Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/c2cUVRnotY_ilCwnHZX4GLonW1s.roa
File:                     c2cUVRnotY_ilCwnHZX4GLonW1s.roa (raw, json)
Hash identifier:          OpVxOOJerNu/JkMMxria00jjo3cvhZwlHhm/0ESq/ig=
Subject key identifier:   73:67:14:55:19:E8:B5:8F:E2:94:2C:27:1D:95:F8:18:BA:27:5B:5B
Certificate issuer:       /CN=87A4AFD9E7FC1FED4F9545DE41CE4413DACB0E05
Certificate serial:       0BA5
Authority key identifier: 87:A4:AF:D9:E7:FC:1F:ED:4F:95:45:DE:41:CE:44:13:DA:CB:0E:05
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/h6Sv2ef8H-1PlUXeQc5EE9rLDgU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/c2cUVRnotY_ilCwnHZX4GLonW1s.roa
Signing time:             Fri 17 Nov 2023 03:06:03 +0000
ROA not before:           Fri 17 Nov 2023 03:06:03 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     62610
IP address blocks:        103.123.242.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/h6Sv2ef8H-1PlUXeQc5EE9rLDgU.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/h6Sv2ef8H-1PlUXeQc5EE9rLDgU.mft
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/h6Sv2ef8H-1PlUXeQc5EE9rLDgU.cer
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
                          rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 17 Jun 2024 22:13:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2981 (0xba5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87A4AFD9E7FC1FED4F9545DE41CE4413DACB0E05
        Validity
            Not Before: Nov 17 03:06:03 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=7367145519E8B58FE2942C271D95F818BA275B5B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:48:62:c1:00:f9:24:df:b9:70:c8:01:26:71:
                    2f:f1:dd:49:bf:1d:23:92:87:1d:a7:b9:8e:fb:db:
                    1e:67:08:69:18:97:47:3d:8d:fc:c7:e0:12:90:2f:
                    44:ec:5c:93:41:15:fd:e3:cf:5c:08:84:6c:d7:5a:
                    d7:37:ac:a5:fd:37:e0:b2:f3:62:30:a5:b9:75:7d:
                    76:86:f1:53:e5:19:b8:7b:b5:aa:e2:9d:55:41:36:
                    3f:14:a9:f1:1f:5a:38:49:c4:5f:42:d7:72:2e:46:
                    7d:88:df:ba:4a:1e:8a:bd:70:84:b1:64:c1:f0:17:
                    95:93:9a:ae:4b:80:aa:23:da:00:61:a2:a3:02:e1:
                    2b:df:7c:aa:f9:f4:65:a6:61:b6:80:72:da:4f:86:
                    37:56:ba:09:aa:e8:90:a7:84:33:20:29:52:37:1d:
                    04:c0:0d:f4:94:6a:77:97:38:19:a1:c2:77:86:04:
                    14:da:54:b6:2c:87:1b:d0:5b:fe:62:88:61:f7:bd:
                    5b:23:d5:e5:2e:48:72:81:29:ea:dc:f4:10:d1:8f:
                    cf:72:d0:8c:1e:11:a0:5a:0d:e5:a9:af:e8:c4:15:
                    fe:af:bd:ef:b5:ee:4f:7a:69:2f:01:df:89:27:8e:
                    ec:74:7f:55:d4:65:15:c4:0a:c2:6f:65:37:0d:01:
                    07:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:67:14:55:19:E8:B5:8F:E2:94:2C:27:1D:95:F8:18:BA:27:5B:5B
            X509v3 Authority Key Identifier:
                keyid:87:A4:AF:D9:E7:FC:1F:ED:4F:95:45:DE:41:CE:44:13:DA:CB:0E:05

