Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PAGIC/psX_xXjKKTR1y14gNI_xLsCtnJY.roa
File:                     psX_xXjKKTR1y14gNI_xLsCtnJY.roa (raw, json)
Hash identifier:          R0p48LTEDJkGixMNPIPtWwmtgCw+NxKUxNOiX+DJGTU=
Subject key identifier:   A6:C5:FF:C5:78:CA:29:34:75:CB:5E:20:34:8F:F1:2E:C0:AD:9C:96
Certificate issuer:       /CN=529B606DB86283BD4A08AF7EB33EF38A256631BB
Certificate serial:       0C47
Authority key identifier: 52:9B:60:6D:B8:62:83:BD:4A:08:AF:7E:B3:3E:F3:8A:25:66:31:BB
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Uptgbbhig71KCK9-sz7ziiVmMbs.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PAGIC/psX_xXjKKTR1y14gNI_xLsCtnJY.roa
Signing time:             Mon 26 Aug 2024 05:23:49 +0000
ROA not before:           Mon 26 Aug 2024 05:23:49 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     4781
IP address blocks:        210.63.103.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/PAGIC/Uptgbbhig71KCK9-sz7ziiVmMbs.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/PAGIC/Uptgbbhig71KCK9-sz7ziiVmMbs.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/Uptgbbhig71KCK9-sz7ziiVmMbs.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 22 Nov 2024 14:39:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3143 (0xc47)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=529B606DB86283BD4A08AF7EB33EF38A256631BB
        Validity
            Not Before: Aug 26 05:23:49 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=A6C5FFC578CA293475CB5E20348FF12EC0AD9C96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:5b:73:43:04:41:45:80:a7:42:b0:f0:96:ce:
                    0c:96:cf:0a:70:be:a0:d2:1f:8c:f2:a1:d5:d6:e6:
                    60:d3:de:b3:67:97:c3:e5:2d:10:50:07:3c:a9:ef:
                    a9:90:0a:eb:1c:b9:36:ae:77:d5:e6:c5:34:ac:96:
                    6c:4b:a1:8e:96:9c:2f:e1:4d:0d:71:e3:38:fc:71:
                    b0:d1:37:f8:f4:ee:25:fa:88:f3:8d:cb:3f:fb:34:
                    5a:00:71:bd:51:b9:2a:d9:58:f6:c4:2e:6d:b3:97:
                    3a:b0:22:6a:02:22:22:4d:00:8f:d7:e3:30:cf:32:
                    50:c8:fb:3f:95:f1:70:5e:26:ba:40:fa:87:a7:4b:
                    46:4d:02:5b:0a:a6:a0:4e:e2:67:57:d5:c2:c3:83:
                    e1:e8:8f:d0:54:76:82:1c:ae:a9:85:88:5d:c6:c0:
                    ab:32:6a:0d:ed:09:1f:ce:1c:37:02:9b:24:f8:20:
                    e7:57:76:c4:a7:65:f5:2b:42:7b:21:fc:50:07:8a:
                    49:db:43:b3:84:1c:f8:3e:bf:ab:fc:0f:95:21:54:
                    c4:22:bf:e8:cb:3b:48:2b:bb:ca:10:65:32:87:be:
                    43:e8:67:f5:88:17:ba:f3:c5:32:80:e4:16:b9:df:
                    ce:c0:50:5c:61:27:c3:13:c7:af:78:77:1a:61:9d:
                    80:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:C5:FF:C5:78:CA:29:34:75:CB:5E:20:34:8F:F1:2E:C0:AD:9C:96
            X509v3 Authority Key Identifier:
