$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/34352e3131372e3130312e302f32342d3234203d3e2034373835.roa File: 34352e3131372e3130312e302f32342d3234203d3e2034373835.roa (raw, json) Hash identifier: iTa3BK0ve/O/SJR9CzCWGZeYkBAlje1b84uMruy/6Zo= Subject key identifier: A1:70:78:0F:37:78:1B:07:4F:82:9D:0E:23:B9:DF:F4:31:BE:C7:6B Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 182A71B326CEFFD4991AF7A811E85E52521B1509 Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130312e302f32342d3234203d3e2034373835.roa Signing time: Thu 12 Oct 2023 16:10:39 +0000 ROA not before: Thu 12 Oct 2023 16:05:39 +0000 ROA not after: Thu 10 Oct 2024 16:10:39 +0000 asID: 4785 IP address blocks: 45.117.101.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 13:47:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:2a:71:b3:26:ce:ff:d4:99:1a:f7:a8:11:e8:5e:52:52:1b:15:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Oct 12 16:05:39 2023 GMT Not After : Oct 10 16:10:39 2024 GMT Subject: CN=A170780F37781B074F829D0E23B9DFF431BEC76B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:a1:ff:09:60:b4:18:44:a6:6f:58:7c:1a:71: 5d:03:95:89:e9:b7:e1:54:bc:7e:af:e3:4b:df:0d: 26:56:4f:19:40:47:96:ca:c6:6d:19:33:1b:b1:95: 32:5f:c4:0b:99:1f:2d:85:d6:b4:64:b0:6b:5c:e5: c2:2f:a5:c6:63:5e:bc:be:b1:e6:d8:73:70:60:fa: fa:4f:05:3a:f1:fc:99:e3:0b:34:97:bd:97:3d:b4: 66:e0:9e:cd:bc:34:34:c7:cc:e6:da:29:03:5b:b0: 0a:92:f2:f5:f2:b4:13:1c:cc:40:af:f1:bb:d7:65: b9:2f:e1:43:ee:9a:3e:ad:c4:e0:51:1b:8f:c8:b1: a6:ed:ed:83:00:3a:56:b8:ee:60:8d:69:5e:b0:b2: a5:49:bb:63:d0:c4:89:24:dd:8a:e4:af:e7:b8:f3: 5e:0e:46:72:7f:9b:cf:08:24:e0:75:0e:0c:d8:97: db:0f:b5:2c:7e:32:95:91:f0:9b:56:ed:f3:0d:2b: 72:d1:9e:4b:64:e6:a9:2d:08:15:07:e1:7e:78:34: 75:da:ee:b3:22:40:a3:6e:85:29:d6:d5:5e:64:0e: e6:ea:28:9f:86:07:dc:25:8f:04:73:17:07:47:86: 35:81:da:15:bb:ab:a7:83:00:2d:c5:e0:3d:77:db: d2:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:70:78:0F:37:78:1B:07:4F:82:9D:0E:23:B9:DF:F4:31:BE:C7:6B X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130312e302f32342d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.117.101.0/24 Signature Algorithm: sha256WithRSAEncryption 78:f8:44:2a:a2:bc:4a:c1:3c:f0:68:37:c2:9f:69:2b:9e:4a: 74:a7:05:25:09:10:af:0c:c4:ff:15:41:8a:20:47:b3:f2:fd: a5:f3:11:ec:01:99:ff:09:ea:1b:19:48:8e:c9:60:71:7e:a0: 73:8b:29:21:6e:e3:a0:81:fe:97:9c:4b:88:96:f1:4d:72:36: d3:05:c3:48:c7:0a:17:2e:3f:64:e2:ed:41:f7:57:36:0b:9d: a4:1d:12:9e:4b:b2:27:35:37:72:96:90:7d:da:42:2e:d8:7c: 78:92:56:a2:23:ef:68:01:83:2e:93:b4:03:aa:c5:a0:60:2a: 79:cd:52:84:1e:b5:74:d7:61:c3:8e:77:d2:8a:2c:ba:ed:d5: f9:b0:66:b8:53:a5:12:f7:28:02:af:3f:d4:0c:de:27:68:90: 8a:6e:3c:69:e5:2e:ce:d4:bc:aa:7e:e5:24:5e:81:b4:30:10: 4e:74:25:d8:a0:34:c7:e2:14:5c:1c:68:bb:2a:69:ed:15:11: 0e:d6:e1:e8:d9:da:c0:9b:e4:6b:3c:77:c9:a7:2c:fb:7a:a9: c7:b3:68:3f:68:27:aa:78:84:13:92:e3:f0:4e:a3:a3:0e:a6: ec:3a:98:04:e5:f0:7b:29:1d:c5:76:33:85:18:73:9e:0a:6b: ad:a8:db:09 -----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgIUGCpxsybO/9SZGveoEeheUlIbFQkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTIzMTAxMjE2MDUzOVoX DTI0MTAxMDE2MTAzOVowMzExMC8GA1UEAxMoQTE3MDc4MEYzNzc4MUIwNzRGODI5 RDBFMjNCOURGRjQzMUJFQzc2QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKOh/wlgtBhEpm9YfBpxXQOViem34VS8fq/jS98NJlZPGUBHlsrGbRkzG7GV Ml/EC5kfLYXWtGSwa1zlwi+lxmNevL6x5thzcGD6+k8FOvH8meMLNJe9lz20ZuCe zbw0NMfM5topA1uwCpLy9fK0ExzMQK/xu9dluS/hQ+6aPq3E4FEbj8ixpu3tgwA6 VrjuYI1pXrCypUm7Y9DEiSTdiuSv57jzXg5Gcn+bzwgk4HUODNiX2w+1LH4ylZHw m1bt8w0rctGeS2TmqS0IFQfhfng0ddrusyJAo26FKdbVXmQO5uoon4YH3CWPBHMX B0eGNYHaFburp4MALcXgPXfb0mUCAwEAAaOCAegwggHkMB0GA1UdDgQWBBShcHgP N3gbB0+CnQ4jud/0Mb7HazAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzQzNTJlMzEzMTM3MmUzMTMwMzEyZTMwMmYzMjM0 MmQzMjM0MjAzZDNlMjAzNDM3MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC11ZTANBgkqhkiG9w0B AQsFAAOCAQEAePhEKqK8SsE88Gg3wp9pK55KdKcFJQkQrwzE/xVBiiBHs/L9pfMR 7AGZ/wnqGxlIjslgcX6gc4spIW7joIH+l5xLiJbxTXI20wXDSMcKFy4/ZOLtQfdX NgudpB0SnkuyJzU3cpaQfdpCLth8eJJWoiPvaAGDLpO0A6rFoGAqec1ShB61dNdh w4530oosuu3V+bBmuFOlEvcoAq8/1AzeJ2iQim48aeUuztS8qn7lJF6BtDAQTnQl 2KA0x+IUXBxouypp7RURDtbh6NnawJvkazx3yacs+3qpx7NoP2gnqniEE5Lj8E6j ow6m7DqYBOXweykdxXYzhRhzngprrajbCQ== -----END CERTIFICATE-----Generated at Sun May 5 15:51:31 2024 by rpki-client on console-fra.rpki-client.org