Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CCP1138480/objJj7wvy-_et92tNUx2pLZo5io.roa
File:                     objJj7wvy-_et92tNUx2pLZo5io.roa (raw, json)
Hash identifier:          EnTaRy5TyoM1rnuNFheCaPsO4WRwqRSiLzhl/eiHmNo=
Subject key identifier:   A1:B8:C9:8F:BC:2F:CB:EF:DE:B7:DD:AD:35:4C:76:A4:B6:68:E6:2A
Certificate issuer:       /CN=3CEBAC4057251C8AAAB954DC220B22496BEEF563
Certificate serial:       0277
Authority key identifier: 3C:EB:AC:40:57:25:1C:8A:AA:B9:54:DC:22:0B:22:49:6B:EE:F5:63
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/POusQFclHIqquVTcIgsiSWvu9WM.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/CCP1138480/objJj7wvy-_et92tNUx2pLZo5io.roa
Signing time:             Mon 26 Aug 2024 05:10:10 +0000
ROA not before:           Mon 26 Aug 2024 05:10:10 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     63893
IP address blocks:        2400:50a0::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/CCP1138480/POusQFclHIqquVTcIgsiSWvu9WM.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/CCP1138480/POusQFclHIqquVTcIgsiSWvu9WM.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/POusQFclHIqquVTcIgsiSWvu9WM.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 26 Nov 2024 00:55:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 631 (0x277)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3CEBAC4057251C8AAAB954DC220B22496BEEF563
        Validity
            Not Before: Aug 26 05:10:10 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=A1B8C98FBC2FCBEFDEB7DDAD354C76A4B668E62A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c9:dc:9b:db:a8:5f:b3:c6:a2:b2:8e:ab:57:
                    bc:7a:1d:c9:31:e6:26:b9:65:7e:88:6e:24:31:12:
                    b5:08:99:f3:62:bb:f9:bf:1b:2f:65:c2:e9:ea:8b:
                    4b:f5:4a:ce:ac:80:a2:be:29:b4:e2:17:36:f9:4c:
                    1e:48:25:f5:2a:3c:03:bc:78:3d:b2:ae:44:1e:bf:
                    55:2d:94:98:95:4f:08:61:08:54:fb:52:44:30:6b:
                    3b:d6:2b:8a:55:72:bc:b8:5b:1f:0d:82:f2:2d:a3:
                    a2:f3:93:13:42:86:d5:d6:2b:8b:cd:f1:dc:0c:df:
                    ee:5c:a3:20:07:8d:84:51:f4:27:40:90:63:ef:71:
                    e6:cc:35:c0:5e:8c:4b:36:b7:cc:01:02:8a:1b:b4:
                    d9:74:a5:82:fd:a4:3a:c8:e8:3a:13:12:89:a0:d4:
                    2a:12:bf:27:c0:0f:de:44:7e:8f:ee:8a:1a:58:b8:
                    e8:d5:3c:e3:80:c5:71:56:07:7a:dc:6c:92:75:d4:
                    31:98:a2:38:43:ed:e5:ca:34:8c:4b:9f:45:09:e0:
                    0f:0e:5e:7e:19:b3:38:ee:7e:eb:63:c3:9b:df:18:
                    bc:ea:4f:9a:a1:24:07:9a:8b:7a:12:35:ec:bb:85:
                    b4:3c:90:f2:89:d1:ad:ea:2e:97:0c:21:d5:3e:63:
                    ba:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:B8:C9:8F:BC:2F:CB:EF:DE:B7:DD:AD:35:4C:76:A4:B6:68:E6:2A
            X509v3 Authority Key Identifier:
                keyid:3C:EB:AC:40:57:25:1C:8A:AA:B9:54:DC:22:0B:22:49:6B:EE:F5:63

