Route Origin Authorization
$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a383363303a3a2f34342d3438203d3e20323039363532.roa
File: 326131323a646434373a383363303a3a2f34342d3438203d3e20323039363532.roa (raw, json)
Hash identifier: x5NNkTn4rGYd3c0/oaNiPQQhE7F549S6Z2nlz9I66Uw=
Subject key identifier: 69:7F:EA:79:DE:7C:2C:33:FC:BE:21:82:FD:35:63:28:E0:5A:BD:33
Certificate issuer: /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial: 7564DF1E074CF6C0CD40BF943A590E22339400B3
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access: rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access: rsync://rpki.co/repo/AS945/1/326131323a646434373a383363303a3a2f34342d3438203d3e20323039363532.roa
Signing time: Tue 17 Oct 2023 16:13:33 +0000
ROA not before: Tue 17 Oct 2023 16:08:33 +0000
ROA not after: Tue 15 Oct 2024 16:13:33 +0000
asID: 209652
IP address blocks: 2a12:dd47:83c0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:64:df:1e:07:4c:f6:c0:cd:40:bf:94:3a:59:0e:22:33:94:00:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Validity
Not Before: Oct 17 16:08:33 2023 GMT
Not After : Oct 15 16:13:33 2024 GMT
Subject: CN=697FEA79DE7C2C33FCBE2182FD356328E05ABD33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:af:6a:a0:6c:25:20:50:ce:e0:3f:73:92:31:
22:97:1d:b8:a3:d3:89:2e:d5:86:5c:87:e9:8a:0f:
8d:c4:56:50:dc:7f:4e:fe:73:1d:28:9b:0f:e0:90:
a6:26:42:3b:a6:bb:2b:e6:23:92:61:02:20:70:7f:
51:65:48:04:8e:01:bc:bd:20:36:2d:db:c8:f4:f0:
07:1d:13:0c:c6:ea:8a:24:33:13:57:fa:18:cf:7d:
df:35:ec:4e:ce:19:33:ec:e8:19:5b:09:0e:ed:02:
10:83:89:0e:6c:43:c3:84:83:fa:10:51:21:a8:77:
7d:4e:46:7f:75:69:c5:f1:86:33:06:b2:08:3f:e4:
6f:1c:a4:77:ca:ef:9b:29:8d:80:ab:5e:51:20:77:
c1:e7:06:9d:08:24:12:71:2e:f9:3e:d2:73:44:e2:
50:21:d2:03:26:26:6a:d5:c5:84:92:cb:4e:6e:42:
60:a7:c0:f8:6b:1a:32:9f:48:61:9b:35:b3:47:2d:
54:d2:45:9a:92:93:f7:d1:8c:6d:4a:08:a6:d2:4b:
ff:14:51:3a:a0:40:ac:b1:12:be:80:6e:4e:55:61:
8e:e6:62:43:21:40:c2:b9:00:5c:78:27:a9:ff:29:
e6:2b:88:ec:42:b6:31:a1:f2:94:84:1e:82:98:f4:
03:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:7F:EA:79:DE:7C:2C:33:FC:BE:21:82:FD:35:63:28:E0:5A:BD:33
X509v3 Authority Key Identifier:
keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a383363303a3a2f34342d3438203d3e20323039363532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:83c0::/44
Signature Algorithm: sha256WithRSAEncryption
9e:cb:81:b6:aa:21:3d:56:4b:01:b4:3a:06:3d:df:44:80:7d:
62:f2:2e:2d:ae:11:42:97:3d:74:3e:98:18:a5:18:31:f2:fb:
8e:f7:6d:61:9a:be:f6:d5:2e:19:4c:c2:ff:98:a6:d8:6f:9d:
4f:37:1d:43:26:97:b4:8d:2d:5c:3f:cc:74:9f:9c:c6:e4:ea:
ed:8b:63:a3:31:c0:cf:81:da:5d:e5:28:3d:0e:13:84:68:f6:
4d:63:55:09:f8:67:b0:7b:c3:54:57:01:7a:c2:9c:9a:da:ff:
b7:1e:cc:5e:2c:b3:ae:b6:ec:8d:e4:6a:b5:0a:fd:91:30:60:
9d:24:a9:84:86:01:ca:6c:cd:54:d7:e4:2f:bc:27:03:36:f4:
fb:d3:8a:a5:34:c7:9c:81:4f:c0:e6:41:1a:61:54:53:8e:01:
52:2a:24:39:8c:eb:11:fa:0e:fa:52:74:24:2a:64:72:25:43:
48:52:de:14:cb:a0:86:51:7b:c4:96:d4:77:3e:d3:45:56:fd:
1a:5b:5f:c8:7d:ed:99:0a:bd:c0:cb:c6:0f:6e:79:88:24:ce:
6f:d7:48:93:d9:45:c2:ab:54:11:10:83:99:e9:3b:93:75:dd:
10:13:e6:85:eb:04:62:66:3b:80:e8:dc:fb:c1:44:ab:ad:c8:
f5:b1:a9:39
-----BEGIN CERTIFICATE-----
MIIEyjCCA7KgAwIBAgIUdWTfHgdM9sDNQL+UOlkOIjOUALMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MzNaFw0yNDEwMTUxNjEzMzNaMDMxMTAvBgNV
BAMTKDY5N0ZFQTc5REU3QzJDMzNGQ0JFMjE4MkZEMzU2MzI4RTA1QUJEMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCr2qgbCUgUM7gP3OSMSKXHbij
04ku1YZch+mKD43EVlDcf07+cx0omw/gkKYmQjumuyvmI5JhAiBwf1FlSASOAby9
IDYt28j08AcdEwzG6ookMxNX+hjPfd817E7OGTPs6BlbCQ7tAhCDiQ5sQ8OEg/oQ
USGod31ORn91acXxhjMGsgg/5G8cpHfK75spjYCrXlEgd8HnBp0IJBJxLvk+0nNE
4lAh0gMmJmrVxYSSy05uQmCnwPhrGjKfSGGbNbNHLVTSRZqSk/fRjG1KCKbSS/8U
UTqgQKyxEr6Abk5VYY7mYkMhQMK5AFx4J6n/KeYriOxCtjGh8pSEHoKY9APNAgMB
AAGjggHUMIIB0DAdBgNVHQ4EFgQUaX/qed58LDP8viGC/TVjKOBavTMwHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTM4MzM2MzMwM2EzYTJmMzQzNDJk
MzQzODIwM2QzZTIwMzIzMDM5MzYzNTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhLdR4PAMA0GCSqG
SIb3DQEBCwUAA4IBAQCey4G2qiE9VksBtDoGPd9EgH1i8i4trhFClz10PpgYpRgx
8vuO921hmr721S4ZTML/mKbYb51PNx1DJpe0jS1cP8x0n5zG5Orti2OjMcDPgdpd
5Sg9DhOEaPZNY1UJ+Gewe8NUVwF6wpya2v+3HsxeLLOutuyN5Gq1Cv2RMGCdJKmE
hgHKbM1U1+QvvCcDNvT704qlNMecgU/A5kEaYVRTjgFSKiQ5jOsR+g76UnQkKmRy
JUNIUt4Uy6CGUXvEltR3PtNFVv0aW1/Ife2ZCr3Ay8YPbnmIJM5v10iT2UXCq1QR
EIOZ6TuTdd0QE+aF6wRiZjuA6Nz7wUSrrcj1sak5
-----END CERTIFICATE-----
Generated at Sat Jun 1 19:28:54 2024 by rpki-client on console-fra.rpki-client.org