Route Origin Authorization
$ rpki-client -vvf dev.tw/rpki/AS945/1/326131323a646434373a383366303a3a2f34342d3438203d3e20323034363131.roa
File: 326131323a646434373a383366303a3a2f34342d3438203d3e20323034363131.roa (raw, json)
Hash identifier: SDGLk6T0bbL+tApVQiH4V2HI7Ggm718gxvSzrPUyXPE=
Subject key identifier: DE:5C:3A:30:A0:42:09:CE:7B:C6:B4:7F:81:5C:EB:11:9E:AE:E6:29
Certificate issuer: /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial: 773E66AEA909EE1352A01CAD9F3E836CD1D6747B
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access: rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access: rsync://dev.tw/rpki/AS945/1/326131323a646434373a383366303a3a2f34342d3438203d3e20323034363131.roa
Signing time: Fri 11 Oct 2024 10:04:11 +0000
ROA not before: Fri 11 Oct 2024 09:59:11 +0000
ROA not after: Fri 10 Oct 2025 10:04:11 +0000
asID: 204611
IP address blocks: 2a12:dd47:83f0::/44 maxlen: 48
Validation: OK
Signature path: rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 03:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:3e:66:ae:a9:09:ee:13:52:a0:1c:ad:9f:3e:83:6c:d1:d6:74:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
Validity
Not Before: Oct 11 09:59:11 2024 GMT
Not After : Oct 10 10:04:11 2025 GMT
Subject: CN=DE5C3A30A04209CE7BC6B47F815CEB119EAEE629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0e:10:87:4e:dc:ae:de:31:d5:eb:46:2d:50:
e7:9a:29:c2:8d:97:c6:37:d5:86:19:55:8f:4f:39:
2a:7f:25:00:9f:d9:af:68:04:fb:a7:18:5d:cc:f7:
9d:27:2f:1f:9b:74:b3:e8:2d:9b:3d:a2:9f:21:ec:
29:de:aa:cf:d8:b6:ea:c1:23:47:f8:46:37:48:74:
3c:d9:3b:fe:b8:cb:6c:c9:22:5c:cf:f5:37:ed:22:
f0:6e:41:13:cc:f5:d5:5c:3a:a0:05:d0:8f:fb:a3:
43:93:83:73:16:0b:ff:8f:78:95:7f:a6:c2:8b:fc:
e8:4a:25:27:95:6c:f7:a2:d7:3b:4c:25:0b:b8:2f:
b6:19:54:eb:4e:44:59:06:93:cd:9b:24:dc:4e:80:
35:50:65:9a:4f:0f:35:c5:a0:bf:02:47:9f:cd:ca:
cc:0e:2d:fa:93:94:5d:ae:92:00:e5:18:24:05:ef:
ac:bf:2e:cd:26:ff:f8:97:7b:97:42:08:b2:ce:a6:
76:be:e5:f0:a1:54:62:b6:fd:c6:52:b6:99:14:82:
1a:a1:b0:bf:e7:22:c2:54:6d:9a:ef:ac:cc:63:c1:
90:e1:93:68:85:10:bf:0a:ad:30:10:95:a8:fe:94:
6a:fe:bd:a4:58:b4:fc:cf:d5:72:c6:90:1b:5b:26:
e6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:5C:3A:30:A0:42:09:CE:7B:C6:B4:7F:81:5C:EB:11:9E:AE:E6:29
X509v3 Authority Key Identifier:
keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject Information Access:
Signed Object - URI:rsync://dev.tw/rpki/AS945/1/326131323a646434373a383366303a3a2f34342d3438203d3e20323034363131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:83f0::/44
