Route Origin Authorization
$ rpki-client -vvf dev.tw/rpki/AS945/5/326131333a633030373a383130303a3a2f34302d3438203d3e20323135323332.roa
File: 326131333a633030373a383130303a3a2f34302d3438203d3e20323135323332.roa (raw, json)
Hash identifier: UUagBs8SeUSGyBHOT5W+P3Ak/xG0U9JziAlIh91OvUg=
Subject key identifier: 49:01:48:E5:CD:E9:75:EA:0D:1D:85:91:85:15:D6:0F:EC:58:D9:4A
Certificate issuer: /CN=A5B1E05036940FBC80C2944856DC1168E62E2364
Certificate serial: 4510E03E11DCAD9BBFAFCC7EF4494845213CAE9D
Authority key identifier: A5:B1:E0:50:36:94:0F:BC:80:C2:94:48:56:DC:11:68:E6:2E:23:64
Authority info access: rsync://dev.tw/rpki/August/1/A5B1E05036940FBC80C2944856DC1168E62E2364.cer
Subject info access: rsync://dev.tw/rpki/AS945/5/326131333a633030373a383130303a3a2f34302d3438203d3e20323135323332.roa
Signing time: Wed 23 Oct 2024 06:39:08 +0000
ROA not before: Wed 23 Oct 2024 06:34:08 +0000
ROA not after: Wed 22 Oct 2025 06:39:08 +0000
asID: 215232
IP address blocks: 2a13:c007:8100::/40 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:10:e0:3e:11:dc:ad:9b:bf:af:cc:7e:f4:49:48:45:21:3c:ae:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A5B1E05036940FBC80C2944856DC1168E62E2364
Validity
Not Before: Oct 23 06:34:08 2024 GMT
Not After : Oct 22 06:39:08 2025 GMT
Subject: CN=490148E5CDE975EA0D1D85918515D60FEC58D94A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1d:4a:26:d6:81:7a:9d:19:06:0e:fc:c8:fe:
62:3d:e0:d5:bd:6a:e6:a5:24:bf:12:e6:b8:30:63:
bd:01:b5:23:90:84:7c:34:91:0b:d2:10:81:9f:3a:
18:ce:12:c8:02:90:e1:2a:88:7e:2b:82:9a:89:c0:
c8:77:fd:be:a3:af:1b:1f:31:ae:aa:1f:5b:ec:f2:
21:ea:ad:ca:70:d7:09:33:95:36:54:ce:38:18:d0:
41:42:ce:ad:76:f9:bc:5e:a5:05:5e:04:38:5a:7f:
04:1d:09:63:6f:72:17:81:b4:f1:86:b1:23:0d:60:
4f:e5:88:fb:53:1c:15:84:c9:bc:29:e8:84:a9:07:
c2:c7:78:79:b3:bb:69:ef:e1:61:54:43:87:ba:e7:
4f:d6:6e:48:ab:b0:17:e1:e0:c3:3c:c9:75:90:95:
ae:09:f0:1e:9b:6d:64:c6:e2:e0:51:10:e9:71:05:
13:ae:37:d6:08:f6:58:7d:27:50:63:30:92:e0:44:
1f:6e:4f:30:9c:b0:e5:34:91:7a:0c:7d:81:c7:08:
8b:34:4d:40:27:d9:c8:59:2f:a7:45:81:55:d8:0c:
81:93:bc:50:7b:07:ee:0f:97:68:1c:18:90:9f:46:
1b:e7:26:5f:39:a3:d8:aa:c1:34:2d:65:5d:ae:09:
c4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:01:48:E5:CD:E9:75:EA:0D:1D:85:91:85:15:D6:0F:EC:58:D9:4A
X509v3 Authority Key Identifier:
keyid:A5:B1:E0:50:36:94:0F:BC:80:C2:94:48:56:DC:11:68:E6:2E:23:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://dev.tw/rpki/AS945/5/A5B1E05036940FBC80C2944856DC1168E62E2364.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/1/A5B1E05036940FBC80C2944856DC1168E62E2364.cer
Subject Information Access:
