Route Origin Authorization

$ rpki-client -vvf dev.tw/rpki/AS945/1/326131323a646434373a383830303a3a2f33392d3339203d3e20323033393133.roa
File:                     326131323a646434373a383830303a3a2f33392d3339203d3e20323033393133.roa (raw, json)
Hash identifier:          0cNLnkhkFJ/Hh818Jy5UdQ05Mdh64Sdz74iIE3A8eU4=
Subject key identifier:   FA:05:AB:E0:E0:C2:DA:74:E8:38:6D:93:84:A6:55:0D:15:F2:CD:FC
Certificate issuer:       /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial:       6785C5AE72AB3CDD68755FDB0C9654D4F8E37726
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access:    rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access:      rsync://dev.tw/rpki/AS945/1/326131323a646434373a383830303a3a2f33392d3339203d3e20323033393133.roa
Signing time:             Fri 11 Oct 2024 10:04:23 +0000
ROA not before:           Fri 11 Oct 2024 09:59:23 +0000
ROA not after:            Fri 10 Oct 2025 10:04:23 +0000
asID:                     203913
IP address blocks:        2a12:dd47:8800::/39 maxlen: 39

Validation:               OK
Signature path:           rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
                          rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
                          rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 25 Nov 2024 05:14:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:85:c5:ae:72:ab:3c:dd:68:75:5f:db:0c:96:54:d4:f8:e3:77:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
        Validity
            Not Before: Oct 11 09:59:23 2024 GMT
            Not After : Oct 10 10:04:23 2025 GMT
        Subject: CN=FA05ABE0E0C2DA74E8386D9384A6550D15F2CDFC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:75:ea:a6:b5:4b:40:c0:a7:e7:e0:5d:ce:be:
                    04:86:79:d3:3f:f1:a8:d4:6f:44:65:e8:a7:58:97:
                    28:05:33:8a:06:82:50:0a:33:62:b7:f2:15:3b:74:
                    fb:33:ac:10:9a:57:8e:2b:3e:3d:86:d1:13:60:ce:
                    33:be:fa:66:2f:ec:81:36:eb:ea:b4:87:db:d9:c1:
                    d5:18:5c:d1:3f:f5:e2:7f:6f:21:9d:8e:47:b0:d5:
                    e3:cf:a2:3c:48:75:71:bc:65:c7:7c:f1:ea:b4:af:
                    70:52:9c:96:62:5f:15:0a:08:cd:bb:3c:b7:6a:bc:
                    51:5e:88:5b:b0:3f:f8:3d:aa:ab:29:ef:c7:94:7e:
                    aa:74:e0:e0:e2:bf:f7:5d:67:4e:5a:4a:88:57:95:
                    49:8c:8c:b1:a5:6d:d8:d5:5a:91:fb:03:38:77:80:
                    7a:b6:8d:74:8e:0c:7a:f2:d9:90:d7:b5:06:5e:5d:
                    d8:53:10:44:e6:13:c0:96:16:10:21:9c:f2:ad:5f:
                    aa:1d:31:14:20:75:80:04:4e:0d:f8:39:5c:c7:a3:
                    31:c2:ab:1c:2b:0b:bf:73:31:59:65:7d:a7:0a:da:
                    f1:f0:e1:05:6f:57:df:a2:91:b1:2a:54:30:ad:96:
                    46:68:a1:7d:a8:6c:d9:5b:ac:cb:c8:7c:f0:57:43:
                    42:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:05:AB:E0:E0:C2:DA:74:E8:38:6D:93:84:A6:55:0D:15:F2:CD:FC
            X509v3 Authority Key Identifier:
                keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer

            Subject Information Access:
                Signed Object - URI:rsync://dev.tw/rpki/AS945/1/326131323a646434373a383830303a3a2f33392d3339203d3e20323033393133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:8800::/39