Signature Algorithm: sha256WithRSAEncryption
dd:dd:92:86:b2:84:4f:b9:82:b1:9b:d3:1d:02:ed:06:94:13:
b2:7a:bb:0c:a8:0b:81:4b:00:3c:a8:99:88:e0:cd:45:78:1a:
1b:54:ea:50:a7:3a:bc:23:0f:12:1e:36:85:c5:e1:9f:e9:53:
ff:67:11:c1:11:09:9f:9b:d2:d0:14:5a:67:4f:f3:a4:29:4e:
a1:77:79:0e:47:1c:d2:d9:3c:3d:d8:30:4d:00:e8:6b:23:40:
74:16:9e:c9:f5:15:ba:6e:94:d3:95:c8:53:ff:43:10:0e:20:
54:b5:0e:aa:6e:b8:03:8a:3e:1a:19:6f:e4:96:a1:b1:97:b9:
9f:e3:50:0c:e4:11:91:63:a8:95:2c:d6:b5:b4:9d:97:db:1d:
dd:17:b4:02:8b:d6:18:2f:23:ef:62:28:2d:7b:94:2f:19:e3:
56:b7:0c:77:f3:b5:36:03:4d:e3:6f:84:00:61:a9:a0:4d:5c:
b9:76:2c:51:85:98:3b:50:3c:ad:9c:fd:79:f5:fd:d5:ec:fa:
2b:fe:62:41:36:f9:e4:31:82:e4:9e:79:06:9e:27:29:e4:32:
12:83:79:b4:a2:f2:e7:7d:c8:37:ef:5d:35:ff:c0:80:1a:17:
ae:b2:fc:d9:3f:c4:f7:eb:40:5d:6b:61:03:33:7b:9a:71:9e:
ec:a6:94:f2
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUdz5mrqkJ7hNSoBytnz6DbNHWdHswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4
QTY5MzExRTAeFw0yNDEwMTEwOTU5MTFaFw0yNTEwMTAxMDA0MTFaMDMxMTAvBgNV
BAMTKERFNUMzQTMwQTA0MjA5Q0U3QkM2QjQ3RjgxNUNFQjExOUVBRUU2MjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGDhCHTtyu3jHV60YtUOeaKcKN
l8Y31YYZVY9POSp/JQCf2a9oBPunGF3M950nLx+bdLPoLZs9op8h7Cneqs/YturB
I0f4RjdIdDzZO/64y2zJIlzP9TftIvBuQRPM9dVcOqAF0I/7o0OTg3MWC/+PeJV/
psKL/OhKJSeVbPei1ztMJQu4L7YZVOtORFkGk82bJNxOgDVQZZpPDzXFoL8CR5/N
yswOLfqTlF2ukgDlGCQF76y/Ls0m//iXe5dCCLLOpna+5fChVGK2/cZStpkUghqh
sL/nIsJUbZrvrMxjwZDhk2iFEL8KrTAQlaj+lGr+vaRYtPzP1XLGkBtbJubLAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQU3lw6MKBCCc57xrR/gVzrEZ6u5ikwHwYDVR0j
BBgwFoAUEpYgKKGB51i4mQpspPBKmYppMR4wDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvMS8xMjk2MjAy
OEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUv
MTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4QTY5MzExRS5jZXIwfAYI
KwYBBQUHAQsEcDBuMGwGCCsGAQUFBzALhmByc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzEvMzI2MTMxMzIzYTY0NjQzNDM3M2EzODMzNjYzMDNhM2EyZjM0MzQyZDM0
MzgyMDNkM2UyMDMyMzAzNDM2MzEzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoS3UeD8DANBgkqhkiG
9w0BAQsFAAOCAQEA3d2ShrKET7mCsZvTHQLtBpQTsnq7DKgLgUsAPKiZiODNRXga
G1TqUKc6vCMPEh42hcXhn+lT/2cRwREJn5vS0BRaZ0/zpClOoXd5Dkcc0tk8Pdgw
TQDoayNAdBaeyfUVum6U05XIU/9DEA4gVLUOqm64A4o+Ghlv5JahsZe5n+NQDOQR
kWOolSzWtbSdl9sd3Re0AovWGC8j72IoLXuULxnjVrcMd/O1NgNN42+EAGGpoE1c
uXYsUYWYO1A8rZz9efX91ez6K/5iQTb55DGC5J55Bp4nKeQyEoN5tKLy533IN+9d
Nf/AgBoXrrL82T/E9+tAXWthAzN7mnGe7KaU8g==
-----END CERTIFICATE-----
Generated at Thu Nov 21 15:01:34 2024 by rpki-client on console-fra.rpki-client.org