Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/34352e3131362e31322e302f32322d3234203d3e2038383838.roa
File: 34352e3131362e31322e302f32322d3234203d3e2038383838.roa (raw, json)
Hash identifier: 0IFzsgdmIkTePGQbwUiKnfwbtvZN1COce0Ht2Uow9js=
Subject key identifier: 12:50:2A:F8:4B:C8:7A:EE:98:8F:95:9C:66:6D:53:6A:EC:22:F4:C8
Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B
Certificate serial: 0937BBA8651BBCEF5AD221FB72D77EA4A4B0F536
Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/34352e3131362e31322e302f32322d3234203d3e2038383838.roa
Signing time: Thu 12 Dec 2024 06:24:23 +0000
ROA not before: Thu 12 Dec 2024 06:19:23 +0000
ROA not after: Thu 11 Dec 2025 06:24:23 +0000
asID: 8888
IP address blocks: 45.116.12.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:37:bb:a8:65:1b:bc:ef:5a:d2:21:fb:72:d7:7e:a4:a4:b0:f5:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913250A0000
Validity
Not Before: Dec 12 06:19:23 2024 GMT
Not After : Dec 11 06:24:23 2025 GMT
Subject: CN=12502AF84BC87AEE988F959C666D536AEC22F4C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:29:8b:a5:7c:53:cb:2c:8e:5f:24:a5:c4:7d:
de:14:74:a0:38:cf:35:f7:a4:de:cb:09:d7:ea:e7:
7b:2b:93:3a:6a:86:76:90:8d:a8:bc:e8:70:98:b4:
b8:68:39:d2:5f:e3:ec:e9:ea:ea:45:35:db:f3:29:
fb:47:c1:05:bf:6a:e5:8f:46:3a:7e:d0:11:0e:a5:
97:eb:1d:f0:21:26:75:6d:e2:c3:e5:75:1e:62:87:
88:1b:59:8e:4d:e0:35:05:c2:f2:e0:f0:3d:6a:7c:
4b:77:9f:80:b3:ec:ac:b5:88:30:9f:15:62:99:cd:
8f:bf:e4:ee:ae:54:92:ca:fb:60:83:73:e3:88:3c:
2e:00:12:3d:9d:b3:52:3c:9a:35:b7:10:8c:36:f4:
86:b5:fd:f0:4d:a2:5f:b6:b0:58:95:42:82:c5:71:
55:0e:b9:ee:bf:68:18:d2:47:7f:b5:42:63:a1:18:
9b:87:b0:bd:cf:ad:cc:e9:b2:46:ff:0d:d1:68:c4:
ba:97:2d:44:8e:2c:63:38:94:b7:a5:22:60:e7:46:
94:19:50:a8:fd:50:16:70:49:0c:31:3c:24:d9:49:
e0:67:16:ea:41:c9:05:50:fd:49:90:9d:62:19:4f:
34:6e:e3:0a:47:54:d1:44:c6:03:d5:27:ce:a0:e6:
fb:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:50:2A:F8:4B:C8:7A:EE:98:8F:95:9C:66:6D:53:6A:EC:22:F4:C8
X509v3 Authority Key Identifier:
keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/34352e3131362e31322e302f32322d3234203d3e2038383838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.116.12.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:c1:0c:9a:e5:c0:e7:fc:f8:6e:90:b3:34:ed:43:99:e8:3b:
70:90:5e:9f:09:73:f0:00:fc:b4:4a:77:46:13:b3:42:57:cf:
67:88:7e:ef:b2:ed:dd:13:49:0d:c4:4c:59:bb:92:44:42:4c:
e6:01:b3:46:1f:15:e4:64:6a:4a:74:75:25:ba:b5:94:f5:ec:
ed:bb:27:9d:88:1e:14:b7:d4:7e:71:cf:b4:dc:2d:63:c2:77:
c9:6c:25:85:b3:74:ca:1c:fa:54:5b:28:74:07:38:8b:66:7a:
b6:18:14:ac:28:71:d8:eb:84:e5:51:19:1f:c6:b7:26:36:d8:
00:86:44:2d:6d:47:71:e4:f7:da:f9:d1:ee:1f:57:8d:e5:b6:
58:11:71:3d:51:98:25:33:7e:e6:b8:c5:f8:81:51:fe:68:3f:
fd:e3:1b:83:67:df:4a:40:75:77:b9:4b:66:17:ac:0f:99:fe:
13:bf:a9:73:b9:89:95:48:eb:57:06:4b:67:4c:05:79:03:24:
06:1a:ec:d8:a7:af:00:92:e4:6c:cb:02:bb:82:0c:51:97:4c:
74:e2:00:be:2e:15:fd:b8:d0:2d:12:37:83:03:b6:1e:96:87:
c0:bd:27:31:5c:5e:0c:4e:e7:14:5a:72:c9:ce:4c:48:74:6c:
46:00:2e:af
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIUCTe7qGUbvO9a0iH7ctd+pKSw9TYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB
NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI0MTIxMjA2MTkyM1oX
DTI1MTIxMTA2MjQyM1owMzExMC8GA1UEAxMoMTI1MDJBRjg0QkM4N0FFRTk4OEY5
NTlDNjY2RDUzNkFFQzIyRjRDODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4pi6V8U8ssjl8kpcR93hR0oDjPNfek3ssJ1+rneyuTOmqGdpCNqLzocJi0
uGg50l/j7Onq6kU12/Mp+0fBBb9q5Y9GOn7QEQ6ll+sd8CEmdW3iw+V1HmKHiBtZ
jk3gNQXC8uDwPWp8S3efgLPsrLWIMJ8VYpnNj7/k7q5Uksr7YINz44g8LgASPZ2z
UjyaNbcQjDb0hrX98E2iX7awWJVCgsVxVQ657r9oGNJHf7VCY6EYm4ewvc+tzOmy
Rv8N0WjEupctRI4sYziUt6UiYOdGlBlQqP1QFnBJDDE8JNlJ4GcW6kHJBVD9SZCd
YhlPNG7jCkdU0UTGA9UnzqDm+5kCAwEAAaOCAeYwggHiMB0GA1UdDgQWBBQSUCr4
S8h67piPlZxmbVNq7CL0yDAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He
GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp
LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE
NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi
cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx
RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j
ZXIwdAYIKwYBBQUHAQsEaDBmMGQGCCsGAQUFBzALhlhyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDIvMzQzNTJlMzEzMTM2MmUzMTMyMmUzMDJmMzIzMjJk
MzIzNDIwM2QzZTIwMzgzODM4Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAItdAwwDQYJKoZIhvcNAQEL
BQADggEBAKnBDJrlwOf8+G6QszTtQ5noO3CQXp8Jc/AA/LRKd0YTs0JXz2eIfu+y
7d0TSQ3ETFm7kkRCTOYBs0YfFeRkakp0dSW6tZT17O27J52IHhS31H5xz7TcLWPC
d8lsJYWzdMoc+lRbKHQHOItmerYYFKwocdjrhOVRGR/GtyY22ACGRC1tR3Hk99r5
0e4fV43ltlgRcT1RmCUzfua4xfiBUf5oP/3jG4Nn30pAdXe5S2YXrA+Z/hO/qXO5
iZVI61cGS2dMBXkDJAYa7NinrwCS5GzLAruCDFGXTHTiAL4uFf240C0SN4MDth6W
h8C9JzFcXgxO5xRacsnOTEh0bEYALq8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:21:40 2025 by rpki-client