Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/caA8EV8rkAJNlPvhM7Y5VTpvAGI.roa
File:                     caA8EV8rkAJNlPvhM7Y5VTpvAGI.roa (raw, json)
Hash identifier:          glYzpZGlmQMlofp+XQ+CGPv/wOkeyYZILmwP2veRg2I=
Subject key identifier:   71:A0:3C:11:5F:2B:90:02:4D:94:FB:E1:33:B6:39:55:3A:6F:00:62
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       3185
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/caA8EV8rkAJNlPvhM7Y5VTpvAGI.roa
Signing time:             Mon 26 Aug 2024 05:30:32 +0000
ROA not before:           Mon 26 Aug 2024 05:30:32 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     38841
IP address blocks:        123.192.184.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 20:24:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12677 (0x3185)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Aug 26 05:30:32 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=71A03C115F2B90024D94FBE133B639553A6F0062
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:48:d5:c8:8a:e9:ef:72:a2:ef:18:59:f8:72:
                    6c:1b:b0:2d:de:52:a0:9e:27:f8:e6:d7:4c:1d:2e:
                    0f:9f:f2:30:07:fd:94:88:26:b0:82:b2:80:e6:60:
                    d9:fe:bb:8e:9c:e6:e5:e4:18:bb:be:67:72:55:2b:
                    a7:b2:4a:f4:63:5d:51:c3:a2:d8:f8:57:a9:b5:4d:
                    dc:14:58:8d:09:f2:6c:69:6a:ba:b3:5b:ee:ff:9d:
                    d0:9d:47:d4:ac:b3:08:e1:08:4f:73:19:a7:f0:60:
                    c3:e6:78:85:c7:6b:19:29:ce:b5:8e:d3:bd:3e:76:
                    33:b0:32:41:45:d3:97:47:79:61:b7:b3:5e:d6:34:
                    70:21:ec:a4:e4:c5:4b:38:a8:ac:3e:84:28:0f:90:
                    f5:21:9f:0f:72:69:54:5b:32:34:4f:86:39:36:28:
                    62:b8:e7:16:fe:57:61:a9:3d:cd:94:68:99:15:d6:
                    6a:f6:83:6a:b7:3f:7b:9f:83:65:a4:9d:2e:d2:af:
                    5e:87:b2:e6:0f:98:82:4e:57:10:27:a7:c1:6c:a5:
                    99:83:67:a0:00:c6:f6:3c:ca:aa:9e:ab:e5:d3:95:
                    70:67:bd:76:3c:6a:f9:b7:4a:0b:54:f8:47:61:25:
                    40:e8:90:e3:14:f9:61:16:8a:30:70:e6:26:2b:b8:
                    98:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:A0:3C:11:5F:2B:90:02:4D:94:FB:E1:33:B6:39:55:3A:6F:00:62
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/caA8EV8rkAJNlPvhM7Y5VTpvAGI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.192.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         34:d1:4c:26:70:65:a5:45:74:00:bb:bd:21:b3:c6:0b:7d:48:
         23:26:c7:48:9b:2c:6c:d8:57:d8:a9:63:a1:bc:a4:f7:63:65:
         0e:78:b7:d3:9b:c7:d9:03:70:1f:3e:a0:5e:06:d6:b1:49:66:
         ce:00:34:3c:24:0d:0a:2f:be:2b:bb:41:eb:c5:ab:fb:af:5d:
         4e:58:9f:92:28:f1:70:a8:6a:e0:de:a0:bd:ea:07:ed:b5:f6:
         a4:fe:b5:34:c6:a7:65:15:c4:bf:41:40:14:ee:c9:e4:57:29:
         e1:ec:16:8e:f2:ff:e7:02:28:72:82:56:c9:a6:c5:60:0f:5a:
         90:73:cb:27:64:cb:6f:c2:e2:75:17:60:e6:bc:a4:42:e2:4c:
         5a:2b:b8:f1:62:98:aa:f0:e1:9c:db:04:fe:a0:11:8f:d9:42:
         2a:f9:40:ba:a0:ab:ff:30:f4:1d:e5:af:08:41:6b:06:6f:84:
         75:39:90:a8:07:4c:37:77:96:e5:f3:0b:3e:b5:d7:0a:9d:7a:
         43:26:57:e9:aa:ce:40:9a:86:b7:dc:6c:43:20:43:4c:20:76:
         82:2e:c9:d1:fc:63:57:d4:eb:1a:c4:e6:54:8a:a7:ff:07:a0:
         be:2b:66:5e:0c:2d:8a:45:1b:a8:a3:4f:80:fc:f2:2e:03:cd:
         6b:4e:7c:42
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICMYUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNDA4MjYw
NTMwMzJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDcxQTAzQzExNUYyQjkw
MDI0RDk0RkJFMTMzQjYzOTU1M0E2RjAwNjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtSNXIiunvcqLvGFn4cmwbsC3eUqCeJ/jm10wdLg+f8jAH/ZSI
JrCCsoDmYNn+u46c5uXkGLu+Z3JVK6eySvRjXVHDotj4V6m1TdwUWI0J8mxparqz
W+7/ndCdR9SsswjhCE9zGafwYMPmeIXHaxkpzrWO070+djOwMkFF05dHeWG3s17W
NHAh7KTkxUs4qKw+hCgPkPUhnw9yaVRbMjRPhjk2KGK45xb+V2GpPc2UaJkV1mr2
g2q3P3ufg2WknS7Sr16HsuYPmIJOVxAnp8FspZmDZ6AAxvY8yqqeq+XTlXBnvXY8
avm3SgtU+EdhJUDokOMU+WEWijBw5iYruJj5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUcaA8EV8rkAJNlPvhM7Y5VTpvAGIwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL2NhQThFVjhya0FKTmxQdmhN
N1k1VlRwdkFHSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ7
wLgwDQYJKoZIhvcNAQELBQADggEBADTRTCZwZaVFdAC7vSGzxgt9SCMmx0ibLGzY
V9ipY6G8pPdjZQ54t9Obx9kDcB8+oF4G1rFJZs4ANDwkDQovviu7QevFq/uvXU5Y
n5Io8XCoauDeoL3qB+219qT+tTTGp2UVxL9BQBTuyeRXKeHsFo7y/+cCKHKCVsmm
xWAPWpBzyydky2/C4nUXYOa8pELiTForuPFimKrw4ZzbBP6gEY/ZQir5QLqgq/8w
9B3lrwhBawZvhHU5kKgHTDd3luXzCz611wqdekMmV+mqzkCahrfcbEMgQ0wgdoIu
ydH8Y1fU6xrE5lSKp/8HoL4rZl4MLYpFG6ijT4D88i4DzWtOfEI=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:43:50 2024 by rpki-client on console-fra.rpki-client.org