    Signature Algorithm: sha256WithRSAEncryption
         00:7d:de:ac:05:19:2f:fc:7c:4f:9d:10:a1:e4:77:66:d8:4c:
         2a:d3:b1:d4:52:8e:f3:35:90:a2:1a:b4:4b:11:53:1f:34:d7:
         10:6c:93:35:c2:90:bb:92:0f:3e:4c:d5:f3:ec:0e:a7:4d:73:
         1d:64:be:d3:5a:3d:df:99:79:e9:37:5f:1a:b1:fe:95:3f:e2:
         e8:7e:2e:75:5b:f9:93:6e:3e:8d:e1:c8:d0:9b:6f:84:61:64:
         5c:ad:68:d9:fe:50:b8:58:5a:4b:f6:b1:2f:df:ab:26:53:4d:
         e3:dc:f9:d2:1b:a0:0b:d1:23:d5:dd:8d:fe:9f:18:44:4d:fc:
         4d:87:03:c0:79:5b:60:77:9c:36:78:16:a2:8a:f0:3c:88:06:
         66:bc:52:1a:ec:23:0c:38:cb:8c:d8:a3:f7:96:76:3c:b3:8d:
         b6:f0:d7:51:ac:ac:39:03:42:7a:77:29:07:fa:58:5f:4a:ea:
         9c:f8:76:e7:6b:14:dc:91:08:df:f4:82:35:d5:7b:1e:d8:c7:
         8b:14:f6:77:4a:b8:c3:97:c2:d6:ef:5b:43:75:f8:0e:e5:09:
         3d:8d:98:8b:a1:25:ed:69:49:83:d7:5b:aa:72:6f:77:60:c4:
         33:f4:c1:d7:30:5a:fd:b1:ec:dc:7c:c3:66:c5:73:a3:6c:76:
         4b:fa:11:e0
-----BEGIN CERTIFICATE-----
MIIExzCCA6+gAwIBAgIUZ4XFrnKrPN1odV/bDJZU1PjjdyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4
QTY5MzExRTAeFw0yNDEwMTEwOTU5MjNaFw0yNTEwMTAxMDA0MjNaMDMxMTAvBgNV
BAMTKEZBMDVBQkUwRTBDMkRBNzRFODM4NkQ5Mzg0QTY1NTBEMTVGMkNERkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzdeqmtUtAwKfn4F3OvgSGedM/
8ajUb0Rl6KdYlygFM4oGglAKM2K38hU7dPszrBCaV44rPj2G0RNgzjO++mYv7IE2
6+q0h9vZwdUYXNE/9eJ/byGdjkew1ePPojxIdXG8Zcd88eq0r3BSnJZiXxUKCM27
PLdqvFFeiFuwP/g9qqsp78eUfqp04ODiv/ddZ05aSohXlUmMjLGlbdjVWpH7Azh3
gHq2jXSODHry2ZDXtQZeXdhTEETmE8CWFhAhnPKtX6odMRQgdYAETg34OVzHozHC
qxwrC79zMVllfacK2vHw4QVvV9+ikbEqVDCtlkZooX2obNlbrMvIfPBXQ0LHAgMB
AAGjggHRMIIBzTAdBgNVHQ4EFgQU+gWr4ODC2nToOG2ThKZVDRXyzfwwHwYDVR0j
BBgwFoAUEpYgKKGB51i4mQpspPBKmYppMR4wDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvMS8xMjk2MjAy
OEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUv
MTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4QTY5MzExRS5jZXIwfAYI
KwYBBQUHAQsEcDBuMGwGCCsGAQUFBzALhmByc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzEvMzI2MTMxMzIzYTY0NjQzNDM3M2EzODM4MzAzMDNhM2EyZjMzMzkyZDMz
MzkyMDNkM2UyMDMyMzAzMzM5MzEzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGASoS3UeIMA0GCSqGSIb3
DQEBCwUAA4IBAQAAfd6sBRkv/HxPnRCh5Hdm2Ewq07HUUo7zNZCiGrRLEVMfNNcQ
bJM1wpC7kg8+TNXz7A6nTXMdZL7TWj3fmXnpN18asf6VP+Lofi51W/mTbj6N4cjQ
m2+EYWRcrWjZ/lC4WFpL9rEv36smU03j3PnSG6AL0SPV3Y3+nxhETfxNhwPAeVtg
d5w2eBaiivA8iAZmvFIa7CMMOMuM2KP3lnY8s4228NdRrKw5A0J6dykH+lhfSuqc
+HbnaxTckQjf9II11Xse2MeLFPZ3SrjDl8LW71tDdfgO5Qk9jZiLoSXtaUmD11uq
cm93YMQz9MHXMFr9sezcfMNmxXOjbHZL+hHg
-----END CERTIFICATE-----
Generated at Sun Nov 24 14:55:01 2024 by rpki-client on console-fra.rpki-client.org