$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/34352e3131372e3130322e302f32342d3234203d3e2034373835.roa File: 34352e3131372e3130322e302f32342d3234203d3e2034373835.roa (raw, json) Hash identifier: /+UUdPDLGPPAYRS/LchURT4xIfaw54NUklO2/rVraKY= Subject key identifier: FB:F8:26:72:D8:37:A5:A6:86:CB:78:1E:45:06:5B:0E:B0:CA:E9:98 Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 5D98414025B6CBC267A04934C4EE9E7242EB6FEF Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130322e302f32342d3234203d3e2034373835.roa Signing time: Thu 12 Oct 2023 16:10:39 +0000 ROA not before: Thu 12 Oct 2023 16:05:39 +0000 ROA not after: Thu 10 Oct 2024 16:10:39 +0000 asID: 4785 IP address blocks: 45.117.102.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 13:47:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:98:41:40:25:b6:cb:c2:67:a0:49:34:c4:ee:9e:72:42:eb:6f:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Oct 12 16:05:39 2023 GMT Not After : Oct 10 16:10:39 2024 GMT Subject: CN=FBF82672D837A5A686CB781E45065B0EB0CAE998 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:a6:b4:b3:41:15:4c:8e:9c:33:56:d2:15:c9: 47:6b:d8:94:33:cb:a6:0c:75:22:91:2b:43:e6:7e: 0e:d2:81:88:7c:d8:ae:20:66:33:0e:60:bc:7e:93: b8:39:e0:81:26:3e:9b:bd:80:b4:0b:fb:86:2c:97: 78:b7:a8:aa:60:e0:7e:bf:12:a4:7d:f9:d7:5a:24: 43:ab:5e:ba:f2:0f:5a:39:86:84:20:e4:b8:b0:c4: 62:57:93:32:8b:04:66:95:ee:85:f2:99:a0:ef:69: 1e:74:2d:e6:91:65:6c:14:9b:91:20:b1:71:a1:ac: d8:50:2f:31:16:7b:b0:38:cb:9f:45:eb:14:6b:aa: 50:2b:ab:f3:c6:c9:54:0f:a8:82:09:ad:38:1e:06: d5:9d:70:e1:98:85:42:99:e0:c2:a8:7f:6a:37:db: 57:a7:3f:83:87:62:d2:cd:4b:7e:91:a7:a5:9c:5e: 25:f9:9c:9a:5b:44:75:04:16:3e:e6:ba:ae:0b:90: db:ba:48:8d:f2:e3:17:7b:c1:43:d0:e7:d9:5a:e3: 6c:6d:8f:36:7e:18:60:e5:43:e6:4e:e6:13:d1:45: 98:9a:e5:3d:01:1b:4d:33:f9:a0:3f:b8:4e:c0:89: 4f:00:79:80:26:16:cb:80:52:40:da:ee:2f:06:3a: 87:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:F8:26:72:D8:37:A5:A6:86:CB:78:1E:45:06:5B:0E:B0:CA:E9:98 X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130322e302f32342d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.117.102.0/24 Signature Algorithm: sha256WithRSAEncryption 47:de:d4:05:93:e6:d8:cd:a2:16:b7:20:b5:f9:5b:04:0e:27: be:26:fd:7a:fc:38:22:34:7b:39:1e:ab:1c:36:3a:4a:12:ed: 8a:20:06:05:74:66:c8:8c:96:b7:61:12:5a:58:22:79:e0:06: 4f:15:13:f6:9c:41:f0:91:cb:da:d1:09:f7:32:af:70:4a:50: e5:89:06:be:f1:9f:12:98:fa:88:93:6f:64:b7:7d:8a:e3:09: 49:1b:32:45:fb:1d:b1:5f:b7:32:ae:a9:35:22:5a:63:0f:bf: b2:f9:5b:d1:d5:77:1a:29:1d:2f:1a:26:02:01:23:44:1d:54: 6c:23:92:45:bd:f6:dd:37:35:09:22:16:cb:a3:27:19:5e:52: 1a:53:15:cd:3f:5e:cf:08:1f:a5:b0:3b:28:1b:4e:20:91:0e: 21:18:c3:c0:fd:a7:43:22:3d:24:02:d7:8b:f9:e7:b1:62:ec: ac:ca:3e:b7:00:96:a3:46:69:e1:e6:e7:32:ae:80:e4:bb:73: 58:9a:5e:b3:d3:91:cd:b0:86:8c:7b:e2:26:bb:39:34:10:c7: 0d:3d:6d:af:7f:a9:7d:10:9d:cd:42:3b:49:41:4e:13:77:aa: 8c:e0:e9:04:91:6d:1d:ed:85:8f:0e:98:72:36:7b:ec:2b:2b: 98:70:92:d5 -----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgIUXZhBQCW2y8JnoEk0xO6eckLrb+8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTIzMTAxMjE2MDUzOVoX DTI0MTAxMDE2MTAzOVowMzExMC8GA1UEAxMoRkJGODI2NzJEODM3QTVBNjg2Q0I3 ODFFNDUwNjVCMEVCMENBRTk5ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+mtLNBFUyOnDNW0hXJR2vYlDPLpgx1IpErQ+Z+DtKBiHzYriBmMw5gvH6T uDnggSY+m72AtAv7hiyXeLeoqmDgfr8SpH3511okQ6teuvIPWjmGhCDkuLDEYleT MosEZpXuhfKZoO9pHnQt5pFlbBSbkSCxcaGs2FAvMRZ7sDjLn0XrFGuqUCur88bJ VA+oggmtOB4G1Z1w4ZiFQpngwqh/ajfbV6c/g4di0s1LfpGnpZxeJfmcmltEdQQW Pua6rguQ27pIjfLjF3vBQ9Dn2VrjbG2PNn4YYOVD5k7mE9FFmJrlPQEbTTP5oD+4 TsCJTwB5gCYWy4BSQNruLwY6h8kCAwEAAaOCAegwggHkMB0GA1UdDgQWBBT7+CZy 2DelpobLeB5FBlsOsMrpmDAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzQzNTJlMzEzMTM3MmUzMTMwMzIyZTMwMmYzMjM0 MmQzMjM0MjAzZDNlMjAzNDM3MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC11ZjANBgkqhkiG9w0B AQsFAAOCAQEAR97UBZPm2M2iFrcgtflbBA4nvib9evw4IjR7OR6rHDY6ShLtiiAG BXRmyIyWt2ESWlgieeAGTxUT9pxB8JHL2tEJ9zKvcEpQ5YkGvvGfEpj6iJNvZLd9 iuMJSRsyRfsdsV+3Mq6pNSJaYw+/svlb0dV3GikdLxomAgEjRB1UbCOSRb323Tc1 CSIWy6MnGV5SGlMVzT9ezwgfpbA7KBtOIJEOIRjDwP2nQyI9JALXi/nnsWLsrMo+ twCWo0Zp4ebnMq6A5LtzWJpes9ORzbCGjHviJrs5NBDHDT1tr3+pfRCdzUI7SUFO E3eqjODpBJFtHe2Fjw6YcjZ77CsrmHCS1Q== -----END CERTIFICATE-----Generated at Sun May 5 15:51:31 2024 by rpki-client on console-fra.rpki-client.org