Route Origin Authorization
$ rpki-client -vvf dev.tw/rpki/AS945/1/326131323a646434373a383332303a3a2f34342d3438203d3e20323132353938.roa
File: 326131323a646434373a383332303a3a2f34342d3438203d3e20323132353938.roa (raw, json)
Hash identifier: muBZvdo9LjJ+eZX5oLtNHwT0xWgcZLkGVEiGrqwQrDw=
Subject key identifier: 00:12:19:F2:8E:48:D9:80:C8:4C:33:A9:8C:FD:F6:A8:53:EC:29:DA
Certificate issuer: /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial: 3D01628D5720C2F897581B7172FAFCF255B42AC5
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access: rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access: rsync://dev.tw/rpki/AS945/1/326131323a646434373a383332303a3a2f34342d3438203d3e20323132353938.roa
Signing time: Fri 11 Oct 2024 10:04:22 +0000
ROA not before: Fri 11 Oct 2024 09:59:22 +0000
ROA not after: Fri 10 Oct 2025 10:04:22 +0000
asID: 212598
IP address blocks: 2a12:dd47:8320::/44 maxlen: 48
Validation: OK
Signature path: rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 12:47:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:01:62:8d:57:20:c2:f8:97:58:1b:71:72:fa:fc:f2:55:b4:2a:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
Validity
Not Before: Oct 11 09:59:22 2024 GMT
Not After : Oct 10 10:04:22 2025 GMT
Subject: CN=001219F28E48D980C84C33A98CFDF6A853EC29DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2b:21:00:b0:f1:2c:51:21:3c:5a:ab:cc:9a:
33:63:08:d5:3d:bc:28:96:c2:8a:cb:2d:60:a9:ae:
1e:67:9c:45:74:ee:ea:ad:ba:3a:20:ec:19:27:3d:
f8:e4:66:0d:04:75:ad:8b:fc:35:bb:96:09:3b:45:
62:61:f9:d2:9c:56:16:a6:19:26:43:c3:c3:79:d1:
49:c3:20:fb:bb:1b:30:e2:64:8c:63:aa:26:d6:f3:
be:38:22:e5:19:0a:97:25:2d:c8:30:04:bb:73:3f:
b1:82:ef:af:e7:30:b1:de:fb:61:0f:b6:77:4b:ff:
02:a0:52:1d:13:7e:10:22:4e:4f:85:f2:d9:78:1d:
66:e8:ae:a5:b4:a2:a2:ac:38:bd:6d:e5:27:0b:29:
09:34:5e:06:da:42:69:01:cd:bf:c5:db:87:2c:9d:
18:70:23:b8:23:2e:88:53:ef:d7:71:c5:dd:80:cb:
be:a4:bb:90:92:11:f6:7a:ff:34:07:7f:f5:11:a2:
54:89:5d:ee:29:2e:1d:b1:f5:03:b4:d4:ec:5a:46:
e7:a3:8c:8c:5e:f5:84:a2:5c:52:a0:0e:df:b1:97:
ae:f4:c7:c4:36:6d:94:23:c1:9f:c0:49:0d:4d:57:
a2:c2:b4:3b:c1:02:b1:88:dd:3a:c2:bc:ea:83:e1:
fc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:12:19:F2:8E:48:D9:80:C8:4C:33:A9:8C:FD:F6:A8:53:EC:29:DA
X509v3 Authority Key Identifier:
keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject Information Access:
Signed Object - URI:rsync://dev.tw/rpki/AS945/1/326131323a646434373a383332303a3a2f34342d3438203d3e20323132353938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:8320::/44
