Route Origin Authorization
$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a336330303a3a2f34302d3438203d3e203136353039.roa
File: 326131323a646434373a336330303a3a2f34302d3438203d3e203136353039.roa (raw, json)
Hash identifier: E8/00QzvzA+Ue3pn7yVYQ6aPV/rZ7y0JIvw2uQOcDXA=
Subject key identifier: 9C:A7:EA:8D:38:CC:7D:E1:E2:CF:05:78:EB:87:99:62:68:F3:65:98
Certificate issuer: /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial: 702C7CC87AC8E0857F00C34684E3AD83D96B4300
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access: rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access: rsync://rpki.co/repo/AS945/1/326131323a646434373a336330303a3a2f34302d3438203d3e203136353039.roa
Signing time: Tue 17 Oct 2023 16:13:28 +0000
ROA not before: Tue 17 Oct 2023 16:08:28 +0000
ROA not after: Tue 15 Oct 2024 16:13:28 +0000
asID: 16509
IP address blocks: 2a12:dd47:3c00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:2c:7c:c8:7a:c8:e0:85:7f:00:c3:46:84:e3:ad:83:d9:6b:43:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Validity
Not Before: Oct 17 16:08:28 2023 GMT
Not After : Oct 15 16:13:28 2024 GMT
Subject: CN=9CA7EA8D38CC7DE1E2CF0578EB87996268F36598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:7f:02:91:55:6c:e8:b3:17:43:cf:0a:80:33:
ef:12:53:02:98:24:c2:7f:02:b9:4c:76:2e:61:c8:
7c:8f:70:35:39:3f:b7:ad:8c:a8:34:7f:3d:67:51:
00:ca:59:98:51:75:88:6e:63:26:4c:42:9f:9a:d6:
dc:e5:dd:53:65:12:28:bc:e0:32:a7:66:a7:25:b2:
18:c6:4a:e5:97:c9:db:3e:42:c8:e8:c0:da:66:56:
ce:f3:98:9a:fe:44:8c:f4:a0:b7:1f:0f:66:c9:28:
cf:5e:48:d5:0b:93:34:7a:16:bc:20:7f:69:09:a7:
16:72:db:92:58:ec:65:98:28:f5:90:e4:d8:d7:b6:
a4:fb:9a:f6:68:67:32:81:1e:90:a1:ac:5b:8a:1c:
b9:01:a1:55:e4:54:1f:46:43:8f:31:5d:3d:2d:b5:
b2:52:ea:a1:c1:1b:a6:31:d4:af:b4:d0:3e:6b:13:
11:a3:45:7a:9d:08:fa:55:58:9e:00:a6:ff:40:7a:
4b:ee:8e:9a:64:d2:0f:30:d3:04:34:ea:68:10:a8:
06:bb:3e:8c:74:58:ee:da:c7:fc:e2:6c:8c:37:a3:
60:88:37:32:a1:f3:4d:05:f3:0a:5a:eb:63:f1:85:
39:4b:5f:5c:11:5d:ba:39:74:c6:65:29:da:ce:d5:
8f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A7:EA:8D:38:CC:7D:E1:E2:CF:05:78:EB:87:99:62:68:F3:65:98
X509v3 Authority Key Identifier:
keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a336330303a3a2f34302d3438203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:3c00::/40
