Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3234203d3e2038383838.roa
File: 3138302e3233352e3133362e302f32322d3234203d3e2038383838.roa (raw, json)
Hash identifier: QbKuW5JSVD7SwP6FCC3P3TnaaLBUrOOiffHhmxAIliI=
Subject key identifier: CB:7B:E8:38:32:E0:01:13:35:7B:90:44:ED:18:0F:91:0A:0E:2A:BA
Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B
Certificate serial: 3136CE7DAA5ABC634CA742DAAC42A341B958C2A5
Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3234203d3e2038383838.roa
Signing time: Thu 12 Dec 2024 06:24:52 +0000
ROA not before: Thu 12 Dec 2024 06:19:52 +0000
ROA not after: Thu 11 Dec 2025 06:24:52 +0000
asID: 8888
IP address blocks: 180.235.136.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:36:ce:7d:aa:5a:bc:63:4c:a7:42:da:ac:42:a3:41:b9:58:c2:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913250A0000
Validity
Not Before: Dec 12 06:19:52 2024 GMT
Not After : Dec 11 06:24:52 2025 GMT
Subject: CN=CB7BE83832E00113357B9044ED180F910A0E2ABA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ed:60:4a:2e:e9:90:8b:13:b4:1d:19:d3:3d:
07:ae:9e:88:f3:f3:6f:df:1b:ba:d2:3b:97:1a:3d:
0c:10:f7:62:95:e4:d1:0a:d0:d9:89:91:bb:e1:d1:
9f:22:e3:62:9c:90:ed:7f:22:46:26:72:32:17:c1:
14:66:ab:57:d0:b0:d6:0e:6a:d4:26:e4:cd:7d:a0:
d6:1c:c6:cb:2f:ab:10:60:4c:01:d4:22:5b:81:fe:
6f:a6:bb:c1:2b:88:c8:52:18:07:4d:06:d7:a2:be:
d8:67:e8:c6:24:fc:09:04:6d:7c:bf:85:e9:b6:47:
9a:58:03:44:f3:e8:4e:bc:26:29:3b:7c:62:4d:03:
4c:7f:52:b7:a7:29:ce:af:e1:81:a3:47:7e:0f:d9:
76:a2:8c:81:23:cc:b3:da:9d:08:6e:fb:41:ef:ed:
d2:a1:fc:11:dd:df:3d:f9:6e:e7:8d:f8:0e:e9:81:
39:98:c1:a7:84:7c:cf:00:92:d4:77:09:b5:3a:09:
df:0e:cf:9c:2f:18:23:e6:70:09:57:7d:b0:a2:62:
0a:fe:87:8c:71:8f:76:22:da:4f:ed:d0:81:fd:14:
54:e0:df:8c:75:47:a0:99:70:8a:7b:be:29:a0:3f:
a3:5c:9c:49:c5:95:da:a4:42:85:fc:36:0a:71:84:
3f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7B:E8:38:32:E0:01:13:35:7B:90:44:ED:18:0F:91:0A:0E:2A:BA
X509v3 Authority Key Identifier:
keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3234203d3e2038383838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
180.235.136.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:a5:85:10:70:10:04:c6:68:b5:42:32:3e:5f:42:57:ef:86:
3e:45:14:1d:5f:89:1d:88:db:70:90:d5:11:5b:88:5d:ea:5c:
86:58:a1:b9:ee:0e:81:33:30:12:65:39:33:3f:5a:23:5a:98:
e4:c4:cd:0d:ce:f7:ac:f2:bf:77:db:de:22:ab:6e:ef:a2:3a:
ee:0a:d6:ab:1c:43:a6:1b:76:d9:7a:14:da:d0:6b:98:05:c3:
cc:87:5c:13:2b:78:73:9e:b8:37:66:c9:0f:aa:dc:04:93:0f:
a1:39:f0:15:01:3d:3a:c2:71:d1:14:b2:96:10:7d:9b:17:76:
3c:5a:fa:60:0e:7e:9b:b2:17:78:7a:8c:f2:0b:ca:9b:a9:0c:
c1:2d:16:1d:9f:ce:fb:7e:ba:03:7a:34:7c:b8:c6:e2:b6:dd:
8e:9f:fe:81:4d:1d:c9:cf:06:e1:52:d4:bd:42:53:c8:09:74:
8b:e6:55:04:f1:2c:de:39:69:13:e6:ac:bf:93:20:45:51:f3:
8c:a8:f1:98:b6:6b:de:65:70:b5:57:4b:1f:9c:98:bb:0f:16:
4e:d5:1c:06:13:22:47:2a:b2:5a:aa:77:72:b5:b2:ca:f4:72:
a4:fd:cf:de:89:1e:2f:86:1e:73:d8:92:6a:85:ed:af:90:a4:
46:d3:b4:a6
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIUMTbOfapavGNMp0LarEKjQblYwqUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB
NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI0MTIxMjA2MTk1MloX
DTI1MTIxMTA2MjQ1MlowMzExMC8GA1UEAxMoQ0I3QkU4MzgzMkUwMDExMzM1N0I5
MDQ0RUQxODBGOTEwQTBFMkFCQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKrtYEou6ZCLE7QdGdM9B66eiPPzb98butI7lxo9DBD3YpXk0QrQ2YmRu+HR
nyLjYpyQ7X8iRiZyMhfBFGarV9Cw1g5q1CbkzX2g1hzGyy+rEGBMAdQiW4H+b6a7
wSuIyFIYB00G16K+2GfoxiT8CQRtfL+F6bZHmlgDRPPoTrwmKTt8Yk0DTH9St6cp
zq/hgaNHfg/ZdqKMgSPMs9qdCG77Qe/t0qH8Ed3fPflu5434DumBOZjBp4R8zwCS
1HcJtToJ3w7PnC8YI+ZwCVd9sKJiCv6HjHGPdiLaT+3Qgf0UVODfjHVHoJlwinu+
KaA/o1ycScWV2qRChfw2CnGEP+ECAwEAAaOCAeowggHmMB0GA1UdDgQWBBTLe+g4
MuABEzV7kETtGA+RCg4qujAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He
GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp
LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE
NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi
cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx
RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j
ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDIvMzEzODMwMmUzMjMzMzUyZTMxMzMzNjJlMzAyZjMy
MzIyZDMyMzQyMDNkM2UyMDM4MzgzODM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCtOuIMA0GCSqGSIb3
DQEBCwUAA4IBAQB/pYUQcBAExmi1QjI+X0JX74Y+RRQdX4kdiNtwkNURW4hd6lyG
WKG57g6BMzASZTkzP1ojWpjkxM0Nzves8r93294iq27vojruCtarHEOmG3bZehTa
0GuYBcPMh1wTK3hznrg3ZskPqtwEkw+hOfAVAT06wnHRFLKWEH2bF3Y8WvpgDn6b
shd4eozyC8qbqQzBLRYdn877froDejR8uMbitt2On/6BTR3JzwbhUtS9QlPICXSL
5lUE8SzeOWkT5qy/kyBFUfOMqPGYtmveZXC1V0sfnJi7DxZO1RwGEyJHKrJaqndy
tbLK9HKk/c/eiR4vhh5z2JJqhe2vkKRG07Sm
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:22:57 2025 by rpki-client