Route Origin Authorization
$ rpki-client -vvf dev.tw/rpki/AS945/1/326131323a646434373a383032383a3a2f34382d3438203d3e20323131393436.roa
File: 326131323a646434373a383032383a3a2f34382d3438203d3e20323131393436.roa (raw, json)
Hash identifier: oGOgVGCqGsYwvP6VxP80AnzFAxbpmkbMbqhIz/7Grg4=
Subject key identifier: 53:C1:C6:68:3C:79:C7:92:C4:94:1E:49:48:49:7B:AC:BB:D1:BB:6D
Certificate issuer: /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial: 0A458479AC8818F9DB429BB2DD7C7599720E1CEC
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access: rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access: rsync://dev.tw/rpki/AS945/1/326131323a646434373a383032383a3a2f34382d3438203d3e20323131393436.roa
Signing time: Fri 11 Oct 2024 10:04:26 +0000
ROA not before: Fri 11 Oct 2024 09:59:26 +0000
ROA not after: Fri 10 Oct 2025 10:04:26 +0000
asID: 211946
IP address blocks: 2a12:dd47:8028::/48 maxlen: 48
Validation: OK
Signature path: rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 12:47:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:45:84:79:ac:88:18:f9:db:42:9b:b2:dd:7c:75:99:72:0e:1c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
Validity
Not Before: Oct 11 09:59:26 2024 GMT
Not After : Oct 10 10:04:26 2025 GMT
Subject: CN=53C1C6683C79C792C4941E4948497BACBBD1BB6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7b:6a:4f:00:b5:b0:fa:e0:49:b8:48:11:2b:
f3:4a:3f:aa:70:90:ee:26:ad:bc:06:0a:30:8a:94:
83:78:e3:5e:95:c2:31:bf:59:35:99:b4:75:1f:c7:
37:f5:62:49:6d:83:7d:40:60:3b:4a:f5:a1:39:c2:
bc:ad:34:59:21:20:d6:b3:78:9d:5a:25:25:30:58:
5e:0b:3a:ec:16:b6:0c:45:bc:c3:78:a8:df:a6:8f:
a4:81:81:13:58:67:f9:5c:cd:de:6b:2c:70:e7:2c:
1b:3b:8c:df:4a:20:a6:a3:64:f6:99:23:8b:9c:bb:
d3:22:ac:e0:e1:b0:06:8b:1b:c7:14:6d:ef:02:85:
ec:9f:c6:3c:23:73:22:46:03:5d:e6:36:d8:e7:ec:
b0:6c:db:46:bb:8d:e7:ae:5b:87:5a:00:4f:e0:bb:
51:1f:58:d7:c5:c4:d6:64:53:c2:57:11:38:2f:b9:
9c:9f:ba:9d:0c:ea:21:11:52:30:f1:20:2a:b1:95:
fa:b0:11:e1:a2:60:10:cb:da:ed:68:44:0c:a9:c8:
e7:82:cd:25:58:1e:e6:19:c4:46:11:b8:24:4d:cc:
2e:69:04:a3:3c:a3:81:7f:31:b0:4f:7f:05:73:d1:
8c:69:b4:81:11:59:59:22:a6:f5:2a:cf:3e:b7:51:
84:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C1:C6:68:3C:79:C7:92:C4:94:1E:49:48:49:7B:AC:BB:D1:BB:6D
X509v3 Authority Key Identifier:
keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject Information Access:
Signed Object - URI:rsync://dev.tw/rpki/AS945/1/326131323a646434373a383032383a3a2f34382d3438203d3e20323131393436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:8028::/48