Signature Algorithm: sha256WithRSAEncryption
df:5b:dc:d7:a3:5f:6a:db:04:d8:55:e3:3b:c0:f0:93:2a:f8:
c3:1a:cc:c4:b3:be:17:bc:48:5e:a7:e0:6c:9c:2c:a4:27:12:
ca:ac:3f:fe:71:81:40:4c:6c:7d:19:26:5a:30:a7:a7:03:d9:
f1:b6:44:c6:e1:44:62:21:b3:23:05:ca:a2:28:30:57:0b:4c:
85:86:3c:bc:44:f3:6e:06:71:98:f1:b8:08:3e:ed:1e:4c:41:
35:af:61:7a:3c:25:fd:f3:b6:4a:45:9e:ba:ff:1d:d3:b8:d4:
93:69:57:22:46:ae:6a:fa:8b:45:21:b9:bc:8b:a6:88:56:30:
f4:d7:54:db:db:7c:0d:c5:2e:e4:25:05:1b:87:41:27:52:6c:
97:97:1a:6b:73:d1:20:8c:c1:dd:86:7f:d6:12:bb:1a:49:2f:
f6:ce:68:2e:32:f0:c2:a7:7a:5c:17:e4:5d:cc:70:00:a1:11:
84:7f:11:56:23:89:dc:57:c0:14:4f:65:d4:3d:3a:79:74:52:
35:c1:83:dd:d3:74:37:22:96:df:11:b5:e3:05:fd:92:27:8a:
05:4a:d3:e3:b1:2e:53:3f:f1:06:3d:7c:27:60:cb:e6:bd:80:
9e:ab:8c:e9:61:d1:da:9d:d4:bf:c3:0a:36:ac:e3:03:f1:85:
00:cc:96:f5
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUPQFijVcgwviXWBtxcvr88lW0KsUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4
QTY5MzExRTAeFw0yNDEwMTEwOTU5MjJaFw0yNTEwMTAxMDA0MjJaMDMxMTAvBgNV
BAMTKDAwMTIxOUYyOEU0OEQ5ODBDODRDMzNBOThDRkRGNkE4NTNFQzI5REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0KyEAsPEsUSE8WqvMmjNjCNU9
vCiWworLLWCprh5nnEV07uqtujog7BknPfjkZg0Eda2L/DW7lgk7RWJh+dKcVham
GSZDw8N50UnDIPu7GzDiZIxjqibW8744IuUZCpclLcgwBLtzP7GC76/nMLHe+2EP
tndL/wKgUh0TfhAiTk+F8tl4HWborqW0oqKsOL1t5ScLKQk0XgbaQmkBzb/F24cs
nRhwI7gjLohT79dxxd2Ay76ku5CSEfZ6/zQHf/URolSJXe4pLh2x9QO01OxaRuej
jIxe9YSiXFKgDt+xl670x8Q2bZQjwZ/ASQ1NV6LCtDvBArGI3TrCvOqD4fyDAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQUABIZ8o5I2YDITDOpjP32qFPsKdowHwYDVR0j
BBgwFoAUEpYgKKGB51i4mQpspPBKmYppMR4wDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvMS8xMjk2MjAy
OEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUv
MTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4QTY5MzExRS5jZXIwfAYI
KwYBBQUHAQsEcDBuMGwGCCsGAQUFBzALhmByc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzEvMzI2MTMxMzIzYTY0NjQzNDM3M2EzODMzMzIzMDNhM2EyZjM0MzQyZDM0
MzgyMDNkM2UyMDMyMzEzMjM1MzkzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoS3UeDIDANBgkqhkiG
9w0BAQsFAAOCAQEA31vc16NfatsE2FXjO8Dwkyr4wxrMxLO+F7xIXqfgbJwspCcS
yqw//nGBQExsfRkmWjCnpwPZ8bZExuFEYiGzIwXKoigwVwtMhYY8vETzbgZxmPG4
CD7tHkxBNa9hejwl/fO2SkWeuv8d07jUk2lXIkauavqLRSG5vIumiFYw9NdU29t8
DcUu5CUFG4dBJ1Jsl5caa3PRIIzB3YZ/1hK7Gkkv9s5oLjLwwqd6XBfkXcxwAKER
hH8RViOJ3FfAFE9l1D06eXRSNcGD3dN0NyKW3xG14wX9kieKBUrT47EuUz/xBj18
J2DL5r2AnquM6WHR2p3Uv8MKNqzjA/GFAMyW9Q==
-----END CERTIFICATE-----
Generated at Wed Oct 23 04:38:58 2024 by rpki-client on console-ams.rpki-client.org