Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Rudaki/0/326131323a646434373a353330303a3a2f34382d3438203d3e20323131353039.roa
File:                     326131323a646434373a353330303a3a2f34382d3438203d3e20323131353039.roa (raw, json)
Hash identifier:          6sugDDa1b0xNgnQuZtkJhyYQIRVsUj7crpti9ZkPJHg=
Subject key identifier:   D6:4E:CA:A1:7D:BF:97:84:2E:CA:A8:19:F3:56:C3:6F:7E:68:EB:CB
Certificate issuer:       /CN=8D47937E5FB1C1169EEAD229E680E581B175465F
Certificate serial:       384B7508491580524D69BE9257949A3A0C17806C
Authority key identifier: 8D:47:93:7E:5F:B1:C1:16:9E:EA:D2:29:E6:80:E5:81:B1:75:46:5F
Authority info access:    rsync://rpki.co/repo/AS945/1/8D47937E5FB1C1169EEAD229E680E581B175465F.cer
Subject info access:      rsync://rpki.co/repo/Rudaki/0/326131323a646434373a353330303a3a2f34382d3438203d3e20323131353039.roa
Signing time:             Wed 20 Mar 2024 13:14:30 +0000
ROA not before:           Wed 20 Mar 2024 13:09:30 +0000
ROA not after:            Wed 19 Mar 2025 13:14:30 +0000
asID:                     211509
IP address blocks:        2a12:dd47:5300::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/Rudaki/0/8D47937E5FB1C1169EEAD229E680E581B175465F.crl
                          rsync://rpki.co/repo/Rudaki/0/8D47937E5FB1C1169EEAD229E680E581B175465F.mft
                          rsync://rpki.co/repo/AS945/1/8D47937E5FB1C1169EEAD229E680E581B175465F.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:11:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:4b:75:08:49:15:80:52:4d:69:be:92:57:94:9a:3a:0c:17:80:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8D47937E5FB1C1169EEAD229E680E581B175465F
        Validity
            Not Before: Mar 20 13:09:30 2024 GMT
            Not After : Mar 19 13:14:30 2025 GMT
        Subject: CN=D64ECAA17DBF97842ECAA819F356C36F7E68EBCB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:5a:28:33:5b:ce:b2:94:51:b5:b1:54:9b:2e:
                    ec:a8:02:48:01:b4:cf:2f:a8:59:7a:eb:93:a9:9e:
                    a1:a3:81:a4:a2:dd:bc:ea:ad:2a:28:2a:91:58:4e:
                    ad:64:ee:de:d6:a6:a8:e2:3e:b8:f2:71:00:79:54:
                    71:4a:69:02:a8:19:8c:ed:b5:a7:46:b0:ef:35:58:
                    d1:5f:1f:79:c6:ed:fe:12:09:dd:32:86:d2:98:91:
                    7c:be:5d:71:36:2d:30:7f:60:16:8a:fa:ae:b1:e9:
                    8e:a9:e5:36:12:76:ad:8d:36:da:08:7c:c1:ea:1b:
                    3d:14:7d:94:a9:da:1d:dd:ad:e9:da:b7:a0:c6:5b:
                    c8:e6:4f:bf:4d:52:99:4c:48:85:f8:fd:32:6b:7c:
                    0b:1b:cd:7a:7c:bb:1c:54:e5:c3:37:35:a1:11:22:
                    82:ca:fa:b1:5c:1e:b7:92:ae:d1:da:1d:e1:f5:13:
                    56:4d:8f:29:e1:4f:ef:76:b1:c2:4a:4d:7c:b2:9f:
                    9c:a6:af:48:95:81:90:5a:0c:4a:c6:ef:1d:60:18:
                    fc:90:a8:2e:2a:7d:62:52:ab:64:fb:53:ce:00:77:
                    9a:3d:cd:b0:89:35:30:ef:a0:12:f6:b0:7a:07:bd:
                    33:a5:56:e4:4a:4a:ca:46:f6:2d:32:db:28:62:d0:
                    fc:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:4E:CA:A1:7D:BF:97:84:2E:CA:A8:19:F3:56:C3:6F:7E:68:EB:CB
            X509v3 Authority Key Identifier:
                keyid:8D:47:93:7E:5F:B1:C1:16:9E:EA:D2:29:E6:80:E5:81:B1:75:46:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Rudaki/0/8D47937E5FB1C1169EEAD229E680E581B175465F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/8D47937E5FB1C1169EEAD229E680E581B175465F.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Rudaki/0/326131323a646434373a353330303a3a2f34382d3438203d3e20323131353039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:5300::/48

    Signature Algorithm: sha256WithRSAEncryption
         76:f5:9c:a4:9c:0e:eb:15:57:b1:60:5a:c6:9a:81:c0:4c:52:
         02:ca:6c:90:a6:99:3b:01:b3:83:57:0a:be:1f:ff:9e:2a:a4:
         07:fe:af:f4:19:90:36:23:4a:bd:a4:e6:f2:eb:7d:e3:71:cb:
         50:5f:9d:1c:de:35:a1:00:30:e6:a0:93:ff:93:d6:57:ba:32:
         43:81:78:3a:f7:82:61:34:00:b9:46:78:b0:49:54:5c:68:c2:
         fa:83:de:ed:78:2a:3d:c8:a4:07:46:bd:d6:1c:58:5e:2b:46:
         60:27:6e:14:a0:4f:99:67:ff:33:94:f4:a4:90:6f:67:6e:8f:
         8a:ab:d6:82:f1:18:10:ec:e9:1b:fb:33:b7:f3:58:42:92:d0:
         16:30:71:c0:db:be:ba:90:ce:33:a1:50:36:c5:85:02:96:57:
         de:93:82:02:f0:08:ed:ef:5b:91:0a:b1:82:6f:58:09:1a:a7:
         3b:6f:ea:eb:f0:22:9b:75:f0:9c:d6:39:16:ba:4b:f8:21:d2:
         d4:d3:dc:f5:4d:72:e1:9f:08:f9:bf:4d:e5:73:e0:36:6c:6d:
         45:b7:91:1e:a9:47:be:25:df:9f:f2:24:5a:2e:dc:24:16:7a:
         98:f0:16:2d:e1:17:e8:4c:fe:39:e5:16:17:37:89:9b:2d:36:
         1e:2b:3a:12
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIUOEt1CEkVgFJNab6SV5SaOgwXgGwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQ0NzkzN0U1RkIxQzExNjlFRUFEMjI5RTY4MEU1ODFC
MTc1NDY1RjAeFw0yNDAzMjAxMzA5MzBaFw0yNTAzMTkxMzE0MzBaMDMxMTAvBgNV
BAMTKEQ2NEVDQUExN0RCRjk3ODQyRUNBQTgxOUYzNTZDMzZGN0U2OEVCQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdWigzW86ylFG1sVSbLuyoAkgB
tM8vqFl665OpnqGjgaSi3bzqrSooKpFYTq1k7t7WpqjiPrjycQB5VHFKaQKoGYzt
tadGsO81WNFfH3nG7f4SCd0yhtKYkXy+XXE2LTB/YBaK+q6x6Y6p5TYSdq2NNtoI
fMHqGz0UfZSp2h3drenat6DGW8jmT79NUplMSIX4/TJrfAsbzXp8uxxU5cM3NaER
IoLK+rFcHreSrtHaHeH1E1ZNjynhT+92scJKTXyyn5ymr0iVgZBaDErG7x1gGPyQ
qC4qfWJSq2T7U84Ad5o9zbCJNTDvoBL2sHoHvTOlVuRKSspG9i0y2yhi0PxtAgMB
AAGjggHWMIIB0jAdBgNVHQ4EFgQU1k7KoX2/l4QuyqgZ81bDb35o68swHwYDVR0j
BBgwFoAUjUeTfl+xwRae6tIp5oDlgbF1Rl8wDgYDVR0PAQH/BAQDAgeAMFsGA1Ud
HwRUMFIwUKBOoEyGSnJzeW5jOi8vcnBraS5jby9yZXBvL1J1ZGFraS8wLzhENDc5
MzdFNUZCMUMxMTY5RUVBRDIyOUU2ODBFNTgxQjE3NTQ2NUYuY3JsMGUGCCsGAQUF
BwEBBFkwVzBVBggrBgEFBQcwAoZJcnN5bmM6Ly9ycGtpLmNvL3JlcG8vQVM5NDUv
MS84RDQ3OTM3RTVGQjFDMTE2OUVFQUQyMjlFNjgwRTU4MUIxNzU0NjVGLmNlcjB+
BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5jby9yZXBv
L1J1ZGFraS8wLzMyNjEzMTMyM2E2NDY0MzQzNzNhMzUzMzMwMzAzYTNhMmYzNDM4
MmQzNDM4MjAzZDNlMjAzMjMxMzEzNTMwMzkucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqEt1HUwAwDQYJ
KoZIhvcNAQELBQADggEBAHb1nKScDusVV7FgWsaagcBMUgLKbJCmmTsBs4NXCr4f
/54qpAf+r/QZkDYjSr2k5vLrfeNxy1BfnRzeNaEAMOagk/+T1le6MkOBeDr3gmE0
ALlGeLBJVFxowvqD3u14Kj3IpAdGvdYcWF4rRmAnbhSgT5ln/zOU9KSQb2duj4qr
1oLxGBDs6Rv7M7fzWEKS0BYwccDbvrqQzjOhUDbFhQKWV96TggLwCO3vW5EKsYJv
WAkapztv6uvwIpt18JzWORa6S/gh0tTT3PVNcuGfCPm/TeVz4DZsbUW3kR6pR74l
35/yJFou3CQWepjwFi3hF+hM/jnlFhc3iZstNh4rOhI=
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:33:46 2024 by rpki-client on console-ams.rpki-client.org