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/h6Sv2ef8H-1PlUXeQc5EE9rLDgU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/h6Sv2ef8H-1PlUXeQc5EE9rLDgU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YUANJHEN/c2cUVRnotY_ilCwnHZX4GLonW1s.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.123.242.0/23

    Signature Algorithm: sha256WithRSAEncryption
         90:00:71:80:0b:11:34:9e:ca:5a:92:88:96:96:b2:bd:15:72:
         bf:c5:ad:8d:b3:51:6a:11:86:e7:9d:6b:c3:c8:0a:96:f9:5d:
         31:60:92:27:0a:30:93:de:40:96:0d:40:62:04:a7:ea:7c:84:
         19:30:20:f9:94:c9:15:75:e0:6d:a1:96:c6:eb:18:20:95:21:
         2c:8a:40:56:6f:92:a5:6c:05:dc:0f:52:33:9b:14:c6:d4:45:
         e1:cf:a9:bf:73:52:bd:81:34:58:14:bf:1a:ed:26:0c:af:5c:
         3c:eb:ff:db:f2:f7:45:9f:f2:b9:7f:0e:0f:bc:1b:82:01:4a:
         a4:d1:0d:2c:68:ea:d7:49:80:28:a7:ad:cc:d5:1a:e8:cc:ff:
         1a:af:6d:63:3d:f3:01:03:fb:9b:07:91:aa:86:61:bd:46:54:
         47:2c:e5:5f:9c:a1:e6:4e:7d:ac:4e:54:57:63:01:76:df:e7:
         b8:b5:1f:c8:9e:3c:c1:ea:55:63:de:37:58:d3:e2:6e:da:ce:
         2f:7c:a8:08:9e:a0:bb:65:40:b2:fd:ae:b7:a6:4c:28:62:3a:
         fa:1c:77:c7:7f:81:8e:5d:22:41:eb:3e:dd:61:c6:f5:90:e1:
         da:75:54:7d:51:03:ca:1e:d4:34:8d:9c:56:02:b6:ba:03:39:
         d6:21:cb:52
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC6UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODdB
NEFGRDlFN0ZDMUZFRDRGOTU0NURFNDFDRTQ0MTNEQUNCMEUwNTAeFw0yMzExMTcw
MzA2MDNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDczNjcxNDU1MTlFOEI1
OEZFMjk0MkMyNzFEOTVGODE4QkEyNzVCNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoSGLBAPkk37lwyAEmcS/x3Um/HSOShx2nuY772x5nCGkYl0c9
jfzH4BKQL0TsXJNBFf3jz1wIhGzXWtc3rKX9N+Cy82Iwpbl1fXaG8VPlGbh7tari
nVVBNj8UqfEfWjhJxF9C13IuRn2I37pKHoq9cISxZMHwF5WTmq5LgKoj2gBhoqMC
4SvffKr59GWmYbaActpPhjdWugmq6JCnhDMgKVI3HQTADfSUaneXOBmhwneGBBTa
VLYshxvQW/5iiGH3vVsj1eUuSHKBKerc9BDRj89y0IweEaBaDeWpr+jEFf6vve+1
7k96aS8B34knjux0f1XUZRXECsJvZTcNAQcDAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUc2cUVRnotY/ilCwnHZX4GLonW1swHwYDVR0jBBgwFoAUh6Sv2ef8H+1PlUXe
Qc5EE9rLDgUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWVVBTkpI
RU4vaDZTdjJlZjhILTFQbFVYZVFjNUVFOXJMRGdVLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9oNlN2MmVmOEgtMVBsVVhlUWM1RUU5ckxEZ1UuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ZVUFOSkhFTi9jMmNVVlJub3RZX2ls
Q3duSFpYNEdMb25XMXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBZ3vyMA0GCSqGSIb3DQEBCwUAA4IBAQCQAHGACxE0nspakoiWlrK9FXK/xa2N
s1FqEYbnnWvDyAqW+V0xYJInCjCT3kCWDUBiBKfqfIQZMCD5lMkVdeBtoZbG6xgg
lSEsikBWb5KlbAXcD1IzmxTG1EXhz6m/c1K9gTRYFL8a7SYMr1w86//b8vdFn/K5
fw4PvBuCAUqk0Q0saOrXSYAop63M1RrozP8ar21jPfMBA/ubB5GqhmG9RlRHLOVf
nKHmTn2sTlRXYwF23+e4tR/InjzB6lVj3jdY0+Ju2s4vfKgInqC7ZUCy/a63pkwo
Yjr6HHfHf4GOXSJB6z7dYcb1kOHadVR9UQPKHtQ0jZxWAra6AznWIctS
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:34:20 2024 by rpki-client on console-ams.rpki-client.org