Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/rrTmJ_MDAuilyM0qzVBHy_2N-so.roa
File:                     rrTmJ_MDAuilyM0qzVBHy_2N-so.roa (raw, json)
Hash identifier:          RIknzs1Q+2y2eqx7WeFpEhmQca9ERWcjh9VRD5xxw5E=
Subject key identifier:   AE:B4:E6:27:F3:03:02:E8:A5:C8:CD:2A:CD:50:47:CB:FD:8D:FA:CA
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       31D5
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/rrTmJ_MDAuilyM0qzVBHy_2N-so.roa
Signing time:             Mon 26 Aug 2024 05:31:00 +0000
ROA not before:           Mon 26 Aug 2024 05:31:00 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     38841
IP address blocks:        180.176.68.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 22 Nov 2024 14:39:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12757 (0x31d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Aug 26 05:31:00 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=AEB4E627F30302E8A5C8CD2ACD5047CBFD8DFACA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:e3:fc:19:ef:b2:bf:b8:94:42:03:d8:68:89:
                    bc:3b:d1:fd:26:11:eb:62:27:0d:c0:22:91:c2:f0:
                    7b:cb:fa:6d:90:66:27:0e:c8:b6:ec:94:ce:50:84:
                    ec:e8:2c:6d:a8:17:20:38:21:96:49:83:29:48:bd:
                    8a:86:4d:90:c1:f3:79:5e:a9:51:c9:99:69:d4:be:
                    8e:b3:73:86:bc:12:3b:1d:1b:bc:58:5c:f5:b2:2f:
                    d7:4f:37:55:45:2e:4c:6c:10:1f:de:57:fc:90:e7:
                    10:ef:0f:04:91:6a:c3:13:be:d9:59:15:be:68:ef:
                    cf:d6:76:e8:30:f1:cc:b4:5f:ad:10:44:6e:fa:4f:
                    01:b7:54:55:ba:75:45:bb:d3:d4:7a:9b:d3:90:31:
                    0d:e8:b9:a6:b3:7b:86:53:34:73:d9:52:02:14:44:
                    da:30:98:37:3e:f7:8a:78:73:db:24:15:84:12:83:
                    c4:4c:c3:e1:97:f1:8d:d0:8d:ea:cc:20:43:b2:d9:
                    05:cd:96:a7:83:25:4a:d3:cb:77:d9:c8:6c:6a:1a:
                    c7:14:28:7e:fd:a5:1c:09:2b:0b:1e:99:a0:db:c8:
                    ae:01:6c:a0:2d:b6:7a:65:f1:01:b2:fd:cd:d4:09:
                    7d:c8:c7:09:67:a5:bc:7e:3f:9f:e9:b8:72:62:98:
                    d4:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:B4:E6:27:F3:03:02:E8:A5:C8:CD:2A:CD:50:47:CB:FD:8D:FA:CA
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/rrTmJ_MDAuilyM0qzVBHy_2N-so.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.176.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b4:2a:69:d2:93:6b:03:db:f5:87:b3:b0:42:5b:96:2f:f0:88:
         a5:8d:15:96:de:52:be:41:6c:c4:f9:27:9c:56:45:32:db:b8:
         8d:b6:66:90:7d:54:02:10:8a:90:bb:dc:4b:28:ff:de:c3:0a:
         36:6f:ea:fb:d6:65:9c:f8:61:ab:db:a5:82:c1:55:a6:4b:11:
         bf:ca:41:20:3d:a8:5b:81:94:13:08:fa:17:b3:0f:b4:dd:aa:
         e6:75:2e:42:49:76:fa:28:3b:9e:e9:44:d6:23:55:06:74:7c:
         29:7c:07:05:25:92:7f:ad:eb:da:2d:a0:de:58:94:5c:e8:c6:
         41:ea:a6:60:52:85:44:01:d1:b4:94:10:17:7c:14:60:1f:81:
         81:2d:b9:00:b5:ec:88:8c:5f:9e:94:1d:30:e0:04:38:e2:e9:
         9b:a1:ef:b0:7b:3c:f8:d2:81:3d:23:c4:cf:6a:21:18:73:3e:
         ae:c8:3e:fa:88:b7:ff:a8:2e:e2:39:52:e0:9b:dc:9d:ed:af:
         ae:77:f7:b1:64:e6:17:50:fd:e7:7c:06:d4:29:7b:d7:31:9f:
         be:62:96:5e:34:24:26:e1:01:28:91:68:ba:41:52:c0:65:59:
         d4:9a:a7:37:71:fc:ec:57:90:5a:18:a2:ea:45:47:39:7c:dc:
         b2:11:3a:a2
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICMdUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNDA4MjYw
NTMxMDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFFQjRFNjI3RjMwMzAy
RThBNUM4Q0QyQUNENTA0N0NCRkQ4REZBQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZ4/wZ77K/uJRCA9hoibw70f0mEetiJw3AIpHC8HvL+m2QZicO
yLbslM5QhOzoLG2oFyA4IZZJgylIvYqGTZDB83leqVHJmWnUvo6zc4a8EjsdG7xY
XPWyL9dPN1VFLkxsEB/eV/yQ5xDvDwSRasMTvtlZFb5o78/Wdugw8cy0X60QRG76
TwG3VFW6dUW709R6m9OQMQ3ouaaze4ZTNHPZUgIURNowmDc+94p4c9skFYQSg8RM
w+GX8Y3QjerMIEOy2QXNlqeDJUrTy3fZyGxqGscUKH79pRwJKwsemaDbyK4BbKAt
tnpl8QGy/c3UCX3Ixwlnpbx+P5/puHJimNTPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUrrTmJ/MDAuilyM0qzVBHy/2N+sowHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3JyVG1KX01EQXVpbHlNMHF6
VkJIeV8yTi1zby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK0
sEQwDQYJKoZIhvcNAQELBQADggEBALQqadKTawPb9YezsEJbli/wiKWNFZbeUr5B
bMT5J5xWRTLbuI22ZpB9VAIQipC73Eso/97DCjZv6vvWZZz4YavbpYLBVaZLEb/K
QSA9qFuBlBMI+hezD7TdquZ1LkJJdvooO57pRNYjVQZ0fCl8BwUlkn+t69otoN5Y
lFzoxkHqpmBShUQB0bSUEBd8FGAfgYEtuQC17IiMX56UHTDgBDji6Zuh77B7PPjS
gT0jxM9qIRhzPq7IPvqIt/+oLuI5UuCb3J3tr65397Fk5hdQ/ed8BtQpe9cxn75i
ll40JCbhASiRaLpBUsBlWdSapzdx/OxXkFoYoupFRzl83LIROqI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:39 2024 by rpki-client on console-ams.rpki-client.org