Route Origin Authorization
$ rpki-client -vvf dev.tw/rpki/August/5/326131323a646434373a3230303a3a2f34302d3438203d3e20313531333338.roa
File: 326131323a646434373a3230303a3a2f34302d3438203d3e20313531333338.roa (raw, json)
Hash identifier: Lt/+IPwKT9jA7szXCA5NlKYGyKG4azER4FwYn8Cxn1A=
Subject key identifier: 0F:13:62:1C:16:D4:BA:0B:92:84:24:FA:77:4F:6A:49:E8:9F:7E:E1
Certificate issuer: /CN=9d620b45c9098506ac4bf1184bee6cdbe9d71c4c
Certificate serial: 470CB31AE08FEB5C91F3050BE673DF35B75AEA4E
Authority key identifier: 9D:62:0B:45:C9:09:85:06:AC:4B:F1:18:4B:EE:6C:DB:E9:D7:1C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
Subject info access: rsync://dev.tw/rpki/August/5/326131323a646434373a3230303a3a2f34302d3438203d3e20313531333338.roa
Signing time: Sun 26 Nov 2023 18:03:44 +0000
ROA not before: Sun 26 Nov 2023 17:58:44 +0000
ROA not after: Sun 24 Nov 2024 18:03:44 +0000
asID: 151338
IP address blocks: 2a12:dd47:200::/40 maxlen: 48
Validation: OK
Signature path: rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:0c:b3:1a:e0:8f:eb:5c:91:f3:05:0b:e6:73:df:35:b7:5a:ea:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d620b45c9098506ac4bf1184bee6cdbe9d71c4c
Validity
Not Before: Nov 26 17:58:44 2023 GMT
Not After : Nov 24 18:03:44 2024 GMT
Subject: CN=0F13621C16D4BA0B928424FA774F6A49E89F7EE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:31:8d:fb:54:b9:e2:5b:af:bf:16:23:0f:91:
7e:cf:1a:cc:94:67:fd:cb:99:12:3f:49:0e:82:bf:
b5:31:63:1c:aa:f0:dd:4b:6b:e5:52:ed:8e:83:df:
7b:f0:30:f9:a4:d0:68:3a:a2:0d:b3:3a:87:79:a8:
7b:8e:0f:80:aa:2f:87:f0:33:ca:d6:bb:8a:1a:ed:
9d:e3:15:f0:ff:23:d2:03:7f:eb:ab:bc:36:29:74:
af:2a:83:8a:15:9a:99:59:9d:f4:e5:25:c4:0a:b3:
48:29:4b:a0:42:8f:49:c4:0c:57:fd:b1:52:0e:58:
45:1e:2e:31:df:58:d7:30:42:1a:11:cf:fc:9f:fe:
82:33:a2:68:42:d8:b4:9b:38:56:a5:23:9f:75:c6:
9f:e7:86:51:01:c1:9f:8c:c4:e6:51:51:08:a4:fa:
20:9c:8c:2a:9f:dc:b3:b0:12:45:75:92:3f:da:04:
ca:f9:b6:36:29:70:53:1c:ec:38:bd:6d:7a:da:11:
80:41:e2:4d:3e:83:15:8f:28:2d:85:41:11:5d:82:
2c:71:37:7f:78:d1:03:b0:7b:98:74:fa:a8:47:31:
b6:f7:5a:70:61:dc:ae:57:2f:45:18:a9:0e:3f:58:
9a:a6:84:e0:62:f2:f5:18:1d:16:87:1c:e3:63:4c:
d9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:13:62:1C:16:D4:BA:0B:92:84:24:FA:77:4F:6A:49:E8:9F:7E:E1
X509v3 Authority Key Identifier:
keyid:9D:62:0B:45:C9:09:85:06:AC:4B:F1:18:4B:EE:6C:DB:E9:D7:1C:4C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
Subject Information Access:
Signed Object - URI:rsync://dev.tw/rpki/August/5/326131323a646434373a3230303a3a2f34302d3438203d3e20313531333338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:200::/40
