Route Origin Authorization
$ rpki-client -vvf dev.tw/rpki/AS945/1/326131323a646434373a3830303a3a2f33382d3438203d3e20323131373539.roa
File: 326131323a646434373a3830303a3a2f33382d3438203d3e20323131373539.roa (raw, json)
Hash identifier: l/jGP+Vg/5QwnCXO01P9pvzY1RCLBmCpO/ZXlGUSD4g=
Subject key identifier: 88:43:AF:21:F2:2C:30:77:EA:81:BF:E1:C9:B5:13:72:2D:17:30:0F
Certificate issuer: /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial: 0C839D89E3F7CEF2272F8E9903A3310481185FCD
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access: rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access: rsync://dev.tw/rpki/AS945/1/326131323a646434373a3830303a3a2f33382d3438203d3e20323131373539.roa
Signing time: Fri 11 Oct 2024 10:04:15 +0000
ROA not before: Fri 11 Oct 2024 09:59:15 +0000
ROA not after: Fri 10 Oct 2025 10:04:15 +0000
asID: 211759
IP address blocks: 2a12:dd47:800::/38 maxlen: 48
Validation: OK
Signature path: rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 03:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:83:9d:89:e3:f7:ce:f2:27:2f:8e:99:03:a3:31:04:81:18:5f:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
Validity
Not Before: Oct 11 09:59:15 2024 GMT
Not After : Oct 10 10:04:15 2025 GMT
Subject: CN=8843AF21F22C3077EA81BFE1C9B513722D17300F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fc:0e:eb:76:0f:c6:5a:b4:f6:b4:30:f7:e4:
d4:0b:82:08:eb:fe:38:e8:d5:84:86:da:46:12:49:
7e:7b:1d:85:c7:4b:dc:db:b6:f1:99:f4:f1:ea:d2:
e0:59:8e:1e:fd:b6:ad:cc:23:e3:01:f3:fe:fc:97:
73:b4:b3:26:1a:00:46:cd:23:e9:51:52:ec:4d:53:
21:10:c3:44:7f:82:c8:50:a9:a3:f3:10:e0:05:56:
40:33:0b:2f:d5:f2:d1:8b:76:a9:c7:45:d4:07:4a:
fa:a9:bb:84:97:8b:36:38:52:ae:7e:ca:cc:21:36:
88:95:ba:07:66:de:ea:67:b8:fe:6b:f2:20:ad:9f:
00:96:78:fb:9a:6d:87:ee:67:18:11:05:af:73:8d:
e0:f0:d9:df:c4:6c:12:88:a8:ac:74:6d:91:b4:a0:
c6:80:f4:78:9f:96:20:b7:59:cb:b8:a1:84:f6:63:
89:db:c2:fa:88:88:21:b7:f8:e0:25:82:1d:85:3a:
3a:1a:bc:b4:a6:2a:a8:47:5c:fd:1a:cd:4d:34:83:
b6:0c:76:48:33:03:37:4f:bb:0d:28:29:2c:4f:58:
49:55:85:b3:2c:1a:c5:b3:16:55:16:1d:11:69:2d:
b7:40:97:02:b4:3f:2f:a3:60:7e:10:27:30:0a:e9:
ee:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:43:AF:21:F2:2C:30:77:EA:81:BF:E1:C9:B5:13:72:2D:17:30:0F
X509v3 Authority Key Identifier:
keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject Information Access:
Signed Object - URI:rsync://dev.tw/rpki/AS945/1/326131323a646434373a3830303a3a2f33382d3438203d3e20323131373539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:800::/38
