$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/34352e3131362e31342e302f32342d3234203d3e2034373835.roa File: 34352e3131362e31342e302f32342d3234203d3e2034373835.roa (raw, json) Hash identifier: jmlPHqT2zn/G8VxGtz4qGDGVkC091Y4a8xRHPA/+0+0= Subject key identifier: 26:18:51:13:42:37:3D:96:77:13:28:BB:C5:34:E9:B6:34:C0:0F:80 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 50549A705F6629C27F6F4C2F764844868E47E9CD Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/34352e3131362e31342e302f32342d3234203d3e2034373835.roa Signing time: Sat 14 Sep 2024 01:22:31 +0000 ROA not before: Sat 14 Sep 2024 01:17:31 +0000 ROA not after: Sat 13 Sep 2025 01:22:31 +0000 asID: 4785 IP address blocks: 45.116.14.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 11:34:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:54:9a:70:5f:66:29:c2:7f:6f:4c:2f:76:48:44:86:8e:47:e9:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Sep 14 01:17:31 2024 GMT Not After : Sep 13 01:22:31 2025 GMT Subject: CN=2618511342373D96771328BBC534E9B634C00F80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:6f:13:42:9d:48:e0:41:32:65:a6:01:41:de: 7c:bf:93:b5:5d:0d:30:66:33:8e:e9:8e:b9:10:ab: 87:c9:04:73:44:cb:1f:f4:a5:25:59:ca:b5:02:f8: 87:d7:ee:0f:d2:ac:4e:1f:b0:a9:97:d2:11:0c:03: 79:c7:2d:65:9e:88:70:62:5d:25:b7:3a:8d:40:93: 9a:21:ab:2f:0d:bc:94:95:3f:5f:04:f1:30:90:be: f6:f6:37:d0:d4:47:ea:12:19:78:36:66:39:98:9c: b4:ad:85:d6:37:9a:db:75:1b:d6:c1:a0:bc:7d:88: 34:47:a8:d0:65:db:5f:2f:0e:dc:fb:81:cd:d5:a9: e1:64:ac:8c:c6:0a:1d:06:11:d4:f1:00:ee:30:b3: 7d:09:42:96:5f:c6:a5:fe:5e:99:d5:08:bc:c9:b2: 0a:c5:ed:5b:70:20:1b:ac:d5:0b:ab:03:3d:47:5f: 13:a3:d2:ce:c8:da:d0:a8:4c:24:b3:6d:f1:96:2e: 54:b1:48:bc:27:ac:04:8e:54:e5:a5:f5:72:e5:20: 85:93:8c:43:6f:5c:7e:75:5d:5f:e2:63:b6:6c:ef: 53:d1:8a:a4:e3:6c:4f:27:4b:a7:b0:52:e6:10:eb: 6c:8d:d9:0f:de:24:72:a2:a5:01:58:4a:87:c4:9d: 14:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:18:51:13:42:37:3D:96:77:13:28:BB:C5:34:E9:B6:34:C0:0F:80 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/34352e3131362e31342e302f32342d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.116.14.0/24 Signature Algorithm: sha256WithRSAEncryption 8d:a6:ed:42:c2:d7:9e:0b:3d:54:bc:ef:36:2b:53:81:26:7b: 66:12:ad:57:03:48:79:76:92:d9:e2:78:f6:01:eb:20:a6:e2: 91:9c:f6:f5:09:b0:f7:fa:2d:c5:d9:de:a6:aa:c5:ac:79:90: f4:46:d2:72:fd:a0:15:98:7a:26:35:ac:5c:11:1b:29:9c:33: 09:77:6d:08:b1:d1:18:66:6b:3a:c3:ad:9e:fc:bd:64:c7:2b: 97:e5:d1:7e:4e:6b:05:80:90:d8:31:52:ed:01:fb:b4:3e:f3: 5b:57:e0:ba:ca:4b:64:50:16:91:f0:12:e8:9e:b7:b9:c9:fd: c8:fc:65:7a:98:06:2f:de:85:90:4b:b4:6c:02:6f:63:f3:f7: 1b:91:d9:70:2f:66:1e:e7:42:73:fc:ad:67:f8:f3:e2:d8:6a: d8:88:d2:82:21:79:6d:20:5a:7b:b3:74:98:a2:ba:6a:2e:4e: 8c:e6:f5:58:47:67:e8:79:7d:aa:8d:09:6c:4f:d6:5c:63:e1: e2:ef:ea:42:da:4c:06:4b:a5:ad:63:31:cd:e8:3d:b2:6a:ac: b4:23:16:e0:32:d3:58:af:4e:04:28:85:c2:34:1a:75:c9:89: 1e:1d:69:d1:3c:ea:1b:38:30:ce:a3:eb:51:dc:98:55:bd:44: bb:7f:04:c4 -----BEGIN CERTIFICATE----- MIIE8zCCA9ugAwIBAgIUUFSacF9mKcJ/b0wvdkhEho5H6c0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI0MDkxNDAxMTczMVoX DTI1MDkxMzAxMjIzMVowMzExMC8GA1UEAxMoMjYxODUxMTM0MjM3M0Q5Njc3MTMy OEJCQzUzNEU5QjYzNEMwMEY4MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL9vE0KdSOBBMmWmAUHefL+TtV0NMGYzjumOuRCrh8kEc0TLH/SlJVnKtQL4 h9fuD9KsTh+wqZfSEQwDecctZZ6IcGJdJbc6jUCTmiGrLw28lJU/XwTxMJC+9vY3 0NRH6hIZeDZmOZictK2F1jea23Ub1sGgvH2INEeo0GXbXy8O3PuBzdWp4WSsjMYK HQYR1PEA7jCzfQlCll/Gpf5emdUIvMmyCsXtW3AgG6zVC6sDPUdfE6PSzsja0KhM JLNt8ZYuVLFIvCesBI5U5aX1cuUghZOMQ29cfnVdX+JjtmzvU9GKpONsTydLp7BS 5hDrbI3ZD94kcqKlAVhKh8SdFHMCAwEAAaOCAeYwggHiMB0GA1UdDgQWBBQmGFET Qjc9lncTKLvFNOm2NMAPgDAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzQzNTJlMzEzMTM2MmUzMTM0MmUzMDJmMzIzNDJk MzIzNDIwM2QzZTIwMzQzNzM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtdA4wDQYJKoZIhvcNAQEL BQADggEBAI2m7ULC154LPVS87zYrU4Eme2YSrVcDSHl2ktniePYB6yCm4pGc9vUJ sPf6LcXZ3qaqxax5kPRG0nL9oBWYeiY1rFwRGymcMwl3bQix0RhmazrDrZ78vWTH K5fl0X5OawWAkNgxUu0B+7Q+81tX4LrKS2RQFpHwEuiet7nJ/cj8ZXqYBi/ehZBL tGwCb2Pz9xuR2XAvZh7nQnP8rWf48+LYatiI0oIheW0gWnuzdJiiumouTozm9VhH Z+h5faqNCWxP1lxj4eLv6kLaTAZLpa1jMc3oPbJqrLQjFuAy01ivTgQohcI0GnXJ iR4dadE86hs4MM6j61HcmFW9RLt/BMQ= -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:28 2024 by rpki-client on console-ams.rpki-client.org