$ rpki-client -vvf rpki.roa.net/rrdp/xTom/57/34352e3131372e3130332e302f32342d3234203d3e2034373835.roa File: 34352e3131372e3130332e302f32342d3234203d3e2034373835.roa (raw, json) Hash identifier: OAx44UBQtqTx/sf7Ypb1JySuUeicgRwCGdCfYQjlgWk= Subject key identifier: 73:9A:AF:83:63:B6:8C:F3:F7:B9:57:F3:20:E1:8F:E4:0D:B6:13:8F Certificate issuer: /CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Certificate serial: 3A1597822636CC2E932533CC70D6F7221D32C84C Authority key identifier: 5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130332e302f32342d3234203d3e2034373835.roa Signing time: Sat 14 Sep 2024 01:22:23 +0000 ROA not before: Sat 14 Sep 2024 01:17:23 +0000 ROA not after: Sat 13 Sep 2025 01:22:23 +0000 asID: 4785 IP address blocks: 45.117.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 09:59:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:15:97:82:26:36:cc:2e:93:25:33:cc:70:d6:f7:22:1d:32:c8:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA37D0000/serialNumber=5A19D2FDC8392727696F70449B8B32AF772091A8 Validity Not Before: Sep 14 01:17:23 2024 GMT Not After : Sep 13 01:22:23 2025 GMT Subject: CN=739AAF8363B68CF3F7B957F320E18FE40DB6138F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:66:6b:d9:a8:16:37:32:3f:2e:00:69:22:f5: 05:ee:2c:a9:e8:38:83:81:e2:f7:e3:c0:9a:6b:4f: 01:0e:6c:a2:cb:0d:46:75:d0:a2:52:1c:52:85:4e: 07:9e:47:d0:a5:21:85:19:b8:f8:2a:cb:f4:9e:9b: 89:69:8c:0b:28:ae:80:e6:73:e3:17:ac:b8:31:61: 72:b1:d8:72:d1:8a:17:39:ba:86:b8:4f:f4:20:04: 60:47:f1:80:70:e7:78:84:89:f8:23:0e:e1:2f:dd: aa:20:45:9a:ac:81:82:43:56:c4:24:4b:5c:54:06: 46:09:90:0e:af:74:47:49:95:12:6e:c7:ad:bc:5c: 18:da:15:78:39:08:03:47:9c:a6:db:54:de:43:c6: f7:bb:b0:c0:57:3d:6a:b4:c4:37:b8:5d:c4:17:6d: 81:53:f3:f7:11:00:c7:7b:49:c6:43:a1:e4:99:9c: 04:0e:eb:56:e1:ee:70:6c:a9:35:e8:77:b3:40:5c: 61:0e:34:9d:89:7c:cc:5e:09:c5:7e:17:8a:a5:35: 90:50:bc:76:de:ab:7f:8a:56:43:19:87:c2:af:58: be:d2:71:48:d4:fe:31:53:d8:0d:2f:7f:08:51:91: 6c:89:ef:e3:f4:bf:5e:b3:54:fa:cb:75:f4:e8:0b: e0:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:9A:AF:83:63:B6:8C:F3:F7:B9:57:F3:20:E1:8F:E4:0D:B6:13:8F X509v3 Authority Key Identifier: keyid:5A:19:D2:FD:C8:39:27:27:69:6F:70:44:9B:8B:32:AF:77:20:91:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/57/5A19D2FDC8392727696F70449B8B32AF772091A8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WhnS_cg5Jydpb3BEm4syr3cgkag.