Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/OeOFv21TZHLHzUW8LQt-pjng2Mc.roa
File:                     OeOFv21TZHLHzUW8LQt-pjng2Mc.roa (raw, json)
Hash identifier:          lcOL1A5PWuAK58nznEZHEEilUI0PewT94udIExURTSM=
Subject key identifier:   39:E3:85:BF:6D:53:64:72:C7:CD:45:BC:2D:0B:7E:A6:39:E0:D8:C7
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       3142
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/OeOFv21TZHLHzUW8LQt-pjng2Mc.roa
Signing time:             Mon 26 Aug 2024 05:30:16 +0000
ROA not before:           Mon 26 Aug 2024 05:30:16 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     38841
IP address blocks:        123.192.96.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 22 Nov 2024 14:39:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12610 (0x3142)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Aug 26 05:30:16 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=39E385BF6D536472C7CD45BC2D0B7EA639E0D8C7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:23:0f:f5:92:a0:3a:b0:78:f9:18:c1:7d:c5:
                    2b:bc:d0:fa:25:66:1f:b4:46:07:fa:f0:0c:df:ed:
                    28:48:b3:a0:95:38:05:80:27:fb:56:06:c3:1c:d0:
                    3a:5e:2c:74:5e:d8:28:d6:cb:f3:aa:a1:4d:5b:76:
                    b0:7a:d2:12:56:c0:7b:c6:00:55:16:61:f2:a8:41:
                    75:7f:e0:f4:0a:a2:f4:c5:cc:3b:73:12:8b:77:7d:
                    8a:15:ef:6c:ee:9f:e7:5e:a3:71:81:d5:c4:c8:84:
                    a3:d1:f6:bd:c2:fd:d1:f3:c2:e9:86:8f:1d:63:5f:
                    43:59:b0:ee:5e:9d:92:37:f8:f7:55:64:13:77:10:
                    a9:c5:48:c6:b2:40:cd:45:13:16:81:78:e5:c8:59:
                    fb:49:1c:26:bb:56:18:71:71:f1:1e:01:6d:53:c5:
                    de:cb:ad:46:3c:8e:9f:ea:4b:13:ae:3c:52:12:a1:
                    ba:cd:2c:25:7d:ad:21:43:6e:23:88:02:b0:96:04:
                    78:a1:9a:4a:1f:81:1e:66:38:ac:f7:8e:81:04:b0:
                    b9:e9:36:f4:d6:96:8b:1f:7d:20:19:47:7e:69:b7:
                    e8:e6:f7:e5:b1:20:27:19:d4:87:c9:47:5a:35:5e:
                    07:c8:69:b5:12:84:25:e6:17:a9:01:56:9b:0c:d1:
                    27:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:E3:85:BF:6D:53:64:72:C7:CD:45:BC:2D:0B:7E:A6:39:E0:D8:C7
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/OeOFv21TZHLHzUW8LQt-pjng2Mc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.192.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         3a:79:07:60:ba:6e:12:bb:03:49:b4:41:40:47:2a:53:c9:1e:
         4c:63:58:f2:1c:8a:c2:17:c9:99:35:07:64:31:ac:ea:84:42:
         1d:0b:67:2f:27:7a:ee:bb:db:52:1f:28:b3:a6:01:3b:08:d0:
         96:21:b6:7e:73:0e:4e:1e:0e:fc:78:d4:7c:d9:e2:fd:98:05:
         96:66:05:f2:3c:21:c3:93:06:83:69:cd:d7:53:86:57:c8:a4:
         0e:55:a6:71:0b:7e:14:29:e5:62:2e:1d:a5:b7:bf:42:7b:2e:
         fa:ff:5d:ba:8c:3d:ed:eb:ba:2d:fc:8b:3d:47:ea:14:bf:86:
         aa:5f:a9:08:8d:c7:a3:d6:8d:84:e7:63:64:f9:22:3b:85:32:
         08:89:4d:b3:95:14:db:24:fa:02:4f:af:da:c7:72:77:ed:3b:
         e5:29:e6:f9:2c:40:5b:ef:51:22:c6:5a:0f:35:5e:7f:68:44:
         ae:e9:98:ff:2b:70:f4:72:c0:aa:43:08:ae:87:01:1c:c5:3d:
         80:5a:33:e0:3e:c3:e1:e0:74:25:24:8d:ba:7c:7e:42:6a:b2:
         48:19:5e:83:8c:c1:dc:cd:73:72:78:8a:46:31:f4:22:da:1f:
         4c:2c:5d:64:17:bb:bf:16:d3:df:23:22:dd:56:32:58:59:78:
         f4:0f:d1:9e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICMUIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNDA4MjYw
NTMwMTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM5RTM4NUJGNkQ1MzY0
NzJDN0NENDVCQzJEMEI3RUE2MzlFMEQ4QzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXIw/1kqA6sHj5GMF9xSu80PolZh+0Rgf68Azf7ShIs6CVOAWA
J/tWBsMc0DpeLHRe2CjWy/OqoU1bdrB60hJWwHvGAFUWYfKoQXV/4PQKovTFzDtz
Eot3fYoV72zun+deo3GB1cTIhKPR9r3C/dHzwumGjx1jX0NZsO5enZI3+PdVZBN3
EKnFSMayQM1FExaBeOXIWftJHCa7VhhxcfEeAW1Txd7LrUY8jp/qSxOuPFISobrN
LCV9rSFDbiOIArCWBHihmkofgR5mOKz3joEEsLnpNvTWlosffSAZR35pt+jm9+Wx
ICcZ1IfJR1o1XgfIabUShCXmF6kBVpsM0SdPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOeOFv21TZHLHzUW8LQt+pjng2McwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL09lT0Z2MjFUWkhMSHpVVzhM
UXQtcGpuZzJNYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAR7
wGAwDQYJKoZIhvcNAQELBQADggEBADp5B2C6bhK7A0m0QUBHKlPJHkxjWPIcisIX
yZk1B2QxrOqEQh0LZy8neu6721IfKLOmATsI0JYhtn5zDk4eDvx41HzZ4v2YBZZm
BfI8IcOTBoNpzddThlfIpA5VpnELfhQp5WIuHaW3v0J7Lvr/XbqMPe3rui38iz1H
6hS/hqpfqQiNx6PWjYTnY2T5IjuFMgiJTbOVFNsk+gJPr9rHcnftO+Up5vksQFvv
USLGWg81Xn9oRK7pmP8rcPRywKpDCK6HARzFPYBaM+A+w+HgdCUkjbp8fkJqskgZ
XoOMwdzNc3J4ikYx9CLaH0wsXWQXu78W098jIt1WMlhZePQP0Z4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:37 2024 by rpki-client on console-ams.rpki-client.org