Route Origin Authorization
$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a353130303a3a2f34302d3438203d3e20323033363336.roa
File: 326131323a646434373a353130303a3a2f34302d3438203d3e20323033363336.roa (raw, json)
Hash identifier: lfpIGuu7Ggw63aFHd+armZqx0mLGaI6GoXuuwkkNbOA=
Subject key identifier: 1A:3F:70:E2:20:75:11:C1:FD:AA:7A:FE:06:DD:33:EB:FF:EB:9B:37
Certificate issuer: /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial: 6D403B5D33F25F5A8AD02CAC45570975F56FEDC1
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access: rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access: rsync://rpki.co/repo/AS945/1/326131323a646434373a353130303a3a2f34302d3438203d3e20323033363336.roa
Signing time: Tue 17 Oct 2023 16:13:37 +0000
ROA not before: Tue 17 Oct 2023 16:08:37 +0000
ROA not after: Tue 15 Oct 2024 16:13:37 +0000
asID: 203636
IP address blocks: 2a12:dd47:5100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:40:3b:5d:33:f2:5f:5a:8a:d0:2c:ac:45:57:09:75:f5:6f:ed:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Validity
Not Before: Oct 17 16:08:37 2023 GMT
Not After : Oct 15 16:13:37 2024 GMT
Subject: CN=1A3F70E2207511C1FDAA7AFE06DD33EBFFEB9B37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:36:e2:42:a3:1c:ce:aa:03:b2:3b:af:1b:44:
c8:e0:91:84:22:d5:83:db:d1:7b:a7:2b:8c:70:da:
4e:af:d0:6d:40:47:b1:4d:aa:40:ab:62:35:93:23:
78:c8:f4:80:a0:e9:3d:9d:6e:9f:0a:ad:90:07:6a:
5a:1c:b7:b7:21:81:85:71:08:a1:b1:7a:04:2b:2a:
d8:c8:6c:58:31:8d:9a:18:ec:47:22:69:6e:33:7c:
55:6e:25:75:00:3b:51:56:10:58:01:10:65:67:55:
f7:df:81:27:bc:b4:43:9a:c9:e5:5d:1e:5c:70:de:
9a:95:4f:15:e7:09:53:64:0d:21:5b:23:14:14:98:
46:58:9f:a5:ed:8d:53:b9:20:b2:bb:48:f7:02:8c:
57:72:8c:d8:0a:b0:82:57:24:8e:2f:d7:de:ee:88:
ed:e6:f9:37:d4:0d:1a:ef:5b:42:34:f7:fe:65:a2:
bb:7c:5d:2a:f9:65:84:df:c9:05:be:09:29:3e:04:
6f:bf:41:96:ce:99:0b:12:2c:cc:dd:10:a2:0a:43:
26:55:4a:0a:19:cc:3f:60:1b:40:44:cc:75:de:4c:
95:ae:bb:95:bf:90:fe:9d:36:df:e3:97:bb:4d:24:
98:eb:47:0f:9e:56:38:51:18:02:8b:8e:65:d3:c2:
62:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:3F:70:E2:20:75:11:C1:FD:AA:7A:FE:06:DD:33:EB:FF:EB:9B:37
X509v3 Authority Key Identifier:
keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a353130303a3a2f34302d3438203d3e20323033363336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:5100::/40
Signature Algorithm: sha256WithRSAEncryption
2d:69:37:99:3d:7d:0e:da:2a:25:1a:b6:fe:8d:c2:d7:0e:1e:
5c:c4:60:7a:eb:fc:b4:60:b4:bd:70:5c:be:70:be:e4:5b:0a:
0c:ff:47:6a:d7:f9:2f:9b:51:0b:3a:ad:dd:81:ff:01:54:4a:
68:91:07:cc:9b:ba:80:4b:bf:04:d7:df:36:94:6f:ea:cd:e6:
e7:f8:a4:b6:c5:6a:2b:e2:be:0e:d7:7f:05:72:63:1b:f2:b5:
fc:c9:bf:4f:e4:20:69:42:95:97:26:a7:e7:7a:f3:d3:0a:92:
e3:db:82:6a:a9:b4:ee:09:8d:d5:a0:26:74:4d:17:38:cc:74:
b6:04:7a:f5:37:13:b6:39:68:7e:58:45:f7:85:a8:bd:7a:d7:
93:b5:a2:48:a3:19:c7:ca:57:ad:cd:65:29:8e:54:36:fc:47:
4f:2d:52:bc:e2:be:f4:02:0f:8e:f3:a6:9a:4e:13:8b:59:4f:
e7:d8:40:76:3d:f3:73:3f:fb:47:cd:74:94:8e:5d:57:18:87:
74:4d:36:01:2b:95:c4:df:71:6b:67:cc:b3:2b:e6:41:6b:f2:
f7:26:82:db:67:a9:68:e3:63:12:e2:7e:0d:12:25:6d:b5:73:
89:f7:e1:c3:d4:e5:97:84:fa:99:64:77:4b:a6:81:e5:8b:ae:
a8:39:72:ae
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIUbUA7XTPyX1qK0CysRVcJdfVv7cEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MzdaFw0yNDEwMTUxNjEzMzdaMDMxMTAvBgNV
BAMTKDFBM0Y3MEUyMjA3NTExQzFGREFBN0FGRTA2REQzM0VCRkZFQjlCMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDONuJCoxzOqgOyO68bRMjgkYQi
1YPb0XunK4xw2k6v0G1AR7FNqkCrYjWTI3jI9ICg6T2dbp8KrZAHaloct7chgYVx
CKGxegQrKtjIbFgxjZoY7EciaW4zfFVuJXUAO1FWEFgBEGVnVfffgSe8tEOayeVd
Hlxw3pqVTxXnCVNkDSFbIxQUmEZYn6XtjVO5ILK7SPcCjFdyjNgKsIJXJI4v197u
iO3m+TfUDRrvW0I09/5lort8XSr5ZYTfyQW+CSk+BG+/QZbOmQsSLMzdEKIKQyZV
SgoZzD9gG0BEzHXeTJWuu5W/kP6dNt/jl7tNJJjrRw+eVjhRGAKLjmXTwmJZAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQUGj9w4iB1EcH9qnr+Bt0z6//rmzcwHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTM1MzEzMDMwM2EzYTJmMzQzMDJk
MzQzODIwM2QzZTIwMzIzMDMzMzYzMzM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhLdR1EwDQYJKoZI
hvcNAQELBQADggEBAC1pN5k9fQ7aKiUatv6NwtcOHlzEYHrr/LRgtL1wXL5wvuRb
Cgz/R2rX+S+bUQs6rd2B/wFUSmiRB8ybuoBLvwTX3zaUb+rN5uf4pLbFaivivg7X
fwVyYxvytfzJv0/kIGlClZcmp+d689MKkuPbgmqptO4JjdWgJnRNFzjMdLYEevU3
E7Y5aH5YRfeFqL1615O1okijGcfKV63NZSmOVDb8R08tUrzivvQCD47zpppOE4tZ
T+fYQHY983M/+0fNdJSOXVcYh3RNNgErlcTfcWtnzLMr5kFr8vcmgttnqWjjYxLi
fg0SJW21c4n34cPU5ZeE+plkd0umgeWLrqg5cq4=
-----END CERTIFICATE-----
Generated at Sat May 4 20:40:11 2024 by rpki-client on console-fra.rpki-client.org