae:b8:eb:e6:26:95:6c:e1:62:04:ba:85:85:48: 35:f7:fc:03:a6:80:8c:83:a6:8e:d3:20:ed:cb:87:f7:d3:41: 85:be:24:0c:4a:8b:7d:79:1a:58:5d:14:ca:fa:1d:c9:ea:e0: d6:e7:80:82:64:06:b1:84:3b:9b:17:4a:8a:c7:87:b1:2f:99: 21:06:55:fa:dd:fd:a2:bd:c9:ff:5a:8f:23:d3:fd:ac:29:53: 1e:35:c4:8b:63:e8:8f:6e:33:26:6a:68:97:77:f1:53:ae:1e: 54:75:64:fe:49:af:03:d6:91:6e:0f:9e:db:de:1c:f8:e3:c0: 3b:50:2f:8c:eb:34:4a:31:de:bf:2f:f3:8e:72:d5:95:7e:e3: 42:a1:8d:07:fc:c5:68:b3:6d:7d:33:0d:ed:04:80:df:7b:68: 95:8c:a5:86:f0:99:45:01:6a:cb:e4:51:d6:94:96:ab:55:9d: 7b:98:f5:30:41:bb:e9:43:2b:16:97:db:fd:74:59:2f:ba:de: 78:26:78:6d:c3:42:76:36:3c:33:25:84:64:9d:40:f9:b9:cd: c3:85:2f:80:6e:7d:71:35:a2:3f:26:e1:2c:a3:10:18:e8:08: bd:a6:4c:9f -----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgIUdLxu2FkelhIoDpblSCPTyGAG+8cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTIzMTAxMjE2MDU0MVoX DTI0MTAxMDE2MTA0MVowMzExMC8GA1UEAxMoNjZBMDdDMzFDOTFBMkVFNjlBODA5 MDNDMjQyQTlDNkQ4ODEzRDY1RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKjqacI/W/drzlJuEvOnBeU9vrU0vFoSOPf2OdAe+8ER9+T0x7I/u2pk8TQ2 nqsvJR6em4S4jiqOnyEqGjhxqOPbegWIURb1lZKxAQty6J9Q8e/YP7lycHSA7GTO iGBX1VWGYHjPG5VEKCDFEGZK5bpSibnMfeznGNyRe6lzTxZphm6g8wJLEPrxoCR1 thq+0LdQ7dRvCAG0GusvI5QihpQrRFWKkYo9Cc6Kg7TKIN0e5vFLU/EDc7ykz7Id ledYbB0i0che9ApUYU4/z5ysGWRJ5/6KalOyzcWMJHI0qrsLqpRoc+822qorteZ1 ZZ6zAqO9oJ+jpBFGPI6alpuBiP8CAwEAAaOCAecwggHjMB0GA1UdDgQWBBRmoHwx yRou5pqAkDwkKpxtiBPWXjAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzIzNDMwMzMzYTMyNjMzODMwM2EzYTJmMzMzMTJk MzQzODIwM2QzZTIwMzkzMzMxMzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQEkAyyAMA0GCSqGSIb3DQEB CwUAA4IBAQAl0nu9zK05ZUL39o3hdhEFmm7kysdErrjr5iaVbOFiBLqFhUg19/wD poCMg6aO0yDty4f300GFviQMSot9eRpYXRTK+h3J6uDW54CCZAaxhDubF0qKx4ex L5khBlX63f2ivcn/Wo8j0/2sKVMeNcSLY+iPbjMmamiXd/FTrh5UdWT+Sa8D1pFu D57b3hz448A7UC+M6zRKMd6/L/OOctWVfuNCoY0H/MVos219Mw3tBIDfe2iVjKWG 8JlFAWrL5FHWlJarVZ17mPUwQbvpQysWl9v9dFkvut54Jnhtw0J2NjwzJYRknUD5 uc3DhS+Abn1xNaI/JuEsoxAY6Ai9pkyf -----END CERTIFICATE-----Generated at Mon May 20 12:32:56 2024 by rpki-client on console-fra.rpki-client.org