Route Origin Authorization
$ rpki-client -vvf dev.tw/rpki/AS945/1/326131323a646434373a663930303a3a2f34302d3438203d3e20323030383237.roa
File: 326131323a646434373a663930303a3a2f34302d3438203d3e20323030383237.roa (raw, json)
Hash identifier: 5q2Vw/ybnr8E5qpPiGitnrQzmw7B11YTs19JcwgeiOY=
Subject key identifier: CA:36:35:C1:3C:70:D3:D1:B2:C5:D4:2A:FC:24:3E:67:5B:F4:0C:C9
Certificate issuer: /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial: 07F7229C3BCA4FC497579C4890A07BB664EB65
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access: rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access: rsync://dev.tw/rpki/AS945/1/326131323a646434373a663930303a3a2f34302d3438203d3e20323030383237.roa
Signing time: Fri 11 Oct 2024 10:04:14 +0000
ROA not before: Fri 11 Oct 2024 09:59:14 +0000
ROA not after: Fri 10 Oct 2025 10:04:14 +0000
asID: 200827
IP address blocks: 2a12:dd47:f900::/40 maxlen: 48
Validation: OK
Signature path: rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 03:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:f7:22:9c:3b:ca:4f:c4:97:57:9c:48:90:a0:7b:b6:64:eb:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
Validity
Not Before: Oct 11 09:59:14 2024 GMT
Not After : Oct 10 10:04:14 2025 GMT
Subject: CN=CA3635C13C70D3D1B2C5D42AFC243E675BF40CC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:92:ef:fb:22:47:58:19:7f:22:c2:42:13:b3:
08:d1:59:9b:8c:9e:d3:e4:c9:2d:3f:fe:a8:0a:67:
5f:95:07:83:43:a6:0c:d6:7a:b4:4a:32:c3:67:42:
db:01:3b:48:e1:b6:6b:c4:a3:60:a0:be:0f:f9:ac:
0a:9c:61:4b:f9:1e:bb:09:fb:47:a8:48:2d:fe:d5:
be:a4:74:15:49:7e:0a:8b:c1:f1:8b:3a:f0:be:e2:
55:c5:ad:f0:0e:e0:a5:29:d0:8e:29:fc:69:77:b6:
c5:3c:58:66:5c:eb:40:25:6c:5f:bc:67:5d:a1:f5:
cc:75:76:22:90:8d:4d:71:9e:8f:1f:70:b2:dc:7d:
7f:80:51:b4:48:3a:8f:e8:ae:f6:35:01:50:32:ff:
b6:07:a1:36:70:92:a2:c7:15:fa:9a:ca:43:1e:6a:
83:11:19:9f:5f:e6:08:d3:7d:dd:ac:11:58:fe:f5:
cd:9a:49:9f:97:7d:f1:81:e3:3e:2a:ae:14:e6:c4:
5e:59:ee:7b:f9:23:a8:de:b0:d8:6c:89:88:b5:4c:
54:61:96:77:9f:73:82:17:1f:89:e4:14:b7:3a:d1:
9d:c4:9a:74:23:0c:12:51:c2:bf:e0:3d:28:92:07:
04:09:69:fc:9a:59:c2:2a:96:a4:32:74:a8:25:b5:
c2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:36:35:C1:3C:70:D3:D1:B2:C5:D4:2A:FC:24:3E:67:5B:F4:0C:C9
X509v3 Authority Key Identifier:
keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject Information Access:
Signed Object - URI:rsync://dev.tw/rpki/AS945/1/326131323a646434373a663930303a3a2f34302d3438203d3e20323030383237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:f900::/40
Signature Algorithm: sha256WithRSAEncryption
c3:79:7c:bc:ea:4a:78:e2:d6:55:b6:1d:78:21:66:13:89:f2:
