$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/323430333a326538303a3a2f33322d3438203d3e203233383538.roa File: 323430333a326538303a3a2f33322d3438203d3e203233383538.roa (raw, json) Hash identifier: 8WGGny+jtgmSnuXipWNSY1ESLZ/IHyh7iVF3qoveYM0= Subject key identifier: B3:83:A5:8F:04:A8:A1:09:FF:57:66:79:C1:88:DD:B1:97:9B:F9:7A Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 7AB6206923DF87FD7E510F5655F99F37B0EBB240 Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/323430333a326538303a3a2f33322d3438203d3e203233383538.roa Signing time: Sat 14 Sep 2024 01:22:23 +0000 ROA not before: Sat 14 Sep 2024 01:17:23 +0000 ROA not after: Sat 13 Sep 2025 01:22:23 +0000 asID: 23858 IP address blocks: 2403:2e80::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 09:59:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:b6:20:69:23:df:87:fd:7e:51:0f:56:55:f9:9f:37:b0:eb:b2:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Sep 14 01:17:23 2024 GMT Not After : Sep 13 01:22:23 2025 GMT Subject: CN=B383A58F04A8A109FF576679C188DDB1979BF97A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:a0:49:70:fa:e3:1c:10:7a:98:19:7f:82:21: 39:62:73:4b:26:64:41:dd:b5:3f:36:49:f8:3a:fc: db:b4:13:1d:eb:4f:2c:37:7c:bc:9c:16:ee:29:b7: 44:7f:06:50:a5:d3:6c:f8:47:ea:c8:57:f0:9b:66: bf:f1:e0:cf:86:49:33:93:95:40:97:29:80:da:1b: 61:98:c2:dd:9a:e8:bb:80:cc:51:5a:64:56:e0:d0: 6e:52:06:6f:df:59:6b:38:5d:75:12:50:ce:60:c3: 1b:94:f9:81:68:e3:c4:47:08:c8:f7:54:d7:9d:3e: 9f:f9:a9:04:95:cf:8b:b6:fd:1d:df:15:82:57:4c: 21:8e:16:36:3c:15:79:5c:0f:cc:d7:cc:c7:1a:83: 2a:bc:a7:f2:84:53:84:88:9b:85:8a:de:b5:bb:ff: 58:7f:9e:bb:36:7d:ec:8a:ed:a6:f8:01:cd:8b:41: 25:09:de:9d:b7:a6:39:10:a0:cb:2e:91:5b:7c:13: d8:0a:6f:b8:80:13:b8:70:3f:c8:da:b5:14:8b:93: b5:60:0f:7d:a8:71:db:11:a6:93:b7:b4:93:66:94: f4:cd:26:4e:c3:1e:31:5f:5d:44:74:aa:15:29:e5: 7d:b3:f1:99:f7:0c:f4:6e:30:e2:5c:1b:e1:a8:18: af:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:83:A5:8F:04:A8:A1:09:FF:57:66:79:C1:88:DD:B1:97:9B:F9:7A X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/323430333a326538303a3a2f33322d3438203d3e203233383538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:2e80::/32 Signature Algorithm: sha256WithRSAEncryption 44:fa:60:82:23:a0:9e:ae:81:d9:1f:96:59:ac:da:d7:bb:ca: 6d:1d:d9:50:c2:ca:c9:1a:60:3c:c5:64:26:c6:d5:2b:a8:e8: b9:a7:b4:15:78:8f:da:2b:a8:a0:23:66:01:37:80:67:85:5f: 5e:51:88:3f:f4:af:99:2b:3d:55:4b:9e:93:5c:a0:0d:fa:b3: 01:2a:57:ab:ba:54:47:6f:00:db:a1:d2:ee:77:92:99:7f:d1: e7:b5:98:a0:00:5c:ec:d8:8f:7a:48:1a:6d:49:32:be:c6:b7: 66:da:97:9c:3a:09:ad:a6:46:a6:bf:46:f9:67:13:22:07:87: bd:e2:0b:55:04:16:98:48:b6:07:5a:2b:a4:9e:f8:45:54:45: 5d:32:52:87:0b:db:44:dd:81:d8:45:78:6f:8a:c4:7f:41:15: 06:71:ed:1c:b7:c7:ac:89:7a:dd:88:4b:fc:84:b9:a9:c4:12: 7d:df:06:eb:66:da:b9:86:81:07:a7:0d:01:20:74:f0:17:e4: 1e:3b:a8:58:4d:37:3b:03:17:bc:d1:37:88:7f:b7:ca:5f:b3: 81:ce:45:76:04:63:da:e4:92:69:7d:54:4f:90:76:d6:31:4c: dc:99:88:5a:1d:d0:e4:57:1e:3a:c2:40:bc:63:58:64:34:59: 63:bd:4d:4a -----BEGIN CERTIFICATE----- MIIE9jCCA96gAwIBAgIUerYgaSPfh/1+UQ9WVfmfN7DrskAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI0MDkxNDAxMTcyM1oX DTI1MDkxMzAxMjIyM1owMzExMC8GA1UEAxMoQjM4M0E1OEYwNEE4QTEwOUZGNTc2 Njc5QzE4OEREQjE5NzlCRjk3QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMmgSXD64xwQepgZf4IhOWJzSyZkQd21PzZJ+Dr827QTHetPLDd8vJwW7im3 RH8GUKXTbPhH6shX8Jtmv/Hgz4ZJM5OVQJcpgNobYZjC3Zrou4DMUVpkVuDQblIG b99ZazhddRJQzmDDG5T5gWjjxEcIyPdU150+n/mpBJXPi7b9Hd8VgldMIY4WNjwV eVwPzNfMxxqDKryn8oRThIibhYretbv/WH+euzZ97IrtpvgBzYtBJQnenbemORCg yy6RW3wT2ApvuIATuHA/yNq1FIuTtWAPfahx2xGmk7e0k2aU9M0mTsMeMV9dRHSq FSnlfbPxmfcM9G4w4lwb4agYr2sCAwEAAaOCAekwggHlMB0GA1UdDgQWBBSzg6WP BKihCf9XZnnBiN2xl5v5ejAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzIzNDMwMzMzYTMyNjUzODMwM2EzYTJmMzMzMjJk MzQzODIwM2QzZTIwMzIzMzM4MzUzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQDLoAwDQYJKoZIhvcN AQELBQADggEBAET6YIIjoJ6ugdkfllms2te7ym0d2VDCyskaYDzFZCbG1Suo6Lmn tBV4j9orqKAjZgE3gGeFX15RiD/0r5krPVVLnpNcoA36swEqV6u6VEdvANuh0u53 kpl/0ee1mKAAXOzYj3pIGm1JMr7Gt2bal5w6Ca2mRqa/RvlnEyIHh73iC1UEFphI tgdaK6Se+EVURV0yUocL20TdgdhFeG+KxH9BFQZx7Ry3x6yJet2IS/yEuanEEn3f Butm2rmGgQenDQEgdPAX5B47qFhNNzsDF7zRN4h/t8pfs4HORXYEY9rkkml9VE+Q dtYxTNyZiFod0ORXHjrCQLxjWGQ0WWO9TUo= -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:48 2024 by rpki-client on console-fra.rpki-client.org