Signature Algorithm: sha256WithRSAEncryption
c5:21:82:51:6c:fa:3a:5f:81:53:b1:b3:2f:b3:44:64:0e:95:
66:7d:3d:a2:aa:81:c2:dc:72:10:ce:de:8a:66:9b:f1:10:5f:
cb:2e:17:7d:05:4a:45:05:84:04:3b:77:b5:dd:37:a5:6e:d4:
35:ec:40:f7:56:a1:cd:b8:e6:e5:35:cc:3a:f9:a4:10:91:cf:
8b:2d:4b:3d:fa:b1:8e:82:cf:63:53:c7:2f:91:cc:ab:95:59:
5a:59:db:e0:13:5a:e2:b9:f7:f7:36:7e:06:e5:a4:58:b9:37:
73:11:3c:08:15:ba:88:08:c8:a6:a4:ec:6f:f2:98:b8:1a:2f:
46:92:f3:26:10:23:7c:b9:5e:66:40:4d:3f:f5:2f:40:6d:58:
01:84:54:68:56:d3:2c:c4:bc:99:94:f7:69:86:e5:79:fb:a3:
75:d5:31:aa:9e:af:c5:f8:9d:8f:dc:53:a4:19:19:4c:34:d0:
c6:f1:10:3e:13:61:c7:69:91:4f:86:87:12:a9:16:bb:84:e4:
37:2d:8e:8f:57:30:18:18:b5:7f:5b:a6:64:ef:79:bf:c6:06:
cc:0d:ad:e3:91:14:8c:ab:a7:b6:a5:c1:e6:1b:03:19:c0:94:
3f:aa:d4:2b:b0:7b:ac:cb:b2:eb:17:60:8a:12:c1:c4:3d:af:
80:b9:59:f0
-----BEGIN CERTIFICATE-----
MIIExzCCA6+gAwIBAgIUcCx8yHrI4IV/AMNGhOOtg9lrQwAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MjhaFw0yNDEwMTUxNjEzMjhaMDMxMTAvBgNV
BAMTKDlDQTdFQThEMzhDQzdERTFFMkNGMDU3OEVCODc5OTYyNjhGMzY1OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgfwKRVWzosxdDzwqAM+8SUwKY
JMJ/ArlMdi5hyHyPcDU5P7etjKg0fz1nUQDKWZhRdYhuYyZMQp+a1tzl3VNlEii8
4DKnZqclshjGSuWXyds+QsjowNpmVs7zmJr+RIz0oLcfD2bJKM9eSNULkzR6Frwg
f2kJpxZy25JY7GWYKPWQ5NjXtqT7mvZoZzKBHpChrFuKHLkBoVXkVB9GQ48xXT0t
tbJS6qHBG6Yx1K+00D5rExGjRXqdCPpVWJ4Apv9Aekvujppk0g8w0wQ06mgQqAa7
Pox0WO7ax/zibIw3o2CINzKh800F8wpa62PxhTlLX1wRXbo5dMZlKdrO1Y9/AgMB
AAGjggHRMIIBzTAdBgNVHQ4EFgQUnKfqjTjMfeHizwV464eZYmjzZZgwHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMHsG
CCsGAQUFBwELBG8wbTBrBggrBgEFBQcwC4ZfcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTMzNjMzMDMwM2EzYTJmMzQzMDJk
MzQzODIwM2QzZTIwMzEzNjM1MzAzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoS3Uc8MA0GCSqGSIb3
DQEBCwUAA4IBAQDFIYJRbPo6X4FTsbMvs0RkDpVmfT2iqoHC3HIQzt6KZpvxEF/L
Lhd9BUpFBYQEO3e13TelbtQ17ED3VqHNuOblNcw6+aQQkc+LLUs9+rGOgs9jU8cv
kcyrlVlaWdvgE1riuff3Nn4G5aRYuTdzETwIFbqICMimpOxv8pi4Gi9GkvMmECN8
uV5mQE0/9S9AbVgBhFRoVtMsxLyZlPdphuV5+6N11TGqnq/F+J2P3FOkGRlMNNDG
8RA+E2HHaZFPhocSqRa7hOQ3LY6PVzAYGLV/W6Zk73m/xgbMDa3jkRSMq6e2pcHm
GwMZwJQ/qtQrsHusy7LrF2CKEsHEPa+AuVnw
-----END CERTIFICATE-----
Generated at Thu May 2 15:00:16 2024 by rpki-client on console-fra.rpki-client.org