Route Origin Authorization
$ rpki-client -vvf dev.tw/rpki/AS945/1/326131323a646434373a333230303a3a2f34302d3430203d3e20323030383237.roa
File: 326131323a646434373a333230303a3a2f34302d3430203d3e20323030383237.roa (raw, json)
Hash identifier: BnQKnLj9xlvZpm0xhM9h5hG6VhbAHJK0c55dgnMtQ7Q=
Subject key identifier: 91:2D:29:24:1F:8C:47:D7:7F:7C:E7:85:AF:A0:06:B1:48:F4:9A:91
Certificate issuer: /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial: 204B1EAFA72591F74D9BD90DCCD3D66711A860C6
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access: rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access: rsync://dev.tw/rpki/AS945/1/326131323a646434373a333230303a3a2f34302d3430203d3e20323030383237.roa
Signing time: Fri 11 Oct 2024 10:04:25 +0000
ROA not before: Fri 11 Oct 2024 09:59:25 +0000
ROA not after: Fri 10 Oct 2025 10:04:25 +0000
asID: 200827
IP address blocks: 2a12:dd47:3200::/40 maxlen: 40
Validation: OK
Signature path: rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 03:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:4b:1e:af:a7:25:91:f7:4d:9b:d9:0d:cc:d3:d6:67:11:a8:60:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
Validity
Not Before: Oct 11 09:59:25 2024 GMT
Not After : Oct 10 10:04:25 2025 GMT
Subject: CN=912D29241F8C47D77F7CE785AFA006B148F49A91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9b:3c:bf:f1:fd:3f:ee:80:55:95:81:57:e2:
33:a8:21:27:ee:bf:5c:b0:53:4e:e1:ff:a1:6f:50:
05:d9:69:2c:bd:e5:dc:8a:9a:23:c2:25:0d:28:69:
ea:af:bf:d5:7b:eb:b0:73:f6:10:65:61:b9:93:ec:
b0:41:65:43:bb:ff:c7:91:98:15:0f:cb:d5:0b:90:
26:0c:fe:5e:ec:37:32:bb:aa:04:d9:66:9c:45:2d:
69:52:f5:ac:33:32:c6:13:08:ca:cd:25:af:a6:9f:
de:8a:df:5c:e7:db:bc:75:69:a8:b3:6a:d1:67:07:
b6:a8:44:bc:df:94:4c:29:ef:02:b2:62:07:c8:a6:
f9:fc:22:95:15:ec:3b:b9:f8:1c:29:eb:5c:0f:62:
f1:14:15:14:a5:7c:4b:e7:39:48:09:13:ad:5d:af:
68:54:4e:8e:21:d9:c0:dd:e4:82:04:c8:da:f6:78:
6c:d4:a1:e0:fc:f2:ea:74:b5:1d:63:06:b4:44:00:
44:07:29:9a:49:01:0d:87:6a:f4:fa:e2:a6:63:fb:
ae:7e:6f:8a:ab:72:71:b3:5e:28:9e:4a:7f:dc:25:
d9:f4:f0:0b:47:c7:5b:b5:3a:d1:e0:40:d3:7f:59:
c0:f0:31:35:8e:ee:31:70:d8:4a:38:ad:07:1b:2f:
29:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:2D:29:24:1F:8C:47:D7:7F:7C:E7:85:AF:A0:06:B1:48:F4:9A:91
X509v3 Authority Key Identifier:
keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject Information Access:
Signed Object - URI:rsync://dev.tw/rpki/AS945/1/326131323a646434373a333230303a3a2f34302d3430203d3e20323030383237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:3200::/40
