Route Origin Authorization
$ rpki-client -vvf dev.tw/rpki/AS945/1/326131323a646434373a356532303a3a2f34342d3438203d3e20313938393534.roa
File: 326131323a646434373a356532303a3a2f34342d3438203d3e20313938393534.roa (raw, json)
Hash identifier: ZlxGejc9Ti1tWnCxHqN8Tb1MLsduyV49NFqMr3A+LPI=
Subject key identifier: 88:B5:A8:CE:3A:AF:78:AA:65:28:6D:6E:A1:38:11:CE:8F:5D:FD:C5
Certificate issuer: /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial: 1F6952350038C53C3C3927544D639A45D68D4D98
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access: rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access: rsync://dev.tw/rpki/AS945/1/326131323a646434373a356532303a3a2f34342d3438203d3e20313938393534.roa
Signing time: Fri 11 Oct 2024 10:04:18 +0000
ROA not before: Fri 11 Oct 2024 09:59:18 +0000
ROA not after: Fri 10 Oct 2025 10:04:18 +0000
asID: 198954
IP address blocks: 2a12:dd47:5e20::/44 maxlen: 48
Validation: OK
Signature path: rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 03:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:69:52:35:00:38:c5:3c:3c:39:27:54:4d:63:9a:45:d6:8d:4d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
Validity
Not Before: Oct 11 09:59:18 2024 GMT
Not After : Oct 10 10:04:18 2025 GMT
Subject: CN=88B5A8CE3AAF78AA65286D6EA13811CE8F5DFDC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:15:d6:f9:04:e0:20:e8:3b:dc:47:a4:9f:d6:
b1:e3:ba:4c:30:90:06:65:b6:13:f1:e4:a2:2b:60:
98:48:d6:e2:ad:43:22:97:25:a2:77:f3:81:a3:05:
93:ca:fd:2c:52:ce:3d:88:ac:86:8a:51:69:88:11:
7b:62:c0:3f:5e:13:e0:9d:ab:9c:77:2e:b8:e0:ee:
98:96:fd:e5:00:cd:5b:a3:64:17:38:f3:f4:af:fa:
22:47:f2:06:1d:9d:5d:29:72:b5:f2:fe:a1:77:8c:
64:66:db:8a:b4:b7:e4:74:5c:c6:89:b4:ac:98:84:
5e:d7:ba:2c:3c:2a:59:4e:1d:fd:74:0b:90:90:7a:
ac:4a:af:3d:f9:e6:2a:dc:9c:0d:a9:7f:18:da:fb:
94:84:94:4c:44:4b:6d:ed:4f:f4:5c:ff:97:5c:c4:
c9:e2:36:77:98:ec:1b:70:66:5c:a5:fb:f3:5e:e2:
22:08:fb:80:6b:72:2f:12:73:b8:d6:90:7e:b5:8a:
20:c9:71:3a:84:f0:e0:06:1c:bb:5c:fc:2c:39:6c:
20:41:30:94:fd:d6:82:88:4f:01:ad:89:05:d6:1e:
8d:dd:52:78:59:ab:b0:d1:76:ef:11:59:29:36:e0:
23:5a:da:6c:34:4f:a4:4e:90:b1:2e:fa:e9:7e:da:
34:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B5:A8:CE:3A:AF:78:AA:65:28:6D:6E:A1:38:11:CE:8F:5D:FD:C5
X509v3 Authority Key Identifier:
keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject Information Access:
Signed Object - URI:rsync://dev.tw/rpki/AS945/1/326131323a646434373a356532303a3a2f34342d3438203d3e20313938393534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:5e20::/44
