Route Origin Authorization
$ rpki-client -vvf dev.tw/rpki/AS945/1/326131323a646434373a383364303a3a2f34342d3438203d3e20323031333836.roa
File: 326131323a646434373a383364303a3a2f34342d3438203d3e20323031333836.roa (raw, json)
Hash identifier: yepvMkMdMFGaG4+jvws3KeAYr8vSQuRDth29Kh4XQzE=
Subject key identifier: AC:F8:26:CB:46:5D:F6:7E:56:13:F5:46:90:A0:4E:40:BB:E6:5B:9F
Certificate issuer: /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial: 35582F68FB532308B96F0EF8EE033F6FCFE18A
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access: rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access: rsync://dev.tw/rpki/AS945/1/326131323a646434373a383364303a3a2f34342d3438203d3e20323031333836.roa
Signing time: Fri 11 Oct 2024 10:04:20 +0000
ROA not before: Fri 11 Oct 2024 09:59:20 +0000
ROA not after: Fri 10 Oct 2025 10:04:20 +0000
asID: 201386
IP address blocks: 2a12:dd47:83d0::/44 maxlen: 48
Validation: OK
Signature path: rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 12:47:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:58:2f:68:fb:53:23:08:b9:6f:0e:f8:ee:03:3f:6f:cf:e1:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
Validity
Not Before: Oct 11 09:59:20 2024 GMT
Not After : Oct 10 10:04:20 2025 GMT
Subject: CN=ACF826CB465DF67E5613F54690A04E40BBE65B9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:08:b9:82:87:12:96:6a:7c:ad:48:6e:ef:6b:
2f:70:98:43:20:ff:4b:21:47:ca:27:35:19:13:76:
63:2c:70:3a:7f:10:10:52:17:11:3b:e6:6a:c2:d0:
52:18:16:21:7a:09:2d:e8:94:f5:3e:d8:e4:55:d8:
80:25:ae:76:dd:b9:77:9b:d8:b0:8f:a3:d0:ce:bf:
43:98:a9:c9:de:ff:63:40:b5:23:97:b9:ca:4d:14:
42:09:f5:1e:25:48:47:e5:01:49:e1:3f:26:e3:cf:
86:3a:f4:aa:bf:42:df:5a:8c:9f:30:01:ad:7e:bb:
c0:ac:7f:20:bd:9d:4c:e0:63:c5:78:82:56:53:33:
53:f1:3e:95:82:2a:33:13:cf:e0:dd:5f:0b:c9:59:
f3:87:32:68:d6:1f:a8:8f:ef:e3:db:6a:19:6a:c0:
2e:df:40:bd:95:3a:a5:86:30:cb:22:21:e5:c2:6e:
d6:f6:80:dc:9f:99:7f:75:ae:9d:4a:1e:c8:5f:fd:
be:38:4d:d1:70:6f:97:fa:87:6d:f2:5b:d1:08:09:
0a:8d:27:ae:d8:20:27:cd:6d:21:4d:25:a7:db:fd:
ae:13:39:90:b7:6a:af:1f:a9:b1:e1:6d:3f:3c:af:
40:36:0c:67:26:73:7d:fc:06:bc:42:62:d7:d8:40:
ac:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:F8:26:CB:46:5D:F6:7E:56:13:F5:46:90:A0:4E:40:BB:E6:5B:9F
X509v3 Authority Key Identifier:
keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject Information Access:
Signed Object - URI:rsync://dev.tw/rpki/AS945/1/326131323a646434373a383364303a3a2f34342d3438203d3e20323031333836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:83d0::/44
Signature Algorithm: sha256WithRSAEncryption
5e:d5:1d:3b:75:2f:47:5b:a6:6f:97:c1:17:0e:46:c8:27:db:
