$ rpki-client -vvf rpki.roa.net/rrdp/xTom/56/323430303a646463303a3a2f33322d3438203d3e2034373835.roa File: 323430303a646463303a3a2f33322d3438203d3e2034373835.roa (raw, json) Hash identifier: LTtnDFSz/myPp9hdqfuiWCnQyszE+NFo5YNN6vgWKjs= Subject key identifier: D3:DB:05:3F:BC:A0:CD:BB:8E:7B:8A:8D:2A:30:7E:F5:B2:C1:27:38 Certificate issuer: /CN=A9181FC40000/serialNumber=E13D7744B2156E4150A1AF5D732E2A10994D8729 Certificate serial: 57A964572A8B077D36CFB85A68BF33650BD0D0E7 Authority key identifier: E1:3D:77:44:B2:15:6E:41:50:A1:AF:5D:73:2E:2A:10:99:4D:87:29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/56/323430303a646463303a3a2f33322d3438203d3e2034373835.roa Signing time: Thu 12 Oct 2023 16:10:37 +0000 ROA not before: Thu 12 Oct 2023 16:05:37 +0000 ROA not after: Thu 10 Oct 2024 16:10:37 +0000 asID: 4785 IP address blocks: 2400:ddc0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.crl rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 13:29:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:a9:64:57:2a:8b:07:7d:36:cf:b8:5a:68:bf:33:65:0b:d0:d0:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9181FC40000/serialNumber=E13D7744B2156E4150A1AF5D732E2A10994D8729 Validity Not Before: Oct 12 16:05:37 2023 GMT Not After : Oct 10 16:10:37 2024 GMT Subject: CN=D3DB053FBCA0CDBB8E7B8A8D2A307EF5B2C12738 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:3c:cb:5b:45:78:81:ae:15:0d:d5:dd:79:a6: 91:e8:d7:48:13:eb:f4:eb:58:b3:71:f3:81:05:b6: 09:b0:c6:88:c8:13:05:c7:69:fb:f8:f9:af:1d:b9: cf:0f:8d:37:1c:9e:31:eb:51:9e:a0:76:3a:2e:21: 6e:f8:c3:c5:39:30:f1:9a:aa:d1:d5:8f:99:b8:f7: 99:ad:a6:7e:a1:72:62:e4:8b:72:d4:89:eb:51:ef: 4d:a6:37:fe:a5:b4:c0:b8:21:9a:57:d7:3e:28:5a: f5:77:c5:aa:42:5d:e9:2b:e7:a0:19:89:7f:2a:b7: 73:1f:5f:08:08:ac:13:4a:50:68:57:51:9f:27:b2: 1b:9f:cc:94:ad:11:93:9b:35:eb:95:2d:b7:52:a3: ec:9c:91:fb:32:6d:d9:16:b8:dd:ab:c1:6b:9a:a0: be:1a:ba:66:c4:a3:43:ec:df:d2:bd:2b:85:78:64: 73:89:02:5c:eb:c5:e7:3e:b0:8b:94:8d:40:69:ac: 2a:a4:9d:fd:bd:7c:35:27:a8:47:b2:e1:d7:35:b1: 9c:b7:24:02:8d:f4:29:b3:92:6a:5a:9b:09:0d:2d: 2c:19:ce:ae:a1:6e:51:e9:53:8b:f1:62:82:13:0e: 58:b5:22:4e:89:65:fd:0a:bc:5e:1d:85:fe:4b:09: dc:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:DB:05:3F:BC:A0:CD:BB:8E:7B:8A:8D:2A:30:7E:F5:B2:C1:27:38 X509v3 Authority Key Identifier: keyid:E1:3D:77:44:B2:15:6E:41:50:A1:AF:5D:73:2E:2A:10:99:4D:87:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/56/E13D7744B2156E4150A1AF5D732E2A10994D8729.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4T13RLIVbkFQoa9dcy4qEJlNhyk.