$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3130332e35362e35322e302f32322d3234203d3e2038383838.roa File: 3130332e35362e35322e302f32322d3234203d3e2038383838.roa (raw, json) Hash identifier: ky4gN4X8Kk/a3uT+GoFgjorYPoni8Qhbdyxyd/1eQao= Subject key identifier: 25:6F:65:72:76:AF:B8:56:B5:D0:97:9E:86:23:7E:B8:1F:C1:B7:D2 Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 6E951C4C139CC22C12875E67AC6FEC3FE5309CA4 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3130332e35362e35322e302f32322d3234203d3e2038383838.roa Signing time: Thu 12 Dec 2024 06:23:35 +0000 ROA not before: Thu 12 Dec 2024 06:18:35 +0000 ROA not after: Thu 11 Dec 2025 06:23:35 +0000 asID: 8888 IP address blocks: 103.56.52.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 00:18:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:95:1c:4c:13:9c:c2:2c:12:87:5e:67:ac:6f:ec:3f:e5:30:9c:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000, serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Dec 12 06:18:35 2024 GMT Not After : Dec 11 06:23:35 2025 GMT Subject: CN=256F657276AFB856B5D0979E86237EB81FC1B7D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:82:2b:54:b3:ca:e8:29:5a:43:1d:bb:f2:39: af:8e:06:a6:e2:95:07:b9:9b:a1:32:6c:79:57:41: 7e:7b:43:be:04:ed:8c:bc:96:e8:ac:a7:d1:7d:74: ed:73:ea:44:19:1a:7f:ec:23:9a:01:23:5c:a4:e4: e4:9b:0a:48:a3:b2:66:4e:cf:f7:40:81:63:b1:f9: 3f:47:d9:52:5c:dc:eb:da:b1:5e:da:42:f0:d0:42: 6f:9a:a1:88:e1:44:00:bd:1a:50:85:74:40:51:c1: bd:63:48:d5:d8:6f:6b:42:57:63:07:4b:cd:1f:26: 56:6d:c9:1f:3b:52:77:d0:a8:6b:bb:c4:ff:7c:c7: cc:8f:f0:a0:a5:21:1f:57:46:f8:63:19:df:ea:9c: a5:e9:39:91:fb:9f:62:9c:36:77:f8:fa:85:89:a2: e6:3b:49:3b:ac:8b:37:96:83:93:c8:88:35:f4:d2: 8e:7f:fb:6d:55:9a:9b:ad:a0:c7:d5:23:ed:79:55: e7:32:0d:81:b7:5e:d6:65:6e:43:80:8c:49:9c:f8: d2:21:9f:fd:e6:61:0b:42:b1:b9:07:a7:49:57:d9: bf:47:1a:56:9b:9d:cc:bd:9e:3b:6a:bc:5a:fb:3b: 3c:1c:00:b4:8d:f9:9e:6e:6d:e7:10:ac:ea:f6:06: f5:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:6F:65:72:76:AF:B8:56:B5:D0:97:9E:86:23:7E:B8:1F:C1:B7:D2 X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3130332e35362e35322e302f32322d3234203d3e2038383838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.56.52.0/22 Signature Algorithm: sha256WithRSAEncryption 65:d3:c4:83:48:f5:7b:71:3e:49:af:64:b2:92:f0:9f:9c:48: a3:91:25:f9:1b:f1:28:e3:af:b7:82:a3:b0:34:e8:9d:56:e8: 1a:81:8a:69:4a:1e:70:72:51:17:9e:ad:62:42:41:aa:aa:8c: a3:1a:77:39:2f:8b:30:de:bd:3d:c1:d7:11:e5:65:45:c2:ed: 75:0b:25:25:3c:2d:4f:c8:44:8f:76:32:a5:40:11:3c:6e:07: a6:1a:47:67:49:8f:53:39:71:35:e9:3b:ff:36:0d:9d:44:8a: ff:2e:13:d9:e5:05:63:34:8b:59:ac:65:e3:a7:05:78:ea:92: f7:b3:a0:b8:49:15:2a:54:a8:9d:0b:7f:7f:ea:85:b2:a2:c0: 91:82:93:6d:d8:6b:b4:cd:c8:e0:91:29:aa:bf:97:0c:76:2e: ba:5d:c8:96:ef:f8:5f:ad:ca:c3:d5:ce:8e:02:ee:c6:e3:de: b6:2d:b5:8a:73:d0:5b:06:56:44:46:f0:49:16:fd:48:b2:a2: 95:34:95:f9:08:0a:c9:16:26:30:09:f6:42:34:7a:7d:a8:ac: e9:1e:6d:2f:2e:c4:dc:43:6a:78:95:f2:87:e5:92:83:d1:08: fa:a1:93:90:e9:9a:78:da:e5:42:e6:22:54:20:5c:9e:48:65: 97:ce:c3:28 -----BEGIN CERTIFICATE----- MIIE8zCCA9ugAwIBAgIUbpUcTBOcwiwSh15nrG/sP+UwnKQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI0MTIxMjA2MTgzNVoX DTI1MTIxMTA2MjMzNVowMzExMC8GA1UEAxMoMjU2RjY1NzI3NkFGQjg1NkI1RDA5 NzlFODYyMzdFQjgxRkMxQjdEMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALOCK1SzyugpWkMdu/I5r44GpuKVB7mboTJseVdBfntDvgTtjLyW6Kyn0X10 7XPqRBkaf+wjmgEjXKTk5JsKSKOyZk7P90CBY7H5P0fZUlzc69qxXtpC8NBCb5qh iOFEAL0aUIV0QFHBvWNI1dhva0JXYwdLzR8mVm3JHztSd9Coa7vE/3zHzI/woKUh H1dG+GMZ3+qcpek5kfufYpw2d/j6hYmi5jtJO6yLN5aDk8iINfTSjn/7bVWam62g x9Uj7XlV5zINgbde1mVuQ4CMSZz40iGf/eZhC0KxuQenSVfZv0caVpudzL2eO2q8 Wvs7PBwAtI35nm5t5xCs6vYG9X8CAwEAAaOCAeYwggHiMB0GA1UdDgQWBBQlb2Vy dq+4VrXQl56GI364H8G30jAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzMDMzMmUzNTM2MmUzNTMyMmUzMDJmMzIzMjJk MzIzNDIwM2QzZTIwMzgzODM4Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJnODQwDQYJKoZIhvcNAQEL BQADggEBAGXTxINI9XtxPkmvZLKS8J+cSKORJfkb8Sjjr7eCo7A06J1W6BqBimlK HnByUReerWJCQaqqjKMadzkvizDevT3B1xHlZUXC7XULJSU8LU/IRI92MqVAETxu B6YaR2dJj1M5cTXpO/82DZ1Eiv8uE9nlBWM0i1msZeOnBXjqkvezoLhJFSpUqJ0L f3/qhbKiwJGCk23Ya7TNyOCRKaq/lwx2LrpdyJbv+F+tysPVzo4C7sbj3rYttYpz 0FsGVkRG8EkW/UiyopU0lfkICskWJjAJ9kI0en2orOkebS8uxNxDaniV8oflkoPR CPqhk5Dpmnja5ULmIlQgXJ5IZZfOwyg= -----END CERTIFICATE-----Generated at Sat Apr 26 06:22:59 2025 by rpki-client on console.sobornost.net