Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/sAaSupDiX-xleN6WbxQ6SbaoTMk.roa
File:                     sAaSupDiX-xleN6WbxQ6SbaoTMk.roa (raw, json)
Hash identifier:          BpjURzlT7DBmV6OVR8idbjHvZISqsJEAZQoZaraiIq8=
Subject key identifier:   B0:06:92:BA:90:E2:5F:EC:65:78:DE:96:6F:14:3A:49:B6:A8:4C:C9
Certificate issuer:       /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial:       11E7
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/sAaSupDiX-xleN6WbxQ6SbaoTMk.roa
Signing time:             Mon 26 Aug 2024 05:24:30 +0000
ROA not before:           Mon 26 Aug 2024 05:24:30 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     131628
IP address blocks:        175.99.224.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 22 Nov 2024 14:39:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4583 (0x11e7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
        Validity
            Not Before: Aug 26 05:24:30 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=B00692BA90E25FEC6578DE966F143A49B6A84CC9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:48:ca:1a:70:8f:c8:09:4a:2f:35:76:1f:65:
                    f1:f5:af:72:9e:32:43:eb:86:5e:18:bb:ef:9c:e3:
                    ff:64:d2:19:b4:77:ce:44:ab:52:ae:49:4b:82:24:
                    3b:28:52:0d:0a:a9:15:44:c3:87:57:1e:27:4d:92:
                    dc:9d:92:40:a5:87:11:db:85:00:4c:73:fe:85:08:
                    26:1e:64:7a:98:dd:01:cd:62:0a:77:77:b3:c1:7d:
                    e3:5e:76:6e:0d:28:2a:c1:6a:5f:22:02:10:7c:e8:
                    cd:8d:80:99:cf:ca:bd:2f:d3:96:f5:31:6f:2c:ff:
                    99:ed:24:c5:47:50:50:9a:29:3c:18:40:28:2f:e2:
                    85:9d:4e:4e:00:4e:62:19:c2:b0:d3:df:d4:0d:08:
                    86:6b:3f:65:db:bb:d1:78:c8:50:0c:8a:11:ef:4a:
                    47:19:23:09:97:ce:61:ec:66:94:3a:4c:86:11:43:
                    92:b2:90:ae:48:eb:a9:13:7f:c9:76:bc:35:e0:45:
                    51:7c:fc:e5:23:2c:8a:ee:13:02:e5:12:4f:e9:0b:
                    da:30:15:66:21:c2:69:f4:05:52:64:82:d5:d5:44:
                    f2:ea:77:9b:a6:44:6c:c8:c4:b5:00:b6:46:f4:fc:
                    92:04:c6:4d:ba:e9:9e:69:82:c7:88:0b:32:47:41:
                    13:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:06:92:BA:90:E2:5F:EC:65:78:DE:96:6F:14:3A:49:B6:A8:4C:C9
            X509v3 Authority Key Identifier:
                keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/sAaSupDiX-xleN6WbxQ6SbaoTMk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.99.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:1f:4b:7a:7b:1a:79:6b:8b:51:45:1f:5f:50:6c:e4:ef:f1:
         12:43:7f:24:13:32:8e:0f:29:ea:92:7d:42:f5:c6:1f:4c:30:
         30:96:c9:86:8f:7e:52:0f:3e:61:cf:f1:ad:d0:ab:f6:a6:45:
         53:b4:90:56:08:61:00:84:a9:58:2e:b0:51:7f:44:a6:a7:ad:
         f1:e7:9b:20:70:60:9c:76:a5:8f:5d:1f:fd:80:34:f3:6e:30:
         0e:2a:06:2b:6f:fc:78:bb:f2:f2:19:cc:50:03:30:33:46:d7:
         d5:1c:b7:31:2b:f1:5e:a9:77:0f:f4:d4:dc:e2:48:71:f0:df:
         b1:63:8c:c9:69:15:b1:a1:13:d6:5f:72:40:7f:9b:b2:74:e3:
         e5:25:8b:25:b1:29:18:44:63:9d:16:a5:22:09:68:d8:6d:f9:
         e7:0e:c5:c8:94:19:52:2d:f1:fb:02:3a:6b:27:9f:88:ed:a6:
         d5:37:e7:a5:11:3f:ee:56:1d:fb:74:0b:ce:71:de:c3:87:89:
         22:ce:6e:47:cf:65:7e:2f:a0:52:8a:af:75:0f:28:d8:1b:e8:
         8a:45:35:8a:95:d5:cb:4d:3f:6f:7e:ea:5d:ce:0f:0b:a7:af:
         bb:60:07:fe:58:98:fc:b3:d6:fe:af:3c:ba:21:25:c7:82:5b:
         98:75:83:4f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEecwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNDA4MjYw
NTI0MzBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIwMDY5MkJBOTBFMjVG
RUM2NTc4REU5NjZGMTQzQTQ5QjZBODRDQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGSMoacI/ICUovNXYfZfH1r3KeMkPrhl4Yu++c4/9k0hm0d85E
q1KuSUuCJDsoUg0KqRVEw4dXHidNktydkkClhxHbhQBMc/6FCCYeZHqY3QHNYgp3
d7PBfeNedm4NKCrBal8iAhB86M2NgJnPyr0v05b1MW8s/5ntJMVHUFCaKTwYQCgv
4oWdTk4ATmIZwrDT39QNCIZrP2Xbu9F4yFAMihHvSkcZIwmXzmHsZpQ6TIYRQ5Ky
kK5I66kTf8l2vDXgRVF8/OUjLIruEwLlEk/pC9owFWYhwmn0BVJkgtXVRPLqd5um
RGzIxLUAtkb0/JIExk266Z5pgseICzJHQRPLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUsAaSupDiX+xleN6WbxQ6SbaoTMkwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvc0FhU3VwRGlYLXhsZU42
V2J4UTZTYmFvVE1rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AK9j4DANBgkqhkiG9w0BAQsFAAOCAQEAlx9LensaeWuLUUUfX1Bs5O/xEkN/JBMy
jg8p6pJ9QvXGH0wwMJbJho9+Ug8+Yc/xrdCr9qZFU7SQVghhAISpWC6wUX9Epqet
8eebIHBgnHalj10f/YA0824wDioGK2/8eLvy8hnMUAMwM0bX1Ry3MSvxXql3D/TU
3OJIcfDfsWOMyWkVsaET1l9yQH+bsnTj5SWLJbEpGERjnRalIglo2G355w7FyJQZ
Ui3x+wI6ayefiO2m1TfnpRE/7lYd+3QLznHew4eJIs5uR89lfi+gUoqvdQ8o2Bvo
ikU1ipXVy00/b37qXc4PC6evu2AH/liY/LPW/q88uiElx4JbmHWDTw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:06:53 2024 by rpki-client on console-fra.rpki-client.org