22:a2:25:c8:ee:9b:d4:b6:89:ac:47:04:9a:e0:9c:eb:98:bf:
68:d2:cb:8c:57:da:82:b1:ae:cf:11:94:56:eb:43:f1:98:5f:
e3:26:6b:8c:21:b5:30:02:22:6d:7d:fc:c8:20:2f:38:f8:36:
6e:26:67:f4:cf:40:7a:b9:44:81:9d:d1:b6:e1:a2:ca:47:6e:
bc:6e:50:4b:03:74:03:09:88:0a:28:e7:42:03:9d:6a:0b:f0:
0c:8e:fa:81:d5:77:9a:ea:b4:34:63:c3:f3:83:fb:f4:3b:07:
56:a3:71:d2:05:7b:96:1b:35:c4:d1:ef:10:30:b9:26:6e:3b:
40:4c:dd:d7:e7:ec:37:3f:e2:31:64:e5:ee:81:6f:9f:2e:5f:
44:3c:f9:67:c6:df:bb:d2:e1:86:ef:f8:4a:5f:4e:af:3e:08:
55:08:6d:cb:92:6b:d1:34:70:f0:da:21:a4:ac:9e:9f:38:fe:
80:bd:ac:5a:b1:8d:67:78:9f:ef:a0:97:a1:b4:10:a1:37:8b:
5a:8c:74:e9:f7:4b:e1:a9:0a:8c:39:9a:87:f2:e7:69:bd:28:
c1:49:94:85:6b:c8:b0:34:de:d6:7e:32:d6:2e:e4:b6:6d:2b:
86:f9:2c:34
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgITB/cinDvKT8SXV5xIkKB7tmTrZTANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEygxMjk2MjAyOEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThB
NjkzMTFFMB4XDTI0MTAxMTA5NTkxNFoXDTI1MTAxMDEwMDQxNFowMzExMC8GA1UE
AxMoQ0EzNjM1QzEzQzcwRDNEMUIyQzVENDJBRkMyNDNFNjc1QkY0MENDOTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL2S7/siR1gZfyLCQhOzCNFZm4ye
0+TJLT/+qApnX5UHg0OmDNZ6tEoyw2dC2wE7SOG2a8SjYKC+D/msCpxhS/keuwn7
R6hILf7VvqR0FUl+CovB8Ys68L7iVcWt8A7gpSnQjin8aXe2xTxYZlzrQCVsX7xn
XaH1zHV2IpCNTXGejx9wstx9f4BRtEg6j+iu9jUBUDL/tgehNnCSoscV+prKQx5q
gxEZn1/mCNN93awRWP71zZpJn5d98YHjPiquFObEXlnue/kjqN6w2GyJiLVMVGGW
d59zghcfieQUtzrRncSadCMMElHCv+A9KJIHBAlp/JpZwiqWpDJ0qCW1wukCAwEA
AaOCAdEwggHNMB0GA1UdDgQWBBTKNjXBPHDT0bLF1Cr8JD5nW/QMyTAfBgNVHSME
GDAWgBQSliAooYHnWLiZCmyk8EqZimkxHjAOBgNVHQ8BAf8EBAMCB4AwWQYDVR0f
BFIwUDBOoEygSoZIcnN5bmM6Ly9kZXYudHcvcnBraS9BUzk0NS8xLzEyOTYyMDI4
QTE4MUU3NThCODk5MEE2Q0E0RjA0QTk5OEE2OTMxMUUuY3JsMGUGCCsGAQUFBwEB
BFkwVzBVBggrBgEFBQcwAoZJcnN5bmM6Ly9kZXYudHcvcnBraS9BdWd1c3QvNS8x
Mjk2MjAyOEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNlcjB8Bggr
BgEFBQcBCwRwMG4wbAYIKwYBBQUHMAuGYHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5
NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTY2MzkzMDMwM2EzYTJmMzQzMDJkMzQz
ODIwM2QzZTIwMzIzMDMwMzgzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhLdR/kwDQYJKoZIhvcN
AQELBQADggEBAMN5fLzqSnji1lW2HXghZhOJ8iKiJcjum9S2iaxHBJrgnOuYv2jS
y4xX2oKxrs8RlFbrQ/GYX+Mma4whtTACIm19/MggLzj4Nm4mZ/TPQHq5RIGd0bbh
ospHbrxuUEsDdAMJiAoo50IDnWoL8AyO+oHVd5rqtDRjw/OD+/Q7B1ajcdIFe5Yb
NcTR7xAwuSZuO0BM3dfn7Dc/4jFk5e6Bb58uX0Q8+WfG37vS4Ybv+EpfTq8+CFUI
bcuSa9E0cPDaIaSsnp84/oC9rFqxjWd4n++gl6G0EKE3i1qMdOn3S+GpCow5mofy
52m9KMFJlIVryLA03tZ+MtYu5LZtK4b5LDQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 15:01:34 2024 by rpki-client on console-fra.rpki-client.org