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/56/323430303a646463303a3a2f33322d3438203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:ddc0::/32 Signature Algorithm: sha256WithRSAEncryption 31:cd:58:b4:18:d1:0b:c4:1a:a3:ee:50:2f:a2:a8:30:dc:ba: 36:07:c8:d6:60:ab:64:42:43:2a:36:be:29:e5:ff:38:81:3e: 97:59:68:ce:d1:4f:75:71:74:58:a2:df:f0:ec:64:b8:33:77: 45:e6:7c:f6:24:46:8e:ac:0a:2d:ce:08:dd:b1:b6:e7:f5:8b: de:3a:ad:27:bd:95:f3:9f:69:77:f9:a4:52:db:80:a9:aa:87: 85:98:35:3f:ec:2c:90:5e:ca:88:b3:63:8c:1f:ac:cf:f5:ab: a3:e4:2a:ea:a2:1e:ed:38:68:8c:eb:15:44:59:87:6c:ea:fd: 6a:cd:1f:64:fa:ee:d7:ea:38:1f:46:7f:fa:dc:c8:8e:65:55: 0e:93:7d:58:39:8b:04:41:c1:45:36:1e:f3:ea:70:5c:b8:59: 9a:7a:e6:89:f5:a3:13:e8:98:42:01:5d:70:9c:8e:50:22:91: 2e:2c:2a:e7:d6:6b:90:3b:ba:e9:50:cc:2d:68:88:23:4d:f1: c7:95:6a:2d:58:3e:aa:ab:46:75:d2:61:43:2e:e0:ff:30:74: 82:03:64:1f:bb:72:55:09:c4:35:88:7b:bb:90:4a:34:91:3a: 11:1f:38:d0:51:24:d5:4c:34:22:a4:11:f1:93:78:fa:f4:16: b4:04:5f:0f -----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgIUV6lkVyqLB302z7haaL8zZQvQ0OcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODFGQzQwMDAwMTEwLwYDVQQFEyhFMTNENzc0NEIy MTU2RTQxNTBBMUFGNUQ3MzJFMkExMDk5NEQ4NzI5MB4XDTIzMTAxMjE2MDUzN1oX DTI0MTAxMDE2MTAzN1owMzExMC8GA1UEAxMoRDNEQjA1M0ZCQ0EwQ0RCQjhFN0I4 QThEMkEzMDdFRjVCMkMxMjczODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO48y1tFeIGuFQ3V3XmmkejXSBPr9OtYs3HzgQW2CbDGiMgTBcdp+/j5rx25 zw+NNxyeMetRnqB2Oi4hbvjDxTkw8Zqq0dWPmbj3ma2mfqFyYuSLctSJ61HvTaY3 /qW0wLghmlfXPiha9XfFqkJd6SvnoBmJfyq3cx9fCAisE0pQaFdRnyeyG5/MlK0R k5s165Utt1Kj7JyR+zJt2Ra43avBa5qgvhq6ZsSjQ+zf0r0rhXhkc4kCXOvF5z6w i5SNQGmsKqSd/b18NSeoR7Lh1zWxnLckAo30KbOSalqbCQ0tLBnOrqFuUelTi/Fi ghMOWLUiToll/Qq8Xh2F/ksJ3M0CAwEAAaOCAecwggHjMB0GA1UdDgQWBBTT2wU/ vKDNu457io0qMH71ssEnODAfBgNVHSMEGDAWgBThPXdEshVuQVChr11zLioQmU2H KTAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU2L0UxM0Q3NzQ0QjIxNTZFNDE1MEExQUY1RDcz MkUyQTEwOTk0RDg3MjkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyLzRUMTNSTElWYmtGUW9hOWRjeTRxRUpsTmh5ay5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTYvMzIzNDMwMzAzYTY0NjQ2MzMwM2EzYTJmMzMzMjJk MzQzODIwM2QzZTIwMzQzNzM4MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAN3AMA0GCSqGSIb3DQEB CwUAA4IBAQAxzVi0GNELxBqj7lAvoqgw3Lo2B8jWYKtkQkMqNr4p5f84gT6XWWjO 0U91cXRYot/w7GS4M3dF5nz2JEaOrAotzgjdsbbn9YveOq0nvZXzn2l3+aRS24Cp qoeFmDU/7CyQXsqIs2OMH6zP9auj5Crqoh7tOGiM6xVEWYds6v1qzR9k+u7X6jgf Rn/63MiOZVUOk31YOYsEQcFFNh7z6nBcuFmaeuaJ9aMT6JhCAV1wnI5QIpEuLCrn 1muQO7rpUMwtaIgjTfHHlWotWD6qq0Z10mFDLuD/MHSCA2Qfu3JVCcQ1iHu7kEo0 kToRHzjQUSTVTDQipBHxk3j69Ba0BF8P -----END CERTIFICATE-----Generated at Sun May 5 14:36:06 2024 by rpki-client on console-fra.rpki-client.org