Route Origin Authorization
$ rpki-client -vvf dev.tw/rpki/AS945/1/326131323a646434373a3430303a3a2f33392d3438203d3e20313939363831.roa
File: 326131323a646434373a3430303a3a2f33392d3438203d3e20313939363831.roa (raw, json)
Hash identifier: Pf0uY3EVuSjo8LhNwCEpLEUtzGSidI1BmtXXNAeO+1Q=
Subject key identifier: BE:F2:33:61:3A:5A:D8:64:DF:67:1D:30:AD:C3:E4:08:22:A5:C8:F5
Certificate issuer: /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial: 4813BA3D610631632BBD5E83CBF0BDBE654D136C
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access: rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access: rsync://dev.tw/rpki/AS945/1/326131323a646434373a3430303a3a2f33392d3438203d3e20313939363831.roa
Signing time: Fri 11 Oct 2024 10:04:18 +0000
ROA not before: Fri 11 Oct 2024 09:59:18 +0000
ROA not after: Fri 10 Oct 2025 10:04:18 +0000
asID: 199681
IP address blocks: 2a12:dd47:400::/39 maxlen: 48
Validation: OK
Signature path: rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 12:47:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:13:ba:3d:61:06:31:63:2b:bd:5e:83:cb:f0:bd:be:65:4d:13:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
Validity
Not Before: Oct 11 09:59:18 2024 GMT
Not After : Oct 10 10:04:18 2025 GMT
Subject: CN=BEF233613A5AD864DF671D30ADC3E40822A5C8F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:9d:bb:4f:11:31:1e:9c:40:20:5f:59:37:fa:
8a:22:f5:d3:54:e6:4a:9f:0f:64:5e:fa:a8:60:6d:
0b:9d:ec:ac:cb:f4:5d:47:09:36:29:34:78:c4:2d:
75:3a:e2:6a:a6:a7:9b:ce:82:46:54:76:f5:57:51:
ab:2c:26:c8:13:d1:4b:00:0f:80:76:a8:ac:ea:d1:
c9:b2:80:c7:c6:47:f6:c0:05:54:1c:e3:66:b4:3b:
6d:4a:a0:95:18:b0:75:f3:73:a9:a7:13:9d:d2:08:
6a:30:81:c6:3d:01:0f:be:63:6c:8e:09:d8:9f:a9:
81:65:24:90:91:17:54:7b:2b:d3:2a:42:8d:0b:c8:
78:84:34:b1:da:77:53:cf:f0:0f:68:32:78:57:f7:
c8:6b:c4:07:90:da:80:b1:bc:ba:1a:9a:ae:cf:05:
fe:85:f4:20:b0:59:f0:e8:9d:9b:fe:22:16:e5:3d:
bb:91:15:a7:68:af:f5:19:47:e1:d7:52:df:52:cf:
5c:80:74:f7:d3:54:00:f3:a5:22:2b:e3:10:cb:65:
9b:a6:98:07:9a:0a:d0:16:1a:a2:4d:d1:fc:6a:7c:
c8:18:d9:9c:38:86:69:d6:5b:d3:f9:13:be:b2:86:
10:93:5d:d9:5e:c5:3c:a1:50:56:0b:bc:6a:1e:bb:
95:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:F2:33:61:3A:5A:D8:64:DF:67:1D:30:AD:C3:E4:08:22:A5:C8:F5
X509v3 Authority Key Identifier:
keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject Information Access:
Signed Object - URI:rsync://dev.tw/rpki/AS945/1/326131323a646434373a3430303a3a2f33392d3438203d3e20313939363831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:400::/39
