Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LILIANG/J5X3KcuRT2d_Z846GefwAZvTn7o.roa
File:                     J5X3KcuRT2d_Z846GefwAZvTn7o.roa (raw, json)
Hash identifier:          1tyOAui93vgiKJHU25yZSJh6J81khW9Um+aUY3opVFw=
Subject key identifier:   27:95:F7:29:CB:91:4F:67:7F:67:CE:3A:19:E7:F0:01:9B:D3:9F:BA
Certificate issuer:       /CN=FBE0E2FD417A37B1B56BB37DA16834229A399256
Certificate serial:       F5
Authority key identifier: FB:E0:E2:FD:41:7A:37:B1:B5:6B:B3:7D:A1:68:34:22:9A:39:92:56
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/--Di_UF6N7G1a7N9oWg0Ipo5klY.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/LILIANG/J5X3KcuRT2d_Z846GefwAZvTn7o.roa
Signing time:             Mon 26 Aug 2024 05:20:22 +0000
ROA not before:           Mon 26 Aug 2024 05:20:22 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     131642
IP address blocks:        2401:3060::/32 maxlen: 64

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/LILIANG/--Di_UF6N7G1a7N9oWg0Ipo5klY.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/LILIANG/--Di_UF6N7G1a7N9oWg0Ipo5klY.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/--Di_UF6N7G1a7N9oWg0Ipo5klY.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 22 Nov 2024 14:39:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 245 (0xf5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FBE0E2FD417A37B1B56BB37DA16834229A399256
        Validity
            Not Before: Aug 26 05:20:22 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=2795F729CB914F677F67CE3A19E7F0019BD39FBA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:c2:72:56:62:fb:37:a6:64:64:99:cf:84:85:
                    67:74:af:8b:c8:32:90:8a:84:af:20:f4:45:5f:0b:
                    e2:8a:f5:f6:47:61:7e:49:47:29:f3:e3:6a:b7:d5:
                    b0:25:e8:e6:3f:f9:e8:48:93:bf:0d:a0:c4:25:c5:
                    74:db:ca:50:51:fb:27:68:12:c2:ba:a5:4e:2b:50:
                    99:fb:e5:73:ab:bb:d8:f6:b6:48:07:6a:c1:9f:d4:
                    89:78:2d:af:d2:88:23:bf:6b:60:1f:8a:5d:f5:8d:
                    13:97:83:6f:73:c2:20:bf:1f:a7:f8:0c:c6:f2:a4:
                    b5:d7:b1:31:76:c3:78:22:46:14:28:11:e5:aa:85:
                    f7:12:a3:32:8f:c6:b0:bd:3d:22:5b:ea:b3:bc:5d:
                    d0:41:9f:d5:49:a7:8a:b4:3d:c4:0d:7e:dc:3a:7d:
                    0f:0d:34:44:7a:ea:03:ab:7f:20:de:af:ba:d2:0d:
                    7c:3b:f6:a9:9b:a9:95:69:a4:8d:68:2e:8a:8f:9b:
                    d4:bb:aa:a7:9d:30:ef:30:cd:8b:ba:dd:e9:5f:d1:
                    24:90:13:ad:27:aa:a6:1d:a3:4d:e6:71:e6:7a:c1:
                    cf:34:0e:20:75:37:1f:e6:14:81:ad:ea:ae:b8:3c:
                    a7:88:b0:76:c5:7b:6e:31:ef:00:05:90:35:a8:b4:
                    0b:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:95:F7:29:CB:91:4F:67:7F:67:CE:3A:19:E7:F0:01:9B:D3:9F:BA
            X509v3 Authority Key Identifier:
                keyid:FB:E0:E2:FD:41:7A:37:B1:B5:6B:B3:7D:A1:68:34:22:9A:39:92:56

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LILIANG/--Di_UF6N7G1a7N9oWg0Ipo5klY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/--Di_UF6N7G1a7N9oWg0Ipo5klY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LILIANG/J5X3KcuRT2d_Z846GefwAZvTn7o.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:3060::/32

