Route Origin Authorization
$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a383063303a3a2f34342d3438203d3e20323035393830.roa
File: 326131323a646434373a383063303a3a2f34342d3438203d3e20323035393830.roa (raw, json)
Hash identifier: 2aS+3RWrMFO5/b5jgVzx+Yq+oMpWCKt/ktJzdxzwmX0=
Subject key identifier: 38:F5:23:F4:15:68:5B:C5:DA:21:D1:AC:48:A6:C8:D8:FD:BC:E3:7F
Certificate issuer: /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial: 5EF2F8BA62B426F025B0F9067935423FA4BE7673
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access: rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access: rsync://rpki.co/repo/AS945/1/326131323a646434373a383063303a3a2f34342d3438203d3e20323035393830.roa
Signing time: Tue 17 Oct 2023 16:13:30 +0000
ROA not before: Tue 17 Oct 2023 16:08:30 +0000
ROA not after: Tue 15 Oct 2024 16:13:30 +0000
asID: 205980
IP address blocks: 2a12:dd47:80c0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:f2:f8:ba:62:b4:26:f0:25:b0:f9:06:79:35:42:3f:a4:be:76:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Validity
Not Before: Oct 17 16:08:30 2023 GMT
Not After : Oct 15 16:13:30 2024 GMT
Subject: CN=38F523F415685BC5DA21D1AC48A6C8D8FDBCE37F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:21:e8:5a:3e:69:3e:9d:fb:49:31:8b:75:a3:
f3:0e:ed:3f:58:96:4d:ee:38:6b:4c:55:34:98:a7:
d5:90:f2:71:12:1a:f9:6d:78:a1:84:fe:15:ce:96:
d3:25:56:56:52:8b:9c:49:87:13:ac:30:92:b0:ac:
d5:b2:6d:13:c6:42:f0:c5:1c:6f:86:6b:9c:24:3d:
e5:76:8c:84:27:8d:a1:8c:b1:75:fc:4a:a0:07:c5:
a3:92:7b:c4:16:a3:39:89:a1:35:5a:25:59:27:58:
f4:57:dd:08:b2:f6:4d:71:62:40:c5:f6:0b:64:5e:
43:f2:85:d3:d8:9b:fb:9b:60:2f:fb:d7:19:67:d5:
59:dd:7b:c9:35:57:c9:32:55:c7:b4:5d:8e:8a:15:
0d:67:63:02:51:8c:d2:8b:08:d0:e8:68:d9:bd:39:
c5:41:60:f5:9a:14:6d:14:be:a5:6a:a7:ce:20:09:
a8:a9:68:b1:a4:23:2e:7b:6f:cc:9c:25:59:b1:c5:
b3:9d:85:1e:48:97:40:f2:c8:38:c0:07:51:c6:e3:
b4:00:af:34:ae:7b:66:22:d6:8b:ae:e2:2e:ed:81:
33:59:72:13:a0:8d:57:97:22:e7:a2:9b:81:a7:27:
65:f1:4d:b6:e8:44:bb:26:f1:9f:93:39:62:59:cf:
65:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F5:23:F4:15:68:5B:C5:DA:21:D1:AC:48:A6:C8:D8:FD:BC:E3:7F
X509v3 Authority Key Identifier:
keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a383063303a3a2f34342d3438203d3e20323035393830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:80c0::/44
Signature Algorithm: sha256WithRSAEncryption
51:8a:a6:40:ef:fd:9e:45:9e:c6:7c:5c:99:5a:1f:3b:38:0a:
06:0a:94:66:68:7f:51:b4:2e:95:fc:93:6e:94:66:7d:f0:dc:
ea:2d:fe:89:fe:3e:49:0d:5e:46:af:dc:ae:94:43:e1:24:bf:
38:b9:1c:ea:28:d5:78:42:ea:f8:54:69:b6:22:bd:08:4c:80:
06:65:e9:c6:a6:d9:81:9b:84:5a:96:7a:be:27:e1:5f:68:33:
dd:73:e8:48:e9:76:9b:e4:ae:28:6d:00:32:f6:1a:3f:72:50:
6d:0f:c6:bf:76:33:9b:1e:46:82:47:4c:dc:6c:49:ff:0f:a7:
7e:d9:b7:ed:1d:89:7d:6b:b4:7e:37:d5:96:ce:3a:2f:d1:96:
8d:bd:ea:5c:4c:00:23:cc:88:2d:7a:67:4f:a3:99:d5:21:62:
f4:f1:ef:4d:f4:b3:b2:e0:52:df:33:ed:a0:f4:b6:8a:84:2a:
1e:c7:9c:1e:7a:df:76:f8:21:9e:21:17:94:88:99:f7:da:cb:
c7:09:79:3b:0f:14:b2:4f:96:82:69:3f:05:a2:00:3d:06:ea:
89:67:7f:d4:2c:d4:90:26:58:31:0e:f7:87:e0:89:59:b6:37:
4c:4f:a9:1a:0b:c6:8c:3b:40:43:18:a1:f6:c6:d8:53:5d:eb:
9e:d6:7f:58
-----BEGIN CERTIFICATE-----
MIIEyjCCA7KgAwIBAgIUXvL4umK0JvAlsPkGeTVCP6S+dnMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MzBaFw0yNDEwMTUxNjEzMzBaMDMxMTAvBgNV
BAMTKDM4RjUyM0Y0MTU2ODVCQzVEQTIxRDFBQzQ4QTZDOEQ4RkRCQ0UzN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCIehaPmk+nftJMYt1o/MO7T9Y
lk3uOGtMVTSYp9WQ8nESGvlteKGE/hXOltMlVlZSi5xJhxOsMJKwrNWybRPGQvDF
HG+Ga5wkPeV2jIQnjaGMsXX8SqAHxaOSe8QWozmJoTVaJVknWPRX3Qiy9k1xYkDF
9gtkXkPyhdPYm/ubYC/71xln1Vnde8k1V8kyVce0XY6KFQ1nYwJRjNKLCNDoaNm9
OcVBYPWaFG0UvqVqp84gCaipaLGkIy57b8ycJVmxxbOdhR5Il0DyyDjAB1HG47QA
rzSue2Yi1ouu4i7tgTNZchOgjVeXIueim4GnJ2XxTbboRLsm8Z+TOWJZz2WJAgMB
AAGjggHUMIIB0DAdBgNVHQ4EFgQUOPUj9BVoW8XaIdGsSKbI2P28438wHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTM4MzA2MzMwM2EzYTJmMzQzNDJk
MzQzODIwM2QzZTIwMzIzMDM1MzkzODMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhLdR4DAMA0GCSqG
SIb3DQEBCwUAA4IBAQBRiqZA7/2eRZ7GfFyZWh87OAoGCpRmaH9RtC6V/JNulGZ9
8NzqLf6J/j5JDV5Gr9yulEPhJL84uRzqKNV4Qur4VGm2Ir0ITIAGZenGptmBm4Ra
lnq+J+FfaDPdc+hI6Xab5K4obQAy9ho/clBtD8a/djObHkaCR0zcbEn/D6d+2bft
HYl9a7R+N9WWzjov0ZaNvepcTAAjzIgtemdPo5nVIWL08e9N9LOy4FLfM+2g9LaK
hCoex5weet92+CGeIReUiJn32svHCXk7DxSyT5aCaT8FogA9BuqJZ3/ULNSQJlgx
DveH4IlZtjdMT6kaC8aMO0BDGKH2xthTXeue1n9Y
-----END CERTIFICATE-----
Generated at Sat May 4 20:40:11 2024 by rpki-client on console-fra.rpki-client.org