$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/34352e3132352e302e302f32322d3234203d3e2039333132.roa File: 34352e3132352e302e302f32322d3234203d3e2039333132.roa (raw, json) Hash identifier: XsSHiraeLYNQTJR5HGAY6vwQ9Scu9lRrIHdSI54V+7M= Subject key identifier: 0F:22:C9:40:9D:4B:6F:75:76:94:12:BA:C9:A5:91:B3:54:E7:18:FE Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 170FAC4F5A1512CF2FAC948FF3DE2E5691377A3D Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/34352e3132352e302e302f32322d3234203d3e2039333132.roa Signing time: Sat 14 Sep 2024 01:22:31 +0000 ROA not before: Sat 14 Sep 2024 01:17:31 +0000 ROA not after: Sat 13 Sep 2025 01:22:31 +0000 asID: 9312 IP address blocks: 45.125.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 11:34:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:0f:ac:4f:5a:15:12:cf:2f:ac:94:8f:f3:de:2e:56:91:37:7a:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Sep 14 01:17:31 2024 GMT Not After : Sep 13 01:22:31 2025 GMT Subject: CN=0F22C9409D4B6F75769412BAC9A591B354E718FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:4a:fd:1e:7a:a2:50:d9:af:7d:7e:0f:d8:f8: ae:d2:16:5d:e8:55:3d:90:9a:83:32:cc:49:88:27: f2:1d:8f:05:93:47:c6:a3:f0:b1:bf:f4:e1:59:08: 41:47:38:cf:bb:a0:57:23:52:f6:49:24:c5:84:93: e2:20:23:a5:bd:02:6c:74:3c:2a:6d:5c:ae:b2:c1: d2:7b:05:95:1f:dd:82:80:a2:6b:d6:27:82:ee:68: d6:b4:44:b0:ca:43:f6:d8:0f:2f:f4:ad:66:83:6c: 45:9d:53:02:8e:b5:5c:4c:9b:73:0d:da:6b:d3:a9: 4a:79:17:4f:32:e5:35:db:1a:89:dc:96:2c:a4:68: d3:4f:0b:87:35:92:c0:e9:f3:e6:73:9d:e8:d1:2c: d1:91:9c:fe:a6:61:66:6c:8b:13:ef:1f:dc:a5:87: e1:a3:60:b4:e1:3e:f7:f4:09:ba:29:0f:7a:17:00: a4:34:e7:ee:25:ab:79:36:f7:4f:5a:3c:6f:15:5e: f3:2d:c9:2c:c4:13:da:11:29:fa:71:92:34:cc:32: e2:a0:ae:4b:7f:a3:2e:34:35:2c:d0:79:d3:a9:5c: 6e:95:92:43:29:bf:0c:3f:68:76:2d:74:fa:b3:c9: c3:bc:a1:9b:53:6a:f9:23:cf:70:aa:eb:84:9f:a3: 2b:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:22:C9:40:9D:4B:6F:75:76:94:12:BA:C9:A5:91:B3:54:E7:18:FE X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/34352e3132352e302e302f32322d3234203d3e2039333132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.125.0.0/22 Signature Algorithm: sha256WithRSAEncryption 76:31:a9:f2:a1:b0:b9:8c:8a:21:46:33:b8:c4:88:21:cc:77: 0e:ba:a1:71:87:89:94:a1:d7:e7:c5:d9:a0:33:7a:cc:24:dc: 63:16:0e:a7:31:f2:1d:4d:b0:f8:78:2f:e8:59:70:ce:c2:04: 9e:7f:dc:b1:01:a5:62:d9:fd:48:f9:bd:4b:58:e9:8a:e8:6c: bf:89:59:f4:87:a0:9d:8f:df:29:13:c0:ab:1f:bf:90:a0:18: 50:cd:70:72:e2:16:10:dd:8d:d8:21:a6:32:64:13:3c:20:7d: 05:f9:92:af:ba:4b:73:ae:29:8a:d5:30:90:c0:65:57:4c:a1: 00:7f:c1:65:5b:79:b4:5e:2d:46:b1:a7:57:95:95:48:88:0b: f1:85:08:d9:02:71:4b:a1:e0:0a:dd:b9:5f:0b:4c:91:bc:e9: da:6e:de:9d:79:fa:ce:24:d3:79:6e:5e:fe:21:07:a1:34:65: 82:7e:ea:35:04:3a:45:90:bf:c4:97:75:94:0e:34:70:72:23: a3:e2:71:19:6f:6b:5d:82:cd:43:78:ee:7b:e4:c3:55:7b:fe: 95:2a:9d:23:c3:47:c3:a3:b2:ce:44:94:c2:67:76:e2:32:c8: ce:9a:02:74:d0:59:97:03:fa:15:0c:10:fb:23:f6:03:9a:4f: 2f:8f:51:ea -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIUFw+sT1oVEs8vrJSP894uVpE3ej0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI0MDkxNDAxMTczMVoX DTI1MDkxMzAxMjIzMVowMzExMC8GA1UEAxMoMEYyMkM5NDA5RDRCNkY3NTc2OTQx MkJBQzlBNTkxQjM1NEU3MThGRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANVK/R56olDZr31+D9j4rtIWXehVPZCagzLMSYgn8h2PBZNHxqPwsb/04VkI QUc4z7ugVyNS9kkkxYST4iAjpb0CbHQ8Km1crrLB0nsFlR/dgoCia9Yngu5o1rRE sMpD9tgPL/StZoNsRZ1TAo61XEybcw3aa9OpSnkXTzLlNdsaidyWLKRo008LhzWS wOnz5nOd6NEs0ZGc/qZhZmyLE+8f3KWH4aNgtOE+9/QJuikPehcApDTn7iWreTb3 T1o8bxVe8y3JLMQT2hEp+nGSNMwy4qCuS3+jLjQ1LNB506lcbpWSQym/DD9odi10 +rPJw7yhm1Nq+SPPcKrrhJ+jK08CAwEAAaOCAeQwggHgMB0GA1UdDgQWBBQPIslA nUtvdXaUErrJpZGzVOcY/jAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIwcgYIKwYBBQUHAQsEZjBkMGIGCCsGAQUFBzALhlZyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzQzNTJlMzEzMjM1MmUzMDJlMzAyZjMyMzIyZDMy MzQyMDNkM2UyMDM5MzMzMTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLX0AMA0GCSqGSIb3DQEBCwUA A4IBAQB2ManyobC5jIohRjO4xIghzHcOuqFxh4mUodfnxdmgM3rMJNxjFg6nMfId TbD4eC/oWXDOwgSef9yxAaVi2f1I+b1LWOmK6Gy/iVn0h6Cdj98pE8CrH7+QoBhQ zXBy4hYQ3Y3YIaYyZBM8IH0F+ZKvuktzrimK1TCQwGVXTKEAf8FlW3m0Xi1GsadX lZVIiAvxhQjZAnFLoeAK3blfC0yRvOnabt6defrOJNN5bl7+IQehNGWCfuo1BDpF kL/El3WUDjRwciOj4nEZb2tdgs1DeO575MNVe/6VKp0jw0fDo7LORJTCZ3biMsjO mgJ00FmXA/oVDBD7I/YDmk8vj1Hq -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:48 2024 by rpki-client on console-fra.rpki-client.org