Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/34352e3132342e3131322e302f32322d3234203d3e2038383838.roa
File: 34352e3132342e3131322e302f32322d3234203d3e2038383838.roa (raw, json)
Hash identifier: ZrvYS50YQF552hC3f+cs9XyoGFb0P/9oEvKFKmLIhAI=
Subject key identifier: C5:85:94:63:C1:61:22:54:81:B8:DF:A4:44:92:AA:0B:2E:C3:CA:4F
Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B
Certificate serial: 77B5E286235C1049805FCC63BF323C5B371AB610
Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/34352e3132342e3131322e302f32322d3234203d3e2038383838.roa
Signing time: Thu 12 Dec 2024 06:25:32 +0000
ROA not before: Thu 12 Dec 2024 06:20:32 +0000
ROA not after: Thu 11 Dec 2025 06:25:32 +0000
asID: 8888
IP address blocks: 45.124.112.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:b5:e2:86:23:5c:10:49:80:5f:cc:63:bf:32:3c:5b:37:1a:b6:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913250A0000
Validity
Not Before: Dec 12 06:20:32 2024 GMT
Not After : Dec 11 06:25:32 2025 GMT
Subject: CN=C5859463C161225481B8DFA44492AA0B2EC3CA4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:aa:64:d5:88:41:1f:35:1c:ca:31:3d:50:96:
cb:9e:50:a8:2a:f2:19:83:c5:a4:62:38:c1:5b:c3:
88:43:75:22:81:f0:24:a8:2c:a6:b8:81:69:f3:05:
8a:cf:e4:65:83:21:50:4f:3c:3a:81:27:35:4b:3f:
4d:5e:0b:52:bb:cc:23:e4:08:fb:4f:e5:c8:19:9a:
c3:0a:1a:18:ce:17:e0:d9:ee:aa:10:06:3c:85:a5:
19:0e:71:61:7e:a9:fc:68:be:97:27:f2:d7:7d:64:
7e:b6:ee:a0:93:48:3b:a9:c2:9e:2d:cb:69:5c:a3:
1b:8f:af:fc:91:53:a5:47:e8:08:50:2f:d3:76:64:
61:c7:af:b1:84:e6:f5:5e:9e:a6:f0:7a:f3:86:f3:
c0:f5:b7:da:d4:18:c2:b2:52:3e:fa:0a:42:2b:42:
3d:81:5d:17:5c:57:37:73:8b:9a:79:df:ee:3a:13:
56:0f:63:36:36:df:59:ee:24:33:4c:cf:2c:2e:60:
9c:b9:d6:cd:9b:fd:39:74:2b:a7:14:64:3c:b9:67:
f7:37:f0:00:7a:70:e2:ad:33:2f:1e:2c:d7:78:c9:
cc:60:bc:f2:c5:14:2b:a8:be:5e:68:c7:9c:73:9c:
e5:9e:c6:43:a2:8d:bb:4b:ba:17:37:35:bd:8a:da:
12:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:85:94:63:C1:61:22:54:81:B8:DF:A4:44:92:AA:0B:2E:C3:CA:4F
X509v3 Authority Key Identifier:
keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/34352e3132342e3131322e302f32322d3234203d3e2038383838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.124.112.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:b0:e7:8f:ec:d8:aa:04:61:a5:00:77:a1:76:1a:c8:49:94:
aa:8d:39:99:f8:f4:cd:ff:f4:8f:ed:78:74:35:bd:db:09:3a:
b5:87:b8:93:25:12:af:d2:e9:98:29:19:8b:e7:7e:ce:34:f8:
1e:2c:6b:f5:89:07:fb:44:4d:01:f9:f3:cb:70:51:e3:d7:2f:
f4:90:80:ba:0a:d5:9d:f3:f4:0c:0f:a2:8e:e2:3a:ef:04:cb:
28:44:1a:7f:bc:d7:cb:70:59:9c:2a:43:17:7a:6e:fa:e7:dd:
92:da:23:0e:ea:02:eb:29:ec:15:54:04:53:b6:05:09:2a:8f:
b1:41:5a:6e:f3:b0:98:97:66:a0:c3:97:c9:b2:02:39:3f:b5:
9e:ca:64:2c:59:22:32:1c:56:de:ef:44:05:6b:c2:f5:1b:57:
72:48:5d:32:c6:f8:c4:33:75:c1:b1:95:6c:6f:60:38:74:32:
90:85:5f:d7:cc:ae:f0:25:b9:03:1e:e8:37:80:9f:7c:da:e3:
70:84:fa:ac:27:0f:27:64:fc:0e:f0:36:bd:b8:53:d9:26:5c:
f0:bb:bc:7e:28:75:e4:fd:ab:ae:5b:e7:22:64:ea:b6:d5:66:
c8:ab:f9:c2:9d:99:09:b2:f1:33:78:26:9f:5c:17:fe:58:f6:
56:43:f3:d2
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIUd7XihiNcEEmAX8xjvzI8WzcathAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB
NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI0MTIxMjA2MjAzMloX
DTI1MTIxMTA2MjUzMlowMzExMC8GA1UEAxMoQzU4NTk0NjNDMTYxMjI1NDgxQjhE
RkE0NDQ5MkFBMEIyRUMzQ0E0RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiqZNWIQR81HMoxPVCWy55QqCryGYPFpGI4wVvDiEN1IoHwJKgspriBafMF
is/kZYMhUE88OoEnNUs/TV4LUrvMI+QI+0/lyBmawwoaGM4X4NnuqhAGPIWlGQ5x
YX6p/Gi+lyfy131kfrbuoJNIO6nCni3LaVyjG4+v/JFTpUfoCFAv03ZkYcevsYTm
9V6epvB684bzwPW32tQYwrJSPvoKQitCPYFdF1xXN3OLmnnf7joTVg9jNjbfWe4k
M0zPLC5gnLnWzZv9OXQrpxRkPLln9zfwAHpw4q0zLx4s13jJzGC88sUUK6i+XmjH
nHOc5Z7GQ6KNu0u6Fzc1vYraEncCAwEAAaOCAegwggHkMB0GA1UdDgQWBBTFhZRj
wWEiVIG436REkqoLLsPKTzAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He
GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp
LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE
NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi
cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx
RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j
ZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDIvMzQzNTJlMzEzMjM0MmUzMTMxMzIyZTMwMmYzMjMy
MmQzMjM0MjAzZDNlMjAzODM4MzgzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi18cDANBgkqhkiG9w0B
AQsFAAOCAQEAPrDnj+zYqgRhpQB3oXYayEmUqo05mfj0zf/0j+14dDW92wk6tYe4
kyUSr9LpmCkZi+d+zjT4Hixr9YkH+0RNAfnzy3BR49cv9JCAugrVnfP0DA+ijuI6
7wTLKEQaf7zXy3BZnCpDF3pu+ufdktojDuoC6ynsFVQEU7YFCSqPsUFabvOwmJdm
oMOXybICOT+1nspkLFkiMhxW3u9EBWvC9RtXckhdMsb4xDN1wbGVbG9gOHQykIVf
18yu8CW5Ax7oN4CffNrjcIT6rCcPJ2T8DvA2vbhT2SZc8Lu8fih15P2rrlvnImTq
ttVmyKv5wp2ZCbLxM3gmn1wX/lj2VkPz0g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:26:28 2025 by rpki-client