Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/oMyi2xMdhweA1EC0lwNohs-ai3I.roa
File:                     oMyi2xMdhweA1EC0lwNohs-ai3I.roa (raw, json)
Hash identifier:          oQkzqNu1iv08rZ5fevoT0Zqw1AcHOzMKHzz4uJ//trA=
Subject key identifier:   A0:CC:A2:DB:13:1D:87:07:80:D4:40:B4:97:03:68:86:CF:9A:8B:72
Certificate issuer:       /CN=FF7ECDB6202FFC2C34DF7BCD71A1C08885382FB7
Certificate serial:       0D89
Authority key identifier: FF:7E:CD:B6:20:2F:FC:2C:34:DF:7B:CD:71:A1:C0:88:85:38:2F:B7
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/_37NtiAv_Cw033vNcaHAiIU4L7c.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/oMyi2xMdhweA1EC0lwNohs-ai3I.roa
Signing time:             Mon 26 Aug 2024 05:35:02 +0000
ROA not before:           Mon 26 Aug 2024 05:35:02 +0000
ROA not after:            Tue 26 Aug 2025 01:57:03 +0000
asID:                     18424
IP address blocks:        103.30.44.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/_37NtiAv_Cw033vNcaHAiIU4L7c.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/_37NtiAv_Cw033vNcaHAiIU4L7c.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/_37NtiAv_Cw033vNcaHAiIU4L7c.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 20:24:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3465 (0xd89)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FF7ECDB6202FFC2C34DF7BCD71A1C08885382FB7
        Validity
            Not Before: Aug 26 05:35:02 2024 GMT
            Not After : Aug 26 01:57:03 2025 GMT
        Subject: CN=A0CCA2DB131D870780D440B497036886CF9A8B72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:95:cc:5b:37:da:7d:56:2b:73:dc:fb:e9:b7:
                    09:85:bb:94:7b:70:8c:23:8b:e3:af:32:e5:84:20:
                    9f:d2:34:4f:38:db:3c:a9:01:b9:77:c0:d9:58:a6:
                    c8:f6:54:4d:af:08:87:d4:2c:f6:1e:28:23:ab:14:
                    36:b5:52:8e:a3:60:71:fd:05:1d:25:01:8b:55:c8:
                    e1:71:e5:7d:d6:f1:b2:89:17:95:06:3b:61:8e:40:
                    7a:1b:17:cc:59:3d:aa:47:7a:f9:58:ef:4a:aa:08:
                    68:f7:a2:39:4b:c7:0f:d7:9b:95:6a:8c:03:37:a2:
                    32:0c:5b:7c:cd:df:90:f0:a0:db:4f:62:3b:90:7e:
                    db:08:fb:19:0f:ac:79:92:f8:41:4e:94:52:59:5c:
                    40:50:6c:04:45:9f:8b:f1:c6:0c:3c:28:8a:d7:91:
                    26:79:a4:34:b5:68:5e:6c:c5:ab:34:bc:c7:de:f7:
                    ea:20:cd:7d:e6:a3:77:ae:7c:01:44:ff:37:42:49:
                    52:56:90:8a:0f:b3:c7:3b:05:7e:03:54:cc:95:fc:
                    b7:c3:e0:09:08:0a:4f:59:2d:2a:7f:98:1c:52:3d:
                    98:da:3d:8a:71:05:9f:02:de:f1:78:fa:ac:34:b1:
                    3a:3d:e4:fd:9f:35:21:20:ca:50:0d:67:eb:45:7b:
                    bb:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:CC:A2:DB:13:1D:87:07:80:D4:40:B4:97:03:68:86:CF:9A:8B:72
            X509v3 Authority Key Identifier:
                keyid:FF:7E:CD:B6:20:2F:FC:2C:34:DF:7B:CD:71:A1:C0:88:85:38:2F:B7