Signature Algorithm: sha256WithRSAEncryption
06:05:a9:d3:59:78:01:26:03:e1:fd:68:1a:64:f8:c8:c4:90:
d1:06:63:19:b3:40:85:1d:29:33:f9:9c:d0:5e:ec:26:47:1c:
28:ae:b0:74:03:1a:48:6d:d3:e3:80:36:b6:97:4b:ac:48:15:
a9:73:92:41:6f:54:6f:d4:c0:e8:0b:d6:8a:7d:8e:4a:70:54:
4a:c4:a8:e1:d5:77:47:b0:2d:b9:50:1b:92:5b:11:df:41:6a:
8d:5d:5a:69:cc:37:82:92:72:10:9a:bd:2c:8e:89:53:67:50:
5c:5e:3c:4a:a8:95:e8:b3:80:d8:50:7a:1b:75:c6:2c:55:dc:
91:1b:ae:c3:c9:b2:5f:ef:a1:56:a9:94:70:99:2c:48:ee:40:
b0:b4:f3:75:94:7f:9b:ea:76:56:f9:db:50:22:f1:94:26:9d:
41:27:07:75:48:0a:d1:22:b3:ab:24:79:19:c3:df:cd:8c:00:
22:4c:9d:98:67:5a:6d:70:c3:f6:c9:66:d4:ac:b9:23:41:18:
54:dc:9e:e1:9a:28:32:de:8b:0e:e3:01:1d:8f:8a:9f:ba:e3:
34:ee:b9:9d:0f:a2:fe:7d:27:b4:b2:42:60:4d:cb:33:10:e7:
bd:55:9c:a0:93:00:04:ce:b5:53:03:63:98:0c:82:e0:d5:9e:
42:35:7c:34
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUCkWEeayIGPnbQpuy3Xx1mXIOHOwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4
QTY5MzExRTAeFw0yNDEwMTEwOTU5MjZaFw0yNTEwMTAxMDA0MjZaMDMxMTAvBgNV
BAMTKDUzQzFDNjY4M0M3OUM3OTJDNDk0MUU0OTQ4NDk3QkFDQkJEMUJCNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLe2pPALWw+uBJuEgRK/NKP6pw
kO4mrbwGCjCKlIN4416VwjG/WTWZtHUfxzf1Ykltg31AYDtK9aE5wrytNFkhINaz
eJ1aJSUwWF4LOuwWtgxFvMN4qN+mj6SBgRNYZ/lczd5rLHDnLBs7jN9KIKajZPaZ
I4ucu9MirODhsAaLG8cUbe8CheyfxjwjcyJGA13mNtjn7LBs20a7jeeuW4daAE/g
u1EfWNfFxNZkU8JXETgvuZyfup0M6iERUjDxICqxlfqwEeGiYBDL2u1oRAypyOeC
zSVYHuYZxEYRuCRNzC5pBKM8o4F/MbBPfwVz0YxptIERWVkipvUqzz63UYRZAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQUU8HGaDx5x5LElB5JSEl7rLvRu20wHwYDVR0j
BBgwFoAUEpYgKKGB51i4mQpspPBKmYppMR4wDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvMS8xMjk2MjAy
OEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUv
MTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4QTY5MzExRS5jZXIwfAYI
KwYBBQUHAQsEcDBuMGwGCCsGAQUFBzALhmByc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzEvMzI2MTMxMzIzYTY0NjQzNDM3M2EzODMwMzIzODNhM2EyZjM0MzgyZDM0
MzgyMDNkM2UyMDMyMzEzMTM5MzQzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeAKDANBgkqhkiG
9w0BAQsFAAOCAQEABgWp01l4ASYD4f1oGmT4yMSQ0QZjGbNAhR0pM/mc0F7sJkcc
KK6wdAMaSG3T44A2tpdLrEgVqXOSQW9Ub9TA6AvWin2OSnBUSsSo4dV3R7AtuVAb
klsR30FqjV1aacw3gpJyEJq9LI6JU2dQXF48SqiV6LOA2FB6G3XGLFXckRuuw8my
X++hVqmUcJksSO5AsLTzdZR/m+p2VvnbUCLxlCadQScHdUgK0SKzqyR5GcPfzYwA
IkydmGdabXDD9slm1Ky5I0EYVNye4ZooMt6LDuMBHY+Kn7rjNO65nQ+i/n0ntLJC
YE3LMxDnvVWcoJMABM61UwNjmAyC4NWeQjV8NA==
-----END CERTIFICATE-----
Generated at Wed Oct 23 03:59:11 2024 by rpki-client on console-fra.rpki-client.org