Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS199203/0/326131323a646434373a333030303a3a2f34302d3438203d3e20313939323033.roa
File:                     326131323a646434373a333030303a3a2f34302d3438203d3e20313939323033.roa (raw, json)
Hash identifier:          ndY8u+f5ZeoU/wrnQe6KrCdnR015JiNd3AvxGKfZCv8=
Subject key identifier:   09:C8:EA:C2:2C:74:F2:03:7D:85:83:EB:9B:87:70:9B:51:03:32:1F
Certificate issuer:       /CN=95A38A1816A990804357FCAC49C09B0CA3A221E5
Certificate serial:       36FCC7906326474781C7F033A0C2FF65D8982CD2
Authority key identifier: 95:A3:8A:18:16:A9:90:80:43:57:FC:AC:49:C0:9B:0C:A3:A2:21:E5
Authority info access:    rsync://rpki.co/repo/AS945/1/95A38A1816A990804357FCAC49C09B0CA3A221E5.cer
Subject info access:      rsync://rpki.co/repo/AS199203/0/326131323a646434373a333030303a3a2f34302d3438203d3e20313939323033.roa
Signing time:             Mon 29 Jan 2024 23:57:27 +0000
ROA not before:           Mon 29 Jan 2024 23:52:27 +0000
ROA not after:            Mon 27 Jan 2025 23:57:27 +0000
asID:                     199203
IP address blocks:        2a12:dd47:3000::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS199203/0/95A38A1816A990804357FCAC49C09B0CA3A221E5.crl
                          rsync://rpki.co/repo/AS199203/0/95A38A1816A990804357FCAC49C09B0CA3A221E5.mft
                          rsync://rpki.co/repo/AS945/1/95A38A1816A990804357FCAC49C09B0CA3A221E5.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:53:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:fc:c7:90:63:26:47:47:81:c7:f0:33:a0:c2:ff:65:d8:98:2c:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95A38A1816A990804357FCAC49C09B0CA3A221E5
        Validity
            Not Before: Jan 29 23:52:27 2024 GMT
            Not After : Jan 27 23:57:27 2025 GMT
        Subject: CN=09C8EAC22C74F2037D8583EB9B87709B5103321F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:43:6f:af:fb:d9:bd:db:97:40:c4:ec:30:fd:
                    2e:9d:55:c6:89:d3:94:60:09:e8:3a:f8:11:7e:0a:
                    19:41:c4:25:95:fa:70:24:09:a1:19:d5:1d:23:60:
                    6b:19:21:72:9f:c8:07:43:f5:29:76:72:3e:e1:b6:
                    7c:1e:7c:26:f9:77:50:33:0e:6d:e2:1d:2b:73:08:
                    b5:2e:99:54:d0:ca:47:ae:96:fa:8c:e0:29:37:de:
                    d1:c7:87:18:b6:c0:1a:f0:65:d8:3b:29:4a:c2:48:
                    9b:29:bf:4f:0e:8b:63:bd:c2:46:03:6a:b9:94:7f:
                    b4:c1:20:32:8e:f9:95:2b:91:eb:63:4b:b4:48:78:
                    43:5d:eb:3b:96:dd:3c:75:c5:f1:72:42:a4:a2:9d:
                    7c:0b:5c:e8:79:61:f6:33:af:ee:f5:c5:88:f3:db:
                    d1:bf:1e:af:d9:98:2d:41:c7:b1:0f:5b:b6:fe:00:
                    fc:7b:46:67:cb:bf:61:df:c3:86:43:ce:7a:51:94:
                    49:6c:14:3a:1a:c0:08:87:dd:db:09:af:d4:44:12:
                    e3:68:aa:b8:35:40:39:43:06:27:28:c4:fa:47:b9:
                    5c:c6:6b:b8:b3:f3:b4:ac:ce:7b:25:db:e8:92:95:
                    f8:bd:f7:dd:77:37:ee:b6:60:4d:90:bb:2e:40:0e:
                    83:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:C8:EA:C2:2C:74:F2:03:7D:85:83:EB:9B:87:70:9B:51:03:32:1F
            X509v3 Authority Key Identifier:
                keyid:95:A3:8A:18:16:A9:90:80:43:57:FC:AC:49:C0:9B:0C:A3:A2:21:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS199203/0/95A38A1816A990804357FCAC49C09B0CA3A221E5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/95A38A1816A990804357FCAC49C09B0CA3A221E5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS199203/0/326131323a646434373a333030303a3a2f34302d3438203d3e20313939323033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:3000::/40

    Signature Algorithm: sha256WithRSAEncryption
         ba:b3:16:1e:62:3b:d5:e7:32:9b:27:c6:d1:a1:5c:8b:b7:6e:
         59:5f:5b:70:d6:ef:62:89:3f:ac:27:34:ac:10:fc:76:b1:09:
         3f:10:94:c8:ae:53:38:af:a3:70:f1:64:88:e1:d8:1a:70:13:
         ad:cc:8c:a9:ff:25:8f:76:47:06:1b:30:b5:c7:2f:6e:34:63:
         d0:7d:de:a4:f4:b3:88:54:b5:33:63:07:93:f5:bc:db:47:57:
         e8:29:0e:f3:94:d3:df:31:65:a8:4b:d1:10:39:62:b1:2d:20:
         dc:28:13:0d:88:56:59:48:76:bb:ba:7f:6f:ca:59:34:fd:08:
         ec:79:a5:a5:37:28:36:24:e8:29:46:cb:b4:84:94:39:9a:1d:
         da:aa:ca:16:d7:dc:92:6f:66:b0:36:b4:4a:9f:b5:0a:00:85:
         ab:0e:bc:53:dc:5a:69:c0:96:e9:65:11:1e:81:61:ac:e3:2b:
         27:6f:25:a4:c2:b9:ed:d9:d5:a0:70:2e:32:f8:7f:0d:19:b7:
         ef:89:43:24:ca:73:eb:60:b3:20:8e:7c:18:2c:bf:bf:f7:53:
         71:32:35:c0:3c:50:b5:a6:0c:d3:92:83:7c:83:e1:31:04:a9:
         fe:8b:db:98:0a:d2:2c:f9:39:ec:77:d7:ce:8e:35:2c:14:e6:
         9e:ab:b5:1f
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgIUNvzHkGMmR0eBx/AzoML/ZdiYLNIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTVBMzhBMTgxNkE5OTA4MDQzNTdGQ0FDNDlDMDlCMENB
M0EyMjFFNTAeFw0yNDAxMjkyMzUyMjdaFw0yNTAxMjcyMzU3MjdaMDMxMTAvBgNV
BAMTKDA5QzhFQUMyMkM3NEYyMDM3RDg1ODNFQjlCODc3MDlCNTEwMzMyMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8Q2+v+9m925dAxOww/S6dVcaJ
05RgCeg6+BF+ChlBxCWV+nAkCaEZ1R0jYGsZIXKfyAdD9Sl2cj7htnwefCb5d1Az
Dm3iHStzCLUumVTQykeulvqM4Ck33tHHhxi2wBrwZdg7KUrCSJspv08Oi2O9wkYD
armUf7TBIDKO+ZUrketjS7RIeENd6zuW3Tx1xfFyQqSinXwLXOh5YfYzr+71xYjz
29G/Hq/ZmC1Bx7EPW7b+APx7RmfLv2Hfw4ZDznpRlElsFDoawAiH3dsJr9REEuNo
qrg1QDlDBicoxPpHuVzGa7iz87Ssznsl2+iSlfi99913N+62YE2Quy5ADoNbAgMB
AAGjggHaMIIB1jAdBgNVHQ4EFgQUCcjqwix08gN9hYPrm4dwm1EDMh8wHwYDVR0j
BBgwFoAUlaOKGBapkIBDV/ysScCbDKOiIeUwDgYDVR0PAQH/BAQDAgeAMF0GA1Ud
HwRWMFQwUqBQoE6GTHJzeW5jOi8vcnBraS5jby9yZXBvL0FTMTk5MjAzLzAvOTVB
MzhBMTgxNkE5OTA4MDQzNTdGQ0FDNDlDMDlCMENBM0EyMjFFNS5jcmwwZQYIKwYB
BQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kuY28vcmVwby9BUzk0
NS8xLzk1QTM4QTE4MTZBOTkwODA0MzU3RkNBQzQ5QzA5QjBDQTNBMjIxRTUuY2Vy
MIGABggrBgEFBQcBCwR0MHIwcAYIKwYBBQUHMAuGZHJzeW5jOi8vcnBraS5jby9y
ZXBvL0FTMTk5MjAzLzAvMzI2MTMxMzIzYTY0NjQzNDM3M2EzMzMwMzAzMDNhM2Ey
ZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzkzOTMyMzAzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoS3Ucw
MA0GCSqGSIb3DQEBCwUAA4IBAQC6sxYeYjvV5zKbJ8bRoVyLt25ZX1tw1u9iiT+s
JzSsEPx2sQk/EJTIrlM4r6Nw8WSI4dgacBOtzIyp/yWPdkcGGzC1xy9uNGPQfd6k
9LOIVLUzYweT9bzbR1foKQ7zlNPfMWWoS9EQOWKxLSDcKBMNiFZZSHa7un9vylk0
/QjseaWlNyg2JOgpRsu0hJQ5mh3aqsoW19ySb2awNrRKn7UKAIWrDrxT3FppwJbp
ZREegWGs4ysnbyWkwrnt2dWgcC4y+H8NGbfviUMkynPrYLMgjnwYLL+/91NxMjXA
PFC1pgzTkoN8g+ExBKn+i9uYCtIs+Tnsd9fOjjUsFOaeq7Uf
-----END CERTIFICATE-----
Generated at Sun Jun 16 15:21:09 2024 by rpki-client on console-fra.rpki-client.org