$ rpki-client -vvf rpki.roa.net/rrdp/xTom/56/3230332e39362e3233362e302f32322d3234203d3e2034373835.roa File: 3230332e39362e3233362e302f32322d3234203d3e2034373835.roa (raw, json) Hash identifier: ymAOwS4PLKpnSnnV8/IOAQp6MUyltwBjY+QUE6aswIU= Subject key identifier: 33:87:96:6D:A1:8C:96:02:AB:98:EC:2A:07:CD:BE:00:E0:6C:A0:38 Certificate issuer: /CN=A9181FC40000/serialNumber=E13D7744B2156E4150A1AF5D732E2A10994D8729 Certificate serial: 2E1216DC4CCB64BBFA51D3B3EED1E3854947EF89 Authority key identifier: E1:3D:77:44:B2:15:6E:41:50:A1:AF:5D:73:2E:2A:10:99:4D:87:29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/56/3230332e39362e3233362e302f32322d3234203d3e2034373835.roa Signing time: Sat 14 Sep 2024 01:22:32 +0000 ROA not before: Sat 14 Sep 2024 01:17:32 +0000 ROA not after: Sat 13 Sep 2025 01:22:32 +0000 asID: 4785 IP address blocks: 203.96.236.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.crl rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 09:42:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:12:16:dc:4c:cb:64:bb:fa:51:d3:b3:ee:d1:e3:85:49:47:ef:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9181FC40000/serialNumber=E13D7744B2156E4150A1AF5D732E2A10994D8729 Validity Not Before: Sep 14 01:17:32 2024 GMT Not After : Sep 13 01:22:32 2025 GMT Subject: CN=3387966DA18C9602AB98EC2A07CDBE00E06CA038 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:02:28:8b:0f:91:d8:93:d1:46:3e:b9:23:9a: 9b:50:8f:e8:a7:f9:94:78:9b:d0:65:31:fb:0e:e2: 0f:5e:92:d5:b8:8b:9c:f5:9c:47:ed:78:47:78:fd: 51:d3:9c:27:4d:1c:55:cc:cd:42:70:e5:ed:ab:b0: 24:74:c0:cb:da:0b:a6:f1:75:44:dc:01:71:86:18: c8:45:60:15:81:14:d9:3c:69:31:44:52:7f:9f:95: 80:9f:85:d9:10:ca:d7:91:85:d3:af:13:55:47:6e: 58:bd:cb:8c:4f:c6:a9:1b:f1:21:f9:7f:1b:7b:29: 9e:1c:1d:49:80:f4:6f:80:7c:f7:5e:c0:ec:eb:f1: 57:2b:59:72:9e:ef:4b:9a:f4:21:18:4d:a3:cf:c1: d6:a4:38:68:17:aa:db:b7:74:c0:4d:aa:c9:39:87: 5f:f4:c6:ab:fb:83:46:6b:35:8a:c8:85:50:e7:46: 30:69:73:43:6c:15:88:53:e0:0c:e4:4a:16:43:c3: 72:51:28:f6:f8:0c:fe:5b:24:39:82:a6:6f:a6:01: 95:23:61:13:9c:01:90:cb:b8:0c:37:a2:ee:60:f2: 58:8a:46:57:3a:fe:6b:78:47:ca:8e:df:ca:b8:9b: 5e:0a:02:40:42:97:27:2b:bf:4a:c3:17:1e:14:59: 83:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:87:96:6D:A1:8C:96:02:AB:98:EC:2A:07:CD:BE:00:E0:6C:A0:38 X509v3 Authority Key Identifier: keyid:E1:3D:77:44:B2:15:6E:41:50:A1:AF:5D:73:2E:2A:10:99:4D:87:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/56/3230332e39362e3233362e302f32322d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.96.236.0/22 Signature