Route Origin Authorization
$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a383265303a3a2f34342d3438203d3e20323037333230.roa
File: 326131323a646434373a383265303a3a2f34342d3438203d3e20323037333230.roa (raw, json)
Hash identifier: 9iu1Va48xLv19b4YJzx8dYOAy3AZBjjmx8cWdcwC6Ts=
Subject key identifier: D0:A4:96:9C:5F:AF:AD:60:CF:31:5E:9C:03:0D:7B:B1:A3:D9:D7:EE
Certificate issuer: /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial: 90A2E3860BC3BB62A48BBDC10DB41DB5415EE0
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access: rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access: rsync://rpki.co/repo/AS945/1/326131323a646434373a383265303a3a2f34342d3438203d3e20323037333230.roa
Signing time: Tue 17 Oct 2023 16:13:34 +0000
ROA not before: Tue 17 Oct 2023 16:08:34 +0000
ROA not after: Tue 15 Oct 2024 16:13:34 +0000
asID: 207320
IP address blocks: 2a12:dd47:82e0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
90:a2:e3:86:0b:c3:bb:62:a4:8b:bd:c1:0d:b4:1d:b5:41:5e:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Validity
Not Before: Oct 17 16:08:34 2023 GMT
Not After : Oct 15 16:13:34 2024 GMT
Subject: CN=D0A4969C5FAFAD60CF315E9C030D7BB1A3D9D7EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0d:c1:fb:21:1b:88:4c:25:d3:4d:9a:51:65:
df:41:11:c5:9c:12:d7:02:c9:9f:7e:07:f9:00:2b:
93:d4:03:a0:9a:1c:1f:a9:46:57:38:6e:65:bf:9e:
1a:ce:f3:29:83:60:cf:47:01:52:e1:70:21:c0:ee:
86:89:2a:ab:5c:72:52:33:ae:80:d2:28:07:e9:3b:
47:ff:4b:cb:a2:a9:a2:6d:58:91:d7:57:09:9d:d5:
76:5f:8a:07:8b:44:9c:a4:92:bb:08:ca:74:11:7a:
e2:79:7e:55:3f:1d:ae:97:63:a9:e7:27:63:05:e1:
77:49:6f:eb:27:7d:ff:ec:97:0f:3f:60:5d:ef:c8:
92:3d:6e:20:0d:10:7e:30:bf:87:a0:44:ac:d8:82:
d3:0f:a2:18:a5:2b:50:49:50:c9:66:7a:8e:0e:75:
63:4d:e1:5b:01:b2:32:5b:d2:8d:bd:9c:9d:ed:b1:
a2:76:65:7b:76:c1:c1:ec:de:5f:a7:f1:ef:5f:a1:
7a:45:7a:2d:51:19:71:66:9a:56:fe:0b:58:26:bd:
7f:53:83:a8:40:3f:9c:e0:11:06:03:1a:6d:81:a4:
a1:94:c6:ba:b3:1e:08:4c:45:ef:da:1c:65:90:a2:
10:ad:f5:53:3b:4d:31:15:80:72:9f:31:68:48:bd:
e4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A4:96:9C:5F:AF:AD:60:CF:31:5E:9C:03:0D:7B:B1:A3:D9:D7:EE
X509v3 Authority Key Identifier:
keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
Authority Information Access:
CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a383265303a3a2f34342d3438203d3e20323037333230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:dd47:82e0::/44
Signature Algorithm: sha256WithRSAEncryption
3f:9f:4a:b8:ae:74:e9:c3:bc:47:97:88:28:51:31:84:fc:99:
af:b5:da:26:4f:5b:55:be:d6:c3:7d:36:68:33:69:bb:d2:0c:
54:5f:dd:5c:b8:fa:88:e0:a0:53:76:6b:28:58:f9:81:e5:57:
16:34:a3:30:bc:f8:a3:80:6e:2e:8e:b8:27:f7:fc:79:e5:77:
70:4f:5c:92:c9:f1:ea:be:07:36:b9:d4:42:c9:aa:ae:d6:e0:
e8:e4:4a:d0:7c:d2:bb:fb:52:1e:bd:5d:cc:de:6f:59:f8:10:
d4:9c:62:1b:a8:20:a0:2f:79:24:2a:34:7d:ce:d0:04:51:78:
4f:05:6b:e4:2b:f8:6d:6e:9f:89:8c:b5:a2:f5:70:d0:36:6a:
d9:b1:45:48:e0:eb:f8:55:75:70:f6:56:0c:37:07:da:c7:cd:
ce:80:2b:60:e5:70:51:97:65:a2:ba:60:62:77:62:f8:b8:43:
02:2d:fc:ab:c2:0d:b2:b7:18:89:f9:5f:3a:03:77:3e:87:75:
f5:f7:f2:e6:de:cb:ba:2b:29:82:b3:f5:a6:98:5a:a9:9d:dd:
1e:7e:53:26:98:31:de:8d:ea:5e:b7:cf:0f:55:1d:11:c6:83:
36:53:17:c1:7c:8d:dd:f8:c8:f6:fc:c8:52:2a:b5:fa:1e:da:
e3:c4:eb:4e
-----BEGIN CERTIFICATE-----
MIIEyjCCA7KgAwIBAgIUAJCi44YLw7tipIu9wQ20HbVBXuAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MzRaFw0yNDEwMTUxNjEzMzRaMDMxMTAvBgNV
BAMTKEQwQTQ5NjlDNUZBRkFENjBDRjMxNUU5QzAzMEQ3QkIxQTNEOUQ3RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKDcH7IRuITCXTTZpRZd9BEcWc
EtcCyZ9+B/kAK5PUA6CaHB+pRlc4bmW/nhrO8ymDYM9HAVLhcCHA7oaJKqtcclIz
roDSKAfpO0f/S8uiqaJtWJHXVwmd1XZfigeLRJykkrsIynQReuJ5flU/Ha6XY6nn
J2MF4XdJb+snff/slw8/YF3vyJI9biANEH4wv4egRKzYgtMPohilK1BJUMlmeo4O
dWNN4VsBsjJb0o29nJ3tsaJ2ZXt2wcHs3l+n8e9foXpFei1RGXFmmlb+C1gmvX9T
g6hAP5zgEQYDGm2BpKGUxrqzHghMRe/aHGWQohCt9VM7TTEVgHKfMWhIveRZAgMB
AAGjggHUMIIB0DAdBgNVHQ4EFgQU0KSWnF+vrWDPMV6cAw17saPZ1+4wHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTM4MzI2NTMwM2EzYTJmMzQzNDJk
MzQzODIwM2QzZTIwMzIzMDM3MzMzMjMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhLdR4LgMA0GCSqG
SIb3DQEBCwUAA4IBAQA/n0q4rnTpw7xHl4goUTGE/JmvtdomT1tVvtbDfTZoM2m7
0gxUX91cuPqI4KBTdmsoWPmB5VcWNKMwvPijgG4ujrgn9/x55XdwT1ySyfHqvgc2
udRCyaqu1uDo5ErQfNK7+1IevV3M3m9Z+BDUnGIbqCCgL3kkKjR9ztAEUXhPBWvk
K/htbp+JjLWi9XDQNmrZsUVI4Ov4VXVw9lYMNwfax83OgCtg5XBRl2WiumBid2L4
uEMCLfyrwg2ytxiJ+V86A3c+h3X19/Lm3su6KymCs/WmmFqpnd0eflMmmDHejepe
t88PVR0RxoM2UxfBfI3d+Mj2/MhSKrX6HtrjxOtO
-----END CERTIFICATE-----
Generated at Sat May 4 20:40:11 2024 by rpki-client on console-fra.rpki-client.org