Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Ji-bOLaZ7cdLEruxdXDkjV5QRgA.roa
File:                     Ji-bOLaZ7cdLEruxdXDkjV5QRgA.roa (raw, json)
Hash identifier:          5WD0IGA5HThYe61ktu+qEtKP9wE/4a21JW8WpFjQ1o4=
Subject key identifier:   26:2F:9B:38:B6:99:ED:C7:4B:12:BB:B1:75:70:E4:8D:5E:50:46:00
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       305A
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Ji-bOLaZ7cdLEruxdXDkjV5QRgA.roa
Signing time:             Mon 26 Aug 2024 05:29:23 +0000
ROA not before:           Mon 26 Aug 2024 05:29:23 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     18429
IP address blocks:        118.232.200.0/25 maxlen: 25

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Nov 2024 07:07:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12378 (0x305a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Aug 26 05:29:23 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=262F9B38B699EDC74B12BBB17570E48D5E504600
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f6:74:f5:89:69:19:18:18:29:97:28:88:93:
                    97:b7:d7:dc:00:71:41:e7:6a:10:4e:6a:19:c6:1e:
                    e1:89:35:31:22:7a:88:3a:16:dc:9a:fa:d5:bf:64:
                    2a:6a:f7:9d:83:1f:7d:6b:ec:62:29:25:57:3d:cb:
                    5f:1a:34:fc:9b:b4:90:e7:05:46:0b:91:f7:16:e5:
                    52:ce:b3:d7:95:4a:cf:65:13:f6:57:2b:9e:4c:61:
                    22:88:f5:a0:19:a5:e6:00:04:eb:ce:7e:d1:98:10:
                    76:f2:19:b6:cf:bd:98:40:85:02:d7:b5:c9:6b:90:
                    b3:22:c4:28:ae:89:f2:47:41:66:44:77:cd:83:d8:
                    04:c1:da:bb:82:68:6c:bd:65:40:3f:9f:3b:c8:91:
                    f1:fb:40:56:4a:c6:d4:4b:12:c2:d3:60:48:8d:6f:
                    ee:d3:da:aa:74:7d:ec:36:a6:c8:2f:51:e2:af:a2:
                    76:2f:cf:91:82:3b:36:e3:28:ce:4f:7b:4e:53:f1:
                    1b:7e:07:30:ac:ae:20:2c:32:e5:df:5b:ba:5d:55:
                    8b:c7:54:73:b7:9a:67:81:51:32:b0:cd:9d:73:8e:
                    12:6b:05:e9:1c:8c:5a:6a:9f:2e:93:d9:30:77:ca:
                    db:35:f6:75:9f:59:43:16:21:52:c7:08:24:bf:95:
                    39:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:2F:9B:38:B6:99:ED:C7:4B:12:BB:B1:75:70:E4:8D:5E:50:46:00
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Ji-bOLaZ7cdLEruxdXDkjV5QRgA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.232.200.0/25

    Signature Algorithm: sha256WithRSAEncryption
         6a:84:96:4c:68:49:87:01:3d:f6:2c:c3:23:5e:2b:23:f0:8c:
         20:01:f9:f5:5c:54:b2:97:9f:ee:32:20:2c:10:f5:1e:63:39:
         bb:4f:af:ba:d5:84:b1:57:57:09:69:07:76:bc:26:2f:d9:b6:
         13:2f:01:e1:2c:c3:b3:90:ac:43:b9:04:76:29:15:5a:a7:96:
         be:44:c9:f8:d2:4e:bf:1a:59:73:83:a8:7c:16:04:52:89:ba:
         8d:d7:29:c3:57:9c:f5:09:1c:3a:aa:7c:99:94:e2:06:8b:d4:
         56:09:c8:5e:40:dc:71:59:8a:26:db:de:a2:f5:19:84:bd:a2:
         f8:48:87:d9:97:38:70:93:66:5a:09:3d:9f:0f:74:c1:57:53:
         3d:1e:71:09:3c:c0:fe:fd:df:cf:32:a4:af:9b:a1:5d:77:b5:
         83:50:b9:aa:43:30:b1:b2:67:f0:12:1e:8c:8c:0c:d9:80:56:
         40:d2:9d:de:d9:2d:be:c2:fc:75:53:8d:f0:95:3d:f9:8b:8a:
         92:cf:87:6b:ac:b4:80:c2:d6:68:9a:84:ab:0d:c6:8d:22:55:
         d9:58:f5:49:1c:e3:9d:33:06:8a:34:63:dd:7d:95:3d:0d:65:
         d1:e6:35:7a:72:f9:fa:48:07:4b:d1:3c:ef:4c:b3:d1:1d:be:
         f7:99:04:5c
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICMFowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNDA4MjYw
NTI5MjNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI2MkY5QjM4QjY5OUVE
Qzc0QjEyQkJCMTc1NzBFNDhENUU1MDQ2MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC29nT1iWkZGBgplyiIk5e319wAcUHnahBOahnGHuGJNTEieog6
Ftya+tW/ZCpq952DH31r7GIpJVc9y18aNPybtJDnBUYLkfcW5VLOs9eVSs9lE/ZX
K55MYSKI9aAZpeYABOvOftGYEHbyGbbPvZhAhQLXtclrkLMixCiuifJHQWZEd82D
2ATB2ruCaGy9ZUA/nzvIkfH7QFZKxtRLEsLTYEiNb+7T2qp0few2psgvUeKvonYv
z5GCOzbjKM5Pe05T8Rt+BzCsriAsMuXfW7pdVYvHVHO3mmeBUTKwzZ1zjhJrBekc
jFpqny6T2TB3yts19nWfWUMWIVLHCCS/lTk9AgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUJi+bOLaZ7cdLEruxdXDkjV5QRgAwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL0ppLWJPTGFaN2NkTEVydXhk
WERralY1UVJnQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgABMAcDBQd2
6MgAMA0GCSqGSIb3DQEBCwUAA4IBAQBqhJZMaEmHAT32LMMjXisj8IwgAfn1XFSy
l5/uMiAsEPUeYzm7T6+61YSxV1cJaQd2vCYv2bYTLwHhLMOzkKxDuQR2KRVap5a+
RMn40k6/Gllzg6h8FgRSibqN1ynDV5z1CRw6qnyZlOIGi9RWCcheQNxxWYom296i
9RmEvaL4SIfZlzhwk2ZaCT2fD3TBV1M9HnEJPMD+/d/PMqSvm6Fdd7WDULmqQzCx
smfwEh6MjAzZgFZA0p3e2S2+wvx1U43wlT35i4qSz4drrLSAwtZomoSrDcaNIlXZ
WPVJHOOdMwaKNGPdfZU9DWXR5jV6cvn6SAdL0TzvTLPRHb73mQRc
-----END CERTIFICATE-----
Generated at Thu Nov 14 05:01:02 2024 by rpki-client on console-fra.rpki-client.org