Route Origin Authorization

$ rpki-client -vvf dev.tw/rpki/AS945/1/326131323a646434373a3730303a3a2f34302d3438203d3e20313938393534.roa
File:                     326131323a646434373a3730303a3a2f34302d3438203d3e20313938393534.roa (raw, json)
Hash identifier:          xiDSiuPI7RZh7H8fgPvle8HNmBuqzKtWTpU7uQayh3U=
Subject key identifier:   34:FE:5C:82:42:43:F1:7B:7F:A8:C9:10:8C:2E:D0:7E:7F:D5:59:72
Certificate issuer:       /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial:       0C10A1B39773F45414DE39DA47E8A465FB37BDEC
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access:    rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access:      rsync://dev.tw/rpki/AS945/1/326131323a646434373a3730303a3a2f34302d3438203d3e20313938393534.roa
Signing time:             Fri 11 Oct 2024 10:04:15 +0000
ROA not before:           Fri 11 Oct 2024 09:59:15 +0000
ROA not after:            Fri 10 Oct 2025 10:04:15 +0000
asID:                     198954
IP address blocks:        2a12:dd47:700::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
                          rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
                          rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 03:48:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:10:a1:b3:97:73:f4:54:14:de:39:da:47:e8:a4:65:fb:37:bd:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
        Validity
            Not Before: Oct 11 09:59:15 2024 GMT
            Not After : Oct 10 10:04:15 2025 GMT
        Subject: CN=34FE5C824243F17B7FA8C9108C2ED07E7FD55972
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:8e:69:45:51:c7:6e:fd:d3:8a:09:b4:60:68:
                    85:24:bd:cc:4f:5d:f4:58:60:6f:7e:85:69:4e:ae:
                    4c:d2:da:13:c2:ad:49:b7:ae:f6:54:f9:0e:b9:84:
                    0d:21:75:1b:9b:ea:0a:26:90:76:0f:99:af:56:db:
                    51:56:2a:5b:de:70:a4:5c:2c:cd:d9:4d:d5:f9:4e:
                    01:05:bd:63:25:c9:1e:7a:44:62:62:89:4e:84:cc:
                    7c:c5:dd:b7:f7:87:9e:b4:9d:37:37:8c:c4:a7:45:
                    c1:1a:99:24:b4:91:0e:8b:a6:bc:84:30:ee:4b:a6:
                    26:6b:39:86:f2:e8:4b:b0:2d:33:63:f4:c6:c4:83:
                    e1:97:40:70:df:b4:0c:76:a0:38:64:4c:bf:59:51:
                    78:d0:02:92:d0:a5:42:98:12:ee:a3:79:b6:9e:14:
                    2f:78:3e:3a:80:8d:04:13:67:d7:26:d2:43:25:be:
                    74:9f:69:51:f1:ef:fb:f8:54:e9:44:77:bd:d4:c8:
                    85:fa:41:4a:9d:ac:5d:7b:19:ab:f6:90:d9:de:26:
                    ce:a9:c6:28:3c:c8:1b:85:f5:1d:f1:08:e3:b9:fc:
                    60:e9:bc:01:7e:96:29:b4:cf:17:41:1f:a3:82:49:
                    31:3c:54:8f:e2:de:d1:3e:8f:ff:44:29:a5:9f:40:
                    c1:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:FE:5C:82:42:43:F1:7B:7F:A8:C9:10:8C:2E:D0:7E:7F:D5:59:72
            X509v3 Authority Key Identifier:
                keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer

            Subject Information Access:
                Signed Object - URI:rsync://dev.tw/rpki/AS945/1/326131323a646434373a3730303a3a2f34302d3438203d3e20313938393534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:700::/40

