Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/NzhC7gDeaau0KeeM6nhHbTbcnV0.roa
File:                     NzhC7gDeaau0KeeM6nhHbTbcnV0.roa (download)
Hash identifier:          usgrl5i+jUR7Y/bFj6bH8oHL3kQnvP8qH4aHfsrf2BI=
Subject key identifier:   37:38:42:EE:00:DE:69:AB:B4:29:E7:8C:EA:78:47:6D:36:DC:9D:5D
Certificate issuer:       /CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477
Certificate serial:       0A52
Authority key identifier: A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/NzhC7gDeaau0KeeM6nhHbTbcnV0.roa
ROA valid until:          Sep 06 03:00:35 2023 GMT
asID:                     20473
IP address blocks:
    1: 103.123.128.0/22 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2642 (0xa52)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477
        Validity
            Not Before: Sep 15 02:38:37 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=373842EE00DE69ABB429E78CEA78476D36DC9D5D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:6c:4b:ab:49:a7:99:61:9d:67:c2:52:1f:fe:
                    45:f4:b5:05:b8:dd:40:e4:51:aa:f9:70:4a:20:71:
                    60:1a:5f:fa:a4:02:82:33:04:e2:46:5e:e0:63:c4:
                    f5:de:3f:4d:a0:34:1a:82:ce:bd:58:76:9c:7b:56:
                    bc:3e:5d:7b:54:9e:fb:f9:fc:a6:9d:98:69:c5:3c:
                    b5:0f:cb:03:c2:83:68:dc:9c:e0:b3:b2:9b:26:c3:
                    ee:48:bc:b8:e8:aa:bc:ae:58:f3:26:c5:4f:d4:17:
                    70:2f:c8:ef:fb:cb:ff:90:37:65:6c:d3:d2:00:60:
                    a7:35:e9:6f:2f:81:75:e1:53:13:69:c7:32:54:68:
                    80:37:ef:b5:63:72:42:af:0e:fd:ac:8a:1b:4f:c4:
                    32:07:0d:8a:74:5c:98:3f:b5:ef:f3:15:2d:4b:8a:
                    5e:ee:d8:d2:74:62:94:9f:67:ea:c8:d4:21:7e:00:
                    39:0d:48:44:3b:27:2d:dd:68:96:c8:a6:44:27:63:
                    51:cc:d3:54:e3:a5:29:18:12:10:fc:96:c7:bf:d5:
                    0d:e2:d4:51:ac:6c:f2:e1:0a:31:f9:f9:8e:7b:01:
                    1a:dc:37:5a:d0:c7:54:60:1d:5a:f9:ae:73:a4:29:
                    42:43:a6:03:69:5b:33:48:fd:04:03:25:fe:1d:08:
                    40:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                37:38:42:EE:00:DE:69:AB:B4:29:E7:8C:EA:78:47:6D:36:DC:9D:5D
            X509v3 Authority Key Identifier: 
                keyid:A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access: 
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/NzhC7gDeaau0KeeM6nhHbTbcnV0.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.123.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a4:20:42:60:71:89:ac:7c:fa:32:87:ed:ea:bd:51:54:eb:2e:
         09:69:73:7e:f9:f7:9b:27:64:0a:cc:30:9d:78:1f:c4:8e:a4:
         09:dd:eb:cd:6d:7b:90:8b:ff:e3:ee:9c:54:0f:a1:a6:b1:3c:
         1f:b6:31:69:fd:82:8b:e0:f3:76:f4:f8:a1:a3:47:ea:30:1e:
         31:9a:67:3c:e3:79:de:9c:89:44:e7:33:7c:91:c3:da:db:95:
         a3:a5:a1:13:bf:e4:55:a2:96:fe:99:2f:33:91:81:fe:3f:74:
         a4:d8:d8:09:d2:3b:57:b2:7e:00:3e:19:c5:8e:b8:58:95:bc:
         ed:53:eb:42:b4:01:a6:b2:51:6b:80:d5:d0:ed:f4:18:49:98:
         2d:9f:ed:f7:7d:1b:cb:3d:a1:a9:f9:14:41:8a:12:ba:7e:8f:
         0b:79:c6:20:45:d1:2f:25:3b:c4:4e:ce:97:77:28:2c:a8:69:
         02:b7:f1:ac:0c:c5:ce:71:8a:4f:cb:0a:9e:e7:c3:b5:a2:26:
         81:32:79:ac:3d:9a:58:75:b7:ee:2d:8b:56:d1:9e:f7:53:55:
         ed:ff:66:eb:91:7c:bf:c9:8b:64:a7:cc:3b:6f:b7:d0:5d:4d:
         78:44:48:6b:77:cd:7f:91:f9:b9:6d:97:b5:f5:9a:a9:cb:63:
         52:22:49:a4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICClIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTZF
RDE0REIxMjEwMUExMjVEMzExMkRDNENDNTYwMkQzMEQ4QjQ3NzAeFw0yMjA5MTUw
MjM4MzdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDM3Mzg0MkVFMDBERTY5
QUJCNDI5RTc4Q0VBNzg0NzZEMzZEQzlENUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHbEurSaeZYZ1nwlIf/kX0tQW43UDkUar5cEogcWAaX/qkAoIz
BOJGXuBjxPXeP02gNBqCzr1Ydpx7Vrw+XXtUnvv5/KadmGnFPLUPywPCg2jcnOCz
spsmw+5IvLjoqryuWPMmxU/UF3AvyO/7y/+QN2Vs09IAYKc16W8vgXXhUxNpxzJU
aIA377VjckKvDv2sihtPxDIHDYp0XJg/te/zFS1Lil7u2NJ0YpSfZ+rI1CF+ADkN
SEQ7Jy3daJbIpkQnY1HM01TjpSkYEhD8lse/1Q3i1FGsbPLhCjH5+Y57ARrcN1rQ
x1RgHVr5rnOkKUJDpgNpWzNI/QQDJf4dCEDBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUNzhC7gDeaau0KeeM6nhHbTbcnV0wHwYDVR0jBBgwFoAUpu0U2xIQGhJdMRLc
TMVgLTDYtHcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvREVOUEFJ
Ty9wdTBVMnhJUUdoSmRNUkxjVE1WZ0xURFl0SGMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3B1MFUyeElRR2hKZE1STGNUTVZnTFREWXRIYy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0RFTlBBSU8vTnpoQzdnRGVhYXUwS2Vl
TTZuaEhiVGJjblYwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
Amd7gDANBgkqhkiG9w0BAQsFAAOCAQEApCBCYHGJrHz6Moft6r1RVOsuCWlzfvn3
mydkCswwnXgfxI6kCd3rzW17kIv/4+6cVA+hprE8H7Yxaf2Ci+DzdvT4oaNH6jAe
MZpnPON53pyJROczfJHD2tuVo6WhE7/kVaKW/pkvM5GB/j90pNjYCdI7V7J+AD4Z
xY64WJW87VPrQrQBprJRa4DV0O30GEmYLZ/t930byz2hqfkUQYoSun6PC3nGIEXR
LyU7xE7Ol3coLKhpArfxrAzFznGKT8sKnufDtaImgTJ5rD2aWHW37i2LVtGe91NV
7f9m65F8v8mLZKfMO2+30F1NeERIa3fNf5H5uW2XtfWaqctjUiJJpA==
-----END CERTIFICATE-----
Generated at Fri Dec 9 01:07:08 2022 by rpki-client.