                keyid:52:9B:60:6D:B8:62:83:BD:4A:08:AF:7E:B3:3E:F3:8A:25:66:31:BB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PAGIC/Uptgbbhig71KCK9-sz7ziiVmMbs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Uptgbbhig71KCK9-sz7ziiVmMbs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PAGIC/psX_xXjKKTR1y14gNI_xLsCtnJY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.63.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:f6:7f:ab:af:3f:03:cd:70:11:c8:7f:e9:19:9d:e7:7f:1f:
         5a:c2:7c:42:57:54:60:9b:19:34:b6:4d:bd:1b:72:f9:42:47:
         aa:b8:cb:55:a6:5b:64:a1:dd:5a:fa:e6:52:45:ae:0e:32:c7:
         a0:88:47:09:6c:e2:ce:40:35:d1:dc:ae:bc:1e:c1:a1:ca:28:
         64:7d:af:98:02:3d:b7:38:30:c0:b9:ed:6d:d8:69:b2:e1:ec:
         6e:e6:bf:86:f1:8f:38:22:89:e2:d3:a7:38:a4:75:92:75:92:
         2d:ab:01:84:2b:8f:05:9d:09:d2:b3:db:fb:d4:b1:3a:93:7d:
         17:08:12:df:09:ad:97:e7:37:bc:57:ef:55:33:5f:b8:d9:48:
         53:4f:6b:3b:da:30:9b:bc:ae:e6:fa:50:a8:63:46:2c:99:7c:
         69:11:0c:aa:87:9d:f0:0f:53:a9:ad:ba:c9:3c:81:a5:fa:18:
         84:00:3d:79:33:99:14:39:30:cf:c6:46:a7:2a:4b:3f:a1:2d:
         f4:ac:9c:b7:4e:4b:11:b7:47:21:06:00:13:1d:c8:4e:ee:95:
         86:3c:b3:0a:92:2c:53:d8:07:38:9c:04:fd:31:81:bd:42:52:
         3b:46:19:0c:3e:35:13:10:2c:a8:46:7d:5f:5c:8a:19:74:a5:
         a5:39:4c:33
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDEcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTI5
QjYwNkRCODYyODNCRDRBMDhBRjdFQjMzRUYzOEEyNTY2MzFCQjAeFw0yNDA4MjYw
NTIzNDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE2QzVGRkM1NzhDQTI5
MzQ3NUNCNUUyMDM0OEZGMTJFQzBBRDlDOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8W3NDBEFFgKdCsPCWzgyWzwpwvqDSH4zyodXW5mDT3rNnl8Pl
LRBQBzyp76mQCuscuTaud9XmxTSslmxLoY6WnC/hTQ1x4zj8cbDRN/j07iX6iPON
yz/7NFoAcb1RuSrZWPbELm2zlzqwImoCIiJNAI/X4zDPMlDI+z+V8XBeJrpA+oen
S0ZNAlsKpqBO4mdX1cLDg+Hoj9BUdoIcrqmFiF3GwKsyag3tCR/OHDcCmyT4IOdX
dsSnZfUrQnsh/FAHiknbQ7OEHPg+v6v8D5UhVMQiv+jLO0gru8oQZTKHvkPoZ/WI
F7rzxTKA5Ba5387AUFxhJ8MTx694dxphnYD5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUpsX/xXjKKTR1y14gNI/xLsCtnJYwHwYDVR0jBBgwFoAUUptgbbhig71KCK9+
sz7ziiVmMbswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUEFHSUMv
VXB0Z2JiaGlnNzFLQ0s5LXN6N3ppaVZtTWJzLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9VcHRnYmJoaWc3MUtDSzktc3o3emlpVm1NYnMuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9QQUdJQy9wc1hfeFhqS0tUUjF5MTRnTklf
eExzQ3RuSlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0j9n
MA0GCSqGSIb3DQEBCwUAA4IBAQA49n+rrz8DzXARyH/pGZ3nfx9awnxCV1Rgmxk0
tk29G3L5QkequMtVpltkod1a+uZSRa4OMsegiEcJbOLOQDXR3K68HsGhyihkfa+Y
Aj23ODDAue1t2Gmy4exu5r+G8Y84Ioni06c4pHWSdZItqwGEK48FnQnSs9v71LE6
k30XCBLfCa2X5ze8V+9VM1+42UhTT2s72jCbvK7m+lCoY0YsmXxpEQyqh53wD1Op
rbrJPIGl+hiEAD15M5kUOTDPxkanKks/oS30rJy3TksRt0chBgATHchO7pWGPLMK
kixT2Ac4nAT9MYG9QlI7RhkMPjUTECyoRn1fXIoZdKWlOUwz
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:34 2024 by rpki-client on console-ams.rpki-client.org