$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32342d3234203d3e203233383538.roa File: 34352e3131372e3130302e302f32342d3234203d3e203233383538.roa (raw, json) Hash identifier: 4yKK7RQLbJBx+gt7T7QZgKRPOxG5R1dHZfrXztWXnbY= Subject key identifier: 1D:D1:A4:43:59:CC:E8:5C:42:59:56:82:21:F1:EB:3E:4F:85:21:22 Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 3E5148ACD3A6D4F704D83B53CCAA4833D740902E Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32342d3234203d3e203233383538.roa Signing time: Sat 14 Sep 2024 01:22:23 +0000 ROA not before: Sat 14 Sep 2024 01:17:23 +0000 ROA not after: Sat 13 Sep 2025 01:22:23 +0000 asID: 23858 IP address blocks: 45.117.100.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 09:59:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:51:48:ac:d3:a6:d4:f7:04:d8:3b:53:cc:aa:48:33:d7:40:90:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Sep 14 01:17:23 2024 GMT Not After : Sep 13 01:22:23 2025 GMT Subject: CN=1DD1A44359CCE85C4259568221F1EB3E4F852122 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:3e:59:c7:2b:9b:d0:ba:44:f4:23:c8:2a:7c: e8:c2:28:1e:48:ad:a2:44:d8:f4:34:f6:d9:1b:65: f2:63:6b:f5:ea:45:1d:9f:b8:89:24:b2:62:eb:6c: 7b:4d:3f:09:64:d1:85:70:c5:bc:47:79:de:69:30: fe:51:74:ec:69:9f:de:7f:a1:05:76:c3:14:db:81: 25:86:18:87:37:8d:a1:b8:0a:af:4e:d2:30:5c:19: 25:43:d6:a1:75:d8:a8:85:7c:ba:d2:09:b7:e9:da: 1b:ad:df:43:e8:35:c6:b5:e6:ee:ea:fd:4c:35:74: 9b:3e:60:c9:a2:47:8e:62:90:1e:c1:b2:c2:e6:8e: 73:83:c1:36:cd:b8:d5:d1:8c:e9:c8:e0:88:51:b3: 12:19:e4:65:7c:05:c7:f2:30:67:41:87:9d:02:cb: 0f:59:fc:bf:0d:cf:b5:9d:fe:27:84:ec:2a:8f:f9: f8:77:fb:c7:bc:cd:0c:62:42:96:1d:1b:43:e6:1f: 47:fa:67:11:ad:47:42:47:e1:6e:72:cb:ec:41:fa: 52:75:5e:dd:2b:94:cf:a7:1a:53:cd:46:b8:7b:71: f7:fc:36:ba:2f:25:41:39:70:e9:69:2d:c3:f0:5f: 51:1e:5b:9d:7d:aa:83:64:1c:24:be:5c:ad:a6:16: 10:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:D1:A4:43:59:CC:E8:5C:42:59:56:82:21:F1:EB:3E:4F:85:21:22 X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32342d3234203d3e203233383538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.117.100.0/24 Signature Algorithm: sha256WithRSAEncryption 64:34:9f:73:da:c6:e0:86:67:f0:36:36:70:b9:45:f9:6b:71: dd:c4:47:69:a2:99:be:23:3d:ee:dc:a6:0c:51:4b:75:0e:56: 7b:d9:a9:7f:65:e8:22:da:f8:5d:cf:72:37:1f:cf:13:6d:70: 41:1f:5e:d8:c0:54:9d:27:aa:61:d7:92:9b:23:31:fd:89:a3: de:8f:9b:08:67:44:66:d6:b1:61:69:bf:dd:7f:ab:d6:ed:17: 48:02:25:49:28:46:5d:b4:21:fe:4f:39:f4:4d:aa:18:87:d3: b2:78:77:08:81:1a:4c:28:68:12:8e:19:7f:cb:13:f0:6c:af: c9:60:a6:0e:b0:0f:1c:ba:48:ae:5c:aa:30:9a:28:f2:3d:89: 49:c8:da:97:cf:22:5e:3f:dd:22:2e:3a:99:38:ed:db:85:ab: 1d:d1:01:31:fd:9e:2a:84:da:15:51:de:08:de:b2:64:ac:ab: 27:75:20:b4:3f:46:87:e1:10:64:4e:44:1a:1b:6a:12:e1:72: 86:70:19:34:89:e3:63:43:5f:0d:1f:32:7f:af:93:b3:9d:11: b0:fa:6b:58:ba:9b:a7:43:3a:f1:e0:37:15:dc:39:86:02:30: 36:f8:f0:31:9a:da:74:31:1e:85:bf:0e:10:ef:c1:1e:d6:e9: a8:85:99:91 -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUPlFIrNOm1PcE2DtTzKpIM9dAkC4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI0MDkxNDAxMTcyM1oX DTI1MDkxMzAxMjIyM1owMzExMC8GA1UEAxMoMUREMUE0NDM1OUNDRTg1QzQyNTk1 NjgyMjFGMUVCM0U0Rjg1MjEyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALE+Wccrm9C6RPQjyCp86MIoHkitokTY9DT22Rtl8mNr9epFHZ+4iSSyYuts e00/CWTRhXDFvEd53mkw/lF07Gmf3n+hBXbDFNuBJYYYhzeNobgKr07SMFwZJUPW oXXYqIV8utIJt+naG63fQ+g1xrXm7ur9TDV0mz5gyaJHjmKQHsGywuaOc4PBNs24 1dGM6cjgiFGzEhnkZXwFx/IwZ0GHnQLLD1n8vw3PtZ3+J4TsKo/5+Hf7x7zNDGJC lh0bQ+YfR/pnEa1HQkfhbnLL7EH6UnVe3SuUz6caU81GuHtx9/w2ui8lQTlw6Wkt w/BfUR5bnX2qg2QcJL5craYWEDUCAwEAAaOCAeowggHmMB0GA1UdDgQWBBQd0aRD WczoXEJZVoIh8es+T4UhIjAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzQzNTJlMzEzMTM3MmUzMTMwMzAyZTMwMmYzMjM0 MmQzMjM0MjAzZDNlMjAzMjMzMzgzNTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALXVkMA0GCSqGSIb3 DQEBCwUAA4IBAQBkNJ9z2sbghmfwNjZwuUX5a3HdxEdpopm+Iz3u3KYMUUt1DlZ7 2al/Zegi2vhdz3I3H88TbXBBH17YwFSdJ6ph15KbIzH9iaPej5sIZ0Rm1rFhab/d f6vW7RdIAiVJKEZdtCH+Tzn0TaoYh9OyeHcIgRpMKGgSjhl/yxPwbK/JYKYOsA8c ukiuXKowmijyPYlJyNqXzyJeP90iLjqZOO3bhasd0QEx/Z4qhNoVUd4I3rJkrKsn dSC0P0aH4RBkTkQaG2oS4XKGcBk0ieNjQ18NHzJ/r5OznRGw+mtYupunQzrx4DcV 3DmGAjA2+PAxmtp0MR6Fvw4Q78Ee1umohZmR -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:48 2024 by rpki-client on console-fra.rpki-client.org