Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS199203/0/326131323a646434373a333032363a3a2f34382d3438203d3e20323136313233.roa
File:                     326131323a646434373a333032363a3a2f34382d3438203d3e20323136313233.roa (raw, json)
Hash identifier:          53TgU1ECGMjBAXcrAQxaT4AgRhK2U19SQspOvCtzlL4=
Subject key identifier:   F4:CD:39:7A:FE:BA:26:DD:78:4E:CA:26:DD:C0:21:7D:08:E1:D5:5D
Certificate issuer:       /CN=95A38A1816A990804357FCAC49C09B0CA3A221E5
Certificate serial:       6C84BB73916C7EDA478516B7545116349DAA5CFE
Authority key identifier: 95:A3:8A:18:16:A9:90:80:43:57:FC:AC:49:C0:9B:0C:A3:A2:21:E5
Authority info access:    rsync://rpki.co/repo/AS945/1/95A38A1816A990804357FCAC49C09B0CA3A221E5.cer
Subject info access:      rsync://rpki.co/repo/AS199203/0/326131323a646434373a333032363a3a2f34382d3438203d3e20323136313233.roa
Signing time:             Fri 09 Feb 2024 14:53:44 +0000
ROA not before:           Fri 09 Feb 2024 14:48:44 +0000
ROA not after:            Fri 07 Feb 2025 14:53:44 +0000
asID:                     216123
IP address blocks:        2a12:dd47:3026::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS199203/0/95A38A1816A990804357FCAC49C09B0CA3A221E5.crl
                          rsync://rpki.co/repo/AS199203/0/95A38A1816A990804357FCAC49C09B0CA3A221E5.mft
                          rsync://rpki.co/repo/AS945/1/95A38A1816A990804357FCAC49C09B0CA3A221E5.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:53:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:84:bb:73:91:6c:7e:da:47:85:16:b7:54:51:16:34:9d:aa:5c:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95A38A1816A990804357FCAC49C09B0CA3A221E5
        Validity
            Not Before: Feb  9 14:48:44 2024 GMT
            Not After : Feb  7 14:53:44 2025 GMT
        Subject: CN=F4CD397AFEBA26DD784ECA26DDC0217D08E1D55D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:4a:f9:e8:8f:1a:08:04:21:cf:e3:75:e4:f2:
                    47:87:69:17:96:e9:98:f7:c7:1b:0f:44:97:f2:fd:
                    af:bb:f5:21:aa:71:50:cc:93:d3:af:fe:02:4d:1c:
                    dd:2d:92:8b:d9:57:4e:cc:a0:e0:e0:06:d7:3c:d8:
                    dc:0c:3e:8d:cb:bd:d4:28:49:f2:29:e0:1b:7a:c9:
                    37:3f:70:54:8f:8f:cc:94:e2:44:0d:81:f3:ab:91:
                    50:f0:b4:b3:a9:df:67:69:42:ea:c0:77:6d:75:ca:
                    06:27:37:44:69:43:55:80:3b:af:66:b3:46:f7:ec:
                    b7:5e:f1:b7:10:a3:7d:07:6c:a3:83:dc:e0:e9:b9:
                    f5:57:36:59:07:36:16:1c:b3:f0:b3:42:b6:d8:4b:
                    39:57:89:cc:a1:63:9f:f4:87:25:1b:e5:e1:45:9e:
                    b6:5c:f4:91:ce:a8:6f:f0:82:ef:07:de:0c:bf:f8:
                    02:3f:c6:ba:98:46:45:3b:17:9f:24:9f:c2:2e:40:
                    8b:f4:58:74:50:f6:c8:55:2c:2b:13:1f:79:9d:ac:
                    e4:e2:d0:cd:81:40:5f:fb:9e:6d:9b:56:5e:97:69:
                    f5:1d:6f:1e:c6:23:6d:ac:c0:86:c4:48:c1:22:91:
                    a1:52:6a:64:8f:95:7d:11:a6:4a:57:d4:68:4c:9f:
                    14:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:CD:39:7A:FE:BA:26:DD:78:4E:CA:26:DD:C0:21:7D:08:E1:D5:5D
            X509v3 Authority Key Identifier:
