Route Origin Authorization
$ rpki-client -vvf rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3332203d3e2039333132.roa
File: 3138302e3233352e3133362e302f32322d3332203d3e2039333132.roa (raw, json)
Hash identifier: lW2/fc4/wvMxp/fL9pvtCp6oAHhd5IEZ0JrDs5edNJo=
Subject key identifier: A7:5B:44:00:22:EA:5E:05:EC:11:D4:6D:E2:25:89:F3:E7:B1:28:70
Certificate issuer: /CN=A913250A0000/serialNumber=73683CF31A4147336D82C5218D7389B5D741DE1B
Certificate serial: 1AD4C86FAC0047349BB516D0AF19C483BB30EDCF
Authority key identifier: 73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
Subject info access: rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3332203d3e2039333132.roa
Signing time: Thu 06 Mar 2025 06:39:59 +0000
ROA not before: Thu 06 Mar 2025 06:34:59 +0000
ROA not after: Thu 05 Mar 2026 06:39:59 +0000
asID: 9312
IP address blocks: 180.235.136.0/22 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:d4:c8:6f:ac:00:47:34:9b:b5:16:d0:af:19:c4:83:bb:30:ed:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913250A0000
Validity
Not Before: Mar 6 06:34:59 2025 GMT
Not After : Mar 5 06:39:59 2026 GMT
Subject: CN=A75B440022EA5E05EC11D46DE22589F3E7B12870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d4:4c:e5:d5:07:e4:ab:62:6f:4a:81:87:09:
57:fc:9d:77:a0:70:b7:a6:b7:81:37:17:1f:14:3b:
a3:0a:1f:1f:69:d5:ed:d7:67:8f:7d:c1:28:f6:58:
68:9f:c6:d2:76:fe:69:69:48:2a:40:37:59:33:47:
50:ef:03:83:7f:b9:dc:75:df:27:f6:68:2e:4b:c7:
67:a6:12:19:cb:67:b4:94:11:8b:07:8a:4c:3c:86:
fd:ae:b2:ef:d2:3c:2a:2d:92:20:3a:d6:45:fe:e4:
02:71:ed:86:74:0c:0b:b0:c7:da:35:64:bc:03:e6:
61:47:8b:1e:20:68:58:20:bb:33:77:b3:20:9d:63:
d4:f6:f3:99:c6:cc:43:7d:9b:46:c4:fd:05:5f:2f:
c2:4f:bb:b4:13:3c:f5:7f:85:bb:13:b8:71:7b:71:
2c:2f:ed:b6:b9:b0:0f:52:b6:44:5c:3a:3c:11:30:
b9:b5:3a:cb:5f:f6:d8:3c:31:09:22:43:19:60:b7:
f8:1d:f3:47:43:b3:8b:5b:f6:f2:2f:28:92:56:2a:
be:ca:d0:02:cd:77:2a:41:eb:41:b3:94:30:0a:c5:
e6:cf:63:e8:0d:6c:80:3f:67:08:8e:7d:47:ca:09:
08:aa:a6:ef:55:9a:c5:37:1f:2f:e0:3b:fb:46:43:
d6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:5B:44:00:22:EA:5E:05:EC:11:D4:6D:E2:25:89:F3:E7:B1:28:70
X509v3 Authority Key Identifier:
keyid:73:68:3C:F3:1A:41:47:33:6D:82:C5:21:8D:73:89:B5:D7:41:DE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.roa.net/rrdp/xTom/42/73683CF31A4147336D82C5218D7389B5D741DE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c2g88xpBRzNtgsUhjXOJtddB3hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/42/3138302e3233352e3133362e302f32322d3332203d3e2039333132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
180.235.136.0/22
Signature Algorithm: sha256WithRSAEncryption
