Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/7kurZy2ncIYZKqCxxQJwSrYC5PA.roa
File:                     7kurZy2ncIYZKqCxxQJwSrYC5PA.roa (download)
Hash identifier:          aqM2ewqccETLCVtKHrPndlNG2uJZHZdXm88a3+4/s/Q=
Subject key identifier:   EE:4B:AB:67:2D:A7:70:86:19:2A:A0:B1:C5:02:70:4A:B6:02:E4:F0
Certificate issuer:       /CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477
Certificate serial:       0A52
Authority key identifier: A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/7kurZy2ncIYZKqCxxQJwSrYC5PA.roa
ROA valid until:          Sep 06 03:00:35 2023 GMT
asID:                     20473
IP address blocks:
    1: 2403:a2c0::/32 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2642 (0xa52)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477
        Validity
            Not Before: Sep 15 02:38:38 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=EE4BAB672DA77086192AA0B1C502704AB602E4F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:fe:eb:10:5a:b3:cc:89:60:15:96:ce:d2:48:
                    ab:59:cf:cc:5c:7d:55:06:27:4e:58:7e:0c:bf:1c:
                    94:bc:74:59:fd:1b:b8:02:5f:10:c2:78:47:03:0e:
                    d1:5b:d1:54:5f:c4:02:b3:53:cb:54:f6:19:c6:ab:
                    62:b9:5c:a6:08:35:1a:40:bd:79:59:c1:9f:98:54:
                    99:40:c0:c9:3e:12:ca:28:1a:5d:17:0f:33:a9:ef:
                    3a:1c:5a:66:70:01:31:2c:0d:0d:8a:27:fa:d8:e8:
                    85:1f:60:73:03:c3:73:85:6e:39:b9:4f:87:55:df:
                    3f:ef:54:a3:48:e5:f6:5b:0e:c0:a3:bd:48:f4:17:
                    11:6f:11:3f:f1:a5:23:32:8c:81:7f:40:e5:e4:8a:
                    93:58:89:1d:ec:b4:fe:a7:96:57:1b:3b:b2:d1:64:
                    40:4a:59:b7:f4:91:be:b3:a3:ff:de:72:c9:48:77:
                    8f:5f:eb:10:bc:10:2d:39:57:f9:c1:91:6c:82:8e:
                    dc:41:ce:bf:dd:79:53:a5:ec:2a:d1:6b:be:1e:c2:
                    2a:5c:c4:d2:16:c6:05:a6:9d:f2:07:90:3e:ea:e7:
                    ed:7a:1a:77:87:bf:fe:9c:4a:f7:4a:49:70:41:20:
                    66:0a:3d:2c:bd:e6:88:9d:48:f9:24:52:63:27:f8:
                    cc:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                EE:4B:AB:67:2D:A7:70:86:19:2A:A0:B1:C5:02:70:4A:B6:02:E4:F0
            X509v3 Authority Key Identifier: 
                keyid:A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access: 
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/7kurZy2ncIYZKqCxxQJwSrYC5PA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:a2c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:5b:1e:7a:90:13:23:78:e4:7e:ec:8c:76:1c:bd:07:00:ec:
         43:f7:dc:8b:32:96:2e:6e:00:5e:54:c3:fd:00:bb:1c:36:2e:
         a5:ff:09:bb:a1:84:c1:61:0a:a5:cc:78:24:2e:11:83:26:15:
         0e:12:2b:c7:b2:5f:94:7e:e1:bb:eb:cd:90:14:85:f6:fb:a8:
         b3:fb:f7:b8:80:48:43:10:1a:3e:b8:48:6a:14:c2:c0:bd:69:
         d9:83:ca:56:3f:94:3a:2f:ba:42:05:c7:5c:63:d3:a8:2a:41:
         50:b4:f7:2a:56:23:1e:f4:aa:83:30:81:07:8e:c9:80:50:04:
         5f:34:3d:64:43:55:7b:ab:90:79:2a:78:37:20:f1:f5:ef:0d:
         3c:63:60:b4:8d:7a:39:0d:a4:0a:09:5e:82:5f:c3:55:d7:13:
         bd:d1:23:6e:9d:aa:7d:b1:cc:f3:d1:76:8f:c0:70:af:b5:c8:
         7c:fc:37:cc:f4:f1:55:42:ac:79:55:9b:52:71:34:9c:81:e9:
         1f:76:24:95:da:b8:54:60:a8:67:d7:17:2e:c7:db:e5:26:94:
         3f:c9:99:6e:48:9d:aa:41:08:a2:0b:f0:5a:91:b4:83:21:c2:
         08:7a:49:5c:c3:c5:b0:57:18:00:50:8e:6d:c9:4c:dd:d8:b3:
         6d:9a:67:93
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICClIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTZF
RDE0REIxMjEwMUExMjVEMzExMkRDNENDNTYwMkQzMEQ4QjQ3NzAeFw0yMjA5MTUw
MjM4MzhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEVFNEJBQjY3MkRBNzcw
ODYxOTJBQTBCMUM1MDI3MDRBQjYwMkU0RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDr/usQWrPMiWAVls7SSKtZz8xcfVUGJ05Yfgy/HJS8dFn9G7gC
XxDCeEcDDtFb0VRfxAKzU8tU9hnGq2K5XKYINRpAvXlZwZ+YVJlAwMk+EsooGl0X
DzOp7zocWmZwATEsDQ2KJ/rY6IUfYHMDw3OFbjm5T4dV3z/vVKNI5fZbDsCjvUj0
FxFvET/xpSMyjIF/QOXkipNYiR3stP6nllcbO7LRZEBKWbf0kb6zo//ecslId49f
6xC8EC05V/nBkWyCjtxBzr/deVOl7CrRa74ewipcxNIWxgWmnfIHkD7q5+16GneH
v/6cSvdKSXBBIGYKPSy95oidSPkkUmMn+MxlAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU7kurZy2ncIYZKqCxxQJwSrYC5PAwHwYDVR0jBBgwFoAUpu0U2xIQGhJdMRLc
TMVgLTDYtHcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvREVOUEFJ
Ty9wdTBVMnhJUUdoSmRNUkxjVE1WZ0xURFl0SGMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3B1MFUyeElRR2hKZE1STGNUTVZnTFREWXRIYy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0RFTlBBSU8vN2t1clp5Mm5jSVlaS3FD
eHhRSndTcllDNVBBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACQDosAwDQYJKoZIhvcNAQELBQADggEBAIxbHnqQEyN45H7sjHYcvQcA7EP33Isy
li5uAF5Uw/0Auxw2LqX/CbuhhMFhCqXMeCQuEYMmFQ4SK8eyX5R+4bvrzZAUhfb7
qLP797iASEMQGj64SGoUwsC9admDylY/lDovukIFx1xj06gqQVC09ypWIx70qoMw
gQeOyYBQBF80PWRDVXurkHkqeDcg8fXvDTxjYLSNejkNpAoJXoJfw1XXE73RI26d
qn2xzPPRdo/AcK+1yHz8N8z08VVCrHlVm1JxNJyB6R92JJXauFRgqGfXFy7H2+Um
lD/JmW5InapBCKIL8FqRtIMhwgh6SVzDxbBXGABQjm3JTN3Ys22aZ5M=
-----END CERTIFICATE-----
Generated at Fri Dec 9 01:46:25 2022 by rpki-client.