                keyid:95:A3:8A:18:16:A9:90:80:43:57:FC:AC:49:C0:9B:0C:A3:A2:21:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS199203/0/95A38A1816A990804357FCAC49C09B0CA3A221E5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/95A38A1816A990804357FCAC49C09B0CA3A221E5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS199203/0/326131323a646434373a333032363a3a2f34382d3438203d3e20323136313233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:3026::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:91:a2:ed:e1:12:4c:10:93:7e:f9:f6:4a:cf:4b:50:45:3e:
         be:fc:aa:8e:5c:c4:28:fe:74:ab:96:6b:81:52:d5:10:0a:73:
         11:0e:e3:2a:3c:d3:73:7a:a3:9c:e7:98:fa:fe:81:5b:23:bf:
         9a:38:94:a9:a1:33:8c:5f:80:2a:96:4e:79:c9:47:e5:ce:15:
         94:cd:01:e2:24:6d:c6:9a:d8:a9:0b:f6:68:3b:ee:ef:e3:e8:
         99:93:a7:aa:9c:f6:6a:bb:13:12:c1:00:ae:a5:35:09:b7:e1:
         6e:2b:c5:50:f5:c2:7a:ff:58:48:88:ac:6f:a2:81:de:47:32:
         b5:0c:56:b3:7d:5d:9b:55:93:5f:1f:29:03:40:8c:88:b6:a5:
         a7:04:39:9b:0e:be:8c:7f:50:8d:39:0f:68:66:26:fb:f3:2d:
         a1:09:10:c5:b5:de:f8:0b:36:09:fa:70:89:58:a8:05:e2:4a:
         f8:09:13:6c:3b:3a:4b:4a:df:09:17:ae:e8:4d:56:c5:b5:0f:
         ad:dd:52:8d:f2:f4:0a:13:fb:40:8b:81:db:25:49:2a:44:69:
         6b:41:34:55:ab:4a:58:c5:de:48:25:4f:be:45:52:47:2e:48:
         27:71:30:95:d9:e4:3f:1b:d5:93:97:55:d8:c7:30:1b:5b:45:
         76:a1:ef:b2
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIUbIS7c5FsftpHhRa3VFEWNJ2qXP4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTVBMzhBMTgxNkE5OTA4MDQzNTdGQ0FDNDlDMDlCMENB
M0EyMjFFNTAeFw0yNDAyMDkxNDQ4NDRaFw0yNTAyMDcxNDUzNDRaMDMxMTAvBgNV
BAMTKEY0Q0QzOTdBRkVCQTI2REQ3ODRFQ0EyNkREQzAyMTdEMDhFMUQ1NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNSvnojxoIBCHP43Xk8keHaReW
6Zj3xxsPRJfy/a+79SGqcVDMk9Ov/gJNHN0tkovZV07MoODgBtc82NwMPo3LvdQo
SfIp4Bt6yTc/cFSPj8yU4kQNgfOrkVDwtLOp32dpQurAd211ygYnN0RpQ1WAO69m
s0b37Lde8bcQo30HbKOD3ODpufVXNlkHNhYcs/CzQrbYSzlXicyhY5/0hyUb5eFF
nrZc9JHOqG/wgu8H3gy/+AI/xrqYRkU7F58kn8IuQIv0WHRQ9shVLCsTH3mdrOTi
0M2BQF/7nm2bVl6XafUdbx7GI22swIbESMEikaFSamSPlX0RpkpX1GhMnxRzAgMB
AAGjggHbMIIB1zAdBgNVHQ4EFgQU9M05ev66Jt14Tsom3cAhfQjh1V0wHwYDVR0j
BBgwFoAUlaOKGBapkIBDV/ysScCbDKOiIeUwDgYDVR0PAQH/BAQDAgeAMF0GA1Ud
HwRWMFQwUqBQoE6GTHJzeW5jOi8vcnBraS5jby9yZXBvL0FTMTk5MjAzLzAvOTVB
MzhBMTgxNkE5OTA4MDQzNTdGQ0FDNDlDMDlCMENBM0EyMjFFNS5jcmwwZQYIKwYB
BQUHAQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL3Jwa2kuY28vcmVwby9BUzk0
NS8xLzk1QTM4QTE4MTZBOTkwODA0MzU3RkNBQzQ5QzA5QjBDQTNBMjIxRTUuY2Vy
MIGABggrBgEFBQcBCwR0MHIwcAYIKwYBBQUHMAuGZHJzeW5jOi8vcnBraS5jby9y
ZXBvL0FTMTk5MjAzLzAvMzI2MTMxMzIzYTY0NjQzNDM3M2EzMzMwMzIzNjNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEzNjMxMzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3Ucw
JjANBgkqhkiG9w0BAQsFAAOCAQEAkZGi7eESTBCTfvn2Ss9LUEU+vvyqjlzEKP50
q5ZrgVLVEApzEQ7jKjzTc3qjnOeY+v6BWyO/mjiUqaEzjF+AKpZOeclH5c4VlM0B
4iRtxprYqQv2aDvu7+PomZOnqpz2arsTEsEArqU1CbfhbivFUPXCev9YSIisb6KB
3kcytQxWs31dm1WTXx8pA0CMiLalpwQ5mw6+jH9QjTkPaGYm+/MtoQkQxbXe+As2
CfpwiVioBeJK+AkTbDs6S0rfCReu6E1WxbUPrd1SjfL0ChP7QIuB2yVJKkRpa0E0
VatKWMXeSCVPvkVSRy5IJ3EwldnkPxvVk5dV2McwG1tFdqHvsg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 16:24:21 2024 by rpki-client on console-ams.rpki-client.org