$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/323430333a326538303a3a2f33322d3438203d3e203233383538.roa File: 323430333a326538303a3a2f33322d3438203d3e203233383538.roa (raw, json) Hash identifier: CUxRC/iG4psqYdK+jG5CiVuAkoD6KYjpO6XMnKxpOpU= Subject key identifier: D7:9B:7F:6C:F5:3F:04:2D:A9:74:8C:D2:42:FD:36:94:8E:30:62:24 Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 6460DB507751A645A1187E78FD0A861AE495E97F Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/323430333a326538303a3a2f33322d3438203d3e203233383538.roa Signing time: Thu 12 Oct 2023 16:10:39 +0000 ROA not before: Thu 12 Oct 2023 16:05:39 +0000 ROA not after: Thu 10 Oct 2024 16:10:39 +0000 asID: 23858 IP address blocks: 2403:2e80::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 May 2024 17:32:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:60:db:50:77:51:a6:45:a1:18:7e:78:fd:0a:86:1a:e4:95:e9:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Oct 12 16:05:39 2023 GMT Not After : Oct 10 16:10:39 2024 GMT Subject: CN=D79B7F6CF53F042DA9748CD242FD36948E306224 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a3:16:9a:d0:69:f5:b4:93:e4:7c:8b:7a:bc: 9f:6c:55:f2:3f:0d:8a:f1:74:ee:54:a5:6e:77:b6: 3a:2a:12:04:01:aa:15:4f:22:d1:cc:15:e8:e3:4e: a8:22:f6:cf:05:86:58:65:f8:f3:ec:f3:a1:72:b9: 4f:69:a0:10:47:39:a2:ff:98:d7:56:23:86:8f:14: bd:1c:56:d2:58:3d:9f:4f:c8:26:a2:2c:ad:4b:f1: 5d:a0:73:ff:16:47:cb:90:23:68:eb:c6:11:e4:6f: c2:c3:74:ab:6f:3f:29:0c:4d:fb:b6:cb:fe:d3:de: 80:73:7d:57:0a:90:e4:d1:99:ab:4b:b5:20:04:dd: c2:39:29:12:0c:76:c0:79:25:01:2c:af:3e:e2:85: 1c:58:01:ac:37:f4:78:89:63:67:be:86:98:f5:f0: 2d:2a:8e:97:a6:3d:f0:07:d7:9f:96:c7:f1:3d:3f: a0:2e:52:17:0c:df:1e:85:26:ea:8d:55:71:05:59: 84:95:75:39:38:07:ec:d6:2b:e7:bd:81:e9:25:ed: 89:d2:0b:56:64:50:72:c4:ac:3d:b1:e1:a1:30:bf: e0:e8:6e:80:52:aa:a0:bc:bd:d2:b3:05:36:92:38: 82:f3:d5:20:d8:3c:d5:6d:7e:20:d4:49:66:ff:69: 4c:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:9B:7F:6C:F5:3F:04:2D:A9:74:8C:D2:42:FD:36:94:8E:30:62:24 X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/323430333a326538303a3a2f33322d3438203d3e203233383538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:2e80::/32 Signature Algorithm: sha256WithRSAEncryption 65:70:c7:83:9e:18:5d:91:22:0b:9c:24:b8:23:47:a5:bc:65: d3:57:0c:1d:04:60:05:f5:1e:df:de:8f:7c:b5:65:ee:73:e3: 28:9f:48:bd:28:f3:db:95:41:dc:8b:92:64:d4:e7:f3:11:a1: 93:5b:74:69:ba:f7:4a:7b:13:3d:18:35:ef:ce:96:3a:fc:d8: a4:1a:d1:dd:cf:93:b1:0f:8b:9b:e6:c5:16:67:08:86:bd:cb: 22:0c:28:eb:af:66:7b:fd:3d:7e:2e:f6:4a:3f:55:79:54:bd: 4a:42:3f:8a:2c:d3:de:49:58:a5:20:b3:be:66:4d:ea:54:5d: d2:e6:54:f1:13:ce:b9:49:bd:44:20:66:a8:c3:66:16:a0:c3: be:ae:9b:82:87:86:9d:0f:e4:40:df:4e:12:b1:69:08:66:3e: 57:e7:12:a9:b7:9c:87:86:36:c9:83:12:2f:f0:39:7a:46:e0: f2:4d:61:3a:d8:e3:fa:3a:e1:82:5d:e1:54:24:3e:3b:b0:22: 07:54:85:98:e9:c2:d7:a8:63:f8:56:b7:e1:6f:0a:d4:2e:5a: c5:b3:95:56:92:4c:b8:62:96:8b:74:9e:54:ea:75:16:71:06: fb:27:ab:4b:98:d5:32:ed:4d:9b:04:2a:8e:9d:70:81:49:1f: 95:d1:c4:2c -----BEGIN CERTIFICATE----- MIIE9jCCA96gAwIBAgIUZGDbUHdRpkWhGH54/QqGGuSV6X8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTIzMTAxMjE2MDUzOVoX DTI0MTAxMDE2MTAzOVowMzExMC8GA1UEAxMoRDc5QjdGNkNGNTNGMDQyREE5NzQ4 Q0QyNDJGRDM2OTQ4RTMwNjIyNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKGjFprQafW0k+R8i3q8n2xV8j8NivF07lSlbne2OioSBAGqFU8i0cwV6ONO qCL2zwWGWGX48+zzoXK5T2mgEEc5ov+Y11Yjho8UvRxW0lg9n0/IJqIsrUvxXaBz /xZHy5AjaOvGEeRvwsN0q28/KQxN+7bL/tPegHN9VwqQ5NGZq0u1IATdwjkpEgx2 wHklASyvPuKFHFgBrDf0eIljZ76GmPXwLSqOl6Y98AfXn5bH8T0/oC5SFwzfHoUm 6o1VcQVZhJV1OTgH7NYr572B6SXtidILVmRQcsSsPbHhoTC/4OhugFKqoLy90rMF NpI4gvPVINg81W1+INRJZv9pTBECAwEAAaOCAekwggHlMB0GA1UdDgQWBBTXm39s 9T8ELal0jNJC/TaUjjBiJDAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzIzNDMwMzMzYTMyNjUzODMwM2EzYTJmMzMzMjJk MzQzODIwM2QzZTIwMzIzMzM4MzUzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQDLoAwDQYJKoZIhvcN AQELBQADggEBAGVwx4OeGF2RIgucJLgjR6W8ZdNXDB0EYAX1Ht/ej3y1Ze5z4yif SL0o89uVQdyLkmTU5/MRoZNbdGm690p7Ez0YNe/Oljr82KQa0d3Pk7EPi5vmxRZn CIa9yyIMKOuvZnv9PX4u9ko/VXlUvUpCP4os095JWKUgs75mTepUXdLmVPETzrlJ vUQgZqjDZhagw76um4KHhp0P5EDfThKxaQhmPlfnEqm3nIeGNsmDEi/wOXpG4PJN YTrY4/o64YJd4VQkPjuwIgdUhZjpwteoY/hWt+FvCtQuWsWzlVaSTLhilot0nlTq dRZxBvsnq0uY1TLtTZsEKo6dcIFJH5XRxCw= -----END CERTIFICATE-----Generated at Sat May 18 15:45:00 2024 by rpki-client on console-fra.rpki-client.org