$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32342d3234203d3e2038383838.roa File: 34352e3131372e3130302e302f32342d3234203d3e2038383838.roa (raw, json) Hash identifier: Tv+usmJkd+KBVQeWPzc1a5l+SPvARVHVI+nlIdoKQ7A= Subject key identifier: 8E:2B:E9:29:17:74:62:24:94:CB:67:69:D3:95:AE:BA:E5:8C:DD:7C Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 24196DAA781C50863A467BA487911F560C3316AD Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32342d3234203d3e2038383838.roa Signing time: Thu 12 Oct 2023 16:10:40 +0000 ROA not before: Thu 12 Oct 2023 16:05:40 +0000 ROA not after: Thu 10 Oct 2024 16:10:40 +0000 asID: 8888 IP address blocks: 45.117.100.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 May 2024 17:32:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:19:6d:aa:78:1c:50:86:3a:46:7b:a4:87:91:1f:56:0c:33:16:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Oct 12 16:05:40 2023 GMT Not After : Oct 10 16:10:40 2024 GMT Subject: CN=8E2BE9291774622494CB6769D395AEBAE58CDD7C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:a5:7c:f0:fa:be:43:c0:80:b8:cf:ce:4f:79: 0d:78:b7:dc:0e:6c:76:a1:3a:a9:01:55:5c:89:69: b6:f0:db:15:79:09:b2:2d:ac:11:52:41:ac:6a:7d: 24:99:63:f7:f6:2f:45:27:25:ec:1e:0a:45:af:06: 14:06:56:ae:97:d1:56:d2:77:74:d1:4e:73:ca:3f: 49:85:d8:be:a7:8e:8a:3e:44:a8:ba:ff:2b:bc:40: 2a:44:91:ba:7d:1a:4b:a1:32:b7:a7:d6:a0:39:06: 12:67:ad:10:54:58:19:65:d0:58:80:ff:c9:db:23: 9d:a2:1f:0e:10:7f:96:8d:60:5c:e7:42:74:b9:54: 88:ee:33:00:d4:18:99:dd:58:cb:b3:e2:ae:ff:b6: bc:56:10:3c:91:9d:72:45:a6:3e:dc:41:59:92:04: b1:f1:82:9f:52:ae:f9:2d:1b:b5:c2:e2:45:23:52: d9:e3:0c:fb:e7:57:b7:14:77:c1:05:72:fa:95:04: 8c:76:de:56:ae:05:96:1e:e6:eb:98:6b:c3:7a:64: 4a:4e:10:f3:a0:fe:6e:a7:0b:e0:93:be:77:cf:0b: 03:9f:16:8e:a0:b2:03:a2:b9:77:9c:4e:48:6e:20: b1:c3:77:95:94:ba:40:0c:a4:19:66:00:1c:7c:2e: d2:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:2B:E9:29:17:74:62:24:94:CB:67:69:D3:95:AE:BA:E5:8C:DD:7C X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130302e302f32342d3234203d3e2038383838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.117.100.0/24 Signature Algorithm: sha256WithRSAEncryption 88:af:d5:f4:61:ed:31:e3:e5:bd:70:b1:0f:7e:89:ec:fd:8c: 59:af:21:8e:86:29:ec:a5:a6:cb:12:a8:20:2e:66:09:6c:4b: 66:0b:29:36:99:ec:ff:26:c9:91:5e:08:6a:b1:cf:53:f3:0d: 14:83:38:28:b5:bb:89:87:3c:76:79:b7:da:ac:5c:e0:ef:5c: 3d:59:cb:3c:5b:ed:e4:81:cc:8e:5c:5e:e6:1f:eb:1b:76:51: 86:e2:b7:82:a9:f1:ee:f1:01:58:a5:45:74:0a:22:3c:7f:09: 85:7b:74:e6:cf:7b:77:6c:0d:0e:97:56:07:3c:5d:2c:ab:0a: 48:88:82:67:4f:b2:e5:46:42:93:0e:a5:3c:e3:43:03:68:aa: 20:82:2e:07:9b:cf:37:fe:01:b3:c1:13:dc:0a:36:d7:a0:dc: 38:e5:1b:a3:40:25:83:cd:c4:e4:6f:d9:05:69:d2:84:70:fc: 39:0e:bd:8d:37:5c:f4:7d:68:c9:87:53:20:e1:22:d0:4f:c6: 88:a4:8d:45:e9:7e:0f:93:12:d1:52:30:21:75:7c:fd:4f:10: 87:6c:06:e6:b9:f6:1f:35:49:fb:74:e2:c5:e2:69:48:6d:ae: 09:66:72:49:aa:c1:e3:fd:3b:9a:8d:17:17:98:4f:10:5c:fe: bb:b8:9d:55 -----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgIUJBltqngcUIY6Rnukh5EfVgwzFq0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTIzMTAxMjE2MDU0MFoX DTI0MTAxMDE2MTA0MFowMzExMC8GA1UEAxMoOEUyQkU5MjkxNzc0NjIyNDk0Q0I2 NzY5RDM5NUFFQkFFNThDREQ3QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOmlfPD6vkPAgLjPzk95DXi33A5sdqE6qQFVXIlptvDbFXkJsi2sEVJBrGp9 JJlj9/YvRScl7B4KRa8GFAZWrpfRVtJ3dNFOc8o/SYXYvqeOij5EqLr/K7xAKkSR un0aS6Eyt6fWoDkGEmetEFRYGWXQWID/ydsjnaIfDhB/lo1gXOdCdLlUiO4zANQY md1Yy7Pirv+2vFYQPJGdckWmPtxBWZIEsfGCn1Ku+S0btcLiRSNS2eMM++dXtxR3 wQVy+pUEjHbeVq4Flh7m65hrw3pkSk4Q86D+bqcL4JO+d88LA58WjqCyA6K5d5xO SG4gscN3lZS6QAykGWYAHHwu0ssCAwEAAaOCAegwggHkMB0GA1UdDgQWBBSOK+kp F3RiJJTLZ2nTla665YzdfDAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzQzNTJlMzEzMTM3MmUzMTMwMzAyZTMwMmYzMjM0 MmQzMjM0MjAzZDNlMjAzODM4MzgzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC11ZDANBgkqhkiG9w0B AQsFAAOCAQEAiK/V9GHtMePlvXCxD36J7P2MWa8hjoYp7KWmyxKoIC5mCWxLZgsp Npns/ybJkV4IarHPU/MNFIM4KLW7iYc8dnm32qxc4O9cPVnLPFvt5IHMjlxe5h/r G3ZRhuK3gqnx7vEBWKVFdAoiPH8JhXt05s97d2wNDpdWBzxdLKsKSIiCZ0+y5UZC kw6lPONDA2iqIIIuB5vPN/4Bs8ET3Ao216DcOOUbo0Alg83E5G/ZBWnShHD8OQ69 jTdc9H1oyYdTIOEi0E/GiKSNRel+D5MS0VIwIXV8/U8Qh2wG5rn2HzVJ+3TixeJp SG2uCWZySarB4/07mo0XF5hPEFz+u7idVQ== -----END CERTIFICATE-----Generated at Sat May 18 16:25:25 2024 by rpki-client on console-ams.rpki-client.org