Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/uWflo3OmWQIbsoHpXqcoAelTtM0.roa
File:                     uWflo3OmWQIbsoHpXqcoAelTtM0.roa (raw, json)
Hash identifier:          hb7isL5OrDlD7OlXRWzSgH2uFGnbQSth9CqJNV89bV0=
Subject key identifier:   B9:67:E5:A3:73:A6:59:02:1B:B2:81:E9:5E:A7:28:01:E9:53:B4:CD
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       3077
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/uWflo3OmWQIbsoHpXqcoAelTtM0.roa
Signing time:             Mon 26 Aug 2024 05:29:29 +0000
ROA not before:           Mon 26 Aug 2024 05:29:29 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     38841
IP address blocks:        118.232.152.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 22 Nov 2024 14:39:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12407 (0x3077)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Aug 26 05:29:29 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=B967E5A373A659021BB281E95EA72801E953B4CD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:27:2e:07:70:9e:1c:25:81:b8:50:f1:1a:a5:
                    ad:4c:94:25:d5:c0:66:9e:10:e0:20:03:9c:a1:8e:
                    57:c5:4f:97:03:34:61:f9:f4:00:2c:f4:b0:09:5b:
                    cf:e5:96:10:87:a3:40:f9:7e:7f:3d:5f:be:65:8d:
                    97:de:85:f4:bc:a1:48:21:8c:7e:aa:66:13:31:27:
                    e1:8c:08:7b:62:50:ca:5c:e6:cc:fa:08:e2:76:b9:
                    7e:5c:c2:f2:05:88:b3:cc:3f:2f:84:ad:7c:d9:12:
                    f2:d7:c7:ad:82:82:61:0e:26:c7:bc:1a:21:94:46:
                    78:13:05:b6:8f:60:39:29:a9:95:03:fb:4e:aa:fc:
                    e8:e5:5a:4a:1c:24:1b:06:65:7c:18:19:da:41:f1:
                    8f:4e:e9:46:37:e6:ba:d4:f2:4d:c1:04:c7:12:74:
                    69:75:2d:7d:66:2b:12:b6:fc:2e:86:3e:1b:b8:d2:
                    74:1e:ee:91:07:04:89:ec:f9:8e:a1:4c:dc:1f:ef:
                    af:7e:35:66:f5:b3:b4:68:a6:d3:eb:53:36:0f:d0:
                    b8:e1:8a:2c:8a:de:31:6d:ad:22:5a:00:50:a5:d3:
                    49:2e:46:ca:a9:8a:e8:c0:e2:1a:05:7b:b4:f6:83:
                    83:cb:ab:7e:19:45:9c:9a:a7:ca:22:34:d9:98:1c:
                    a9:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:67:E5:A3:73:A6:59:02:1B:B2:81:E9:5E:A7:28:01:E9:53:B4:CD
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/uWflo3OmWQIbsoHpXqcoAelTtM0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  118.232.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         11:46:1f:56:75:0a:3b:2d:71:d2:50:81:e3:76:9a:fe:dd:64:
         2e:ca:65:ce:c4:f5:ca:fc:d4:87:7b:6e:6c:26:79:e6:86:0d:
         a8:50:21:b6:98:c4:b4:57:78:a4:0e:e4:2f:3b:4d:7c:46:d5:
         7c:af:38:3f:43:cc:45:6f:62:c5:a7:00:87:87:49:d2:83:c9:
         f5:8a:33:72:16:d7:f1:5c:b3:38:43:e4:6a:ee:eb:b8:99:c2:
         aa:bb:bc:ba:91:86:4d:a0:88:e5:4f:81:77:c4:02:95:01:8a:
         0a:d7:49:4d:82:e3:bb:8c:60:4f:54:47:0d:8d:01:eb:50:1c:
         c7:38:91:09:4d:bc:9e:61:47:0e:4f:e1:9a:36:6f:d5:dc:6b:
         42:6e:33:5c:69:77:61:36:ff:6e:61:39:17:79:06:1b:07:58:
         eb:34:66:b6:19:de:fc:31:65:86:bf:67:5c:bf:0d:ef:f4:bf:
         90:73:03:a5:7c:d9:67:5e:fa:81:2c:3c:6c:7f:16:cc:03:d8:
         cc:27:3e:12:2f:96:15:61:fe:ed:a6:19:92:b9:dd:9b:65:b7:
         c7:57:0d:86:5d:ef:89:18:96:cb:53:2f:12:7c:0a:b2:13:ba:
         be:e8:78:64:f9:70:7e:22:6e:69:59:90:7c:e1:f1:99:2d:d2:
         57:9f:bc:46
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICMHcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNDA4MjYw
NTI5MjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEI5NjdFNUEzNzNBNjU5
MDIxQkIyODFFOTVFQTcyODAxRTk1M0I0Q0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRJy4HcJ4cJYG4UPEapa1MlCXVwGaeEOAgA5yhjlfFT5cDNGH5
9AAs9LAJW8/llhCHo0D5fn89X75ljZfehfS8oUghjH6qZhMxJ+GMCHtiUMpc5sz6
COJ2uX5cwvIFiLPMPy+ErXzZEvLXx62CgmEOJse8GiGURngTBbaPYDkpqZUD+06q
/OjlWkocJBsGZXwYGdpB8Y9O6UY35rrU8k3BBMcSdGl1LX1mKxK2/C6GPhu40nQe
7pEHBIns+Y6hTNwf769+NWb1s7RoptPrUzYP0LjhiiyK3jFtrSJaAFCl00kuRsqp
iujA4hoFe7T2g4PLq34ZRZyap8oiNNmYHKl5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUuWflo3OmWQIbsoHpXqcoAelTtM0wHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3VXZmxvM09tV1FJYnNvSHBY
cWNvQWVsVHRNMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN2
6JgwDQYJKoZIhvcNAQELBQADggEBABFGH1Z1CjstcdJQgeN2mv7dZC7KZc7E9cr8
1Id7bmwmeeaGDahQIbaYxLRXeKQO5C87TXxG1XyvOD9DzEVvYsWnAIeHSdKDyfWK
M3IW1/FcszhD5Gru67iZwqq7vLqRhk2giOVPgXfEApUBigrXSU2C47uMYE9URw2N
AetQHMc4kQlNvJ5hRw5P4Zo2b9Xca0JuM1xpd2E2/25hORd5BhsHWOs0ZrYZ3vwx
ZYa/Z1y/De/0v5BzA6V82Wde+oEsPGx/FswD2MwnPhIvlhVh/u2mGZK53Ztlt8dX
DYZd74kYlstTLxJ8CrITur7oeGT5cH4ibmlZkHzh8Zkt0lefvEY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:39 2024 by rpki-client on console-ams.rpki-client.org