Algorithm: sha256WithRSAEncryption ac:22:f5:74:ac:00:16:56:4e:f5:d3:c4:84:ca:2a:ae:47:d3: 3f:7f:b7:39:c0:15:04:66:b6:11:7e:97:80:3a:f7:ce:85:99: b4:2e:9b:d4:ba:e2:63:a3:f4:be:e6:ee:83:f2:24:af:83:df: 89:14:0f:b3:c3:1c:56:71:92:b3:4a:47:df:5a:de:b6:af:7c: 3e:02:08:40:40:3e:d7:c7:03:85:b2:a6:79:5d:6f:6a:f4:ea: 5e:34:5d:4a:ca:02:b4:c9:6f:5c:d5:5a:bb:3d:f0:e2:a8:65: c2:f7:cd:4a:aa:3b:d7:4d:15:71:55:dd:a3:8e:f7:ac:bd:c2: 27:c3:70:51:89:97:87:61:1d:e1:a2:51:72:88:6a:d6:9b:a5: 80:85:09:1f:ed:df:d1:a2:8f:20:cd:a3:7c:3d:45:eb:c1:d2: 53:38:0f:49:19:b4:81:de:b5:26:1a:ad:a0:98:ff:0c:02:bd: 23:41:64:89:dd:be:96:3b:cd:ad:19:cd:4a:4a:60:64:76:35: 17:02:51:5d:91:5d:40:3b:c4:90:c3:5f:4e:d5:7f:da:42:50: 72:cc:d5:96:51:24:0d:60:c6:d2:e6:69:0c:17:0d:2c:aa:d9: 3a:89:c4:e8:a2:ec:67:ff:3d:ef:1d:6a:74:fd:ad:84:43:9d: f8:ec:d2:2f -----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgIULhIW3EzLZLv6UdOz7tHjhUlH74kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODFGQzQwMDAwMTEwLwYDVQQFEyhFMTNENzc0NEIy MTU2RTQxNTBBMUFGNUQ3MzJFMkExMDk5NEQ4NzI5MB4XDTI0MDkxNDAxMTczMloX DTI1MDkxMzAxMjIzMlowMzExMC8GA1UEAxMoMzM4Nzk2NkRBMThDOTYwMkFCOThF QzJBMDdDREJFMDBFMDZDQTAzODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANECKIsPkdiT0UY+uSOam1CP6Kf5lHib0GUx+w7iD16S1biLnPWcR+14R3j9 UdOcJ00cVczNQnDl7auwJHTAy9oLpvF1RNwBcYYYyEVgFYEU2TxpMURSf5+VgJ+F 2RDK15GF068TVUduWL3LjE/GqRvxIfl/G3spnhwdSYD0b4B8917A7OvxVytZcp7v S5r0IRhNo8/B1qQ4aBeq27d0wE2qyTmHX/TGq/uDRms1isiFUOdGMGlzQ2wViFPg DORKFkPDclEo9vgM/lskOYKmb6YBlSNhE5wBkMu4DDei7mDyWIpGVzr+a3hHyo7f yribXgoCQEKXJyu/SsMXHhRZgxMCAwEAAaOCAegwggHkMB0GA1UdDgQWBBQzh5Zt oYyWAquY7CoHzb4A4GygODAfBgNVHSMEGDAWgBThPXdEshVuQVChr11zLioQmU2H KTAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU2L0UxM0Q3NzQ0QjIxNTZFNDE1MEExQUY1RDcz MkUyQTEwOTk0RDg3MjkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyLzRUMTNSTElWYmtGUW9hOWRjeTRxRUpsTmh5ay5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTYvMzIzMDMzMmUzOTM2MmUzMjMzMzYyZTMwMmYzMjMy MmQzMjM0MjAzZDNlMjAzNDM3MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAstg7DANBgkqhkiG9w0B AQsFAAOCAQEArCL1dKwAFlZO9dPEhMoqrkfTP3+3OcAVBGa2EX6XgDr3zoWZtC6b 1LriY6P0vubug/Ikr4PfiRQPs8McVnGSs0pH31retq98PgIIQEA+18cDhbKmeV1v avTqXjRdSsoCtMlvXNVauz3w4qhlwvfNSqo7100VcVXdo473rL3CJ8NwUYmXh2Ed 4aJRcohq1pulgIUJH+3f0aKPIM2jfD1F68HSUzgPSRm0gd61JhqtoJj/DAK9I0Fk id2+ljvNrRnNSkpgZHY1FwJRXZFdQDvEkMNfTtV/2kJQcszVllEkDWDG0uZpDBcN LKrZOonE6KLsZ/897x1qdP2thEOd+OzSLw== -----END CERTIFICATE-----Generated at Mon Nov 25 12:00:41 2024 by rpki-client on console-ams.rpki-client.org