$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/34352e3131372e3130322e302f32342d3234203d3e2034373835.roa File: 34352e3131372e3130322e302f32342d3234203d3e2034373835.roa (raw, json) Hash identifier: sjhpTTvgo1FU3FaH8+zye7CEY4XTySIpONdDjAMSaqY= Subject key identifier: 8B:93:F5:6D:93:0D:41:12:2A:C6:A8:D3:CB:9A:18:3D:1D:CD:7B:AC Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 25E37BB812FFB58F4A87D25C3520DBF671687009 Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130322e302f32342d3234203d3e2034373835.roa Signing time: Sat 14 Sep 2024 01:22:23 +0000 ROA not before: Sat 14 Sep 2024 01:17:23 +0000 ROA not after: Sat 13 Sep 2025 01:22:23 +0000 asID: 4785 IP address blocks: 45.117.102.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 09:59:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:e3:7b:b8:12:ff:b5:8f:4a:87:d2:5c:35:20:db:f6:71:68:70:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Sep 14 01:17:23 2024 GMT Not After : Sep 13 01:22:23 2025 GMT Subject: CN=8B93F56D930D41122AC6A8D3CB9A183D1DCD7BAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:e3:3f:d9:58:77:6a:61:62:ec:a6:38:7d:f5: bd:c9:b6:51:3a:e3:86:f7:68:4c:79:01:c7:96:99: bf:8e:82:d9:7f:6e:e4:ca:77:88:09:15:06:40:a7: 3e:94:91:56:b8:19:45:0d:ee:6b:85:4d:2b:8a:73: 83:d0:27:3a:ab:af:ec:63:39:b8:65:6a:ef:34:4e: 22:15:c9:f9:fb:c5:9e:67:36:a5:90:17:26:69:e9: 33:be:6d:09:8c:03:f5:f3:0c:dc:14:7b:7e:49:61: d4:04:49:b7:ea:60:f5:52:f3:7e:7a:82:31:fe:2e: a2:3e:b2:f8:d5:74:5d:f1:bb:f5:cc:e0:de:43:48: 49:28:fe:bb:14:fa:e2:01:ea:4b:ee:9c:59:de:c4: 83:dc:ef:d8:1a:97:72:13:92:9f:79:7e:a2:f0:58: 67:26:97:3f:57:18:a2:28:2b:e8:51:f5:2a:7b:c8: 89:3d:ea:96:19:43:42:df:95:ca:76:f7:91:b2:b8: 78:2f:b7:c8:b8:a9:2f:a3:27:52:c5:b2:da:0e:06: 3f:67:00:3d:57:c7:49:b5:3e:71:57:74:0d:ec:a5: 25:69:de:d1:a6:0f:40:40:b2:e4:04:93:15:3c:a2: be:f6:fc:1f:a6:d4:6f:66:86:93:7b:ea:7a:c2:9e: 5c:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:93:F5:6D:93:0D:41:12:2A:C6:A8:D3:CB:9A:18:3D:1D:CD:7B:AC X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130322e302f32342d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.117.102.0/24 Signature Algorithm: sha256WithRSAEncryption 00:0c:12:17:3b:90:75:bb:60:2f:ab:78:a1:5c:18:12:c7:5c: 96:20:02:10:b8:99:8b:78:50:eb:dd:9a:cd:be:7d:98:0e:4d: ab:3a:fa:d5:39:2f:13:0d:5e:dd:c5:c9:58:5b:c0:43:2b:08: ee:ed:67:54:4d:b7:81:7b:37:97:55:58:9c:10:db:62:56:ec: 2e:ee:91:35:02:0a:ba:67:20:98:bc:c8:1a:6c:4d:f8:53:d5: 0a:36:75:44:86:2e:bd:2c:8d:74:b1:a1:15:c2:e5:97:67:d4: 62:d9:32:72:75:69:e9:ff:59:89:30:35:70:e8:8b:71:1e:b5: 43:06:1e:4d:ca:73:87:85:22:bf:d4:fc:75:7d:55:cc:7e:c1: 50:72:5d:98:fb:0d:c3:3a:ac:f2:4b:1a:cb:8b:0f:1b:3a:46: 5e:63:dd:06:d1:7f:c9:84:03:ed:b4:96:61:d1:d3:f4:4c:f0: ee:fd:dc:a8:8d:5e:85:e6:ba:0c:28:78:ef:37:fd:89:61:57: 44:49:b2:e2:a3:a7:36:4f:ad:d3:f2:8d:1e:85:fc:b1:08:0a: 17:46:65:8b:a0:5c:7b:34:67:a5:f3:ac:bd:88:86:ed:db:5d: a7:24:dd:7a:21:a7:0e:32:03:60:64:aa:cc:70:ae:6d:37:5f: 01:54:20:68 -----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgIUJeN7uBL/tY9Kh9JcNSDb9nFocAkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI0MDkxNDAxMTcyM1oX DTI1MDkxMzAxMjIyM1owMzExMC8GA1UEAxMoOEI5M0Y1NkQ5MzBENDExMjJBQzZB OEQzQ0I5QTE4M0QxRENEN0JBQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMzjP9lYd2phYuymOH31vcm2UTrjhvdoTHkBx5aZv46C2X9u5Mp3iAkVBkCn PpSRVrgZRQ3ua4VNK4pzg9AnOquv7GM5uGVq7zROIhXJ+fvFnmc2pZAXJmnpM75t CYwD9fMM3BR7fklh1ARJt+pg9VLzfnqCMf4uoj6y+NV0XfG79czg3kNISSj+uxT6 4gHqS+6cWd7Eg9zv2BqXchOSn3l+ovBYZyaXP1cYoigr6FH1KnvIiT3qlhlDQt+V ynb3kbK4eC+3yLipL6MnUsWy2g4GP2cAPVfHSbU+cVd0DeylJWne0aYPQECy5AST FTyivvb8H6bUb2aGk3vqesKeXP8CAwEAAaOCAegwggHkMB0GA1UdDgQWBBSLk/Vt kw1BEirGqNPLmhg9Hc17rDAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzQzNTJlMzEzMTM3MmUzMTMwMzIyZTMwMmYzMjM0 MmQzMjM0MjAzZDNlMjAzNDM3MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC11ZjANBgkqhkiG9w0B AQsFAAOCAQEAAAwSFzuQdbtgL6t4oVwYEsdcliACELiZi3hQ692azb59mA5Nqzr6 1TkvEw1e3cXJWFvAQysI7u1nVE23gXs3l1VYnBDbYlbsLu6RNQIKumcgmLzIGmxN +FPVCjZ1RIYuvSyNdLGhFcLll2fUYtkycnVp6f9ZiTA1cOiLcR61QwYeTcpzh4Ui v9T8dX1VzH7BUHJdmPsNwzqs8ksay4sPGzpGXmPdBtF/yYQD7bSWYdHT9Ezw7v3c qI1ehea6DCh47zf9iWFXREmy4qOnNk+t0/KNHoX8sQgKF0Zli6BcezRnpfOsvYiG 7dtdpyTdeiGnDjIDYGSqzHCubTdfAVQgaA== -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:48 2024 by rpki-client on console-fra.rpki-client.org