Signature Algorithm: sha256WithRSAEncryption
43:fb:d3:db:96:c7:60:81:17:10:f4:37:b9:c9:fc:d4:1d:55:
da:2f:c7:9e:03:d3:f6:4f:d7:16:5b:40:c7:27:2a:76:2d:7b:
cb:1f:d6:4f:60:5f:0c:1b:53:0b:34:4a:f5:59:72:39:78:23:
1d:0a:b8:b6:b2:14:72:a8:69:c0:f1:00:50:18:e9:e2:13:5e:
ea:c3:89:03:17:b9:df:e9:9f:a9:01:07:fb:6a:65:ad:fa:ef:
60:45:31:3a:43:33:27:69:74:9d:f9:5a:e1:25:c0:8f:f4:5c:
47:4f:80:66:2d:ac:0d:ac:5b:be:ce:7a:c1:66:ca:fa:98:2a:
24:ff:94:00:ba:96:f4:03:13:3d:19:d2:d3:f2:6f:77:ef:96:
cc:37:bf:5b:19:f0:d6:18:a4:f7:b6:d4:fe:37:38:42:2c:ff:
7f:f7:d0:dc:f8:49:15:e1:93:2e:d7:92:47:a7:51:f6:a5:68:
29:10:4d:e8:43:6b:f3:a9:2e:af:b7:43:e0:68:fc:57:8b:3f:
fe:9e:49:d2:f9:25:29:a8:61:95:62:d7:b8:a8:6b:09:a8:62:
40:c2:26:12:92:61:8c:b6:b4:ef:45:64:18:65:e0:7a:bb:6f:
2f:4b:e4:da:6f:a5:5a:ef:01:a7:41:41:95:ca:a7:d8:42:c8:
1a:4d:ef:04
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIURwyzGuCP61yR8wUL5nPfNbda6k4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWQ2MjBiNDVjOTA5ODUwNmFjNGJmMTE4NGJlZTZjZGJl
OWQ3MWM0YzAeFw0yMzExMjYxNzU4NDRaFw0yNDExMjQxODAzNDRaMDMxMTAvBgNV
BAMTKDBGMTM2MjFDMTZENEJBMEI5Mjg0MjRGQTc3NEY2QTQ5RTg5RjdFRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCMY37VLniW6+/FiMPkX7PGsyU
Z/3LmRI/SQ6Cv7UxYxyq8N1La+VS7Y6D33vwMPmk0Gg6og2zOod5qHuOD4CqL4fw
M8rWu4oa7Z3jFfD/I9IDf+urvDYpdK8qg4oVmplZnfTlJcQKs0gpS6BCj0nEDFf9
sVIOWEUeLjHfWNcwQhoRz/yf/oIzomhC2LSbOFalI591xp/nhlEBwZ+MxOZRUQik
+iCcjCqf3LOwEkV1kj/aBMr5tjYpcFMc7Di9bXraEYBB4k0+gxWPKC2FQRFdgixx
N3940QOwe5h0+qhHMbb3WnBh3K5XL0UYqQ4/WJqmhOBi8vUYHRaHHONjTNmJAgMB
AAGjggHQMIIBzDAdBgNVHQ4EFgQUDxNiHBbUuguShCT6d09qSeiffuEwHwYDVR0j
BBgwFoAUnWILRckJhQasS/EYS+5s2+nXHEwwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUvOUQ2MjBC
NDVDOTA5ODUwNkFDNEJGMTE4NEJFRTZDREJFOUQ3MUM0Qy5jcmwwZAYIKwYBBQUH
AQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL25XSUxSY2tKaFFhc1NfRVlTLTVzMi1uWEhFdy5jZXIwewYI
KwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL2Rldi50dy9ycGtpL0F1
Z3VzdC81LzMyNjEzMTMyM2E2NDY0MzQzNzNhMzIzMDMwM2EzYTJmMzQzMDJkMzQz
ODIwM2QzZTIwMzEzNTMxMzMzMzM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhLdRwIwDQYJKoZIhvcN
AQELBQADggEBAEP709uWx2CBFxD0N7nJ/NQdVdovx54D0/ZP1xZbQMcnKnYte8sf
1k9gXwwbUws0SvVZcjl4Ix0KuLayFHKoacDxAFAY6eITXurDiQMXud/pn6kBB/tq
Za3672BFMTpDMydpdJ35WuElwI/0XEdPgGYtrA2sW77OesFmyvqYKiT/lAC6lvQD
Ez0Z0tPyb3fvlsw3v1sZ8NYYpPe21P43OEIs/3/30Nz4SRXhky7XkkenUfalaCkQ
TehDa/OpLq+3Q+Bo/FeLP/6eSdL5JSmoYZVi17ioawmoYkDCJhKSYYy2tO9FZBhl
4Hq7by9L5NpvpVrvAadBQZXKp9hCyBpN7wQ=
-----END CERTIFICATE-----
Generated at Fri May 10 02:51:03 2024 by rpki-client on console-ams.rpki-client.org