Route Origin Authorization
$ rpki-client -vvf dev.tw/rpki/AS945/1/326131323a646434373a643830303a3a2f34302d3438203d3e20323133303836.roa
File: 326131323a646434373a643830303a3a2f34302d3438203d3e20323133303836.roa (raw, json)
Hash identifier: yyHQbfxuXNQa/1dm6C8JokGfOxUw71MXXepl+CXl8Dc=
Subject key identifier: 2D:94:07:E2:C7:59:D8:59:12:5D:4D:06:E9:97:16:8E:ED:F0:1A:BE
Certificate issuer: /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial: 3C8C64EBB109B1EC68110A7E6A16C7E415697EEC
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access: rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access: rsync://dev.tw/rpki/AS945/1/326131323a646434373a643830303a3a2f34302d3438203d3e20323133303836.roa
Signing time: Fri 11 Oct 2024 10:04:14 +0000
ROA not before: Fri 11 Oct 2024 09:59:14 +0000
ROA not after: Fri 10 Oct 2025 10:04:14 +0000
asID: 213086
IP address blocks: 2a12:dd47:d800::/40 maxlen: 48
Validation: OK
Signature path: rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Nov 2024 11:17:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:8c:64:eb:b1:09:b1:ec:68:11:0a:7e:6a:16:c7:e4:15:69:7e:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
Validity
Not Before: Oct 11 09:59:14 2024 GMT
Not After : Oct 10 10:04:14 2025 GMT
Subject: CN=2D9407E2C759D859125D4D06E997168EEDF01ABE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8f:06:b9:16:5e:34:18:3f:a3:79:8d:e7:04:
4f:62:9c:bb:99:84:0a:52:1e:19:af:6c:cc:4a:f0:
c9:bc:6e:6f:b4:b0:f1:46:ab:3a:46:e3:b1:4f:1e:
ea:51:f0:d7:b8:63:77:cd:c6:7e:a4:53:30:b4:28:
f6:2b:17:82:fa:96:8a:4f:b6:b6:57:64:9d:5a:54:
05:6d:fa:6c:42:84:9c:f8:f6:31:1d:65:38:dc:e4:
37:a3:d0:84:7b:7f:09:bc:05:27:47:39:e8:84:cc:
72:96:fd:48:dc:f1:d8:40:35:a8:d3:31:d2:05:08:
13:01:60:3c:a7:7a:17:2c:a4:e2:f5:cd:fc:be:34:
b2:15:06:3a:bb:48:51:f9:65:1f:7b:56:16:ba:42:
ba:de:0c:9e:f5:3d:2e:0e:69:fa:2a:d1:17:31:9b:
81:ec:d9:b6:3a:d9:6f:5a:59:11:47:d2:59:78:95:
6a:a4:2f:f8:3c:4b:52:0f:da:0a:79:2d:34:24:b5:
5e:50:3d:5b:eb:fb:b1:ac:a6:4b:8a:8f:be:56:fa:
c7:4d:61:55:cc:7f:23:98:62:d6:2f:fd:45:48:eb:
a2:b4:75:41:7f:d9:ad:45:d1:ba:c6:be:2d:19:a9:
60:0c:c9:02:af:d4:36:44:01:c6:b2:a1:df:e2:36:
df:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:94:07:E2:C7:59:D8:59:12:5D:4D:06:E9:97:16:8E:ED:F0:1A:BE
X509v3 Authority Key Identifier:
keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject Information Access:
Signed Object - URI:rsync://dev.tw/rpki/AS945/1/326131323a646434373a643830303a3a2f34302d3438203d3e20323133303836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:d800::/40