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CCP1138480/POusQFclHIqquVTcIgsiSWvu9WM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/POusQFclHIqquVTcIgsiSWvu9WM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CCP1138480/objJj7wvy-_et92tNUx2pLZo5io.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:50a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         8e:01:f5:cd:9c:8d:eb:21:96:a9:7d:a2:9a:2c:e7:cd:72:7c:
         d3:b6:41:fb:c2:25:57:e0:9a:c1:84:b1:a4:6d:d4:05:4d:3e:
         10:e3:fe:f5:8e:e0:e4:43:ce:32:87:d3:f9:b8:1f:28:1b:b0:
         08:28:02:54:5d:c9:21:07:d9:ac:a1:5e:57:42:05:25:af:8d:
         9c:07:8d:bd:92:25:7d:f0:98:69:b4:69:c7:38:3e:c3:00:35:
         00:3f:b5:67:95:7a:48:da:d7:01:c1:e5:43:7a:e1:16:f2:30:
         83:61:d0:d5:db:d2:38:f9:aa:76:e1:c2:8d:a4:17:5d:28:28:
         15:5a:00:47:5f:f1:93:ea:1a:d4:5a:ce:91:09:89:e8:6e:27:
         12:6e:f6:c2:a6:2c:46:c8:c5:d2:e3:f3:33:d2:b3:29:1d:80:
         22:01:15:ac:bb:1c:0d:23:cb:b4:02:49:8a:f7:1d:b2:17:cb:
         e8:85:9c:b5:1b:f3:68:05:d1:9f:f3:b3:77:7e:9c:5d:85:a9:
         02:27:f6:49:2f:b2:7d:cd:d6:3e:a7:7f:d6:76:4e:00:42:45:
         03:51:33:05:b9:77:b2:f4:0c:2f:e9:28:65:80:4c:d0:22:fd:
         9b:69:8a:a4:32:cf:bc:f9:c7:3c:4b:02:8a:11:4e:4b:5b:f1:
         2c:12:41:a0
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICAncwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0NF
QkFDNDA1NzI1MUM4QUFBQjk1NERDMjIwQjIyNDk2QkVFRjU2MzAeFw0yNDA4MjYw
NTEwMTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEExQjhDOThGQkMyRkNC
RUZERUI3RERBRDM1NEM3NkE0QjY2OEU2MkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKydyb26hfs8aiso6rV7x6Hckx5ia5ZX6IbiQxErUImfNiu/m/
Gy9lwunqi0v1Ss6sgKK+KbTiFzb5TB5IJfUqPAO8eD2yrkQev1UtlJiVTwhhCFT7
UkQwazvWK4pVcry4Wx8NgvIto6LzkxNChtXWK4vN8dwM3+5coyAHjYRR9CdAkGPv
cebMNcBejEs2t8wBAoobtNl0pYL9pDrI6DoTEomg1CoSvyfAD95Efo/uihpYuOjV
POOAxXFWB3rcbJJ11DGYojhD7eXKNIxLn0UJ4A8OXn4Zszjufutjw5vfGLzqT5qh
JAeai3oSNey7hbQ8kPKJ0a3qLpcMIdU+Y7qvAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUobjJj7wvy+/et92tNUx2pLZo5iowHwYDVR0jBBgwFoAUPOusQFclHIqquVTc
IgsiSWvu9WMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0NQMTEz
ODQ4MC9QT3VzUUZjbEhJcXF1VlRjSWdzaVNXdnU5V00uY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL1BPdXNRRmNsSElxcXVWVGNJZ3NpU1d2dTlXTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NDUDExMzg0ODAvb2JqSmo3d3Z5
LV9ldDkydE5VeDJwTFpvNWlvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQC
AAIwBwMFACQAUKAwDQYJKoZIhvcNAQELBQADggEBAI4B9c2cjeshlql9opos581y
fNO2QfvCJVfgmsGEsaRt1AVNPhDj/vWO4ORDzjKH0/m4HygbsAgoAlRdySEH2ayh
XldCBSWvjZwHjb2SJX3wmGm0acc4PsMANQA/tWeVekja1wHB5UN64RbyMINh0NXb
0jj5qnbhwo2kF10oKBVaAEdf8ZPqGtRazpEJiehuJxJu9sKmLEbIxdLj8zPSsykd
gCIBFay7HA0jy7QCSYr3HbIXy+iFnLUb82gF0Z/zs3d+nF2FqQIn9kkvsn3N1j6n
f9Z2TgBCRQNRMwW5d7L0DC/pKGWATNAi/ZtpiqQyz7z5xzxLAooRTktb8SwSQaA=
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:56:25 2024 by rpki-client on console-fra.rpki-client.org