    Signature Algorithm: sha256WithRSAEncryption
         32:c5:56:9a:f7:7e:27:d6:37:fd:87:0e:4f:b9:c7:f5:7d:a2:
         31:a8:ce:36:0a:7c:44:fe:0b:3e:01:eb:fc:bc:eb:28:2c:8c:
         9e:a0:e0:f3:04:3c:0f:66:d1:7c:ef:1e:a0:1a:c9:f6:6e:41:
         c8:45:90:a3:18:8b:2b:c6:ff:d0:41:3f:1f:e5:6e:ec:f5:d1:
         53:1a:43:39:18:a8:5d:43:50:42:ca:70:ce:02:33:0b:46:fd:
         58:8e:1c:0b:a5:59:77:c7:c9:0b:05:23:d9:0d:01:db:94:b8:
         94:d9:55:eb:a9:0a:ae:43:31:a3:fe:1d:ea:49:42:8a:c2:33:
         ff:3c:08:4c:08:d3:a4:14:ac:99:e9:18:62:d2:35:1f:e9:12:
         9e:ff:64:58:b5:4c:70:2a:b6:d8:3d:1c:ba:eb:16:bb:66:07:
         b2:26:b9:58:d2:50:6f:29:7f:58:96:70:b2:47:e7:9e:da:cb:
         8f:33:ed:9c:f8:f4:ec:dc:4b:5e:3f:d5:b1:e1:87:73:de:d8:
         63:b3:16:e6:e0:40:09:8c:7d:11:4e:47:bf:2d:5f:b4:56:df:
         d4:26:fb:fa:54:7a:35:64:7a:b3:bf:ef:29:65:68:cb:aa:c8:
         84:5b:ac:e9:c6:d6:53:78:2e:13:a4:63:64:b3:2a:63:97:12:
         1d:1b:c6:cc
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICAPUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkJF
MEUyRkQ0MTdBMzdCMUI1NkJCMzdEQTE2ODM0MjI5QTM5OTI1NjAeFw0yNDA4MjYw
NTIwMjJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI3OTVGNzI5Q0I5MTRG
Njc3RjY3Q0UzQTE5RTdGMDAxOUJEMzlGQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAwnJWYvs3pmRkmc+EhWd0r4vIMpCKhK8g9EVfC+KK9fZHYX5J
Rynz42q31bAl6OY/+ehIk78NoMQlxXTbylBR+ydoEsK6pU4rUJn75XOru9j2tkgH
asGf1Il4La/SiCO/a2Afil31jROXg29zwiC/H6f4DMbypLXXsTF2w3giRhQoEeWq
hfcSozKPxrC9PSJb6rO8XdBBn9VJp4q0PcQNftw6fQ8NNER66gOrfyDer7rSDXw7
9qmbqZVppI1oLoqPm9S7qqedMO8wzYu63elf0SSQE60nqqYdo03mceZ6wc80DiB1
Nx/mFIGt6q64PKeIsHbFe24x7wAFkDWotAthAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUJ5X3KcuRT2d/Z846GefwAZvTn7owHwYDVR0jBBgwFoAU++Di/UF6N7G1a7N9
oWg0Ipo5klYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTElMSUFO
Ry8tLURpX1VGNk43RzFhN045b1dnMElwbzVrbFkuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBLy0tRGlfVUY2TjdHMWE3TjlvV2cwSXBvNWtsWS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0xJTElBTkcvSjVYM0tjdVJUMmRfWjg0
NkdlZndBWnZUbjdvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACQBMGAwDQYJKoZIhvcNAQELBQADggEBADLFVpr3fifWN/2HDk+5x/V9ojGozjYK
fET+Cz4B6/y86ygsjJ6g4PMEPA9m0XzvHqAayfZuQchFkKMYiyvG/9BBPx/lbuz1
0VMaQzkYqF1DUELKcM4CMwtG/ViOHAulWXfHyQsFI9kNAduUuJTZVeupCq5DMaP+
HepJQorCM/88CEwI06QUrJnpGGLSNR/pEp7/ZFi1THAqttg9HLrrFrtmB7ImuVjS
UG8pf1iWcLJH557ay48z7Zz49OzcS14/1bHhh3Pe2GOzFubgQAmMfRFOR78tX7RW
39Qm+/pUejVkerO/7yllaMuqyIRbrOnG1lN4LhOkY2SzKmOXEh0bxsw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:06:52 2024 by rpki-client on console-fra.rpki-client.org