Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SCNET/-jmlML6tC9GmJeiTo_PITrjrKEM.roa
File:                     -jmlML6tC9GmJeiTo_PITrjrKEM.roa (raw, json)
Hash identifier:          fwjevavb9+Cmi4GWTY98ft0AEUUm/ePHhRPEtHx7A7I=
Subject key identifier:   FA:39:A5:30:BE:AD:0B:D1:A6:25:E8:93:A3:F3:C8:4E:B8:EB:28:43
Certificate issuer:       /CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
Certificate serial:       1355
Authority key identifier: 34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/-jmlML6tC9GmJeiTo_PITrjrKEM.roa
Signing time:             Mon 26 Aug 2024 05:25:28 +0000
ROA not before:           Mon 26 Aug 2024 05:25:28 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     215913
IP address blocks:        103.123.219.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/NJuc6QrgPa0ZvFTf9jroxB4iOUg.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/NJuc6QrgPa0ZvFTf9jroxB4iOUg.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 20:24:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4949 (0x1355)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
        Validity
            Not Before: Aug 26 05:25:28 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=FA39A530BEAD0BD1A625E893A3F3C84EB8EB2843
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:8a:60:de:d0:fd:b3:5c:58:32:12:03:e9:56:
                    12:3e:8a:1e:34:5a:c7:f1:e9:f6:2b:b8:8c:07:1b:
                    7e:2b:37:30:3c:eb:60:81:c9:70:c7:03:c7:43:ee:
                    90:ce:c1:44:3e:87:d0:62:98:a5:d5:49:59:ac:47:
                    20:5d:e4:e5:54:18:5a:bc:51:65:a9:aa:09:b0:48:
                    00:98:fc:b5:ec:4e:39:ed:cd:6f:21:b5:7d:e3:7f:
                    2f:20:d1:af:21:b9:37:57:ef:d6:39:64:58:ed:df:
                    53:7f:07:a2:af:42:0e:c6:d3:c2:21:2b:4b:b0:d6:
                    6a:33:d9:28:b8:4c:34:2c:bb:ef:83:5a:ff:f4:d8:
                    9d:e2:24:83:ec:a1:c1:a8:be:1f:56:dd:1e:7c:93:
                    6f:88:52:82:c9:a9:f9:51:cb:71:5b:2d:a4:ed:6f:
                    47:2d:b3:a2:3f:02:45:50:33:4f:dc:4e:da:a8:6f:
                    2f:bb:e7:7e:f9:1f:f4:49:6c:50:7f:7f:be:66:44:
                    f7:6b:7f:42:57:3d:9f:f8:fe:1f:0f:d0:d7:9c:80:
                    6a:69:1f:1c:46:19:38:ad:69:34:6f:68:f8:c2:cb:
                    cc:8d:45:ab:15:1e:9a:c6:15:06:3a:41:d7:d1:fb:
                    b0:47:87:3d:06:17:93:fc:bb:50:b3:29:e2:0a:44:
                    c7:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:39:A5:30:BE:AD:0B:D1:A6:25:E8:93:A3:F3:C8:4E:B8:EB:28:43
            X509v3 Authority Key Identifier:
                keyid:34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/NJuc6QrgPa0ZvFTf9jroxB4iOUg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/-jmlML6tC9GmJeiTo_PITrjrKEM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.123.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:ad:94:c7:9e:f1:c5:df:f7:b8:33:db:d8:01:09:ee:90:0c:
         49:c4:8d:ec:f7:ef:74:f6:d7:d6:77:4e:8b:73:67:1e:1f:5f:
         7e:4c:86:2d:50:ad:44:39:41:5b:8d:a0:20:da:f6:7f:1b:1b:
         87:01:db:11:e6:43:e5:b5:ef:e8:b5:2c:8e:ea:91:9f:2c:c0:
         07:f5:7a:d0:50:a6:dd:af:38:a9:9a:8d:6a:f9:ce:30:92:05:
         bd:72:12:63:15:0c:e8:33:7f:1a:ca:e0:53:22:74:c5:50:92:
         6e:f4:74:19:8d:b3:c7:e3:21:cf:88:e3:95:58:fb:94:d8:67:
         a1:c8:b2:3b:34:d5:a3:c1:f8:56:07:a5:eb:9c:09:a9:36:28:
         43:b6:dc:cc:72:78:e0:4c:b5:89:91:af:db:dd:7c:0e:7d:ef:
         bb:a5:d8:7a:02:3c:6d:48:05:fb:4b:0b:24:86:25:03:07:96:
         93:85:ce:71:1d:49:5f:19:44:32:66:92:f9:82:35:ed:61:5c:
         6c:84:d5:0e:e7:a9:29:6c:d8:b7:90:e7:df:ca:12:9e:08:60:
         ee:db:7f:72:9b:e3:3f:cf:99:73:1d:fe:b1:04:43:f8:75:8a:
         1b:56:e6:9e:f4:57:bc:96:77:2c:5f:84:b1:fa:33:4c:5d:e1:
         19:d9:d6:63
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICE1UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzQ5
QjlDRTkwQUUwM0RBRDE5QkM1NERGRjYzQUU4QzQxRTIyMzk0ODAeFw0yNDA4MjYw
NTI1MjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEZBMzlBNTMwQkVBRDBC
RDFBNjI1RTg5M0EzRjNDODRFQjhFQjI4NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5imDe0P2zXFgyEgPpVhI+ih40Wsfx6fYruIwHG34rNzA862CB
yXDHA8dD7pDOwUQ+h9BimKXVSVmsRyBd5OVUGFq8UWWpqgmwSACY/LXsTjntzW8h
tX3jfy8g0a8huTdX79Y5ZFjt31N/B6KvQg7G08IhK0uw1moz2Si4TDQsu++DWv/0
2J3iJIPsocGovh9W3R58k2+IUoLJqflRy3FbLaTtb0cts6I/AkVQM0/cTtqoby+7
5375H/RJbFB/f75mRPdrf0JXPZ/4/h8P0NecgGppHxxGGTitaTRvaPjCy8yNRasV
HprGFQY6QdfR+7BHhz0GF5P8u1CzKeIKRMdXAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU+jmlML6tC9GmJeiTo/PITrjrKEMwHwYDVR0jBBgwFoAUNJuc6QrgPa0ZvFTf
9jroxB4iOUgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0NORVQv
Tkp1YzZRcmdQYTBadkZUZjlqcm94QjRpT1VnLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9OSnVjNlFyZ1BhMFp2RlRmOWpyb3hCNGlPVWcuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TQ05FVC8tam1sTUw2dEM5R21KZWlUb19Q
SVRyanJLRU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ3vb
MA0GCSqGSIb3DQEBCwUAA4IBAQB/rZTHnvHF3/e4M9vYAQnukAxJxI3s9+909tfW
d06Lc2ceH19+TIYtUK1EOUFbjaAg2vZ/GxuHAdsR5kPlte/otSyO6pGfLMAH9XrQ
UKbdrzipmo1q+c4wkgW9chJjFQzoM38ayuBTInTFUJJu9HQZjbPH4yHPiOOVWPuU
2GehyLI7NNWjwfhWB6XrnAmpNihDttzMcnjgTLWJka/b3XwOfe+7pdh6AjxtSAX7
SwskhiUDB5aThc5xHUlfGUQyZpL5gjXtYVxshNUO56kpbNi3kOffyhKeCGDu239y
m+M/z5lzHf6xBEP4dYobVuae9Fe8lncsX4Sx+jNMXeEZ2dZj
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:13 2024 by rpki-client on console-ams.rpki-client.org