Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3234203d3e2033323538.roa
File: 3138302e3233352e3133362e302f32322d3234203d3e2033323538.roa (raw, json)
Hash identifier: 7rljejRrrqEOqarZWl8ZH7E32QukCaHhhwY0bAZHFpo=
Subject key identifier: 70:A0:DD:84:CD:77:0D:6D:D6:A7:55:26:25:D6:01:D4:25:50:3D:14
Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B
Certificate serial: 1AEE1F9FB0675B7389B0C46F1F1F88C661620E5A
Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3234203d3e2033323538.roa
Signing time: Thu 12 Dec 2024 06:24:45 +0000
ROA not before: Thu 12 Dec 2024 06:19:45 +0000
ROA not after: Thu 11 Dec 2025 06:24:45 +0000
asID: 3258
IP address blocks: 180.235.136.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:ee:1f:9f:b0:67:5b:73:89:b0:c4:6f:1f:1f:88:c6:61:62:0e:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913250A0000
Validity
Not Before: Dec 12 06:19:45 2024 GMT
Not After : Dec 11 06:24:45 2025 GMT
Subject: CN=70A0DD84CD770D6DD6A7552625D601D425503D14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d8:81:a4:fd:d1:c0:a5:15:f5:b2:26:08:39:
fd:da:5e:3d:3e:7a:70:73:0a:02:26:eb:20:31:e0:
f2:f5:50:a2:39:21:60:ca:b7:cc:be:39:57:b5:fa:
df:fb:e9:4f:71:71:b7:8c:10:4b:29:98:fa:f8:34:
0c:37:6e:56:44:f2:30:c0:d3:03:b4:92:3f:b3:f3:
5d:e9:a9:79:7a:a1:4d:1c:34:59:db:4e:36:db:1f:
d8:87:f8:24:e8:c8:bc:ec:86:d0:3c:3c:04:d6:37:
6e:40:f6:0a:6c:96:70:e0:a7:15:25:3e:a9:19:65:
1e:28:b0:70:49:9a:af:f6:64:c7:e1:bd:c5:03:c2:
f0:0d:6a:9e:5b:11:01:71:b1:07:c6:02:63:22:4a:
5c:d2:97:0f:6d:fd:41:65:69:54:91:8c:15:b2:84:
0d:63:69:10:ff:2c:9c:28:5f:17:21:a8:b9:ca:0b:
19:83:63:2f:34:88:d8:30:17:06:a9:49:98:c7:a8:
42:66:6c:62:41:c9:1e:6e:52:45:e0:58:40:6f:1a:
25:59:da:cf:b6:11:e9:8c:05:f5:8b:fb:46:b1:56:
0e:39:60:cc:d4:93:b1:c4:ec:c4:3f:7f:fe:cd:b6:
da:69:15:1b:da:62:fe:7d:b4:30:d0:05:3a:d6:c6:
52:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A0:DD:84:CD:77:0D:6D:D6:A7:55:26:25:D6:01:D4:25:50:3D:14
X509v3 Authority Key Identifier:
keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3234203d3e2033323538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
180.235.136.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:8f:45:dd:69:88:37:9f:1a:26:81:7c:3a:60:82:83:f4:31:
67:e8:46:f5:1b:79:4c:9b:da:66:cd:3f:ee:11:e4:57:78:33:
b3:ef:c3:80:6c:0b:96:85:c9:8d:9d:3f:9c:44:25:32:95:ae:
e5:67:7e:c0:ac:f4:3d:39:04:63:ef:5e:8b:08:31:ee:ec:7b:
bc:08:53:bd:78:20:8f:7f:5e:78:62:a8:d1:4f:49:5c:94:4a:
fa:77:a1:71:69:9b:7d:2b:c9:b2:d3:8e:71:df:36:dd:ad:b6:
b4:99:54:a9:01:f6:11:60:1a:91:d8:8e:7a:ff:ac:80:c7:6a:
53:a7:66:ff:f6:2f:92:c7:23:67:e5:17:30:40:ee:f1:67:8b:
0e:59:31:46:7f:11:ed:45:08:e2:28:49:55:25:77:2f:96:a6:
cf:69:7b:f6:ab:99:c1:e0:5f:34:44:4e:cb:74:f5:ad:d9:7a:
2c:57:a0:2b:b7:13:d9:ea:45:5f:92:81:cd:97:50:4f:87:7f:
20:95:20:32:c3:7d:62:6b:a2:3c:b8:ff:0e:f9:b3:de:ce:0c:
ac:0e:38:1a:0d:99:91:f6:8a:17:8d:df:2f:96:19:1c:fb:8e:
80:11:7f:7e:1b:cc:e2:16:37:07:96:73:b0:f8:75:48:0b:3c:
1e:99:5b:b3
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIUGu4fn7BnW3OJsMRvHx+IxmFiDlowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB
NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI0MTIxMjA2MTk0NVoX
DTI1MTIxMTA2MjQ0NVowMzExMC8GA1UEAxMoNzBBMEREODRDRDc3MEQ2REQ2QTc1
NTI2MjVENjAxRDQyNTUwM0QxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOXYgaT90cClFfWyJgg5/dpePT56cHMKAibrIDHg8vVQojkhYMq3zL45V7X6
3/vpT3Fxt4wQSymY+vg0DDduVkTyMMDTA7SSP7PzXempeXqhTRw0WdtONtsf2If4
JOjIvOyG0Dw8BNY3bkD2CmyWcOCnFSU+qRllHiiwcEmar/Zkx+G9xQPC8A1qnlsR
AXGxB8YCYyJKXNKXD239QWVpVJGMFbKEDWNpEP8snChfFyGoucoLGYNjLzSI2DAX
BqlJmMeoQmZsYkHJHm5SReBYQG8aJVnaz7YR6YwF9Yv7RrFWDjlgzNSTscTsxD9/
/s222mkVG9pi/n20MNAFOtbGUoECAwEAAaOCAeowggHmMB0GA1UdDgQWBBRwoN2E
zXcNbdanVSYl1gHUJVA9FDAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He
GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp
LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE
NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi
cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx
RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j
ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDIvMzEzODMwMmUzMjMzMzUyZTMxMzMzNjJlMzAyZjMy
MzIyZDMyMzQyMDNkM2UyMDMzMzIzNTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCtOuIMA0GCSqGSIb3
DQEBCwUAA4IBAQC5j0XdaYg3nxomgXw6YIKD9DFn6Eb1G3lMm9pmzT/uEeRXeDOz
78OAbAuWhcmNnT+cRCUyla7lZ37ArPQ9OQRj716LCDHu7Hu8CFO9eCCPf154YqjR
T0lclEr6d6FxaZt9K8my045x3zbdrba0mVSpAfYRYBqR2I56/6yAx2pTp2b/9i+S
xyNn5RcwQO7xZ4sOWTFGfxHtRQjiKElVJXcvlqbPaXv2q5nB4F80RE7LdPWt2Xos
V6ArtxPZ6kVfkoHNl1BPh38glSAyw31ia6I8uP8O+bPezgysDjgaDZmR9ooXjd8v
lhkc+46AEX9+G8ziFjcHlnOw+HVICzwemVuz
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:01:00 2025 by rpki-client