Route Origin Authorization
$ rpki-client -vvf dev.tw/rpki/AS945/1/326131323a646434373a3230303a3a2f34302d3438203d3e20313531333338.roa
File: 326131323a646434373a3230303a3a2f34302d3438203d3e20313531333338.roa (raw, json)
Hash identifier: +4iUKkWZ/Uj+GAgeK3kXWgstaxtwOCTGHBJWxI9q/eM=
Subject key identifier: E0:F7:9D:8B:A2:A9:34:03:46:20:18:7A:C0:CF:73:C8:29:D4:FB:C0
Certificate issuer: /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial: 7274A4A2FCFD934BB294AA5A45BD38E667BC6749
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access: rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access: rsync://dev.tw/rpki/AS945/1/326131323a646434373a3230303a3a2f34302d3438203d3e20313531333338.roa
Signing time: Fri 11 Oct 2024 10:04:20 +0000
ROA not before: Fri 11 Oct 2024 09:59:20 +0000
ROA not after: Fri 10 Oct 2025 10:04:20 +0000
asID: 151338
IP address blocks: 2a12:dd47:200::/40 maxlen: 48
Validation: OK
Signature path: rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 23:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:74:a4:a2:fc:fd:93:4b:b2:94:aa:5a:45:bd:38:e6:67:bc:67:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
Validity
Not Before: Oct 11 09:59:20 2024 GMT
Not After : Oct 10 10:04:20 2025 GMT
Subject: CN=E0F79D8BA2A934034620187AC0CF73C829D4FBC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b7:5b:64:38:df:73:47:73:c1:ab:1c:21:0e:
be:9d:72:4a:17:62:da:19:87:17:9f:90:f2:be:95:
6c:84:21:55:8c:9c:9f:c0:19:81:e1:aa:65:d1:7a:
26:95:65:f2:8b:a4:c5:e9:aa:03:f8:f6:2a:15:36:
b7:11:d3:5f:06:4f:9e:b1:cb:e0:a7:94:15:68:41:
72:bd:31:a2:7a:37:e1:13:a3:df:18:fe:a0:02:74:
4b:38:3d:73:95:82:a8:df:49:e6:01:8a:16:78:cc:
43:ac:8e:10:ab:11:d7:56:30:0d:17:5a:60:9c:10:
36:85:37:b2:93:41:cb:19:69:02:e9:c7:01:9a:dc:
51:ab:36:cf:5a:bb:b5:a0:9e:fc:07:cd:6d:76:74:
38:e4:c6:00:97:f3:2b:63:4b:b0:2e:da:82:c3:37:
6a:67:e7:c3:df:ce:57:c9:d5:ed:90:a3:d0:4c:40:
80:00:16:56:8a:dd:ea:a4:1f:45:b9:6a:c8:b3:fa:
17:e7:d5:ea:b5:2e:18:f1:cc:f2:e6:62:ad:08:14:
08:92:db:35:1c:85:e5:a2:7e:90:ff:e3:6f:df:27:
3b:0a:b1:69:e9:d3:92:c8:4d:b2:68:84:98:f6:96:
d8:dc:43:2a:f2:71:b0:57:be:df:e8:9b:b1:69:38:
6a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F7:9D:8B:A2:A9:34:03:46:20:18:7A:C0:CF:73:C8:29:D4:FB:C0
X509v3 Authority Key Identifier:
keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject Information Access:
Signed Object - URI:rsync://dev.tw/rpki/AS945/1/326131323a646434373a3230303a3a2f34302d3438203d3e20313531333338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:200::/40
