Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133372e302f32342d3332203d3e2033323538.roa
File: 3138302e3233352e3133372e302f32342d3332203d3e2033323538.roa (raw, json)
Hash identifier: ndq0LGrdRAIfChD7aMbaP54wYrqoXqIBNh0lVfJSFaU=
Subject key identifier: B7:63:54:AF:04:36:A8:9B:06:F9:4F:96:32:FF:41:C0:76:1A:4B:96
Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B
Certificate serial: 21B65ACBB0D52514E427696BF46C95CD9BE0F794
Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133372e302f32342d3332203d3e2033323538.roa
Signing time: Thu 06 Mar 2025 06:39:59 +0000
ROA not before: Thu 06 Mar 2025 06:34:59 +0000
ROA not after: Thu 05 Mar 2026 06:39:59 +0000
asID: 3258
IP address blocks: 180.235.137.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:b6:5a:cb:b0:d5:25:14:e4:27:69:6b:f4:6c:95:cd:9b:e0:f7:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913250A0000
Validity
Not Before: Mar 6 06:34:59 2025 GMT
Not After : Mar 5 06:39:59 2026 GMT
Subject: CN=B76354AF0436A89B06F94F9632FF41C0761A4B96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:75:f7:4c:05:5d:2d:5b:87:78:62:06:79:4e:
3e:5f:26:29:53:9c:68:70:3d:c6:f9:47:87:70:6c:
1a:d1:73:c6:2c:04:31:77:05:78:33:61:92:af:64:
fd:11:e4:fa:bf:5f:ea:9b:89:af:95:5b:39:99:ae:
29:57:85:ed:78:e2:bf:40:ce:12:35:41:12:1c:c9:
27:bf:2a:9f:5c:47:46:29:1d:fc:5c:7f:ca:b8:5c:
7f:1c:ed:84:6b:5d:e6:ea:a6:1d:f3:01:77:31:ed:
3b:cf:a9:22:13:d1:94:5a:df:9d:de:dd:12:5e:fc:
03:f5:5e:ac:d9:1f:3a:86:1b:da:1b:6e:29:48:29:
dd:7c:e8:7b:9c:b8:87:8c:41:fb:16:0f:98:b9:f5:
0d:92:6d:0c:93:15:21:6a:79:79:db:2b:9f:7c:62:
b6:22:59:79:57:b3:2f:58:7c:41:de:4f:f8:1b:6a:
88:97:9a:13:b1:59:e4:34:d0:ad:19:68:5d:bc:55:
cf:31:5d:9a:12:b3:9f:0d:a0:2f:bd:a3:41:07:78:
29:4c:98:f9:84:4d:3a:c0:01:1d:da:6e:af:34:20:
79:06:26:6d:45:c3:5c:ca:bd:c6:65:1b:1a:6a:d3:
10:bf:76:0a:64:01:4a:13:6b:3d:2d:1a:5f:d9:ad:
90:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:63:54:AF:04:36:A8:9B:06:F9:4F:96:32:FF:41:C0:76:1A:4B:96
X509v3 Authority Key Identifier:
keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133372e302f32342d3332203d3e2033323538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
180.235.137.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:d9:ba:c3:7e:bb:7b:a5:ed:30:87:25:a6:45:89:b4:66:77:
b0:9d:b4:a1:a1:f3:de:96:1b:d3:4d:8e:1c:21:03:b0:ec:e8:
b0:6b:81:2a:e0:b6:86:9c:c2:f1:da:e8:4c:29:36:46:2b:2d:
17:84:69:b0:0b:7c:ab:be:f9:81:90:cb:28:f2:e4:67:23:06:
45:44:f9:95:86:0d:e0:a8:b9:25:7a:dd:9b:10:43:8f:eb:f7:
e3:3a:bd:61:bd:95:62:35:f4:54:c9:32:bb:1f:dc:73:c6:e5:
37:c6:bb:ad:2d:8c:0f:7c:ed:34:20:d8:9d:ec:0c:62:db:db:
dd:93:2b:e4:0b:f0:8c:8b:a2:a7:ec:73:19:32:3b:2f:b8:0e:
3a:ce:44:19:2e:b4:e6:cd:f9:6e:a3:e5:8e:5a:98:ee:08:0b:
da:b4:ec:07:e1:70:3e:09:e6:17:e5:e7:b1:1e:fd:b6:da:8c:
92:5b:39:5e:f9:87:a0:ba:26:74:37:b9:1e:b9:32:7a:01:5c:
70:c0:5f:c7:a6:76:a1:65:18:76:92:2c:ff:fb:fb:0d:35:b1:
84:47:f5:2d:ea:cf:70:9a:91:e8:84:da:13:fc:1b:b5:cd:f0:
94:38:19:c6:e0:a7:58:b6:52:3f:12:80:bf:c8:b8:31:12:4a:
57:72:dd:0a
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIUIbZay7DVJRTkJ2lr9GyVzZvg95QwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB
NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI1MDMwNjA2MzQ1OVoX
DTI2MDMwNTA2Mzk1OVowMzExMC8GA1UEAxMoQjc2MzU0QUYwNDM2QTg5QjA2Rjk0
Rjk2MzJGRjQxQzA3NjFBNEI5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALF190wFXS1bh3hiBnlOPl8mKVOcaHA9xvlHh3BsGtFzxiwEMXcFeDNhkq9k
/RHk+r9f6puJr5VbOZmuKVeF7Xjiv0DOEjVBEhzJJ78qn1xHRikd/Fx/yrhcfxzt
hGtd5uqmHfMBdzHtO8+pIhPRlFrfnd7dEl78A/VerNkfOoYb2htuKUgp3Xzoe5y4
h4xB+xYPmLn1DZJtDJMVIWp5edsrn3xitiJZeVezL1h8Qd5P+BtqiJeaE7FZ5DTQ
rRloXbxVzzFdmhKznw2gL72jQQd4KUyY+YRNOsABHdpurzQgeQYmbUXDXMq9xmUb
GmrTEL92CmQBShNrPS0aX9mtkPsCAwEAAaOCAeowggHmMB0GA1UdDgQWBBS3Y1Sv
BDaomwb5T5Yy/0HAdhpLljAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He
GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp
LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE
NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi
cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx
RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j
ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDIvMzEzODMwMmUzMjMzMzUyZTMxMzMzNzJlMzAyZjMy
MzQyZDMzMzIyMDNkM2UyMDMzMzIzNTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtOuJMA0GCSqGSIb3
DQEBCwUAA4IBAQBd2brDfrt7pe0whyWmRYm0ZnewnbShofPelhvTTY4cIQOw7Oiw
a4Eq4LaGnMLx2uhMKTZGKy0XhGmwC3yrvvmBkMso8uRnIwZFRPmVhg3gqLklet2b
EEOP6/fjOr1hvZViNfRUyTK7H9xzxuU3xrutLYwPfO00INid7Axi29vdkyvkC/CM
i6Kn7HMZMjsvuA46zkQZLrTmzfluo+WOWpjuCAvatOwH4XA+CeYX5eexHv222oyS
Wzle+YeguiZ0N7keuTJ6AVxwwF/HpnahZRh2kiz/+/sNNbGER/Ut6s9wmpHohNoT
/Bu1zfCUOBnG4KdYtlI/EoC/yLgxEkpXct0K
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:28:04 2025 by rpki-client