$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/323430333a326538303a3a2f33322d3438203d3e2038383838.roa File: 323430333a326538303a3a2f33322d3438203d3e2038383838.roa (raw, json) Hash identifier: BXr190YMJHQxmWlxeRnUrhn/SSQploVAKewTY5AAwas= Subject key identifier: 78:75:75:75:D8:A4:80:88:13:00:81:4C:AD:CE:D2:8E:CB:BD:D3:1F Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 703C16AFF7689EF100B30480990D8347DB7C614A Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/323430333a326538303a3a2f33322d3438203d3e2038383838.roa Signing time: Sat 14 Sep 2024 01:22:23 +0000 ROA not before: Sat 14 Sep 2024 01:17:23 +0000 ROA not after: Sat 13 Sep 2025 01:22:23 +0000 asID: 8888 IP address blocks: 2403:2e80::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 09:59:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:3c:16:af:f7:68:9e:f1:00:b3:04:80:99:0d:83:47:db:7c:61:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Sep 14 01:17:23 2024 GMT Not After : Sep 13 01:22:23 2025 GMT Subject: CN=78757575D8A480881300814CADCED28ECBBDD31F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:16:73:79:10:a6:0c:b0:8e:89:56:be:4e:24: f7:38:5a:f8:b2:7d:e1:ab:12:58:6b:93:ef:77:d2: 6b:59:14:1a:b6:6e:9d:f6:8b:6d:34:49:e4:0f:85: 07:20:d0:02:30:16:9e:f0:fe:71:4f:f6:fe:aa:be: eb:78:a2:ff:f6:28:9e:2a:51:de:6a:38:3b:ab:70: 3c:9a:97:2b:70:15:8e:3c:a4:f8:8e:fe:ea:95:cf: a5:4e:6e:e3:22:c9:8c:4a:0a:0d:6b:53:e2:fe:ed: 39:e3:e0:51:e4:10:85:52:fb:d5:45:4f:5f:44:47: 78:38:3e:0a:3c:ae:fa:8a:ff:2d:37:f4:66:80:fd: 04:a8:97:f5:49:ee:1d:ea:a9:cd:1a:90:9b:86:19: fc:0b:1e:a9:98:96:2c:50:c7:36:07:38:dd:a9:e4: 33:91:bc:27:1d:2d:da:f2:e1:4e:d1:c3:98:c5:c0: 68:89:66:f2:58:4f:16:64:26:6c:6a:59:48:3d:f9: 41:19:b2:97:94:00:fd:a8:0c:b4:19:85:29:c3:41: fb:24:00:28:7e:e8:7c:ed:0f:6f:10:f1:eb:10:25: 40:64:6a:fe:68:90:2e:34:b4:66:77:41:67:91:aa: 24:d8:7b:f6:5d:71:4e:e9:f7:35:08:f1:10:6e:da: 7c:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:75:75:75:D8:A4:80:88:13:00:81:4C:AD:CE:D2:8E:CB:BD:D3:1F X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/323430333a326538303a3a2f33322d3438203d3e2038383838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:2e80::/32 Signature Algorithm: sha256WithRSAEncryption 86:1b:a0:5a:b1:39:5b:92:48:46:11:74:92:39:c6:04:92:84: 8f:eb:aa:ad:8d:8e:70:94:5f:b7:68:e1:c6:d0:24:7a:24:91: cd:57:1d:5f:f4:c1:71:fc:b5:8d:57:3a:1b:a4:c6:ef:c0:cf: a8:ed:c5:e2:87:a0:bd:1b:b3:38:62:03:ca:24:2e:02:ba:ff: 12:6f:1c:75:67:2d:cd:5b:34:e7:55:c0:ee:2c:44:23:91:79: 65:01:2f:97:4d:85:cf:ad:f0:e3:12:bf:88:12:c2:3d:a1:bd: 39:85:f3:38:e7:45:fc:8a:f8:b2:11:64:0e:0e:99:6c:7d:1b: 49:ac:d8:d3:8e:1d:53:a2:ab:36:2d:87:7f:80:d1:17:77:a7: 37:0f:26:ce:c1:1f:f6:cd:e9:67:c7:db:11:22:7c:8a:a6:08: 1e:14:10:68:72:08:42:c6:ca:75:e9:f2:d2:4f:2e:33:43:64: 63:98:0f:03:63:c2:2c:0f:28:7d:1d:56:69:85:6e:90:d0:5c: 68:4b:a4:0c:04:c5:28:26:22:ac:6d:ac:3d:c8:0a:41:95:8e: 8b:f4:85:43:46:17:98:b7:9a:ba:65:31:8f:4a:54:b5:2e:bc: 2e:b1:a2:93:4f:8b:4e:81:da:8f:8a:14:e2:42:da:0f:3a:d7: 70:5f:68:73 -----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgIUcDwWr/donvEAswSAmQ2DR9t8YUowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI0MDkxNDAxMTcyM1oX DTI1MDkxMzAxMjIyM1owMzExMC8GA1UEAxMoNzg3NTc1NzVEOEE0ODA4ODEzMDA4 MTRDQURDRUQyOEVDQkJERDMxRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALAWc3kQpgywjolWvk4k9zha+LJ94asSWGuT73fSa1kUGrZunfaLbTRJ5A+F ByDQAjAWnvD+cU/2/qq+63ii//YonipR3mo4O6twPJqXK3AVjjyk+I7+6pXPpU5u 4yLJjEoKDWtT4v7tOePgUeQQhVL71UVPX0RHeDg+Cjyu+or/LTf0ZoD9BKiX9Unu HeqpzRqQm4YZ/AseqZiWLFDHNgc43ankM5G8Jx0t2vLhTtHDmMXAaIlm8lhPFmQm bGpZSD35QRmyl5QA/agMtBmFKcNB+yQAKH7ofO0PbxDx6xAlQGRq/miQLjS0ZndB Z5GqJNh79l1xTun3NQjxEG7afI0CAwEAAaOCAecwggHjMB0GA1UdDgQWBBR4dXV1 2KSAiBMAgUytztKOy73THzAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzIzNDMwMzMzYTMyNjUzODMwM2EzYTJmMzMzMjJk MzQzODIwM2QzZTIwMzgzODM4Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAy6AMA0GCSqGSIb3DQEB CwUAA4IBAQCGG6BasTlbkkhGEXSSOcYEkoSP66qtjY5wlF+3aOHG0CR6JJHNVx1f 9MFx/LWNVzobpMbvwM+o7cXih6C9G7M4YgPKJC4Cuv8Sbxx1Zy3NWzTnVcDuLEQj kXllAS+XTYXPrfDjEr+IEsI9ob05hfM450X8iviyEWQODplsfRtJrNjTjh1Toqs2 LYd/gNEXd6c3DybOwR/2zelnx9sRInyKpggeFBBocghCxsp16fLSTy4zQ2RjmA8D Y8IsDyh9HVZphW6Q0FxoS6QMBMUoJiKsbaw9yApBlY6L9IVDRheYt5q6ZTGPSlS1 LrwusaKTT4tOgdqPihTiQtoPOtdwX2hz -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:28 2024 by rpki-client on console-ams.rpki-client.org