Route Origin Authorization
$ rpki-client -vvf dev.tw/rpki/AS945/1/326131323a646434373a383030303a3a2f34382d3438203d3e20323131343331.roa
File: 326131323a646434373a383030303a3a2f34382d3438203d3e20323131343331.roa (raw, json)
Hash identifier: SF7OmCBEz1mFOsvR/Fbrmp2R+mKaduTO0avwvD9/Cx8=
Subject key identifier: FB:4E:95:66:FE:46:25:4A:E8:2F:85:EA:C0:0B:63:C2:B1:10:5A:9B
Certificate issuer: /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial: 7C4ABB37519D4E14F04DC87211196D87302101C7
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access: rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access: rsync://dev.tw/rpki/AS945/1/326131323a646434373a383030303a3a2f34382d3438203d3e20323131343331.roa
Signing time: Fri 11 Oct 2024 10:04:22 +0000
ROA not before: Fri 11 Oct 2024 09:59:22 +0000
ROA not after: Fri 10 Oct 2025 10:04:22 +0000
asID: 211431
IP address blocks: 2a12:dd47:8000::/48 maxlen: 48
Validation: OK
Signature path: rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 12:47:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:4a:bb:37:51:9d:4e:14:f0:4d:c8:72:11:19:6d:87:30:21:01:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
Validity
Not Before: Oct 11 09:59:22 2024 GMT
Not After : Oct 10 10:04:22 2025 GMT
Subject: CN=FB4E9566FE46254AE82F85EAC00B63C2B1105A9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e2:ab:88:7c:cf:c8:54:69:be:4c:ad:64:88:
78:c3:f0:b6:15:f5:bf:bc:59:2f:12:db:e2:bc:f7:
ee:2e:33:d5:d0:b3:89:a8:b9:eb:ae:03:c5:f8:9d:
2d:c2:e6:05:75:0f:a3:f8:3f:8e:f8:19:c8:d3:cc:
f3:e2:ca:31:e6:79:1f:0c:1c:e3:fb:28:e2:43:76:
01:2c:1d:b2:bc:1e:b6:4a:57:aa:27:9f:49:72:a2:
97:bf:30:d5:25:7e:09:39:b4:da:6a:73:ed:86:a7:
68:08:8f:ed:93:ee:30:e3:b1:2d:09:ad:f9:80:94:
a5:30:fa:31:94:62:2f:c4:26:d3:38:fa:f4:47:b5:
cf:59:5c:50:47:9a:4d:ec:96:90:7e:01:5c:43:47:
99:e3:36:f4:b7:aa:57:b5:b2:8d:a0:1f:07:66:62:
c9:0b:ff:f7:9d:51:58:e3:cf:51:d7:fb:86:43:15:
69:bf:28:45:c9:b3:f1:26:3d:fe:16:4f:c1:41:9a:
20:4d:4a:e8:07:e3:16:0c:29:34:2e:8a:51:8b:7c:
b3:4e:cf:ef:18:26:c5:d9:3f:e3:19:a2:3d:64:43:
2a:93:d9:9c:e6:bb:b2:63:2d:e9:d9:02:eb:21:c0:
39:63:13:da:7f:02:cb:37:65:5d:3e:76:1f:e0:ee:
db:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:4E:95:66:FE:46:25:4A:E8:2F:85:EA:C0:0B:63:C2:B1:10:5A:9B
X509v3 Authority Key Identifier:
keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject Information Access:
Signed Object - URI:rsync://dev.tw/rpki/AS945/1/326131323a646434373a383030303a3a2f34382d3438203d3e20323131343331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:8000::/48