    Signature Algorithm: sha256WithRSAEncryption
         ba:9e:38:de:6d:cc:08:20:15:98:8b:9f:aa:9d:05:06:43:3a:
         75:4f:31:1f:b3:be:64:78:0c:a2:9c:aa:4e:8a:16:a6:9f:f6:
         15:59:3d:94:2e:30:45:0b:f9:3f:c3:06:0a:93:e9:15:d1:cf:
         9f:02:45:56:28:35:ab:53:9a:7b:7d:9f:f2:c8:d9:8f:8b:7a:
         c3:fa:78:a7:6a:63:fa:cc:d9:49:9b:20:15:0b:78:b1:68:49:
         72:0e:3c:07:5c:bc:c9:1a:33:0e:28:9f:e2:23:48:0d:0b:7e:
         e6:24:8b:f0:d3:ad:17:49:9b:fa:40:c5:68:9b:83:08:bd:01:
         a8:a8:b6:5e:be:69:8f:d5:59:bd:4a:f8:68:06:a7:8d:8a:4c:
         ee:3f:25:34:7f:fa:8a:34:49:32:89:37:53:33:e2:18:21:e7:
         68:41:6a:2d:e6:a3:89:14:29:fa:f2:5e:5a:01:9f:e4:59:6b:
         a2:b9:fa:a4:5b:26:0f:3a:62:86:df:3a:a8:5f:a6:87:2a:a9:
         34:a0:85:81:8b:0e:7b:2c:36:53:fa:c1:a3:1a:43:04:17:8f:
         12:cb:b9:fd:ee:9a:38:74:39:4a:21:54:7a:ac:c4:37:7b:89:
         27:5c:d1:f9:62:6a:50:13:27:f5:28:44:fc:4f:3f:5f:b1:74:
         c3:60:f4:86
-----BEGIN CERTIFICATE-----
MIIExTCCA62gAwIBAgIUDBChs5dz9FQU3jnaR+ikZfs3vewwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4
QTY5MzExRTAeFw0yNDEwMTEwOTU5MTVaFw0yNTEwMTAxMDA0MTVaMDMxMTAvBgNV
BAMTKDM0RkU1QzgyNDI0M0YxN0I3RkE4QzkxMDhDMkVEMDdFN0ZENTU5NzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdjmlFUcdu/dOKCbRgaIUkvcxP
XfRYYG9+hWlOrkzS2hPCrUm3rvZU+Q65hA0hdRub6gomkHYPma9W21FWKlvecKRc
LM3ZTdX5TgEFvWMlyR56RGJiiU6EzHzF3bf3h560nTc3jMSnRcEamSS0kQ6LpryE
MO5LpiZrOYby6EuwLTNj9MbEg+GXQHDftAx2oDhkTL9ZUXjQApLQpUKYEu6jebae
FC94PjqAjQQTZ9cm0kMlvnSfaVHx7/v4VOlEd73UyIX6QUqdrF17Gav2kNneJs6p
xig8yBuF9R3xCOO5/GDpvAF+lim0zxdBH6OCSTE8VI/i3tE+j/9EKaWfQMEvAgMB
AAGjggHPMIIByzAdBgNVHQ4EFgQUNP5cgkJD8Xt/qMkQjC7Qfn/VWXIwHwYDVR0j
BBgwFoAUEpYgKKGB51i4mQpspPBKmYppMR4wDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvMS8xMjk2MjAy
OEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUv
MTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4QTY5MzExRS5jZXIwegYI
KwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzEvMzI2MTMxMzIzYTY0NjQzNDM3M2EzNzMwMzAzYTNhMmYzNDMwMmQzNDM4
MjAzZDNlMjAzMTM5MzgzOTM1MzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqEt1HBzANBgkqhkiG9w0B
AQsFAAOCAQEAup443m3MCCAVmIufqp0FBkM6dU8xH7O+ZHgMopyqTooWpp/2FVk9
lC4wRQv5P8MGCpPpFdHPnwJFVig1q1Oae32f8sjZj4t6w/p4p2pj+szZSZsgFQt4
sWhJcg48B1y8yRozDiif4iNIDQt+5iSL8NOtF0mb+kDFaJuDCL0BqKi2Xr5pj9VZ
vUr4aAanjYpM7j8lNH/6ijRJMok3UzPiGCHnaEFqLeajiRQp+vJeWgGf5Flrorn6
pFsmDzpiht86qF+mhyqpNKCFgYsOeyw2U/rBoxpDBBePEsu5/e6aOHQ5SiFUeqzE
N3uJJ1zR+WJqUBMn9ShE/E8/X7F0w2D0hg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 15:01:34 2024 by rpki-client on console-fra.rpki-client.org