$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3234203d3e2038383838.roa File: 3138302e3233352e3133362e302f32322d3234203d3e2038383838.roa (raw, json) Hash identifier: QbKuW5JSVD7SwP6FCC3P3TnaaLBUrOOiffHhmxAIliI= Subject key identifier: CB:7B:E8:38:32:E0:01:13:35:7B:90:44:ED:18:0F:91:0A:0E:2A:BA Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Certificate serial: 3136CE7DAA5ABC634CA742DAAC42A341B958C2A5 Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3234203d3e2038383838.roa Signing time: Thu 12 Dec 2024 06:24:52 +0000 ROA not before: Thu 12 Dec 2024 06:19:52 +0000 ROA not after: Thu 11 Dec 2025 06:24:52 +0000 asID: 8888 IP address blocks: 180.235.136.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 00:18:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:36:ce:7d:aa:5a:bc:63:4c:a7:42:da:ac:42:a3:41:b9:58:c2:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913250A0000, serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B Validity Not Before: Dec 12 06:19:52 2024 GMT Not After : Dec 11 06:24:52 2025 GMT Subject: CN=CB7BE83832E00113357B9044ED180F910A0E2ABA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:ed:60:4a:2e:e9:90:8b:13:b4:1d:19:d3:3d: 07:ae:9e:88:f3:f3:6f:df:1b:ba:d2:3b:97:1a:3d: 0c:10:f7:62:95:e4:d1:0a:d0:d9:89:91:bb:e1:d1: 9f:22:e3:62:9c:90:ed:7f:22:46:26:72:32:17:c1: 14:66:ab:57:d0:b0:d6:0e:6a:d4:26:e4:cd:7d:a0: d6:1c:c6:cb:2f:ab:10:60:4c:01:d4:22:5b:81:fe: 6f:a6:bb:c1:2b:88:c8:52:18:07:4d:06:d7:a2:be: d8:67:e8:c6:24:fc:09:04:6d:7c:bf:85:e9:b6:47: 9a:58:03:44:f3:e8:4e:bc:26:29:3b:7c:62:4d:03: 4c:7f:52:b7:a7:29:ce:af:e1:81:a3:47:7e:0f:d9: 76:a2:8c:81:23:cc:b3:da:9d:08:6e:fb:41:ef:ed: d2:a1:fc:11:dd:df:3d:f9:6e:e7:8d:f8:0e:e9:81: 39:98:c1:a7:84:7c:cf:00:92:d4:77:09:b5:3a:09: df:0e:cf:9c:2f:18:23:e6:70:09:57:7d:b0:a2:62: 0a:fe:87:8c:71:8f:76:22:da:4f:ed:d0:81:fd:14: 54:e0:df:8c:75:47:a0:99:70:8a:7b:be:29:a0:3f: a3:5c:9c:49:c5:95:da:a4:42:85:fc:36:0a:71:84: 3f:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:7B:E8:38:32:E0:01:13:35:7B:90:44:ED:18:0F:91:0A:0E:2A:BA X509v3 Authority Key Identifier: keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer Subject Information Access: Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3234203d3e2038383838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 180.235.136.0/22 Signature Algorithm: sha256WithRSAEncryption 7f:a5:85:10:70:10:04:c6:68:b5:42:32:3e:5f:42:57:ef:86: 3e:45:14:1d:5f:89:1d:88:db:70:90:d5:11:5b:88:5d:ea:5c: 86:58:a1:b9:ee:0e:81:33:30:12:65:39:33:3f:5a:23:5a:98: e4:c4:cd:0d:ce:f7:ac:f2:bf:77:db:de:22:ab:6e:ef:a2:3a: ee:0a:d6:ab:1c:43:a6:1b:76:d9:7a:14:da:d0:6b:98:05:c3: cc:87:5c:13:2b:78:73:9e:b8:37:66:c9:0f:aa:dc:04:93:0f: a1:39:f0:15:01:3d:3a:c2:71:d1:14:b2:96:10:7d:9b:17:76: 3c:5a:fa:60:0e:7e:9b:b2:17:78:7a:8c:f2:0b:ca:9b:a9:0c: c1:2d:16:1d:9f:ce:fb:7e:ba:03:7a:34:7c:b8:c6:e2:b6:dd: 8e:9f:fe:81:4d:1d:c9:cf:06:e1:52:d4:bd:42:53:c8:09:74: 8b:e6:55:04:f1:2c:de:39:69:13:e6:ac:bf:93:20:45:51:f3: 8c:a8:f1:98:b6:6b:de:65:70:b5:57:4b:1f:9c:98:bb:0f:16: 4e:d5:1c:06:13:22:47:2a:b2:5a:aa:77:72:b5:b2:ca:f4:72: a4:fd:cf:de:89:1e:2f:86:1e:73:d8:92:6a:85:ed:af:90:a4: 46:d3:b4:a6 -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUMTbOfapavGNMp0LarEKjQblYwqUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI0MTIxMjA2MTk1MloX DTI1MTIxMTA2MjQ1MlowMzExMC8GA1UEAxMoQ0I3QkU4MzgzMkUwMDExMzM1N0I5 MDQ0RUQxODBGOTEwQTBFMkFCQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKrtYEou6ZCLE7QdGdM9B66eiPPzb98butI7lxo9DBD3YpXk0QrQ2YmRu+HR nyLjYpyQ7X8iRiZyMhfBFGarV9Cw1g5q1CbkzX2g1hzGyy+rEGBMAdQiW4H+b6a7 wSuIyFIYB00G16K+2GfoxiT8CQRtfL+F6bZHmlgDRPPoTrwmKTt8Yk0DTH9St6cp zq/hgaNHfg/ZdqKMgSPMs9qdCG77Qe/t0qH8Ed3fPflu5434DumBOZjBp4R8zwCS 1HcJtToJ3w7PnC8YI+ZwCVd9sKJiCv6HjHGPdiLaT+3Qgf0UVODfjHVHoJlwinu+ KaA/o1ycScWV2qRChfw2CnGEP+ECAwEAAaOCAeowggHmMB0GA1UdDgQWBBTLe+g4 MuABEzV7kETtGA+RCg4qujAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h Lm5ldC9ycmRwL3hUb20vNDIvMzEzODMwMmUzMjMzMzUyZTMxMzMzNjJlMzAyZjMy MzIyZDMyMzQyMDNkM2UyMDM4MzgzODM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCtOuIMA0GCSqGSIb3 DQEBCwUAA4IBAQB/pYUQcBAExmi1QjI+X0JX74Y+RRQdX4kdiNtwkNURW4hd6lyG WKG57g6BMzASZTkzP1ojWpjkxM0Nzves8r93294iq27vojruCtarHEOmG3bZehTa 0GuYBcPMh1wTK3hznrg3ZskPqtwEkw+hOfAVAT06wnHRFLKWEH2bF3Y8WvpgDn6b shd4eozyC8qbqQzBLRYdn877froDejR8uMbitt2On/6BTR3JzwbhUtS9QlPICXSL 5lUE8SzeOWkT5qy/kyBFUfOMqPGYtmveZXC1V0sfnJi7DxZO1RwGEyJHKrJaqndy tbLK9HKk/c/eiR4vhh5z2JJqhe2vkKRG07Sm -----END CERTIFICATE-----Generated at Sat Apr 26 06:22:59 2025 by rpki-client on console.sobornost.net