Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/x_N_nudguK0ttcjFv55cfxyAbFo.roa
File:                     x_N_nudguK0ttcjFv55cfxyAbFo.roa (raw, json)
Hash identifier:          jLoSs64RHtAGdUL1BevAL2Z+iubZz3O1q2LqyCYhkEA=
Subject key identifier:   C7:F3:7F:9E:E7:60:B8:AD:2D:B5:C8:C5:BF:9E:5C:7F:1C:80:6C:5A
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       31CD
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/x_N_nudguK0ttcjFv55cfxyAbFo.roa
Signing time:             Mon 26 Aug 2024 05:30:58 +0000
ROA not before:           Mon 26 Aug 2024 05:30:58 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     38841
IP address blocks:        106.1.69.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 20:24:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12749 (0x31cd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Aug 26 05:30:58 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=C7F37F9EE760B8AD2DB5C8C5BF9E5C7F1C806C5A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:5a:c4:9a:5f:d8:bc:87:ac:b6:86:47:4b:e5:
                    09:74:bc:fd:1c:f5:d6:60:ea:77:5f:2d:08:5b:00:
                    87:8f:d8:01:56:a4:67:a3:15:eb:3e:5d:f5:ce:10:
                    71:6c:25:99:33:72:9b:d8:03:16:96:c0:2a:4c:57:
                    a0:09:05:aa:10:cf:96:21:3c:8f:ab:1d:4d:5c:5b:
                    1e:1e:23:8b:ff:21:a9:e2:7f:d8:40:31:b1:4c:78:
                    20:80:bf:a4:38:dc:8a:d6:4c:4a:3a:b1:2f:62:23:
                    e0:f6:70:3e:42:6e:1a:ee:63:2b:b2:83:49:76:8a:
                    f7:dd:95:a0:e2:74:f2:1b:03:80:68:83:50:65:3d:
                    cf:bd:00:46:06:2d:37:33:6e:8b:33:ca:b0:d8:f4:
                    b1:9c:4a:55:be:67:32:04:14:16:08:c6:7f:a3:5d:
                    ee:6d:65:7f:f0:00:87:c5:65:72:c1:7e:00:89:f4:
                    d0:a7:7d:22:47:d8:37:ee:4f:23:57:5a:87:56:0d:
                    25:a7:91:9c:fc:fd:36:d5:8f:0b:bc:c1:29:2d:e4:
                    f3:67:9b:c2:a6:93:96:e6:13:00:37:82:d8:4c:5e:
                    09:71:4a:4f:ec:22:46:f0:86:c9:02:0c:89:d5:07:
                    39:bf:da:00:4b:10:a8:00:e4:f9:c2:f6:07:8a:dc:
                    4b:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:F3:7F:9E:E7:60:B8:AD:2D:B5:C8:C5:BF:9E:5C:7F:1C:80:6C:5A
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/x_N_nudguK0ttcjFv55cfxyAbFo.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  106.1.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:4c:37:61:c2:4d:ee:f2:9f:78:f1:ab:c0:24:aa:a2:f3:07:
         03:a0:50:89:58:e4:e9:3c:c5:f9:1e:70:f2:97:d1:d0:67:8b:
         9c:fd:6c:51:ae:52:f3:9b:aa:d0:ff:0d:e2:df:b2:4b:22:38:
         0f:4a:6b:e8:c2:52:d1:3b:c4:53:c1:c2:e1:82:bc:87:52:e2:
         fe:47:79:c7:59:a0:4d:c2:af:e2:46:dd:d9:a9:c3:ba:06:ec:
         1b:8b:35:6c:c0:e1:9a:68:60:39:3d:9a:14:ba:ca:24:f9:d4:
         fd:fc:fc:4e:9f:7e:1d:bf:5f:27:99:31:0d:03:77:37:0a:59:
         9b:6e:8f:51:aa:e3:22:91:0d:8a:c3:52:34:88:df:ae:62:48:
         61:da:cd:e7:7f:43:c9:fb:fa:b7:3a:4c:bb:64:93:1b:8f:31:
         14:07:3c:03:1c:42:bf:03:0b:12:23:4b:62:63:63:5c:ec:83:
         1c:c4:f5:e3:0e:af:41:11:bf:87:8c:f7:15:87:93:e4:4a:48:
         d6:c1:bb:00:c4:f2:73:03:ba:32:83:3f:16:f5:62:16:46:35:
         ea:89:17:d3:2c:bf:92:3f:f7:48:86:2a:d4:fd:8e:0d:05:1a:
         b2:8b:08:d5:49:a8:43:08:75:fe:ff:54:28:52:93:db:f1:53:
         f4:a8:92:3c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICMc0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNDA4MjYw
NTMwNThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM3RjM3RjlFRTc2MEI4
QUQyREI1QzhDNUJGOUU1QzdGMUM4MDZDNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuWsSaX9i8h6y2hkdL5Ql0vP0c9dZg6ndfLQhbAIeP2AFWpGej
Fes+XfXOEHFsJZkzcpvYAxaWwCpMV6AJBaoQz5YhPI+rHU1cWx4eI4v/Ianif9hA
MbFMeCCAv6Q43IrWTEo6sS9iI+D2cD5CbhruYyuyg0l2ivfdlaDidPIbA4Bog1Bl
Pc+9AEYGLTczboszyrDY9LGcSlW+ZzIEFBYIxn+jXe5tZX/wAIfFZXLBfgCJ9NCn
fSJH2DfuTyNXWodWDSWnkZz8/TbVjwu8wSkt5PNnm8Kmk5bmEwA3gthMXglxSk/s
IkbwhskCDInVBzm/2gBLEKgA5PnC9geK3EvzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUx/N/nudguK0ttcjFv55cfxyAbFowHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3hfTl9udWRndUswdHRjakZ2
NTVjZnh5QWJGby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABq
AUUwDQYJKoZIhvcNAQELBQADggEBAB9MN2HCTe7yn3jxq8AkqqLzBwOgUIlY5Ok8
xfkecPKX0dBni5z9bFGuUvObqtD/DeLfsksiOA9Ka+jCUtE7xFPBwuGCvIdS4v5H
ecdZoE3Cr+JG3dmpw7oG7BuLNWzA4ZpoYDk9mhS6yiT51P38/E6ffh2/XyeZMQ0D
dzcKWZtuj1Gq4yKRDYrDUjSI365iSGHazed/Q8n7+rc6TLtkkxuPMRQHPAMcQr8D
CxIjS2JjY1zsgxzE9eMOr0ERv4eM9xWHk+RKSNbBuwDE8nMDujKDPxb1YhZGNeqJ
F9Msv5I/90iGKtT9jg0FGrKLCNVJqEMIdf7/VChSk9vxU/Sokjw=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:43:53 2024 by rpki-client on console-fra.rpki-client.org