12:27:21:f3:da:00:9a:fd:68:8c:e0:8d:2f:63:ca:1f:02:26:
df:01:5c:84:c4:7c:a2:10:de:b1:6e:b1:cc:0f:18:5b:ab:44:
ae:9a:f9:e6:9a:88:d6:74:cd:22:c5:2e:c4:57:2f:c6:31:35:
33:1e:af:12:de:31:8b:1e:5b:57:df:ed:bf:fd:8d:62:10:04:
a6:9c:ba:1d:39:61:18:f9:4d:52:1d:3a:c7:38:e8:35:7a:7c:
5c:fa:b1:ff:82:4a:66:0e:99:33:f5:37:4b:67:b4:e2:53:b7:
5d:b3:77:e3:11:c1:58:00:d3:31:c3:e6:56:38:bb:a5:0e:a0:
b0:f4:78:de:ad:c1:4e:32:9e:3a:b4:ec:dc:cc:e6:e8:9a:5c:
94:62:52:3c:38:dc:f9:42:05:d3:9d:dd:5e:81:31:ac:f1:5c:
24:79:de:e3:e4:1e:55:1b:62:c0:95:28:25:12:4d:31:e1:b7:
31:a7:f4:81:3e:cb:52:89:36:97:a0:e7:72:00:6d:e4:66:e2:
6b:b9:dd:16:f5:18:e1:45:da:b8:bf:58:dd:68:8c:b0:a3:26:
13:41:c1:06:3a:7a:bf:62:13:62:00:92:f9:cf:2b:26:72:91:
6d:03:70:9d
-----BEGIN CERTIFICATE-----
MIIExzCCA6+gAwIBAgITNVgvaPtTIwi5bw747gM/b8/hijANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEygxMjk2MjAyOEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThB
NjkzMTFFMB4XDTI0MTAxMTA5NTkyMFoXDTI1MTAxMDEwMDQyMFowMzExMC8GA1UE
AxMoQUNGODI2Q0I0NjVERjY3RTU2MTNGNTQ2OTBBMDRFNDBCQkU2NUI5RjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN8IuYKHEpZqfK1Ibu9rL3CYQyD/
SyFHyic1GRN2YyxwOn8QEFIXETvmasLQUhgWIXoJLeiU9T7Y5FXYgCWudt25d5vY
sI+j0M6/Q5ipyd7/Y0C1I5e5yk0UQgn1HiVIR+UBSeE/JuPPhjr0qr9C31qMnzAB
rX67wKx/IL2dTOBjxXiCVlMzU/E+lYIqMxPP4N1fC8lZ84cyaNYfqI/v49tqGWrA
Lt9AvZU6pYYwyyIh5cJu1vaA3J+Zf3WunUoeyF/9vjhN0XBvl/qHbfJb0QgJCo0n
rtggJ81tIU0lp9v9rhM5kLdqrx+pseFtPzyvQDYMZyZzffwGvEJi19hArN0CAwEA
AaOCAdIwggHOMB0GA1UdDgQWBBSs+CbLRl32flYT9UaQoE5Au+ZbnzAfBgNVHSME
GDAWgBQSliAooYHnWLiZCmyk8EqZimkxHjAOBgNVHQ8BAf8EBAMCB4AwWQYDVR0f
BFIwUDBOoEygSoZIcnN5bmM6Ly9kZXYudHcvcnBraS9BUzk0NS8xLzEyOTYyMDI4
QTE4MUU3NThCODk5MEE2Q0E0RjA0QTk5OEE2OTMxMUUuY3JsMGUGCCsGAQUFBwEB
BFkwVzBVBggrBgEFBQcwAoZJcnN5bmM6Ly9kZXYudHcvcnBraS9BdWd1c3QvNS8x
Mjk2MjAyOEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNlcjB8Bggr
BgEFBQcBCwRwMG4wbAYIKwYBBQUHMAuGYHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5
NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTM4MzM2NDMwM2EzYTJmMzQzNDJkMzQz
ODIwM2QzZTIwMzIzMDMxMzMzODM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhLdR4PQMA0GCSqGSIb3
DQEBCwUAA4IBAQBe1R07dS9HW6Zvl8EXDkbIJ9sSJyHz2gCa/WiM4I0vY8ofAibf
AVyExHyiEN6xbrHMDxhbq0SumvnmmojWdM0ixS7EVy/GMTUzHq8S3jGLHltX3+2/
/Y1iEASmnLodOWEY+U1SHTrHOOg1enxc+rH/gkpmDpkz9TdLZ7TiU7dds3fjEcFY
ANMxw+ZWOLulDqCw9HjercFOMp46tOzczObomlyUYlI8ONz5QgXTnd1egTGs8Vwk
ed7j5B5VG2LAlSglEk0x4bcxp/SBPstSiTaXoOdyAG3kZuJrud0W9RjhRdq4v1jd
aIywoyYTQcEGOnq/YhNiAJL5zysmcpFtA3Cd
-----END CERTIFICATE-----
Generated at Wed Oct 23 03:59:11 2024 by rpki-client on console-fra.rpki-client.org