89:6b:49:b0:d5:74:25:8e:20:7c:c7:12:7c:99:58:ff:61:12:
10:a1:ce:c3:6d:d3:57:99:79:43:f1:08:3f:2f:90:6e:ad:64:
af:1f:10:1d:ca:88:d9:7e:01:0a:f9:c9:83:c8:28:e4:cf:64:
60:ec:a3:f5:06:cc:e9:06:86:90:85:c4:27:3a:44:1c:d1:a1:
b2:fc:d6:42:57:0b:49:4a:b4:5c:e9:49:27:3b:f9:e7:71:a8:
7c:56:f5:a9:aa:c5:95:c6:19:ec:06:4f:77:ea:6a:12:6b:3f:
a9:75:17:4d:b5:46:cd:f1:a9:46:16:aa:6e:fe:a5:e7:2f:4c:
8f:57:75:fe:fb:82:f1:00:e5:42:df:d1:33:a3:62:46:5d:44:
ea:26:22:df:bc:55:5b:a4:6e:6a:a8:01:79:91:1c:26:93:e5:
4a:36:8e:55:54:8a:f7:5a:68:13:e1:39:a9:b0:95:b9:93:2d:
84:2a:ad:33:54:33:ef:da:e9:80:6a:83:07:81:ab:c4:93:d4:
f6:6b:20:c0:57:29:46:a6:0c:41:04:f7:a3:aa:ca:ff:f1:4a:
d4:d4:58:22:df:84:ad:e5:29:e2:f9:90:6a:05:1a:6e:2f:c4:
b3:2b:c1:f4:6b:ea:0c:f9:47:40:51:f6:9e:a7:c2:38:bb:18:
0f:a0:d0:b8
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIUGtTIb6wARzSbtRbQrxnEg7sw7c8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMzI1MEEwMDAwMTEwLwYDVQQFEyg3MzY4M0NGMzFB
NDE0NzMzNkQ4MkM1MjE4RDczODlCNUQ3NDFERTFCMB4XDTI1MDMwNjA2MzQ1OVoX
DTI2MDMwNTA2Mzk1OVowMzExMC8GA1UEAxMoQTc1QjQ0MDAyMkVBNUUwNUVDMTFE
NDZERTIyNTg5RjNFN0IxMjg3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALbUTOXVB+SrYm9KgYcJV/ydd6Bwt6a3gTcXHxQ7owofH2nV7ddnj33BKPZY
aJ/G0nb+aWlIKkA3WTNHUO8Dg3+53HXfJ/ZoLkvHZ6YSGctntJQRiweKTDyG/a6y
79I8Ki2SIDrWRf7kAnHthnQMC7DH2jVkvAPmYUeLHiBoWCC7M3ezIJ1j1PbzmcbM
Q32bRsT9BV8vwk+7tBM89X+FuxO4cXtxLC/ttrmwD1K2RFw6PBEwubU6y1/22Dwx
CSJDGWC3+B3zR0Ozi1v28i8oklYqvsrQAs13KkHrQbOUMArF5s9j6A1sgD9nCI59
R8oJCKqm71WaxTcfL+A7+0ZD1jcCAwEAAaOCAeowggHmMB0GA1UdDgQWBBSnW0QA
IupeBewR1G3iJYnz57EocDAfBgNVHSMEGDAWgBRzaDzzGkFHM22CxSGNc4m110He
GzAOBgNVHQ8BAf8EBAMCB4AwXwYDVR0fBFgwVjBUoFKgUIZOcnN5bmM6Ly9ycGtp
LnJvYS5uZXQvcnJkcC94VG9tLzQyLzczNjgzQ0YzMUE0MTQ3MzM2RDgyQzUyMThE
NzM4OUI1RDc0MURFMUIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZi
cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjEx
RTJCQjQ2OEY3QzcyRkQxRkYyL2MyZzg4eHBCUnpOdGdzVWhqWE9KdGRkQjNocy5j
ZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jwa2kucm9h
Lm5ldC9ycmRwL3hUb20vNDIvMzEzODMwMmUzMjMzMzUyZTMxMzMzNjJlMzAyZjMy
MzIyZDMzMzIyMDNkM2UyMDM5MzMzMTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCtOuIMA0GCSqGSIb3
DQEBCwUAA4IBAQCJa0mw1XQljiB8xxJ8mVj/YRIQoc7DbdNXmXlD8Qg/L5BurWSv
HxAdyojZfgEK+cmDyCjkz2Rg7KP1BszpBoaQhcQnOkQc0aGy/NZCVwtJSrRc6Ukn
O/nncah8VvWpqsWVxhnsBk936moSaz+pdRdNtUbN8alGFqpu/qXnL0yPV3X++4Lx
AOVC39Ezo2JGXUTqJiLfvFVbpG5qqAF5kRwmk+VKNo5VVIr3WmgT4TmpsJW5ky2E
Kq0zVDPv2umAaoMHgavEk9T2ayDAVylGpgxBBPejqsr/8UrU1Fgi34St5Sni+ZBq
BRpuL8SzK8H0a+oM+UdAUfaep8I4uxgPoNC4
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:18:23 2025 by rpki-client