Signed Object - URI:rsync://dev.tw/rpki/AS945/5/326131333a633030373a383130303a3a2f34302d3438203d3e20323135323332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c007:8100::/40
Signature Algorithm: sha256WithRSAEncryption
31:59:ce:b2:19:8d:ad:8e:4d:a2:3b:63:09:e4:81:90:13:93:
9c:79:8c:8f:05:df:f7:f7:ba:c1:2d:d0:80:40:73:b1:41:17:
86:39:8e:3c:8f:56:76:c0:b1:87:45:07:76:de:ea:7c:09:bd:
a0:83:84:30:87:b8:9c:54:1b:ac:16:68:7f:6d:22:a7:f6:2a:
48:1a:bf:33:b8:49:84:fe:ab:05:ba:53:39:12:05:59:f7:1f:
a3:42:da:95:09:46:a7:74:e3:65:1a:42:8a:b0:4d:8f:d0:d5:
91:1d:af:73:d0:fd:9e:c1:c1:a8:60:93:2b:10:3d:ce:2e:5e:
ce:b9:f4:60:45:81:3f:4f:0e:a0:a1:70:cb:f5:80:ba:53:c5:
bb:08:4f:c0:b0:67:4e:e1:d2:c6:b8:88:dd:f0:bd:b5:0f:6e:
49:64:7f:06:3e:b2:0b:22:01:be:38:95:19:1b:49:13:d8:3a:
51:c0:15:92:d0:7b:1a:cb:58:c5:66:82:27:3c:c7:de:4b:3d:
70:42:eb:5f:17:c8:a0:29:ad:d7:28:fb:92:08:2d:21:87:e1:
f4:34:ec:c9:47:e2:6c:c9:4c:aa:9e:74:97:18:c7:67:79:f1:
6e:a8:d4:e4:82:42:ae:c0:e7:4b:33:f7:6e:4f:8c:99:c2:27:
da:0c:65:1d
-----BEGIN CERTIFICATE-----
MIIExzCCA6+gAwIBAgIURRDgPhHcrZu/r8x+9ElIRSE8rp0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVCMUUwNTAzNjk0MEZCQzgwQzI5NDQ4NTZEQzExNjhF
NjJFMjM2NDAeFw0yNDEwMjMwNjM0MDhaFw0yNTEwMjIwNjM5MDhaMDMxMTAvBgNV
BAMTKDQ5MDE0OEU1Q0RFOTc1RUEwRDFEODU5MTg1MTVENjBGRUM1OEQ5NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBHUom1oF6nRkGDvzI/mI94NW9
aualJL8S5rgwY70BtSOQhHw0kQvSEIGfOhjOEsgCkOEqiH4rgpqJwMh3/b6jrxsf
Ma6qH1vs8iHqrcpw1wkzlTZUzjgY0EFCzq12+bxepQVeBDhafwQdCWNvcheBtPGG
sSMNYE/liPtTHBWEybwp6ISpB8LHeHmzu2nv4WFUQ4e650/WbkirsBfh4MM8yXWQ
la4J8B6bbWTG4uBREOlxBROuN9YI9lh9J1BjMJLgRB9uTzCcsOU0kXoMfYHHCIs0
TUAn2chZL6dFgVXYDIGTvFB7B+4Pl2gcGJCfRhvnJl85o9iqwTQtZV2uCcTzAgMB
AAGjggHRMIIBzTAdBgNVHQ4EFgQUSQFI5c3pdeoNHYWRhRXWD+xY2UowHwYDVR0j
BBgwFoAUpbHgUDaUD7yAwpRIVtwRaOYuI2QwDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvNS9BNUIxRTA1
MDM2OTQwRkJDODBDMjk0NDg1NkRDMTE2OEU2MkUyMzY0LmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzEv
QTVCMUUwNTAzNjk0MEZCQzgwQzI5NDQ4NTZEQzExNjhFNjJFMjM2NC5jZXIwfAYI
KwYBBQUHAQsEcDBuMGwGCCsGAQUFBzALhmByc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzUvMzI2MTMxMzMzYTYzMzAzMDM3M2EzODMxMzAzMDNhM2EyZjM0MzAyZDM0
MzgyMDNkM2UyMDMyMzEzNTMyMzMzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoTwAeBMA0GCSqGSIb3
DQEBCwUAA4IBAQAxWc6yGY2tjk2iO2MJ5IGQE5OceYyPBd/397rBLdCAQHOxQReG
OY48j1Z2wLGHRQd23up8Cb2gg4Qwh7icVBusFmh/bSKn9ipIGr8zuEmE/qsFulM5
EgVZ9x+jQtqVCUandONlGkKKsE2P0NWRHa9z0P2ewcGoYJMrED3OLl7OufRgRYE/
Tw6goXDL9YC6U8W7CE/AsGdO4dLGuIjd8L21D25JZH8GPrILIgG+OJUZG0kT2DpR
wBWS0Hsay1jFZoInPMfeSz1wQutfF8igKa3XKPuSCC0hh+H0NOzJR+JsyUyqnnSX
GMdnefFuqNTkgkKuwOdLM/duT4yZwifaDGUd
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:25:03 2024 by rpki-client on console-ams.rpki-client.org