Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/iP6B8L9Kf_dJl7AVDTUa17Q2AZg.roa
File:                     iP6B8L9Kf_dJl7AVDTUa17Q2AZg.roa (raw, json)
Hash identifier:          9KXKRYZvmqJiumZsSuehcWU/ku2n4NRXfFbyB0y5acU=
Subject key identifier:   88:FE:81:F0:BF:4A:7F:F7:49:97:B0:15:0D:35:1A:D7:B4:36:01:98
Certificate issuer:       /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial:       0CE9
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/iP6B8L9Kf_dJl7AVDTUa17Q2AZg.roa
Signing time:             Mon 26 Aug 2024 05:12:49 +0000
ROA not before:           Mon 26 Aug 2024 05:12:49 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     9244
IP address blocks:        61.56.65.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 22 Nov 2024 14:39:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3305 (0xce9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
        Validity
            Not Before: Aug 26 05:12:49 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=88FE81F0BF4A7FF74997B0150D351AD7B4360198
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c4:67:99:f8:4c:a7:0a:0b:13:d8:e3:65:8f:
                    57:9c:d0:d9:d1:3e:2f:7b:1c:3b:93:00:a6:d2:cd:
                    3c:72:7e:d0:79:15:2b:27:6e:35:62:b9:a5:ba:3e:
                    6a:1d:ca:42:8b:81:9b:f5:8e:0f:b4:77:ed:e5:f7:
                    71:87:fe:0d:34:47:d8:ec:75:bf:ca:dd:b5:72:2c:
                    0b:02:cc:69:ec:68:74:e1:7f:ed:fa:3c:65:e0:bc:
                    e7:d9:14:9c:b2:9c:73:3b:7c:7b:7f:cc:5a:1f:54:
                    40:ab:73:24:a1:5e:73:98:4d:49:da:cb:6d:1f:14:
                    52:72:7f:c6:62:82:5e:3c:95:0a:14:99:41:ad:25:
                    3e:fd:7d:24:fd:f6:23:cb:5f:08:d8:16:8a:73:d7:
                    ef:7f:b2:b6:fc:1e:8e:5d:08:61:13:6a:be:a6:4c:
                    9b:54:9a:9e:5b:ba:2e:15:7a:94:47:63:f4:c8:47:
                    c8:5f:45:d6:5a:41:c0:1a:6b:69:d7:43:f2:de:f0:
                    4b:e5:08:21:dc:fb:97:16:da:a1:ab:76:53:95:52:
                    69:dd:85:f8:30:b6:aa:84:7d:05:1a:08:80:27:ef:
                    23:d5:9f:93:f7:b8:78:2d:bc:54:b2:a5:2b:cc:15:
                    b5:93:bb:08:c1:b0:8b:7c:ac:42:98:3d:31:ca:5c:
                    75:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:FE:81:F0:BF:4A:7F:F7:49:97:B0:15:0D:35:1A:D7:B4:36:01:98
            X509v3 Authority Key Identifier:
                keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/iP6B8L9Kf_dJl7AVDTUa17Q2AZg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.56.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:6b:f0:00:92:f0:3d:cc:b1:ce:ae:22:76:cb:ee:34:41:6a:
         d3:47:30:df:56:c0:3f:90:ee:cd:0c:1e:8f:e1:77:93:7c:53:
         ee:69:b8:8f:a9:91:d3:0c:66:44:71:5a:1a:1a:86:9a:02:77:
         53:0c:5b:8d:cd:54:b5:ad:1d:8f:21:a5:33:bd:ab:15:9b:28:
         29:bd:05:b3:e0:34:b0:35:46:8d:ea:7e:b9:c2:69:b5:2a:4c:
         20:e0:52:91:86:a5:98:17:f1:03:c7:9f:a7:b7:f4:35:0c:59:
         39:c2:c1:8e:17:d2:c0:b4:1f:ad:dc:97:e1:8e:9e:ff:d5:b8:
         4d:fa:bc:e5:e7:be:52:45:22:75:2e:bc:67:07:5f:61:1a:b5:
         ab:3e:13:8e:74:11:4f:09:c2:56:2d:44:27:d4:7e:ec:07:27:
         67:85:2d:6f:54:83:08:1b:24:b5:a7:dc:8b:c6:91:af:17:3f:
         ab:95:e4:d9:84:c8:e7:79:f5:ae:74:b9:83:72:e2:b6:d5:63:
         5a:bd:3f:83:6d:d0:4c:28:6f:71:37:ec:e3:55:e5:4a:0e:2c:
         f9:e3:a8:25:8b:5a:4a:d2:37:7b:b5:ea:81:4e:47:62:81:ec:
         64:bd:61:5a:24:b0:54:0d:38:2f:17:23:92:09:a5:f0:fb:02:
         0e:0f:e8:65
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDOkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yNDA4MjYw
NTEyNDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg4RkU4MUYwQkY0QTdG
Rjc0OTk3QjAxNTBEMzUxQUQ3QjQzNjAxOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzxGeZ+EynCgsT2ONlj1ec0NnRPi97HDuTAKbSzTxyftB5FSsn
bjViuaW6PmodykKLgZv1jg+0d+3l93GH/g00R9jsdb/K3bVyLAsCzGnsaHThf+36
PGXgvOfZFJyynHM7fHt/zFofVECrcyShXnOYTUnay20fFFJyf8Zigl48lQoUmUGt
JT79fST99iPLXwjYFopz1+9/srb8Ho5dCGETar6mTJtUmp5bui4VepRHY/TIR8hf
RdZaQcAaa2nXQ/Le8EvlCCHc+5cW2qGrdlOVUmndhfgwtqqEfQUaCIAn7yPVn5P3
uHgtvFSypSvMFbWTuwjBsIt8rEKYPTHKXHXTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUiP6B8L9Kf/dJl7AVDTUa17Q2AZgwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL2lQNkI4TDlLZl9kSmw3QVZE
VFVhMTdRMkFaZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9
OEEwDQYJKoZIhvcNAQELBQADggEBAIZr8ACS8D3Msc6uInbL7jRBatNHMN9WwD+Q
7s0MHo/hd5N8U+5puI+pkdMMZkRxWhoahpoCd1MMW43NVLWtHY8hpTO9qxWbKCm9
BbPgNLA1Ro3qfrnCabUqTCDgUpGGpZgX8QPHn6e39DUMWTnCwY4X0sC0H63cl+GO
nv/VuE36vOXnvlJFInUuvGcHX2Eatas+E450EU8JwlYtRCfUfuwHJ2eFLW9Ugwgb
JLWn3IvGka8XP6uV5NmEyOd59a50uYNy4rbVY1q9P4Nt0Ewob3E37ONV5UoOLPnj
qCWLWkrSN3u16oFOR2KB7GS9YVoksFQNOC8XI5IJpfD7Ag4P6GU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:30 2024 by rpki-client on console-ams.rpki-client.org