Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/M0Ny5IlK7fyZhQfn1xkuW6TFuYY.roa
File:                     M0Ny5IlK7fyZhQfn1xkuW6TFuYY.roa (raw, json)
Hash identifier:          aJqniM3oQwHvyQhBbKr7O5cB+CZT8Hm9zWMK3nBINp8=
Subject key identifier:   33:43:72:E4:89:4A:ED:FC:99:85:07:E7:D7:19:2E:5B:A4:C5:B9:86
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       31AA
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/M0Ny5IlK7fyZhQfn1xkuW6TFuYY.roa
Signing time:             Mon 26 Aug 2024 05:30:48 +0000
ROA not before:           Mon 26 Aug 2024 05:30:48 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     18429
IP address blocks:        118.232.196.64/26 maxlen: 26

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 20:24:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12714 (0x31aa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Aug 26 05:30:48 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=334372E4894AEDFC998507E7D7192E5BA4C5B986
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:6e:ab:b1:e7:61:58:6a:b4:99:17:2b:a1:71:
                    73:f0:68:86:4e:d8:54:f4:d6:c7:3a:0d:46:da:c5:
                    14:31:30:50:b3:1c:db:f7:bb:ce:58:e6:5f:78:35:
                    86:e7:e0:09:07:a2:6b:95:b7:48:78:6a:2e:cf:1d:
                    27:4b:6a:50:be:04:b7:13:6c:bb:7d:7a:e9:c7:9c:
                    c0:bb:5e:c3:b2:58:23:62:60:72:a3:bc:80:8f:03:
                    ff:a9:c0:b2:b7:6b:07:72:73:54:ea:a2:81:7f:9e:
                    b8:ef:2f:d3:6f:af:c9:b5:3d:5d:03:37:a5:42:1a:
                    63:3b:1d:ff:60:1f:b3:9d:1b:23:36:83:5d:aa:57:
                    b9:9e:81:4f:16:1f:b0:7a:9a:35:a3:c4:3c:ba:ae:
                    bd:f2:eb:a9:e6:70:f5:d3:42:17:fb:d8:fd:44:78:
                    db:9e:21:1f:4d:c4:68:a5:7a:1e:aa:35:7c:d8:99:
                    55:e3:2a:b6:11:9a:a1:e2:3c:12:8c:f7:64:bf:b2:
                    af:d8:da:45:f3:9b:63:12:68:0f:04:65:6c:6f:85:
                    d2:52:71:1c:b1:93:eb:7d:ff:7e:6a:7b:e0:eb:85:
                    9f:0b:94:29:5e:63:45:6e:db:36:74:c7:0c:06:42:
                    07:69:6f:90:74:d1:ad:61:02:b6:70:a1:af:ff:8b:
                    58:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:43:72:E4:89:4A:ED:FC:99:85:07:E7:D7:19:2E:5B:A4:C5:B9:86
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/M0Ny5IlK7fyZhQfn1xkuW6TFuYY.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.232.196.64/26

    Signature Algorithm: sha256WithRSAEncryption
         1b:95:ff:d5:86:4a:65:fd:ce:a0:64:9c:5d:93:c5:6e:af:33:
         2e:c7:60:2e:46:bd:0e:8e:2c:c3:49:0c:fd:6a:98:f0:60:84:
         bb:42:98:6a:cd:b4:41:87:08:1f:be:15:88:64:5d:37:12:20:
         89:59:9f:93:b9:b5:e6:74:64:35:9b:bf:a3:48:26:f6:c7:a4:
         81:c9:45:bf:d6:5d:e2:20:5c:d7:0b:a6:8f:88:f9:6b:04:7f:
         dd:ee:39:2b:13:30:20:28:08:48:10:66:8a:32:51:d7:12:6a:
         91:e1:bf:2e:6e:4e:47:e9:b1:fb:57:48:72:fb:66:3e:b8:1f:
         d7:54:6e:f1:93:da:4f:4b:82:48:af:a9:f9:82:fc:fe:27:30:
         7e:12:58:65:16:20:4a:7b:8f:68:ee:eb:3b:e0:a4:4a:0a:5f:
         0c:a5:d5:62:b9:d3:4f:87:bb:d7:6c:e2:86:7d:a9:54:c1:2f:
         22:04:e6:9e:98:11:25:48:c3:52:76:23:70:21:5a:17:14:2f:
         b5:9f:9f:59:af:ba:f7:3f:26:e5:b2:8c:21:e8:93:33:7b:82:
         3b:4a:9d:06:67:ff:06:5f:d1:ed:84:03:c5:af:9c:b0:38:ad:
         0d:03:a5:d1:58:00:ee:b3:88:96:36:ef:9f:31:d9:19:0a:5e:
         4f:87:ac:b9
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICMaowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNDA4MjYw
NTMwNDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDMzNDM3MkU0ODk0QUVE
RkM5OTg1MDdFN0Q3MTkyRTVCQTRDNUI5ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHbqux52FYarSZFyuhcXPwaIZO2FT01sc6DUbaxRQxMFCzHNv3
u85Y5l94NYbn4AkHomuVt0h4ai7PHSdLalC+BLcTbLt9eunHnMC7XsOyWCNiYHKj
vICPA/+pwLK3awdyc1TqooF/nrjvL9Nvr8m1PV0DN6VCGmM7Hf9gH7OdGyM2g12q
V7megU8WH7B6mjWjxDy6rr3y66nmcPXTQhf72P1EeNueIR9NxGileh6qNXzYmVXj
KrYRmqHiPBKM92S/sq/Y2kXzm2MSaA8EZWxvhdJScRyxk+t9/35qe+DrhZ8LlCle
Y0Vu2zZ0xwwGQgdpb5B00a1hArZwoa//i1jFAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUM0Ny5IlK7fyZhQfn1xkuW6TFuYYwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL00wTnk1SWxLN2Z5WmhRZm4x
eGt1VzZURnVZWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgABMAcDBQZ2
6MRAMA0GCSqGSIb3DQEBCwUAA4IBAQAblf/Vhkpl/c6gZJxdk8VurzMux2AuRr0O
jizDSQz9apjwYIS7QphqzbRBhwgfvhWIZF03EiCJWZ+TubXmdGQ1m7+jSCb2x6SB
yUW/1l3iIFzXC6aPiPlrBH/d7jkrEzAgKAhIEGaKMlHXEmqR4b8ubk5H6bH7V0hy
+2Y+uB/XVG7xk9pPS4JIr6n5gvz+JzB+ElhlFiBKe49o7us74KRKCl8MpdViudNP
h7vXbOKGfalUwS8iBOaemBElSMNSdiNwIVoXFC+1n59Zr7r3Pyblsowh6JMze4I7
Sp0GZ/8GX9HthAPFr5ywOK0NA6XRWADus4iWNu+fMdkZCl5Ph6y5
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:18 2024 by rpki-client on console-ams.rpki-client.org