Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/T_09mC_eYw9_piwmOL85SPXrWj8.roa
File:                     T_09mC_eYw9_piwmOL85SPXrWj8.roa (download)
Hash identifier:          HlpMVEM3eK+qkJ3AvgahYDvPse2REEdZLS3yop+TR68=
Subject key identifier:   4F:FD:3D:98:2F:DE:63:0F:7F:A6:2C:26:38:BF:39:48:F5:EB:5A:3F
Certificate issuer:       /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial:       0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/T_09mC_eYw9_piwmOL85SPXrWj8.roa
ROA valid until:          Sep 06 03:00:35 2023 GMT
asID:                     1131591
IP address blocks:
    1: 103.231.51.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3939 (0xf63)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
        Validity
            Not Before: Sep 15 02:39:55 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=4FFD3D982FDE630F7FA62C2638BF3948F5EB5A3F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:41:dd:9a:fa:62:a7:a5:bd:0d:72:75:fd:72:
                    ea:6b:e6:6c:b2:18:02:c3:68:ad:ae:6c:56:79:89:
                    11:eb:dc:b1:c5:ce:a7:8c:4a:74:04:0a:35:32:56:
                    59:55:3b:80:c3:2b:b9:aa:db:44:95:e3:21:64:07:
                    f1:95:cf:5e:99:73:2f:cd:ba:96:0b:5e:6d:b6:8e:
                    ac:7d:ea:0d:15:cb:39:29:98:41:cc:12:f1:b2:5e:
                    c4:96:0a:14:b4:8e:86:f0:c3:6a:36:c5:dc:93:76:
                    76:63:84:0a:7d:6d:93:a9:06:6f:45:98:9f:3a:9f:
                    28:79:99:59:30:5c:c2:fb:94:ea:fc:d4:1d:7b:28:
                    cb:70:e2:63:89:b9:1c:cb:fa:80:1d:2e:30:95:07:
                    f3:e1:59:a1:76:40:2a:45:7a:54:98:06:5c:46:23:
                    76:6d:94:72:68:ad:a8:b0:cd:26:41:ac:8d:6c:c2:
                    24:76:5c:47:7c:9c:df:de:53:fb:e5:db:aa:ab:20:
                    10:e6:b9:b8:f2:f3:7a:87:a5:d7:04:7c:c2:9a:26:
                    32:f9:7e:f1:ad:74:2e:b9:ae:68:d7:23:b9:bf:98:
                    d1:e0:d0:2a:5d:57:62:78:72:38:c2:be:07:0e:e1:
                    c4:f0:3d:bb:54:6a:e2:cd:b3:88:a1:f3:ec:f0:71:
                    df:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4F:FD:3D:98:2F:DE:63:0F:7F:A6:2C:26:38:BF:39:48:F5:EB:5A:3F
            X509v3 Authority Key Identifier: 
                keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access: 
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/T_09mC_eYw9_piwmOL85SPXrWj8.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.231.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:f7:17:3f:5a:5e:4d:12:7c:a5:53:f8:b8:c9:35:44:e8:99:
         cc:4d:9d:69:24:29:6f:3e:f5:ea:0d:70:c0:7b:17:e3:b9:67:
         5d:9d:9d:94:78:2e:79:94:6f:f1:fb:8d:33:99:f0:89:d2:70:
         98:78:1c:8d:6f:f6:98:5f:89:f9:60:19:e8:82:58:f2:01:fc:
         32:8b:d8:1d:c8:f9:af:db:8d:22:e9:8d:0e:c9:45:b7:e0:b1:
         c2:6e:81:04:f6:aa:28:3d:fc:93:c9:92:cb:19:fa:72:a7:15:
         e1:42:75:9d:b0:28:6c:d5:6a:ec:a5:13:35:44:35:be:06:9a:
         90:c6:8d:4b:81:b5:f6:20:bd:8e:0b:c8:2b:10:81:2f:fe:99:
         a7:b5:23:f8:54:26:d8:c0:ca:6c:e8:f6:bf:97:60:60:31:47:
         a8:ed:37:0e:0b:83:b6:4b:c7:ed:d4:ee:79:04:2b:5a:36:b8:
         6e:c1:c6:b7:09:77:ec:0d:da:7a:c5:92:b0:d6:63:d6:c0:27:
         66:b6:5b:3f:5c:83:14:e1:bb:41:f4:c7:91:90:12:a2:bf:2d:
         ac:93:90:c9:0a:d9:00:38:54:82:1d:b9:2f:0a:04:79:0b:c7:
         03:7a:18:75:c5:86:96:46:2f:79:85:5c:84:a2:92:b0:bb:43:
         1d:36:7f:70
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjM5NTVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDRGRkQzRDk4MkZERTYz
MEY3RkE2MkMyNjM4QkYzOTQ4RjVFQjVBM0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3Qd2a+mKnpb0NcnX9cupr5myyGALDaK2ubFZ5iRHr3LHFzqeM
SnQECjUyVllVO4DDK7mq20SV4yFkB/GVz16Zcy/NupYLXm22jqx96g0VyzkpmEHM
EvGyXsSWChS0jobww2o2xdyTdnZjhAp9bZOpBm9FmJ86nyh5mVkwXML7lOr81B17
KMtw4mOJuRzL+oAdLjCVB/PhWaF2QCpFelSYBlxGI3ZtlHJoraiwzSZBrI1swiR2
XEd8nN/eU/vl26qrIBDmubjy83qHpdcEfMKaJjL5fvGtdC65rmjXI7m/mNHg0Cpd
V2J4cjjCvgcO4cTwPbtUauLNs4ih8+zwcd/NAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUT/09mC/eYw9/piwmOL85SPXrWj8wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvVF8wOW1DX2VZdzlfcGl3bU9MODVT
UFhyV2o4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGfnMzAN
BgkqhkiG9w0BAQsFAAOCAQEAPPcXP1peTRJ8pVP4uMk1ROiZzE2daSQpbz716g1w
wHsX47lnXZ2dlHgueZRv8fuNM5nwidJwmHgcjW/2mF+J+WAZ6IJY8gH8MovYHcj5
r9uNIumNDslFt+Cxwm6BBPaqKD38k8mSyxn6cqcV4UJ1nbAobNVq7KUTNUQ1vgaa
kMaNS4G19iC9jgvIKxCBL/6Zp7Uj+FQm2MDKbOj2v5dgYDFHqO03DguDtkvH7dTu
eQQrWja4bsHGtwl37A3aesWSsNZj1sAnZrZbP1yDFOG7QfTHkZASor8trJOQyQrZ
ADhUgh25LwoEeQvHA3oYdcWGlkYveYVchKKSsLtDHTZ/cA==
-----END CERTIFICATE-----
Generated at Thu Dec 8 05:38:06 2022 by rpki-client.