Signature Algorithm: sha256WithRSAEncryption
49:02:08:78:3c:43:48:c6:53:4a:da:da:d1:77:dd:a6:4b:73:
10:46:2c:e0:37:a9:63:2e:fa:ff:c3:f3:9a:dc:c6:18:b0:1b:
47:d9:40:4a:e4:c1:ce:1e:d3:6a:e2:de:8e:4b:8a:13:05:2c:
7a:89:bd:09:d7:86:37:2e:b4:6f:1b:bf:36:28:52:c4:c1:38:
67:65:9c:59:9d:51:97:84:e2:14:d6:c9:26:c5:1a:2d:d7:46:
c4:37:29:81:bf:19:cb:3e:d8:90:0b:05:6b:21:21:fa:89:50:
7a:7b:6b:db:a1:28:ee:33:76:8d:5b:05:c9:43:28:31:6a:64:
38:7d:55:1d:0f:a3:9f:22:f2:13:7c:92:76:8f:5c:a4:8c:70:
d8:ee:04:4e:df:46:ec:eb:bc:de:d5:b2:91:6f:1e:f0:15:b9:
06:0b:2e:c5:fd:b6:8b:8b:c4:7b:25:a9:e7:1a:2e:9e:b9:04:
16:f3:dd:7f:32:14:47:25:06:2e:84:29:c7:54:f3:28:0a:8e:
03:36:55:89:f0:48:8e:27:b9:27:d9:02:b8:1f:39:2d:ce:0e:
09:a5:ac:5d:a4:1b:fd:7b:2a:6c:5e:31:f5:2b:d5:9b:2b:f3:
52:50:fc:06:c9:61:52:96:5c:4d:b3:82:a0:27:13:e4:d4:8e:
b0:6b:8f:da
-----BEGIN CERTIFICATE-----
MIIExzCCA6+gAwIBAgIUIEser6clkfdNm9kNzNPWZxGoYMYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4
QTY5MzExRTAeFw0yNDEwMTEwOTU5MjVaFw0yNTEwMTAxMDA0MjVaMDMxMTAvBgNV
BAMTKDkxMkQyOTI0MUY4QzQ3RDc3RjdDRTc4NUFGQTAwNkIxNDhGNDlBOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQComzy/8f0/7oBVlYFX4jOoISfu
v1ywU07h/6FvUAXZaSy95dyKmiPCJQ0oaeqvv9V767Bz9hBlYbmT7LBBZUO7/8eR
mBUPy9ULkCYM/l7sNzK7qgTZZpxFLWlS9awzMsYTCMrNJa+mn96K31zn27x1aaiz
atFnB7aoRLzflEwp7wKyYgfIpvn8IpUV7Du5+Bwp61wPYvEUFRSlfEvnOUgJE61d
r2hUTo4h2cDd5IIEyNr2eGzUoeD88up0tR1jBrREAEQHKZpJAQ2HavT64qZj+65+
b4qrcnGzXiieSn/cJdn08AtHx1u1OtHgQNN/WcDwMTWO7jFw2Eo4rQcbLyk5AgMB
AAGjggHRMIIBzTAdBgNVHQ4EFgQUkS0pJB+MR9d/fOeFr6AGsUj0mpEwHwYDVR0j
BBgwFoAUEpYgKKGB51i4mQpspPBKmYppMR4wDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvMS8xMjk2MjAy
OEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUv
MTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4QTY5MzExRS5jZXIwfAYI
KwYBBQUHAQsEcDBuMGwGCCsGAQUFBzALhmByc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzEvMzI2MTMxMzIzYTY0NjQzNDM3M2EzMzMyMzAzMDNhM2EyZjM0MzAyZDM0
MzAyMDNkM2UyMDMyMzAzMDM4MzIzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoS3UcyMA0GCSqGSIb3
DQEBCwUAA4IBAQBJAgh4PENIxlNK2trRd92mS3MQRizgN6ljLvr/w/Oa3MYYsBtH
2UBK5MHOHtNq4t6OS4oTBSx6ib0J14Y3LrRvG782KFLEwThnZZxZnVGXhOIU1skm
xRot10bENymBvxnLPtiQCwVrISH6iVB6e2vboSjuM3aNWwXJQygxamQ4fVUdD6Of
IvITfJJ2j1ykjHDY7gRO30bs67ze1bKRbx7wFbkGCy7F/baLi8R7JannGi6euQQW
891/MhRHJQYuhCnHVPMoCo4DNlWJ8EiOJ7kn2QK4Hzktzg4JpaxdpBv9eypsXjH1
K9WbK/NSUPwGyWFSllxNs4KgJxPk1I6wa4/a
-----END CERTIFICATE-----
Generated at Thu Nov 21 15:01:34 2024 by rpki-client on console-fra.rpki-client.org