$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/34352e3131362e31332e302f32342d3234203d3e2034373835.roa File: 34352e3131362e31332e302f32342d3234203d3e2034373835.roa (raw, json) Hash identifier: rjHLbg5RxNx+OSrihRQaxhyOJyLwHXme40chbILQOQQ= Subject key identifier: A9:2C:FF:6B:AE:B8:6B:53:7C:67:A0:A4:92:31:A5:55:FD:22:2C:F8 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 62363C3C8A17AE8E35E7BA7A780535DD13C238DC Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/34352e3131362e31332e302f32342d3234203d3e2034373835.roa Signing time: Sat 14 Sep 2024 01:22:30 +0000 ROA not before: Sat 14 Sep 2024 01:17:30 +0000 ROA not after: Sat 13 Sep 2025 01:22:30 +0000 asID: 4785 IP address blocks: 45.116.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 11:34:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:36:3c:3c:8a:17:ae:8e:35:e7:ba:7a:78:05:35:dd:13:c2:38:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Sep 14 01:17:30 2024 GMT Not After : Sep 13 01:22:30 2025 GMT Subject: CN=A92CFF6BAEB86B537C67A0A49231A555FD222CF8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:7e:23:82:10:ad:9e:f4:ba:03:33:9d:b6:c1: 6a:14:65:00:68:62:7d:50:0c:25:1c:f5:ef:96:36: 55:15:39:f3:19:79:e2:7c:cb:3e:3b:33:a4:27:9b: ce:1d:9b:94:77:31:77:21:83:aa:2d:d0:74:fa:47: 40:12:bb:97:c3:ea:04:cc:73:81:de:8c:1a:80:29: 05:1c:80:3c:c4:d6:cb:ef:3f:7c:91:61:d9:c8:fe: 44:4f:d9:43:c8:af:92:8a:96:43:51:ae:a5:1e:0a: 90:9e:dc:8f:d9:4e:6b:55:20:5a:51:33:44:ba:e3: c4:be:3a:5b:29:2c:6e:c7:aa:b6:0d:ca:42:23:13: 35:97:05:12:1d:b7:3b:5c:48:9c:89:6b:9d:17:2c: 9e:b2:55:62:cb:2f:11:03:c3:ea:8b:2d:d9:22:69: 65:61:d5:2a:75:1f:f3:6e:53:ff:0e:87:85:ec:e6: 11:ee:db:b1:4c:a4:e8:e2:7c:c9:9b:94:e8:6e:0a: 59:02:5d:a4:84:22:23:dc:96:2d:6b:bd:9f:51:ae: df:7c:01:67:47:f0:cf:1c:90:e2:3c:b3:3a:d4:05: a0:29:03:40:29:fe:3f:d3:a3:8c:d0:37:f6:e0:50: 2d:89:b2:93:7d:b7:67:72:dc:29:7c:70:eb:32:33: e7:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:2C:FF:6B:AE:B8:6B:53:7C:67:A0:A4:92:31:A5:55:FD:22:2C:F8 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/34352e3131362e31332e302f32342d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.116.13.0/24 Signature Algorithm: sha256WithRSAEncryption 7e:e2:7b:02:3b:03:6e:45:1d:5a:df:2b:ec:27:fc:82:8e:c4: c8:20:1d:19:8f:6a:fc:c5:95:a2:1c:9b:80:3a:dd:c7:5c:fb: ed:05:10:8a:82:e9:a3:32:fa:57:39:d3:02:d4:e7:3b:26:e2: a7:29:23:04:f1:31:41:f1:ba:21:33:15:a5:6e:af:e9:14:e4: e6:ba:cd:aa:1d:09:c0:9a:f0:4b:68:89:74:60:a9:9f:d7:af: 03:c7:ea:60:f9:24:ea:8f:d9:e9:6b:9e:9d:0a:9c:2e:81:b1: 40:4b:de:ac:bd:47:e8:84:27:46:9d:a1:bf:cf:e2:ba:72:f9: 11:60:0d:7d:f8:b5:f9:fb:b9:47:65:61:17:2f:42:4a:97:03: 4e:1e:43:db:6b:ac:b7:96:0f:0e:3b:44:df:dd:4d:b5:8e:7e: f5:9b:23:e3:7f:6a:51:e0:ff:55:05:99:fb:ac:d8:74:d1:09: 59:9a:36:ee:a8:4a:81:11:fd:54:5d:3a:a1:f5:c7:32:43:41: 63:31:12:72:b9:e2:de:42:54:d5:2b:5e:d0:03:ea:e2:94:87: 4d:46:e8:e3:7e:e7:29:b7:6f:cc:88:3d:1f:3d:5f:44:9a:31: 2d:86:d5:a8:d2:bf:ec:0e:d5:7a:60:0f:83:b9:72:9d:15:dc: a0:f6:a6:2b -----BEGIN CERTIFICATE----- MIIE8zCCA9ugAwIBAgIUYjY8PIoXro4157p6eAU13RPCONwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI0MDkxNDAxMTczMFoX DTI1MDkxMzAxMjIzMFowMzExMC8GA1UEAxMoQTkyQ0ZGNkJBRUI4NkI1MzdDNjdB MEE0OTIzMUE1NTVGRDIyMkNGODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM9+I4IQrZ70ugMznbbBahRlAGhifVAMJRz175Y2VRU58xl54nzLPjszpCeb zh2blHcxdyGDqi3QdPpHQBK7l8PqBMxzgd6MGoApBRyAPMTWy+8/fJFh2cj+RE/Z Q8ivkoqWQ1GupR4KkJ7cj9lOa1UgWlEzRLrjxL46Wyksbseqtg3KQiMTNZcFEh23 O1xInIlrnRcsnrJVYssvEQPD6ost2SJpZWHVKnUf825T/w6HhezmEe7bsUyk6OJ8 yZuU6G4KWQJdpIQiI9yWLWu9n1Gu33wBZ0fwzxyQ4jyzOtQFoCkDQCn+P9OjjNA3 9uBQLYmyk323Z3LcKXxw6zIz51sCAwEAAaOCAeYwggHiMB0GA1UdDgQWBBSpLP9r rrhrU3xnoKSSMaVV/SIs+DAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzQzNTJlMzEzMTM2MmUzMTMzMmUzMDJmMzIzNDJk MzIzNDIwM2QzZTIwMzQzNzM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtdA0wDQYJKoZIhvcNAQEL BQADggEBAH7iewI7A25FHVrfK+wn/IKOxMggHRmPavzFlaIcm4A63cdc++0FEIqC 6aMy+lc50wLU5zsm4qcpIwTxMUHxuiEzFaVur+kU5Oa6zaodCcCa8EtoiXRgqZ/X rwPH6mD5JOqP2elrnp0KnC6BsUBL3qy9R+iEJ0adob/P4rpy+RFgDX34tfn7uUdl YRcvQkqXA04eQ9trrLeWDw47RN/dTbWOfvWbI+N/alHg/1UFmfus2HTRCVmaNu6o SoER/VRdOqH1xzJDQWMxEnK54t5CVNUrXtAD6uKUh01G6ON+5ym3b8yIPR89X0Sa MS2G1ajSv+wO1XpgD4O5cp0V3KD2pis= -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:48 2024 by rpki-client on console-fra.rpki-client.org