Signature Algorithm: sha256WithRSAEncryption
e4:46:2e:b4:a9:82:6f:bd:fd:68:b7:3c:9f:2d:25:66:dd:a1:
e2:6a:53:c5:e4:92:03:b1:24:74:f3:0a:a8:82:de:2a:39:3e:
69:70:86:04:9b:d8:60:81:3c:a3:11:bb:73:f4:f8:c6:ee:55:
53:a7:95:ca:7c:92:84:f2:24:1f:c8:0b:0f:4c:69:08:ce:08:
db:98:b5:1f:3a:49:7a:37:06:72:8b:db:fe:28:c4:35:1e:e8:
56:70:e3:a9:65:d5:50:02:6d:a3:42:a5:99:d5:81:39:2c:61:
5f:56:d0:98:e2:0c:f5:41:0f:1c:b8:4f:21:6e:a9:59:59:58:
6e:3a:97:12:df:c5:c2:e8:09:b2:cf:eb:1f:68:5f:00:18:90:
e1:5f:32:46:f3:d2:7f:56:e6:0b:b0:f7:70:a6:37:3c:32:4f:
cf:20:a7:e1:b8:4b:44:64:6c:e8:10:10:81:0c:17:c8:8f:76:
a3:00:84:a7:16:99:1e:28:9f:d0:86:49:b1:3f:27:5d:1d:85:
0e:6b:b6:11:b3:90:be:b3:1c:3f:fb:07:22:68:5d:67:13:7a:
25:66:47:ea:a1:1b:70:ca:b3:9f:cc:8b:86:58:80:58:8d:63:
d1:db:7e:6c:ed:16:a0:f3:86:26:b2:d6:ed:ee:d5:88:fe:03:
be:a3:39:c6
-----BEGIN CERTIFICATE-----
MIIExTCCA62gAwIBAgIUcnSkovz9k0uylKpaRb045me8Z0kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4
QTY5MzExRTAeFw0yNDEwMTEwOTU5MjBaFw0yNTEwMTAxMDA0MjBaMDMxMTAvBgNV
BAMTKEUwRjc5RDhCQTJBOTM0MDM0NjIwMTg3QUMwQ0Y3M0M4MjlENEZCQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMt1tkON9zR3PBqxwhDr6dckoX
YtoZhxefkPK+lWyEIVWMnJ/AGYHhqmXReiaVZfKLpMXpqgP49ioVNrcR018GT56x
y+CnlBVoQXK9MaJ6N+ETo98Y/qACdEs4PXOVgqjfSeYBihZ4zEOsjhCrEddWMA0X
WmCcEDaFN7KTQcsZaQLpxwGa3FGrNs9au7WgnvwHzW12dDjkxgCX8ytjS7Au2oLD
N2pn58PfzlfJ1e2Qo9BMQIAAFlaK3eqkH0W5asiz+hfn1eq1LhjxzPLmYq0IFAiS
2zUcheWifpD/42/fJzsKsWnp05LITbJohJj2ltjcQyrycbBXvt/om7FpOGoBAgMB
AAGjggHPMIIByzAdBgNVHQ4EFgQU4Pedi6KpNANGIBh6wM9zyCnU+8AwHwYDVR0j
BBgwFoAUEpYgKKGB51i4mQpspPBKmYppMR4wDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvMS8xMjk2MjAy
OEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUv
MTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4QTY5MzExRS5jZXIwegYI
KwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzEvMzI2MTMxMzIzYTY0NjQzNDM3M2EzMjMwMzAzYTNhMmYzNDMwMmQzNDM4
MjAzZDNlMjAzMTM1MzEzMzMzMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqEt1HAjANBgkqhkiG9w0B
AQsFAAOCAQEA5EYutKmCb739aLc8ny0lZt2h4mpTxeSSA7EkdPMKqILeKjk+aXCG
BJvYYIE8oxG7c/T4xu5VU6eVynyShPIkH8gLD0xpCM4I25i1HzpJejcGcovb/ijE
NR7oVnDjqWXVUAJto0KlmdWBOSxhX1bQmOIM9UEPHLhPIW6pWVlYbjqXEt/FwugJ
ss/rH2hfABiQ4V8yRvPSf1bmC7D3cKY3PDJPzyCn4bhLRGRs6BAQgQwXyI92owCE
pxaZHiif0IZJsT8nXR2FDmu2EbOQvrMcP/sHImhdZxN6JWZH6qEbcMqzn8yLhliA
WI1j0dt+bO0WoPOGJrLW7e7ViP4DvqM5xg==
-----END CERTIFICATE-----
Generated at Wed Oct 23 07:33:02 2024 by rpki-client on console-fra.rpki-client.org