Route Origin Authorization

$ rpki-client -vvf dev.tw/rpki/AS945/1/326131323a646434363a323030303a3a2f33362d3438203d3e20323032343030.roa
File:                     326131323a646434363a323030303a3a2f33362d3438203d3e20323032343030.roa (raw, json)
Hash identifier:          Vu1yvV7/hMUlcKU2hBugu4TgU2y0LK8BW2YEwikrmNA=
Subject key identifier:   10:67:CF:83:44:32:3F:0E:38:4F:97:7D:BC:5D:4B:E4:CE:45:8B:51
Certificate issuer:       /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial:       327B7359061E84FC93E6A2C64E636C8EB1735F2D
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access:    rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access:      rsync://dev.tw/rpki/AS945/1/326131323a646434363a323030303a3a2f33362d3438203d3e20323032343030.roa
Signing time:             Fri 11 Oct 2024 10:04:16 +0000
ROA not before:           Fri 11 Oct 2024 09:59:16 +0000
ROA not after:            Fri 10 Oct 2025 10:04:16 +0000
asID:                     202400
IP address blocks:        2a12:dd46:2000::/36 maxlen: 48

Validation:               OK
Signature path:           rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
                          rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
                          rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 03:48:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:7b:73:59:06:1e:84:fc:93:e6:a2:c6:4e:63:6c:8e:b1:73:5f:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
        Validity
            Not Before: Oct 11 09:59:16 2024 GMT
            Not After : Oct 10 10:04:16 2025 GMT
        Subject: CN=1067CF8344323F0E384F977DBC5D4BE4CE458B51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:40:09:a8:de:9b:b8:a2:4c:27:93:d8:2f:0a:
                    d9:9f:36:0c:5e:c6:22:3a:31:7d:1b:37:26:9b:3e:
                    89:aa:c9:7c:77:8e:4e:f4:15:95:be:f9:92:d6:c8:
                    58:34:3a:e5:2b:20:2e:a9:6c:bd:65:59:99:d3:39:
                    ce:db:b3:bd:e6:c1:e6:88:8d:0a:90:53:3c:64:f1:
                    ce:2c:7f:c2:8d:4f:88:5d:5c:67:a0:94:73:1a:a7:
                    04:1e:85:0f:28:55:52:8c:ec:d9:e0:e4:47:06:0e:
                    7e:dc:c6:6b:25:83:f0:5b:82:d6:ca:b5:31:88:f1:
                    1d:02:ea:d2:8e:5e:56:f7:2a:24:81:68:52:74:4d:
                    73:14:bf:a2:f5:ea:77:a7:df:f0:63:63:2f:aa:46:
                    12:7a:c0:c2:fe:ab:52:5a:e7:3b:5c:a5:22:c1:04:
                    68:cf:ce:6a:e6:70:91:b8:86:2f:8c:6d:f6:84:72:
                    76:8d:31:ee:f7:b0:9a:b3:60:f7:5f:e1:2f:39:f1:
                    a3:ec:d3:f9:2d:be:c7:bf:42:33:81:af:26:d0:c8:
                    c7:5d:32:c3:a6:b9:f6:e6:52:4e:18:b0:ea:42:01:
                    db:32:26:dc:83:7e:c8:00:78:96:c3:e3:f5:22:7e:
                    39:41:e6:94:60:62:4e:5e:1c:77:67:5d:a6:fc:38:
                    b0:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:67:CF:83:44:32:3F:0E:38:4F:97:7D:BC:5D:4B:E4:CE:45:8B:51
            X509v3 Authority Key Identifier:
                keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer

            Subject Information Access:
                Signed Object - URI:rsync://dev.tw/rpki/AS945/1/326131323a646434363a323030303a3a2f33362d3438203d3e20323032343030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd46:2000::/36