Signature Algorithm: sha256WithRSAEncryption
d2:e6:35:60:20:0f:7b:b5:e3:08:f0:2a:8c:45:31:86:9c:3c:
98:ed:e5:c2:c9:1a:de:4e:25:c2:4f:0e:31:2a:c2:80:fb:fe:
fa:8a:93:db:c7:60:8b:6e:d9:fc:a9:96:d9:92:ca:8a:27:bb:
bc:4d:9f:91:61:8e:9b:77:85:ff:04:18:7a:d1:2e:8a:84:d3:
7f:ab:42:0f:25:97:eb:0d:2b:0e:11:08:d6:14:c2:f6:d5:9a:
bf:39:83:ab:53:2d:2c:57:11:df:4b:f5:0e:c8:c8:73:1c:39:
94:c4:1e:85:99:0e:74:b2:ba:6a:ab:d4:1d:a3:66:f3:56:c1:
eb:08:1b:a8:0a:77:bf:14:82:18:fe:39:86:83:97:6c:e3:d9:
f4:01:9d:8b:e5:28:fe:e0:e6:b0:b0:bc:a3:55:df:04:49:2b:
9f:73:6f:04:0b:0c:e8:07:07:4c:b0:ad:24:ce:39:1a:e8:3d:
59:19:b3:c3:b7:da:0b:d1:c3:25:c2:3c:49:e7:92:be:a0:3c:
3c:c2:18:c4:17:b7:ef:16:48:3a:6d:c1:a8:82:df:9c:e7:2f:
d9:56:75:3f:af:36:94:7b:37:90:33:10:06:9d:65:7f:98:12:
5f:a6:31:e1:38:f9:cf:54:56:0c:26:a7:53:e3:40:a2:14:20:
62:a8:d5:cd
-----BEGIN CERTIFICATE-----
MIIExTCCA62gAwIBAgIUSBO6PWEGMWMrvV6Dy/C9vmVNE2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4
QTY5MzExRTAeFw0yNDEwMTEwOTU5MThaFw0yNTEwMTAxMDA0MThaMDMxMTAvBgNV
BAMTKEJFRjIzMzYxM0E1QUQ4NjRERjY3MUQzMEFEQzNFNDA4MjJBNUM4RjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsnbtPETEenEAgX1k3+ooi9dNU
5kqfD2Re+qhgbQud7KzL9F1HCTYpNHjELXU64mqmp5vOgkZUdvVXUassJsgT0UsA
D4B2qKzq0cmygMfGR/bABVQc42a0O21KoJUYsHXzc6mnE53SCGowgcY9AQ++Y2yO
CdifqYFlJJCRF1R7K9MqQo0LyHiENLHad1PP8A9oMnhX98hrxAeQ2oCxvLoamq7P
Bf6F9CCwWfDonZv+IhblPbuRFador/UZR+HXUt9Sz1yAdPfTVADzpSIr4xDLZZum
mAeaCtAWGqJN0fxqfMgY2Zw4hmnWW9P5E76yhhCTXdlexTyhUFYLvGoeu5X3AgMB
AAGjggHPMIIByzAdBgNVHQ4EFgQUvvIzYTpa2GTfZx0wrcPkCCKlyPUwHwYDVR0j
BBgwFoAUEpYgKKGB51i4mQpspPBKmYppMR4wDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvMS8xMjk2MjAy
OEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUv
MTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4QTY5MzExRS5jZXIwegYI
KwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzEvMzI2MTMxMzIzYTY0NjQzNDM3M2EzNDMwMzAzYTNhMmYzMzM5MmQzNDM4
MjAzZDNlMjAzMTM5MzkzNjM4MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgEqEt1HBDANBgkqhkiG9w0B
AQsFAAOCAQEA0uY1YCAPe7XjCPAqjEUxhpw8mO3lwska3k4lwk8OMSrCgPv++oqT
28dgi27Z/KmW2ZLKiie7vE2fkWGOm3eF/wQYetEuioTTf6tCDyWX6w0rDhEI1hTC
9tWavzmDq1MtLFcR30v1DsjIcxw5lMQehZkOdLK6aqvUHaNm81bB6wgbqAp3vxSC
GP45hoOXbOPZ9AGdi+Uo/uDmsLC8o1XfBEkrn3NvBAsM6AcHTLCtJM45Gug9WRmz
w7faC9HDJcI8SeeSvqA8PMIYxBe37xZIOm3BqILfnOcv2VZ1P682lHs3kDMQBp1l
f5gSX6Yx4Tj5z1RWDCanU+NAohQgYqjVzQ==
-----END CERTIFICATE-----
Generated at Wed Oct 23 03:59:11 2024 by rpki-client on console-fra.rpki-client.org