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/57/34352e3131372e3130332e302f32342d3234203d3e2034373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.117.103.0/24 Signature Algorithm: sha256WithRSAEncryption 9d:29:72:37:93:49:bc:f1:84:a7:e8:5e:26:d0:a3:42:e8:c2: 56:cb:27:4d:3e:10:8d:99:00:d4:34:1c:bc:7c:56:f9:19:1c: 93:6e:59:cb:d4:97:ed:a1:00:13:9d:15:b4:03:e2:de:84:d2: 71:45:88:99:85:cb:a9:f5:a9:db:d9:fb:28:41:45:76:77:85: b5:ea:b6:08:12:72:c0:e0:f2:c3:8a:a8:da:f8:c4:24:a5:31: 58:8e:58:12:83:40:18:e6:52:cf:23:60:dc:fd:77:0d:54:43: da:77:02:3c:f5:3b:5f:78:0b:f2:e9:4b:df:f4:47:ed:4b:e6: ed:89:f1:c7:e2:e7:d5:54:48:ce:e6:ea:90:cb:0a:99:60:05: a6:cf:0f:c6:54:7d:c7:01:b7:a4:30:1b:4c:04:5a:29:29:a4: d8:de:5f:8d:bb:3c:50:b5:26:1b:90:0b:b2:99:09:c5:bc:94: b6:2d:00:59:9c:a6:87:86:0f:45:d0:0c:8d:b3:11:3a:34:df: 06:39:0e:10:99:39:ca:77:17:8d:73:44:68:b0:e2:77:8b:26: b8:b9:28:b1:cb:6b:0a:f1:95:a5:bb:fc:f8:11:8d:b0:47:5c: 35:66:12:eb:df:cd:54:85:89:78:15:c0:f4:4b:f2:8f:c6:99: 11:95:aa:06 -----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgIUOhWXgiY2zC6TJTPMcNb3Ih0yyEwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkEzN0QwMDAwMTEwLwYDVQQFEyg1QTE5RDJGREM4 MzkyNzI3Njk2RjcwNDQ5QjhCMzJBRjc3MjA5MUE4MB4XDTI0MDkxNDAxMTcyM1oX DTI1MDkxMzAxMjIyM1owMzExMC8GA1UEAxMoNzM5QUFGODM2M0I2OENGM0Y3Qjk1 N0YzMjBFMThGRTQwREI2MTM4RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANNma9moFjcyPy4AaSL1Be4sqeg4g4Hi9+PAmmtPAQ5sossNRnXQolIcUoVO B55H0KUhhRm4+CrL9J6biWmMCyiugOZz4xesuDFhcrHYctGKFzm6hrhP9CAEYEfx gHDneISJ+CMO4S/dqiBFmqyBgkNWxCRLXFQGRgmQDq90R0mVEm7HrbxcGNoVeDkI A0ecpttU3kPG97uwwFc9arTEN7hdxBdtgVPz9xEAx3tJxkOh5JmcBA7rVuHucGyp Neh3s0BcYQ40nYl8zF4JxX4XiqU1kFC8dt6rf4pWQxmHwq9YvtJxSNT+MVPYDS9/ CFGRbInv4/S/XrNU+st19OgL4N0CAwEAAaOCAegwggHkMB0GA1UdDgQWBBRzmq+D Y7aM8/e5V/Mg4Y/kDbYTjzAfBgNVHSMEGDAWgBRaGdL9yDknJ2lvcESbizKvdyCR qDAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzU3LzVBMTlEMkZEQzgzOTI3Mjc2OTZGNzA0NDlC OEIzMkFGNzcyMDkxQTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL1doblNfY2c1SnlkcGIzQkVtNHN5cjNjZ2thZy5j ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNTcvMzQzNTJlMzEzMTM3MmUzMTMwMzMyZTMwMmYzMjM0 MmQzMjM0MjAzZDNlMjAzNDM3MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC11ZzANBgkqhkiG9w0B AQsFAAOCAQEAnSlyN5NJvPGEp+heJtCjQujCVssnTT4QjZkA1DQcvHxW+Rkck25Z y9SX7aEAE50VtAPi3oTScUWImYXLqfWp29n7KEFFdneFteq2CBJywODyw4qo2vjE JKUxWI5YEoNAGOZSzyNg3P13DVRD2ncCPPU7X3gL8ulL3/RH7Uvm7Ynxx+Ln1VRI zubqkMsKmWAFps8PxlR9xwG3pDAbTARaKSmk2N5fjbs8ULUmG5ALspkJxbyUti0A WZymh4YPRdAMjbMROjTfBjkOEJk5yncXjXNEaLDid4smuLkosctrCvGVpbv8+BGN sEdcNWYS69/NVIWJeBXA9Evyj8aZEZWqBg== -----END CERTIFICATE-----Generated at Fri Nov 22 10:06:48 2024 by rpki-client on console-fra.rpki-client.org