    Signature Algorithm: sha256WithRSAEncryption
         2d:9c:b3:cb:44:ed:c5:f0:2d:4f:8b:93:20:8f:71:a8:f4:2b:
         87:bb:61:76:29:ba:e7:79:dd:58:79:da:82:49:02:54:42:6f:
         8a:70:0a:de:6f:08:82:57:e9:7d:2b:78:10:1b:cf:00:d8:8a:
         50:b4:8a:f0:26:54:d4:0e:9c:a2:ce:cd:87:72:28:c8:18:e6:
         79:6c:9a:9e:80:b8:b3:57:6c:68:ee:19:e8:88:bf:ec:04:ec:
         0e:c7:b9:8f:a1:1b:c5:8c:b4:2a:66:da:ad:6f:45:a2:f5:27:
         98:b1:3f:c8:2a:a4:a3:25:b9:3f:88:89:64:0d:4c:e8:be:53:
         8b:5b:9f:65:fc:ab:c8:d2:61:53:6d:52:68:bb:35:c3:d8:45:
         9c:2f:fc:ba:0b:f4:b2:7e:3d:4e:de:3e:5f:87:b9:06:49:8f:
         61:5c:22:47:c4:34:03:05:d5:ed:0b:56:bc:a8:ed:6c:90:07:
         5d:94:bc:41:23:eb:d6:c2:93:a2:ad:6f:e7:52:09:20:01:22:
         0f:74:67:61:d0:3c:4d:71:ce:43:80:dc:89:eb:5d:cd:d2:ab:
         9b:49:91:f8:3b:d3:de:68:ff:fb:ce:58:88:1f:92:29:70:dd:
         d1:89:4c:7b:0e:e0:85:79:2a:86:d8:ba:92:97:ba:ce:d1:cb:
         cf:cc:6e:3d
-----BEGIN CERTIFICATE-----
MIIExzCCA6+gAwIBAgIUMntzWQYehPyT5qLGTmNsjrFzXy0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4
QTY5MzExRTAeFw0yNDEwMTEwOTU5MTZaFw0yNTEwMTAxMDA0MTZaMDMxMTAvBgNV
BAMTKDEwNjdDRjgzNDQzMjNGMEUzODRGOTc3REJDNUQ0QkU0Q0U0NThCNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5QAmo3pu4okwnk9gvCtmfNgxe
xiI6MX0bNyabPomqyXx3jk70FZW++ZLWyFg0OuUrIC6pbL1lWZnTOc7bs73mweaI
jQqQUzxk8c4sf8KNT4hdXGeglHMapwQehQ8oVVKM7Nng5EcGDn7cxmslg/BbgtbK
tTGI8R0C6tKOXlb3KiSBaFJ0TXMUv6L16nen3/BjYy+qRhJ6wML+q1Ja5ztcpSLB
BGjPzmrmcJG4hi+MbfaEcnaNMe73sJqzYPdf4S858aPs0/ktvse/QjOBrybQyMdd
MsOmufbmUk4YsOpCAdsyJtyDfsgAeJbD4/UifjlB5pRgYk5eHHdnXab8OLAHAgMB
AAGjggHRMIIBzTAdBgNVHQ4EFgQUEGfPg0QyPw44T5d9vF1L5M5Fi1EwHwYDVR0j
BBgwFoAUEpYgKKGB51i4mQpspPBKmYppMR4wDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvMS8xMjk2MjAy
OEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUv
MTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4QTY5MzExRS5jZXIwfAYI
KwYBBQUHAQsEcDBuMGwGCCsGAQUFBzALhmByc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzEvMzI2MTMxMzIzYTY0NjQzNDM2M2EzMjMwMzAzMDNhM2EyZjMzMzYyZDM0
MzgyMDNkM2UyMDMyMzAzMjM0MzAzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoS3UYgMA0GCSqGSIb3
DQEBCwUAA4IBAQAtnLPLRO3F8C1Pi5Mgj3Go9CuHu2F2Kbrned1YedqCSQJUQm+K
cArebwiCV+l9K3gQG88A2IpQtIrwJlTUDpyizs2HcijIGOZ5bJqegLizV2xo7hno
iL/sBOwOx7mPoRvFjLQqZtqtb0Wi9SeYsT/IKqSjJbk/iIlkDUzovlOLW59l/KvI
0mFTbVJouzXD2EWcL/y6C/Syfj1O3j5fh7kGSY9hXCJHxDQDBdXtC1a8qO1skAdd
lLxBI+vWwpOirW/nUgkgASIPdGdh0DxNcc5DgNyJ613N0qubSZH4O9PeaP/7zliI
H5IpcN3RiUx7DuCFeSqG2LqSl7rO0cvPzG49
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:37:44 2024 by rpki-client on console-ams.rpki-client.org