Signature Algorithm: sha256WithRSAEncryption
76:6e:35:20:3d:73:d9:fa:53:d8:1d:e5:7a:9e:2d:52:c3:04:
89:7d:3c:72:23:19:1c:76:38:08:aa:24:9e:13:c2:cc:a9:83:
22:74:62:fc:e7:3e:ab:ba:66:3e:7b:3c:30:39:06:2c:e4:bb:
f9:c7:82:2c:ad:23:24:f9:33:28:6d:9d:2d:bb:f7:b7:f2:4c:
4d:a8:81:18:61:e9:05:4e:a6:70:13:b8:dd:85:b9:52:88:15:
5b:1c:89:5b:cf:6f:1d:7f:16:41:37:c9:ef:8a:a6:17:a6:03:
0c:7b:e1:cf:01:fd:b5:46:9f:b3:c2:8a:f5:89:a1:d6:ea:ac:
cd:aa:c8:9b:34:9c:3d:58:55:92:b5:00:07:6d:e9:7c:f3:ef:
9f:d4:4b:dc:4e:71:d8:1b:79:b9:a8:6d:c4:3c:6a:00:49:4b:
50:7d:40:49:81:4e:cc:2e:35:6f:45:7d:6e:28:57:05:63:48:
3c:38:5a:5f:d9:da:16:d7:61:14:5b:60:59:7a:fa:f2:42:c2:
ae:fe:59:e6:22:cc:c6:d9:74:b9:9c:ae:b8:4e:62:ec:aa:75:
0a:5f:2b:2b:af:f7:f4:f9:d8:43:c6:e6:c8:ed:6d:54:f7:3b:
d6:7a:51:a5:0b:11:a7:9d:4f:c5:e8:4e:d1:89:0c:9d:07:d1:
bb:73:c7:e2
-----BEGIN CERTIFICATE-----
MIIExzCCA6+gAwIBAgIUPIxk67EJsexoEQp+ahbH5BVpfuwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4
QTY5MzExRTAeFw0yNDEwMTEwOTU5MTRaFw0yNTEwMTAxMDA0MTRaMDMxMTAvBgNV
BAMTKDJEOTQwN0UyQzc1OUQ4NTkxMjVENEQwNkU5OTcxNjhFRURGMDFBQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1jwa5Fl40GD+jeY3nBE9inLuZ
hApSHhmvbMxK8Mm8bm+0sPFGqzpG47FPHupR8Ne4Y3fNxn6kUzC0KPYrF4L6lopP
trZXZJ1aVAVt+mxChJz49jEdZTjc5Dej0IR7fwm8BSdHOeiEzHKW/Ujc8dhANajT
MdIFCBMBYDynehcspOL1zfy+NLIVBjq7SFH5ZR97Vha6QrreDJ71PS4Oafoq0Rcx
m4Hs2bY62W9aWRFH0ll4lWqkL/g8S1IP2gp5LTQktV5QPVvr+7GspkuKj75W+sdN
YVXMfyOYYtYv/UVI66K0dUF/2a1F0brGvi0ZqWAMyQKv1DZEAcayod/iNt/lAgMB
AAGjggHRMIIBzTAdBgNVHQ4EFgQULZQH4sdZ2FkSXU0G6ZcWju3wGr4wHwYDVR0j
BBgwFoAUEpYgKKGB51i4mQpspPBKmYppMR4wDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvMS8xMjk2MjAy
OEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUv
MTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4QTY5MzExRS5jZXIwfAYI
KwYBBQUHAQsEcDBuMGwGCCsGAQUFBzALhmByc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzEvMzI2MTMxMzIzYTY0NjQzNDM3M2E2NDM4MzAzMDNhM2EyZjM0MzAyZDM0
MzgyMDNkM2UyMDMyMzEzMzMwMzgzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoS3UfYMA0GCSqGSIb3
DQEBCwUAA4IBAQB2bjUgPXPZ+lPYHeV6ni1SwwSJfTxyIxkcdjgIqiSeE8LMqYMi
dGL85z6rumY+ezwwOQYs5Lv5x4IsrSMk+TMobZ0tu/e38kxNqIEYYekFTqZwE7jd
hblSiBVbHIlbz28dfxZBN8nviqYXpgMMe+HPAf21Rp+zwor1iaHW6qzNqsibNJw9
WFWStQAHbel88++f1EvcTnHYG3m5qG3EPGoASUtQfUBJgU7MLjVvRX1uKFcFY0g8
OFpf2doW12EUW2BZevryQsKu/lnmIszG2XS5nK64TmLsqnUKXysrr/f0+dhDxubI
7W1U9zvWelGlCxGnnU/F6E7RiQydB9G7c8fi
-----END CERTIFICATE-----
Generated at Wed Nov 20 18:59:21 2024 by rpki-client on console-ams.rpki-client.org