Signature Algorithm: sha256WithRSAEncryption
2d:ed:b2:f0:51:25:a0:a0:5b:33:35:7e:c9:75:92:dc:3c:4e:
5c:8a:0d:44:a7:a0:79:fd:24:bf:c6:7d:92:a0:bb:ba:46:d4:
a1:84:e8:b3:9b:86:e4:2d:02:6c:7a:b2:dd:50:eb:70:f7:e2:
59:83:a2:d5:38:17:65:65:f3:c6:cd:c6:87:8c:0d:3c:e5:26:
55:46:80:64:e5:f5:0a:1c:d6:2f:da:62:3e:47:9d:4a:28:de:
54:d0:aa:17:bf:dd:9f:81:cb:51:3b:c6:63:41:20:bf:79:3c:
6c:9d:50:b3:ac:41:c3:7d:00:9f:80:96:cd:66:db:b0:e5:a5:
a2:40:79:d2:28:1c:c2:11:f0:2e:38:22:3d:bc:66:8b:c3:0a:
f7:3c:48:8c:85:f8:ab:8d:ef:9c:96:c8:40:b8:35:cd:46:a3:
8d:d4:58:e6:e2:04:47:15:a7:71:bd:11:36:5f:83:6f:ab:b4:
2a:76:98:c8:d2:07:bc:63:22:94:82:1e:d2:89:84:28:25:e1:
0a:d5:c7:a5:fb:9e:89:e2:5c:dd:a7:8b:7e:12:e2:9e:c6:36:
4c:39:bd:9b:61:a4:c0:84:af:13:74:ac:4d:a8:9b:db:87:ae:
19:a1:6e:36:af:41:90:5c:ad:d6:60:4a:81:d2:d1:a4:a5:a9:
82:cc:ec:36
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUfEq7N1GdThTwTchyERlthzAhAccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4
QTY5MzExRTAeFw0yNDEwMTEwOTU5MjJaFw0yNTEwMTAxMDA0MjJaMDMxMTAvBgNV
BAMTKEZCNEU5NTY2RkU0NjI1NEFFODJGODVFQUMwMEI2M0MyQjExMDVBOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA4quIfM/IVGm+TK1kiHjD8LYV
9b+8WS8S2+K89+4uM9XQs4moueuuA8X4nS3C5gV1D6P4P474GcjTzPPiyjHmeR8M
HOP7KOJDdgEsHbK8HrZKV6onn0lyope/MNUlfgk5tNpqc+2Gp2gIj+2T7jDjsS0J
rfmAlKUw+jGUYi/EJtM4+vRHtc9ZXFBHmk3slpB+AVxDR5njNvS3qle1so2gHwdm
YskL//edUVjjz1HX+4ZDFWm/KEXJs/EmPf4WT8FBmiBNSugH4xYMKTQuilGLfLNO
z+8YJsXZP+MZoj1kQyqT2Zzmu7JjLenZAushwDljE9p/Ass3ZV0+dh/g7tshAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQU+06VZv5GJUroL4XqwAtjwrEQWpswHwYDVR0j
BBgwFoAUEpYgKKGB51i4mQpspPBKmYppMR4wDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvMS8xMjk2MjAy
OEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUv
MTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4QTY5MzExRS5jZXIwfAYI
KwYBBQUHAQsEcDBuMGwGCCsGAQUFBzALhmByc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzEvMzI2MTMxMzIzYTY0NjQzNDM3M2EzODMwMzAzMDNhM2EyZjM0MzgyZDM0
MzgyMDNkM2UyMDMyMzEzMTM0MzMzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeAADANBgkqhkiG
9w0BAQsFAAOCAQEALe2y8FEloKBbMzV+yXWS3DxOXIoNRKegef0kv8Z9kqC7ukbU
oYTos5uG5C0CbHqy3VDrcPfiWYOi1TgXZWXzxs3Gh4wNPOUmVUaAZOX1ChzWL9pi
PkedSijeVNCqF7/dn4HLUTvGY0Egv3k8bJ1Qs6xBw30An4CWzWbbsOWlokB50igc
whHwLjgiPbxmi8MK9zxIjIX4q43vnJbIQLg1zUajjdRY5uIERxWncb0RNl+Db6u0
KnaYyNIHvGMilIIe0omEKCXhCtXHpfueieJc3aeLfhLinsY2TDm9m2GkwISvE3Ss
Taib24euGaFuNq9BkFyt1mBKgdLRpKWpgszsNg==
-----END CERTIFICATE-----
Generated at Wed Oct 23 04:38:58 2024 by rpki-client on console-ams.rpki-client.org