$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/34352e3131372e3130312e302f32342d3234203d3e2034373835.roa File: 34352e3131372e3130312e302f32342d3234203d3e2034373835.roa (raw, json) Hash identifier: RoPjCRMghwCK+9v8LueB1XO0CyHUDX9hongUtmgU4JA= Subject key identifier: 7E:DB:B5:03:63:3A:9C:A3:0A:46:DF:FF:DF:C5:E6:84:A3:7A:C0:65 Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 3D5D2C4FE2B13055C01245F70589C871C5E52FA2 Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130312e302f32342d3234203d3e2034373835.roa Signing time: Sat 14 Sep 2024 01:22:23 +0000 ROA not before: Sat 14 Sep 2024 01:17:23 +0000 ROA not after: Sat 13 Sep 2025 01:22:23 +0000 asID: 4785 IP address blocks: 45.117.101.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 09:59:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:5d:2c:4f:e2:b1:30:55:c0:12:45:f7:05:89:c8:71:c5:e5:2f:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Sep 14 01:17:23 2024 GMT Not After : Sep 13 01:22:23 2025 GMT Subject: CN=7EDBB503633A9CA30A46DFFFDFC5E684A37AC065 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:70:82:29:c4:9e:0f:5d:4b:33:4a:d3:fc:9d: ab:1a:4d:06:af:a1:80:ba:49:51:86:94:e4:a0:05: 4e:2a:91:3d:29:af:13:13:50:89:9f:10:77:19:54: 90:bf:ba:44:7a:eb:11:aa:ac:a8:f9:0d:8c:4c:ae: 31:a6:cf:ab:6c:5b:f2:ef:ed:13:d3:9d:e3:3a:2f: aa:c7:2e:38:b2:28:55:0b:dc:9e:0d:e3:36:5c:df: 3d:88:cb:15:78:e6:27:f5:9f:dd:f4:a3:80:81:da: 63:83:5d:b4:cf:c9:64:61:df:6f:e5:6d:98:8c:de: 59:72:2f:2f:a1:00:67:81:4e:08:d7:14:31:30:ae: f2:32:19:dc:ac:94:21:08:97:d3:a6:44:4a:e0:23: 6a:20:cd:c4:ad:ea:10:6e:f3:a1:d2:fb:5a:b3:d9: e8:c2:0a:38:be:08:88:37:82:61:90:c7:e6:21:dc: f3:6a:79:63:10:b3:8c:ef:0e:30:c3:82:ea:cf:fe: 88:df:1b:64:59:a8:03:f4:21:b7:12:1c:dc:99:96: 01:2e:9c:ad:70:c9:69:ba:65:3e:e4:46:e0:43:bd: 9a:6c:54:e3:5b:73:cb:dc:bf:9f:4d:1d:53:52:14: de:d6:8c:ef:db:fd:61:94:ee:c7:f1:ac:4f:21:4f: ac:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:DB:B5:03:63:3A:9C:A3:0A:46:DF:FF:DF:C5:E6:84:A3:7A:C0:65 X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130312e302f32342d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.117.101.0/24 Signature Algorithm: sha256WithRSAEncryption 16:72:3a:2b:96:5b:03:5f:2b:34:69:5e:11:28:b2:3a:bb:58: a2:b0:3b:35:ae:79:7b:eb:d6:05:cc:7c:08:00:30:d2:da:93: 63:88:88:ef:2f:79:48:06:ab:1c:db:e9:db:9b:df:8f:b0:d3: 43:99:d4:c2:0e:26:3f:24:a8:db:16:91:cc:3a:df:11:7c:1e: 27:f9:79:d0:98:06:1b:fa:3a:f0:b0:cf:61:d6:32:c1:8d:23: e1:34:75:8e:9e:93:93:bc:3d:16:2b:6e:7b:fe:b6:46:0d:a3: dc:ba:a8:65:42:41:51:b3:89:f6:95:5e:95:3c:a2:73:4e:8a: c1:10:77:d5:c2:af:3b:3a:fd:a8:bb:b2:6e:2c:9d:6f:dc:2b: 4b:7c:e4:ed:f2:8e:55:c0:34:6f:6a:15:67:33:58:74:e7:40: 5b:9d:67:95:e0:99:0f:36:f0:47:58:77:b5:07:47:23:fb:c4: 60:d0:d5:5a:4d:5d:c0:a3:44:46:50:a8:3c:63:e4:98:fb:39: 31:5c:82:8b:7f:1a:7a:c9:1b:7e:0b:3b:1f:e0:a6:c8:5f:26: 50:4c:82:f4:19:b7:35:73:e9:3f:76:64:39:ef:1b:35:25:b1: c6:9e:8f:a3:b5:c8:74:57:9c:b1:b6:1a:e5:10:09:b1:10:bf: 8b:f6:73:9a -----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgIUPV0sT+KxMFXAEkX3BYnIccXlL6IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI0MDkxNDAxMTcyM1oX DTI1MDkxMzAxMjIyM1owMzExMC8GA1UEAxMoN0VEQkI1MDM2MzNBOUNBMzBBNDZE RkZGREZDNUU2ODRBMzdBQzA2NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKZwginEng9dSzNK0/ydqxpNBq+hgLpJUYaU5KAFTiqRPSmvExNQiZ8QdxlU kL+6RHrrEaqsqPkNjEyuMabPq2xb8u/tE9Od4zovqscuOLIoVQvcng3jNlzfPYjL FXjmJ/Wf3fSjgIHaY4NdtM/JZGHfb+VtmIzeWXIvL6EAZ4FOCNcUMTCu8jIZ3KyU IQiX06ZESuAjaiDNxK3qEG7zodL7WrPZ6MIKOL4IiDeCYZDH5iHc82p5YxCzjO8O MMOC6s/+iN8bZFmoA/QhtxIc3JmWAS6crXDJabplPuRG4EO9mmxU41tzy9y/n00d U1IU3taM79v9YZTux/GsTyFPrLkCAwEAAaOCAegwggHkMB0GA1UdDgQWBBR+27UD YzqcowpG3//fxeaEo3rAZTAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzQzNTJlMzEzMTM3MmUzMTMwMzEyZTMwMmYzMjM0 MmQzMjM0MjAzZDNlMjAzNDM3MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC11ZTANBgkqhkiG9w0B AQsFAAOCAQEAFnI6K5ZbA18rNGleESiyOrtYorA7Na55e+vWBcx8CAAw0tqTY4iI 7y95SAarHNvp25vfj7DTQ5nUwg4mPySo2xaRzDrfEXweJ/l50JgGG/o68LDPYdYy wY0j4TR1jp6Tk7w9Fitue/62Rg2j3LqoZUJBUbOJ9pVelTyic06KwRB31cKvOzr9 qLuybiydb9wrS3zk7fKOVcA0b2oVZzNYdOdAW51nleCZDzbwR1h3tQdHI/vEYNDV Wk1dwKNERlCoPGPkmPs5MVyCi38aeskbfgs7H+CmyF8mUEyC9Bm3NXPpP3ZkOe8b NSWxxp6Po7XIdFecsbYa5RAJsRC/i/Zzmg== -----END CERTIFICATE-----Generated at Fri Nov 22 10:15:28 2024 by rpki-client on console-ams.rpki-client.org