$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32342d3234203d3e2038383838.roa File: 34352e3131372e3130302e302f32342d3234203d3e2038383838.roa (raw, json) Hash identifier: aBdDS6GrqBz2pYvAehQXWgBWcDDBIaKdKK9Nym5jFLQ= Subject key identifier: BC:D9:B5:E9:9B:3C:2F:F3:00:E6:19:02:66:B0:B9:D9:B8:FB:FA:90 Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 544722DA2A9A79A6DED782F414A64CD17D6CB4F7 Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32342d3234203d3e2038383838.roa Signing time: Sat 14 Sep 2024 01:22:23 +0000 ROA not before: Sat 14 Sep 2024 01:17:23 +0000 ROA not after: Sat 13 Sep 2025 01:22:23 +0000 asID: 8888 IP address blocks: 45.117.100.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 09:59:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:47:22:da:2a:9a:79:a6:de:d7:82:f4:14:a6:4c:d1:7d:6c:b4:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Sep 14 01:17:23 2024 GMT Not After : Sep 13 01:22:23 2025 GMT Subject: CN=BCD9B5E99B3C2FF300E6190266B0B9D9B8FBFA90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:19:85:4e:ef:39:5f:aa:72:aa:21:7d:7c:fb: 72:b3:a1:5d:52:84:f3:bd:ae:af:1a:ea:41:26:03: bc:b0:37:78:4b:71:71:a4:dd:2f:86:fb:1d:be:2a: 8e:be:ab:d9:98:e5:98:05:78:14:af:4f:68:65:99: 65:84:03:d0:19:27:ce:bb:c5:08:df:6f:40:b5:fb: 10:d7:88:78:c2:d6:88:56:1c:3e:fc:75:bf:04:3d: b9:d4:bf:f9:f6:02:8c:35:01:8a:3e:67:83:62:28: 5c:3e:d6:0c:1d:e2:63:a4:42:45:8b:3c:a6:3e:fa: 72:97:89:ee:0e:88:52:cc:98:f3:43:23:a7:ca:83: ad:aa:cc:28:7e:cb:d2:3d:73:fe:58:90:1a:f8:79: b5:75:0b:a9:a7:51:72:23:a2:56:5a:b9:14:16:20: 24:85:2c:a6:19:9a:f2:d5:72:e5:e2:54:b2:c0:20: 65:b8:88:8b:24:3b:78:66:c4:ba:cc:65:e9:14:fb: e7:f0:c7:b5:55:96:5d:31:9f:8f:c7:41:28:44:a1: 2e:fd:8d:45:fc:90:0e:c9:a6:29:a1:8d:0a:52:52: 25:c5:b9:fb:72:9e:7c:eb:f7:d7:9d:96:5c:3c:8a: 7a:58:d8:a8:74:dc:21:89:fa:c1:07:4f:24:58:73: 68:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:D9:B5:E9:9B:3C:2F:F3:00:E6:19:02:66:B0:B9:D9:B8:FB:FA:90 X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32342d3234203d3e2038383838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.117.100.0/24 Signature Algorithm: sha256WithRSAEncryption 15:c9:71:fd:7f:57:15:8c:de:df:65:06:06:4d:8e:7b:44:c1: 94:2b:ed:3f:7b:8a:1b:3f:9d:3d:7c:7b:2e:61:f0:f3:b9:b6: fb:b1:93:4d:f4:a6:dd:2b:f7:63:8d:98:37:c0:ac:46:e4:36: 60:60:c4:9f:73:5b:45:ae:b4:79:11:5b:a7:ff:60:c8:aa:92: e0:a1:fc:d2:fd:5e:7c:08:de:98:0b:bc:fc:87:82:de:b0:b5: 8e:67:03:eb:46:21:2c:69:30:c3:aa:dd:45:df:49:36:24:94: 30:0a:64:21:3e:54:6d:a5:42:d0:22:e5:94:1f:34:33:c8:65: e9:e3:25:6d:bb:5f:b6:ff:7a:e4:ee:aa:ec:22:6d:fd:ed:23: 1d:0d:d6:10:49:2a:8f:9b:1e:21:1f:03:07:f2:c5:10:e9:30: 78:ca:10:dd:7d:77:d3:bd:26:d7:46:2d:1d:c7:0c:ad:93:c9: d3:c1:63:50:32:64:64:49:3d:e1:57:3b:74:0a:3c:4b:02:2a: cf:75:79:0e:0d:a8:1b:4d:01:46:16:81:79:de:c0:96:c2:16: c4:72:5e:c3:bb:be:2f:eb:5e:f6:5d:5b:1b:8a:8c:63:17:a7: 23:27:7a:8b:4d:e1:19:49:dd:f2:43:4b:0d:ac:88:57:ba:2d: f8:98:0b:c4 -----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgIUVEci2iqaeabe14L0FKZM0X1stPcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI0MDkxNDAxMTcyM1oX DTI1MDkxMzAxMjIyM1owMzExMC8GA1UEAxMoQkNEOUI1RTk5QjNDMkZGMzAwRTYx OTAyNjZCMEI5RDlCOEZCRkE5MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKEZhU7vOV+qcqohfXz7crOhXVKE872urxrqQSYDvLA3eEtxcaTdL4b7Hb4q jr6r2ZjlmAV4FK9PaGWZZYQD0BknzrvFCN9vQLX7ENeIeMLWiFYcPvx1vwQ9udS/ +fYCjDUBij5ng2IoXD7WDB3iY6RCRYs8pj76cpeJ7g6IUsyY80Mjp8qDrarMKH7L 0j1z/liQGvh5tXULqadRciOiVlq5FBYgJIUsphma8tVy5eJUssAgZbiIiyQ7eGbE usxl6RT75/DHtVWWXTGfj8dBKEShLv2NRfyQDsmmKaGNClJSJcW5+3KefOv3152W XDyKeljYqHTcIYn6wQdPJFhzaDkCAwEAAaOCAegwggHkMB0GA1UdDgQWBBS82bXp mzwv8wDmGQJmsLnZuPv6kDAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzQzNTJlMzEzMTM3MmUzMTMwMzAyZTMwMmYzMjM0 MmQzMjM0MjAzZDNlMjAzODM4MzgzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC11ZDANBgkqhkiG9w0B AQsFAAOCAQEAFclx/X9XFYze32UGBk2Oe0TBlCvtP3uKGz+dPXx7LmHw87m2+7GT TfSm3Sv3Y42YN8CsRuQ2YGDEn3NbRa60eRFbp/9gyKqS4KH80v1efAjemAu8/IeC 3rC1jmcD60YhLGkww6rdRd9JNiSUMApkIT5UbaVC0CLllB80M8hl6eMlbbtftv96 5O6q7CJt/e0jHQ3WEEkqj5seIR8DB/LFEOkweMoQ3X13070m10YtHccMrZPJ08Fj UDJkZEk94Vc7dAo8SwIqz3V5Dg2oG00BRhaBed7AlsIWxHJew7u+L+te9l1bG4qM YxenIyd6i03hGUnd8kNLDayIV7ot+JgLxA== -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:48 2024 by rpki-client on console-fra.rpki-client.org