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/_37NtiAv_Cw033vNcaHAiIU4L7c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/_37NtiAv_Cw033vNcaHAiIU4L7c.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WEBTAIWAN/oMyi2xMdhweA1EC0lwNohs-ai3I.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.30.44.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:72:73:73:c1:93:38:75:67:94:bc:a4:00:21:66:01:5a:7a:
         b6:37:e3:42:06:91:9f:2c:55:4d:a1:50:fc:30:77:eb:e1:e3:
         bc:ba:15:b4:17:9f:da:0d:e6:7f:a3:35:73:78:82:80:98:18:
         7d:a4:f3:4b:87:99:d6:35:91:75:92:88:73:09:c0:6d:39:ee:
         c8:c3:df:e3:c2:00:df:f3:f0:13:20:95:96:71:4e:bd:aa:1f:
         b6:90:b9:68:a0:d0:db:84:fb:f3:fe:8b:82:9c:2a:ef:67:d4:
         94:89:c3:b5:57:43:42:a3:40:eb:5e:b6:f1:c0:ef:44:23:c1:
         91:79:8f:b5:6c:81:d5:20:1d:20:28:c1:71:08:66:1e:1e:5f:
         51:17:7d:51:12:fc:7b:18:6a:40:86:e4:33:e3:32:de:c4:bc:
         d4:a8:cb:83:fb:84:34:2e:a8:1a:5f:2b:d1:82:e9:41:dc:1f:
         79:08:11:95:54:5a:06:16:6b:2e:d9:ab:c5:0f:a6:60:25:d2:
         6c:04:c7:e1:08:1a:58:8c:ee:04:f8:41:ad:5e:5f:ee:ee:e1:
         01:42:a9:e8:38:70:f0:2b:a3:1e:e9:6d:d5:c8:1c:ca:e2:38:
         0a:09:f8:fe:0c:5d:da:db:c1:82:7a:87:b3:0a:a5:0c:68:88:
         c2:3b:cd:84
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICDYkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkY3
RUNEQjYyMDJGRkMyQzM0REY3QkNENzFBMUMwODg4NTM4MkZCNzAeFw0yNDA4MjYw
NTM1MDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEwQ0NBMkRCMTMxRDg3
MDc4MEQ0NDBCNDk3MDM2ODg2Q0Y5QThCNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6lcxbN9p9Vitz3PvptwmFu5R7cIwji+OvMuWEIJ/SNE842zyp
Abl3wNlYpsj2VE2vCIfULPYeKCOrFDa1Uo6jYHH9BR0lAYtVyOFx5X3W8bKJF5UG
O2GOQHobF8xZPapHevlY70qqCGj3ojlLxw/Xm5VqjAM3ojIMW3zN35DwoNtPYjuQ
ftsI+xkPrHmS+EFOlFJZXEBQbARFn4vxxgw8KIrXkSZ5pDS1aF5sxas0vMfe9+og
zX3mo3eufAFE/zdCSVJWkIoPs8c7BX4DVMyV/LfD4AkICk9ZLSp/mBxSPZjaPYpx
BZ8C3vF4+qw0sTo95P2fNSEgylANZ+tFe7ttAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUoMyi2xMdhweA1EC0lwNohs+ai3IwHwYDVR0jBBgwFoAU/37NtiAv/Cw033vN
caHAiIU4L7cwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV0VCVEFJ
V0FOL18zN050aUF2X0N3MDMzdk5jYUhBaUlVNEw3Yy5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvXzM3TnRpQXZfQ3cwMzN2TmNhSEFpSVU0TDdjLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV0VCVEFJV0FOL29NeWkyeE1kaHdl
QTFFQzBsd05vaHMtYWkzSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABnHiwwDQYJKoZIhvcNAQELBQADggEBABRyc3PBkzh1Z5S8pAAhZgFaerY3
40IGkZ8sVU2hUPwwd+vh47y6FbQXn9oN5n+jNXN4goCYGH2k80uHmdY1kXWSiHMJ
wG057sjD3+PCAN/z8BMglZZxTr2qH7aQuWig0NuE+/P+i4KcKu9n1JSJw7VXQ0Kj
QOtetvHA70QjwZF5j7VsgdUgHSAowXEIZh4eX1EXfVES/HsYakCG5DPjMt7EvNSo
y4P7hDQuqBpfK9GC6UHcH3kIEZVUWgYWay7Zq8UPpmAl0mwEx+EIGliM7gT4Qa1e
X+7u4QFCqeg4cPArox7pbdXIHMriOAoJ+P4MXdrbwYJ6h7MKpQxoiMI7zYQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:14:27 2024 by rpki-client on console-ams.rpki-client.org