Signature Algorithm: sha256WithRSAEncryption
0c:71:4c:05:06:83:d0:af:52:d0:0b:13:48:11:85:3e:9e:30:
6a:f0:4e:bd:50:73:f3:6f:29:7e:f6:e3:b2:99:a2:cc:cb:c4:
bd:c2:a1:6f:b5:64:da:a3:0d:28:da:fd:22:86:3e:15:c4:a0:
de:cc:41:4e:68:d9:64:db:2c:4d:73:4b:fe:0c:6b:87:52:f4:
0b:a9:85:b8:31:e1:c8:2b:94:03:97:55:85:4f:76:82:4d:0f:
13:1c:8b:a6:b6:37:bc:09:c6:b3:d6:81:b0:ca:1d:a5:35:06:
ed:51:1a:33:ab:fc:df:68:08:d9:05:3f:48:0f:17:e5:a6:90:
6e:fe:ae:19:80:e1:b1:dc:02:b5:ff:b3:47:7d:36:0d:d2:aa:
6d:9d:e6:cc:ea:b1:b5:5d:f2:0f:25:a2:ca:6c:f3:96:5e:b5:
48:8a:95:22:84:07:2e:cc:fd:59:c1:e6:c2:05:4e:1f:26:a2:
08:a4:cc:79:c8:7c:78:6b:db:8b:ec:70:2a:0d:e6:5c:f7:e3:
b8:db:4e:b4:57:1e:88:55:38:5a:5e:a0:17:a4:17:7c:a2:7d:
0a:86:1b:39:01:58:0d:af:5c:31:4c:42:17:c3:99:2c:ce:58:
8a:ac:0c:b0:b7:b6:1a:cf:74:6c:d5:e2:75:2e:71:33:2a:64:
50:e6:90:20
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUH2lSNQA4xTw8OSdUTWOaRdaNTZgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4
QTY5MzExRTAeFw0yNDEwMTEwOTU5MThaFw0yNTEwMTAxMDA0MThaMDMxMTAvBgNV
BAMTKDg4QjVBOENFM0FBRjc4QUE2NTI4NkQ2RUExMzgxMUNFOEY1REZEQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbFdb5BOAg6DvcR6Sf1rHjukww
kAZlthPx5KIrYJhI1uKtQyKXJaJ384GjBZPK/SxSzj2IrIaKUWmIEXtiwD9eE+Cd
q5x3Lrjg7piW/eUAzVujZBc48/Sv+iJH8gYdnV0pcrXy/qF3jGRm24q0t+R0XMaJ
tKyYhF7Xuiw8KllOHf10C5CQeqxKrz355ircnA2pfxja+5SElExES23tT/Rc/5dc
xMniNneY7BtwZlyl+/Ne4iII+4Brci8Sc7jWkH61iiDJcTqE8OAGHLtc/Cw5bCBB
MJT91oKITwGtiQXWHo3dUnhZq7DRdu8RWSk24CNa2mw0T6ROkLEu+ul+2jRXAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQUiLWozjqveKplKG1uoTgRzo9d/cUwHwYDVR0j
BBgwFoAUEpYgKKGB51i4mQpspPBKmYppMR4wDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvMS8xMjk2MjAy
OEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUv
MTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4QTY5MzExRS5jZXIwfAYI
KwYBBQUHAQsEcDBuMGwGCCsGAQUFBzALhmByc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzEvMzI2MTMxMzIzYTY0NjQzNDM3M2EzNTY1MzIzMDNhM2EyZjM0MzQyZDM0
MzgyMDNkM2UyMDMxMzkzODM5MzUzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoS3UdeIDANBgkqhkiG
9w0BAQsFAAOCAQEADHFMBQaD0K9S0AsTSBGFPp4wavBOvVBz828pfvbjspmizMvE
vcKhb7Vk2qMNKNr9IoY+FcSg3sxBTmjZZNssTXNL/gxrh1L0C6mFuDHhyCuUA5dV
hU92gk0PExyLprY3vAnGs9aBsModpTUG7VEaM6v832gI2QU/SA8X5aaQbv6uGYDh
sdwCtf+zR302DdKqbZ3mzOqxtV3yDyWiymzzll61SIqVIoQHLsz9WcHmwgVOHyai
CKTMech8eGvbi+xwKg3mXPfjuNtOtFceiFU4Wl6gF6QXfKJ9CoYbOQFYDa9cMUxC
F8OZLM5YiqwMsLe2Gs90bNXidS5xMypkUOaQIA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:37:44 2024 by rpki-client on console-ams.rpki-client.org