Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Wf1K0cbKtNVodQpJZJJSwxpvIko.roa
File:                     Wf1K0cbKtNVodQpJZJJSwxpvIko.roa (raw, json)
Hash identifier:          eB+Owr22bS+bTO3AsPF60HKuyydbqQoow6Z4p5W1F9Q=
Subject key identifier:   59:FD:4A:D1:C6:CA:B4:D5:68:75:0A:49:64:92:52:C3:1A:6F:22:4A
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       2FDC
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Wf1K0cbKtNVodQpJZJJSwxpvIko.roa
Signing time:             Mon 26 Aug 2024 05:28:55 +0000
ROA not before:           Mon 26 Aug 2024 05:28:55 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     38841
IP address blocks:        106.1.133.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 20:24:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12252 (0x2fdc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Aug 26 05:28:55 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=59FD4AD1C6CAB4D568750A49649252C31A6F224A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:95:03:12:ce:64:04:03:eb:b2:87:2f:0f:8e:
                    81:ef:00:4e:18:85:78:05:f4:c0:ca:6f:25:4a:f9:
                    7d:97:8f:de:43:7a:6b:22:79:b7:62:60:6b:fc:04:
                    a0:61:af:09:2d:34:33:22:33:00:a3:56:1c:26:20:
                    38:c6:4d:3f:76:e0:30:92:b6:8e:c7:c2:42:43:69:
                    ba:a5:51:38:5e:c8:1c:b3:6b:c2:52:e7:b5:d5:e9:
                    44:c0:e7:c3:52:0e:a5:27:d9:e6:b4:11:86:bb:0e:
                    a9:42:f9:c6:40:9f:50:e1:a0:64:60:a5:c2:80:dc:
                    83:ba:a8:a1:c0:5f:86:3f:68:f1:4d:b9:90:7a:a0:
                    ea:c6:44:be:41:2a:30:d0:81:3f:37:10:26:ed:07:
                    47:74:4a:67:16:96:6a:7e:3d:bb:01:74:96:f8:39:
                    6b:a9:3e:72:2b:4d:6f:e5:0a:79:e3:70:a9:96:fb:
                    83:c4:ff:7b:67:57:9c:ab:24:a3:a5:30:67:d6:45:
                    fe:8c:43:72:f1:60:52:13:5e:f9:fb:22:39:b4:38:
                    73:15:54:56:0b:2f:05:de:92:63:93:23:89:fb:b1:
                    34:9b:a7:2f:e6:d2:3b:d9:c2:9e:07:bb:64:4e:3a:
                    a2:3e:09:77:58:f1:a4:ef:db:8b:14:b8:e6:f1:f1:
                    58:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:FD:4A:D1:C6:CA:B4:D5:68:75:0A:49:64:92:52:C3:1A:6F:22:4A
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Wf1K0cbKtNVodQpJZJJSwxpvIko.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  106.1.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:f3:8f:72:18:2b:35:66:bb:59:b6:a5:db:06:ce:c7:ae:cb:
         55:e3:bc:73:ae:0a:60:46:25:a6:34:b9:41:eb:e4:06:67:c2:
         3c:74:ff:78:08:c6:ca:2d:72:9d:aa:08:34:bb:b2:5a:6b:ff:
         2a:b1:3c:5d:c4:1d:38:33:17:31:ba:77:08:f3:17:b6:7d:3c:
         2f:78:03:24:90:67:e8:97:ff:ce:f5:65:66:28:6f:90:87:6b:
         03:89:32:cc:b4:5c:1f:f2:26:9f:f5:c5:64:03:12:df:6a:f9:
         f6:08:3f:93:41:b4:c8:27:b1:9f:a9:cc:2a:1a:5b:2a:40:eb:
         cc:f7:37:3f:ac:70:6d:65:23:bd:5b:ea:8a:24:5b:f3:91:3a:
         b9:5b:b7:61:46:17:98:bf:2a:09:5d:c5:d5:3f:53:9f:94:32:
         25:31:db:14:c2:f1:7d:6e:45:34:7a:63:58:fe:a3:d1:b4:b2:
         63:5f:40:b3:bb:8d:da:3d:f8:e1:94:1b:b9:56:83:b6:85:9f:
         4a:09:97:ac:df:91:c1:ea:2f:01:23:27:82:bc:e0:5c:82:95:
         0c:5d:49:fa:f8:63:c9:97:fb:bd:59:cc:80:eb:0f:63:d8:34:
         c7:48:d3:8f:11:46:6c:3f:8b:5e:b4:55:8f:d5:41:12:01:6b:
         3b:d3:a1:85
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICL9wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNDA4MjYw
NTI4NTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDU5RkQ0QUQxQzZDQUI0
RDU2ODc1MEE0OTY0OTI1MkMzMUE2RjIyNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHlQMSzmQEA+uyhy8PjoHvAE4YhXgF9MDKbyVK+X2Xj95Demsi
ebdiYGv8BKBhrwktNDMiMwCjVhwmIDjGTT924DCSto7HwkJDabqlUTheyByza8JS
57XV6UTA58NSDqUn2ea0EYa7DqlC+cZAn1DhoGRgpcKA3IO6qKHAX4Y/aPFNuZB6
oOrGRL5BKjDQgT83ECbtB0d0SmcWlmp+PbsBdJb4OWupPnIrTW/lCnnjcKmW+4PE
/3tnV5yrJKOlMGfWRf6MQ3LxYFITXvn7Ijm0OHMVVFYLLwXekmOTI4n7sTSbpy/m
0jvZwp4Hu2ROOqI+CXdY8aTv24sUuObx8VjfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUWf1K0cbKtNVodQpJZJJSwxpvIkowHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL1dmMUswY2JLdE5Wb2RRcEpa
SkpTd3hwdklrby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABq
AYUwDQYJKoZIhvcNAQELBQADggEBAD7zj3IYKzVmu1m2pdsGzseuy1XjvHOuCmBG
JaY0uUHr5AZnwjx0/3gIxsotcp2qCDS7slpr/yqxPF3EHTgzFzG6dwjzF7Z9PC94
AySQZ+iX/871ZWYob5CHawOJMsy0XB/yJp/1xWQDEt9q+fYIP5NBtMgnsZ+pzCoa
WypA68z3Nz+scG1lI71b6ookW/OROrlbt2FGF5i/KgldxdU/U5+UMiUx2xTC8X1u
RTR6Y1j+o9G0smNfQLO7jdo9+OGUG7lWg7aFn0oJl6zfkcHqLwEjJ4K84FyClQxd
Sfr4Y8mX+71ZzIDrD2PYNMdI048RRmw/i160VY/VQRIBazvToYU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:20 2024 by rpki-client on console-ams.rpki-client.org