Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/3Zx2Gio08X7_goVBSsxSCrbUzxA.roa
File:                     3Zx2Gio08X7_goVBSsxSCrbUzxA.roa (download)
Hash identifier:          xkxpmACU0oam0bkZ8Kk0oo0VTWKdADIhD3zj1mLqDvI=
Subject key identifier:   DD:9C:76:1A:2A:34:F1:7E:FF:82:85:41:4A:CC:52:0A:B6:D4:CF:10
Certificate issuer:       /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial:       0D05
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/3Zx2Gio08X7_goVBSsxSCrbUzxA.roa
ROA valid until:          Wed 06 Sep 2023 03:00:35 +0000
asID:                     24168
IP address blocks:
    1: 103.136.61.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3333 (0xd05)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
        Validity
            Not Before: Sep 15 02:37:09 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=DD9C761A2A34F17EFF8285414ACC520AB6D4CF10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:c4:a9:5e:f3:91:f1:7a:bd:04:e5:a5:f2:77:
                    5b:7c:70:1a:e0:47:e6:87:1b:ec:15:64:9c:7d:30:
                    3e:42:e9:8e:ee:5c:ee:ce:33:9a:69:83:bc:2f:b1:
                    8f:3f:b0:92:bb:42:a0:35:8e:47:1a:54:8a:2a:5e:
                    e7:35:d4:70:54:b2:28:ec:bc:23:01:5c:c0:d0:69:
                    a9:a8:a8:67:43:16:87:1d:6d:83:b3:7b:fa:9d:a1:
                    58:cf:2c:e8:e1:f8:48:3f:54:a0:93:2c:d1:ab:57:
                    4e:d8:08:4c:6b:22:65:b0:74:b8:28:b3:d0:74:87:
                    d5:05:b3:a4:d7:63:39:c5:77:db:6e:8e:f1:87:7f:
                    20:3e:75:e7:07:8c:fc:79:06:13:96:f1:40:97:3e:
                    fa:18:6b:f1:db:7f:d0:b8:c3:aa:9b:63:81:71:31:
                    0d:3e:d2:15:33:e2:f3:34:e4:1e:11:ed:9b:66:e5:
                    41:84:67:11:b0:b1:42:c8:16:c1:c0:75:21:e8:10:
                    22:dc:28:7f:91:0c:83:d5:89:79:c7:be:19:07:26:
                    e6:cb:b0:8b:d6:71:11:41:43:0e:4f:e2:c9:8b:c0:
                    64:59:2f:4d:e6:99:d0:84:6d:8f:0b:1a:23:43:ec:
                    e8:78:13:9e:41:e1:d9:1e:fb:45:2e:5a:52:3f:f7:
                    2a:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                DD:9C:76:1A:2A:34:F1:7E:FF:82:85:41:4A:CC:52:0A:B6:D4:CF:10
            X509v3 Authority Key Identifier: 
                keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access: 
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/3Zx2Gio08X7_goVBSsxSCrbUzxA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.136.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:94:bb:58:8a:89:fe:ec:c7:cb:15:3f:60:9e:69:08:e5:db:
         79:02:cf:73:7e:de:67:64:4a:ee:20:a4:ba:8a:1e:61:6d:5e:
         4f:a0:c9:97:37:61:91:ec:fa:a8:18:c7:7f:e2:fa:85:07:de:
         4f:21:cd:39:5c:85:3c:86:1d:1f:3a:8d:2a:e0:3b:3a:75:98:
         0a:e0:bb:da:cb:b7:f9:90:99:47:07:4f:45:a6:3e:06:f6:7a:
         71:8e:63:2d:ac:4e:3e:2b:85:f8:02:57:44:42:2e:7b:c8:26:
         db:ed:c3:9e:62:be:57:2b:d0:05:1d:cf:18:65:8f:4b:36:06:
         78:70:47:7b:54:83:d3:db:e6:a8:3b:1c:69:21:b4:5a:2e:75:
         1c:b4:67:f1:50:02:ce:23:21:99:a9:16:3b:9b:3b:f4:28:23:
         fa:7a:1d:4e:1b:47:22:29:21:7c:79:db:5a:ae:9f:f4:d2:f8:
         1f:6f:56:52:79:b9:f5:18:a5:54:c8:68:0d:d5:f7:93:ae:d1:
         31:d7:ed:cb:76:8b:2c:a4:24:3a:a8:73:b8:62:0f:d2:dc:ac:
         3d:31:72:70:ec:93:37:de:35:98:86:5f:e0:b0:b0:a9:e3:42:
         11:68:92:b7:46:72:91:ba:20:a6:ac:de:36:34:55:ce:f3:54:
         40:02:64:33
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yMjA5MTUw
MjM3MDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEREOUM3NjFBMkEzNEYx
N0VGRjgyODU0MTRBQ0M1MjBBQjZENENGMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjxKle85Hxer0E5aXyd1t8cBrgR+aHG+wVZJx9MD5C6Y7uXO7O
M5ppg7wvsY8/sJK7QqA1jkcaVIoqXuc11HBUsijsvCMBXMDQaamoqGdDFocdbYOz
e/qdoVjPLOjh+Eg/VKCTLNGrV07YCExrImWwdLgos9B0h9UFs6TXYznFd9tujvGH
fyA+decHjPx5BhOW8UCXPvoYa/Hbf9C4w6qbY4FxMQ0+0hUz4vM05B4R7Ztm5UGE
ZxGwsULIFsHAdSHoECLcKH+RDIPViXnHvhkHJubLsIvWcRFBQw5P4smLwGRZL03m
mdCEbY8LGiND7Oh4E55B4dke+0UuWlI/9yqTAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU3Zx2Gio08X7/goVBSsxSCrbUzxAwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzNaeDJHaW8wOFg3X2dvVkJTc3hTQ3Ji
VXp4QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABniD0wDQYJ
KoZIhvcNAQELBQADggEBAFSUu1iKif7sx8sVP2CeaQjl23kCz3N+3mdkSu4gpLqK
HmFtXk+gyZc3YZHs+qgYx3/i+oUH3k8hzTlchTyGHR86jSrgOzp1mArgu9rLt/mQ
mUcHT0WmPgb2enGOYy2sTj4rhfgCV0RCLnvIJtvtw55ivlcr0AUdzxhlj0s2Bnhw
R3tUg9Pb5qg7HGkhtFoudRy0Z/FQAs4jIZmpFjubO/QoI/p6HU4bRyIpIXx521qu
n/TS+B9vVlJ5ufUYpVTIaA3V95Ou0THX7ct2iyykJDqoc7hiD9LcrD0xcnDskzfe
NZiGX+CwsKnjQhFokrdGcpG6IKas3jY0Vc7zVEACZDM=
-----END CERTIFICATE-----
Generated at Mon Feb 6 18:25:01 2023 by rpki-client.