Signature Algorithm: sha256WithRSAEncryption
90:63:9e:cc:d4:34:97:19:89:96:80:48:50:19:63:ea:69:b4:
51:a7:1d:62:1d:9f:e5:60:d8:b1:a8:eb:dc:73:4c:e8:84:39:
71:da:6a:9e:ab:84:e8:dc:17:f1:56:30:fc:3f:7a:e1:54:53:
6b:3c:58:f7:f6:96:15:09:aa:30:c5:80:74:60:6c:dd:0c:5b:
fa:fb:ee:2a:da:83:1a:c4:13:7f:11:29:ac:10:50:a9:c0:c9:
3c:b5:6e:11:e8:13:f5:3d:fe:cd:d5:a7:f8:70:78:21:eb:2c:
b4:39:a3:77:eb:d4:f2:3d:b8:09:19:12:b3:9f:b1:08:4d:2a:
41:b6:8e:fe:8d:2c:b8:41:21:79:f7:f7:37:11:e2:86:b7:9c:
11:2f:15:c6:01:5d:84:c1:5f:36:0f:b7:f9:f9:68:c5:3a:4f:
f6:ac:c7:e7:31:40:fa:f2:2a:a6:4b:3c:d5:0f:7e:f1:34:2d:
82:31:a2:dc:1a:e1:c1:28:3b:ba:8f:4f:71:b3:77:00:04:61:
db:9c:0f:5b:ce:b7:3a:d0:b3:43:5a:1c:f0:a2:2e:5f:55:1b:
87:ed:41:73:75:80:96:24:28:c0:cd:54:a6:14:23:cc:41:e2:
9c:04:f2:53:78:c5:2e:9e:01:27:62:5c:a1:fe:c2:68:cb:1a:
e5:04:5d:33
-----BEGIN CERTIFICATE-----
MIIExTCCA62gAwIBAgIUDIOdieP3zvInL46ZA6MxBIEYX80wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4
QTY5MzExRTAeFw0yNDEwMTEwOTU5MTVaFw0yNTEwMTAxMDA0MTVaMDMxMTAvBgNV
BAMTKDg4NDNBRjIxRjIyQzMwNzdFQTgxQkZFMUM5QjUxMzcyMkQxNzMwMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2/A7rdg/GWrT2tDD35NQLggjr
/jjo1YSG2kYSSX57HYXHS9zbtvGZ9PHq0uBZjh79tq3MI+MB8/78l3O0syYaAEbN
I+lRUuxNUyEQw0R/gshQqaPzEOAFVkAzCy/V8tGLdqnHRdQHSvqpu4SXizY4Uq5+
yswhNoiVugdm3upnuP5r8iCtnwCWePuabYfuZxgRBa9zjeDw2d/EbBKIqKx0bZG0
oMaA9HifliC3Wcu4oYT2Y4nbwvqIiCG3+OAlgh2FOjoavLSmKqhHXP0azU00g7YM
dkgzAzdPuw0oKSxPWElVhbMsGsWzFlUWHRFpLbdAlwK0Py+jYH4QJzAK6e6RAgMB
AAGjggHPMIIByzAdBgNVHQ4EFgQUiEOvIfIsMHfqgb/hybUTci0XMA8wHwYDVR0j
BBgwFoAUEpYgKKGB51i4mQpspPBKmYppMR4wDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvMS8xMjk2MjAy
OEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUv
MTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4QTY5MzExRS5jZXIwegYI
KwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzEvMzI2MTMxMzIzYTY0NjQzNDM3M2EzODMwMzAzYTNhMmYzMzM4MmQzNDM4
MjAzZDNlMjAzMjMxMzEzNzM1Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgIqEt1HCDANBgkqhkiG9w0B
AQsFAAOCAQEAkGOezNQ0lxmJloBIUBlj6mm0UacdYh2f5WDYsajr3HNM6IQ5cdpq
nquE6NwX8VYw/D964VRTazxY9/aWFQmqMMWAdGBs3Qxb+vvuKtqDGsQTfxEprBBQ
qcDJPLVuEegT9T3+zdWn+HB4IesstDmjd+vU8j24CRkSs5+xCE0qQbaO/o0suEEh
eff3NxHihrecES8VxgFdhMFfNg+3+floxTpP9qzH5zFA+vIqpks81Q9+8TQtgjGi
3BrhwSg7uo9PcbN3AARh25wPW863OtCzQ1oc8KIuX1Ubh+1Bc3WAliQowM1UphQj
zEHinATyU3jFLp4BJ2Jcof7CaMsa5QRdMw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:37:44 2024 by rpki-client on console-ams.rpki-client.org