Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/ehIgk-iuizQLftNgKTZmHk6tYHk.roa
File:                     ehIgk-iuizQLftNgKTZmHk6tYHk.roa (download)
Hash identifier:          f+oght0cdMPerovPkDyUEQjD/8V6BgddETyN62rpOoM=
Subject key identifier:   7A:12:20:93:E8:AE:8B:34:0B:7E:D3:60:29:36:66:1E:4E:AD:60:79
Certificate issuer:       /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial:       0D05
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/ehIgk-iuizQLftNgKTZmHk6tYHk.roa
ROA valid until:          Wed 06 Sep 2023 03:00:35 +0000
asID:                     24168
IP address blocks:
    1: 103.136.60.0/23 maxlen: 23

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3333 (0xd05)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
        Validity
            Not Before: Sep 15 02:37:07 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=7A122093E8AE8B340B7ED3602936661E4EAD6079
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:00:bb:98:f6:10:1a:fc:f9:77:8f:90:30:ac:
                    3a:49:5a:86:9c:2e:00:40:a2:8a:24:d4:10:0f:5d:
                    a6:28:64:59:86:df:0d:36:86:84:30:5a:27:c7:5b:
                    c6:05:45:be:5d:d9:51:e7:6c:a3:a8:38:ab:4d:a0:
                    d8:6a:a1:7f:2e:1a:71:ef:8f:bc:c4:7f:f1:eb:07:
                    14:ae:e5:35:46:9b:88:6d:dc:8a:ef:f3:ea:c7:36:
                    b2:31:1f:d8:fa:a5:46:08:65:61:ea:2e:04:a1:19:
                    5f:7f:15:dc:b1:e7:08:1e:98:3f:6d:44:67:53:46:
                    05:f6:6d:c3:d8:a5:19:93:f5:1d:ff:bf:86:a6:1a:
                    16:f0:0f:b7:5f:45:92:01:ec:7a:7c:92:a7:62:3e:
                    9d:f1:49:fd:b6:91:f3:56:dc:4d:ca:ad:14:9a:ac:
                    d1:52:ed:1a:d0:13:97:81:20:38:5f:e3:fb:27:c0:
                    69:93:bc:14:a8:2f:84:31:b1:5c:c9:27:e1:09:e3:
                    c1:2a:21:21:b6:8d:08:30:6e:0d:13:24:cc:14:32:
                    2f:14:a0:5f:26:2e:7b:08:5d:6e:cc:b2:eb:2e:ad:
                    bf:ab:47:ac:2f:19:f3:cc:84:87:e2:1e:98:e0:59:
                    0a:1e:f7:3a:74:51:43:4a:ce:f5:5e:21:83:bb:0a:
                    8f:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                7A:12:20:93:E8:AE:8B:34:0B:7E:D3:60:29:36:66:1E:4E:AD:60:79
            X509v3 Authority Key Identifier: 
                keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access: 
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/ehIgk-iuizQLftNgKTZmHk6tYHk.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.136.60.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4f:c2:3c:b9:98:44:a7:ee:2c:63:13:a9:1f:18:cb:53:d8:b7:
         6a:f2:98:1d:ae:f7:04:ff:f9:09:f1:57:02:2a:26:d4:76:cc:
         cf:9e:27:2f:a1:7f:42:75:3a:b5:0b:72:65:82:a3:9f:2b:9f:
         c1:61:d0:2f:a9:f8:7d:01:7a:dd:a5:5a:22:d5:ad:cf:43:8d:
         e5:c7:0d:df:48:23:e8:cb:8f:c3:83:9a:03:33:db:55:4d:ba:
         66:5c:18:d1:f7:de:68:6a:7e:b5:27:08:41:ac:c8:35:f2:6e:
         a8:11:31:83:1d:04:9a:5f:03:9a:d5:a3:7f:65:e4:83:4a:77:
         f9:0f:30:ac:23:cc:4b:71:1f:b9:f7:58:30:8a:d2:86:99:ce:
         75:04:eb:4f:da:c9:3b:8d:66:c2:dc:f4:2a:0e:12:90:e6:88:
         4a:d2:81:ce:f9:be:00:ac:06:05:78:20:90:85:b8:5e:8b:a8:
         d8:fb:19:10:72:01:67:a9:8a:d3:90:8c:94:46:04:9b:8b:d5:
         d9:21:eb:ff:d3:1d:f8:3a:2e:44:28:0e:fe:77:86:d6:dc:f1:
         f0:e3:25:fd:c2:d8:91:4f:7a:5e:46:89:9c:a4:2b:62:ec:f0:
         b8:ad:19:f7:38:58:d4:c7:64:e1:02:c4:5e:fb:04:f6:f1:64:
         47:ed:af:2c
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDQUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yMjA5MTUw
MjM3MDdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDdBMTIyMDkzRThBRThC
MzQwQjdFRDM2MDI5MzY2NjFFNEVBRDYwNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQALuY9hAa/Pl3j5AwrDpJWoacLgBAoook1BAPXaYoZFmG3w02
hoQwWifHW8YFRb5d2VHnbKOoOKtNoNhqoX8uGnHvj7zEf/HrBxSu5TVGm4ht3Irv
8+rHNrIxH9j6pUYIZWHqLgShGV9/Fdyx5wgemD9tRGdTRgX2bcPYpRmT9R3/v4am
GhbwD7dfRZIB7Hp8kqdiPp3xSf22kfNW3E3KrRSarNFS7RrQE5eBIDhf4/snwGmT
vBSoL4QxsVzJJ+EJ48EqISG2jQgwbg0TJMwUMi8UoF8mLnsIXW7Msusurb+rR6wv
GfPMhIfiHpjgWQoe9zp0UUNKzvVeIYO7Co+HAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUehIgk+iuizQLftNgKTZmHk6tYHkwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL2VoSWdrLWl1aXpRTGZ0TmdLVFptSGs2
dFlIay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFniDwwDQYJ
KoZIhvcNAQELBQADggEBAE/CPLmYRKfuLGMTqR8Yy1PYt2rymB2u9wT/+QnxVwIq
JtR2zM+eJy+hf0J1OrULcmWCo58rn8Fh0C+p+H0Bet2lWiLVrc9DjeXHDd9II+jL
j8ODmgMz21VNumZcGNH33mhqfrUnCEGsyDXybqgRMYMdBJpfA5rVo39l5INKd/kP
MKwjzEtxH7n3WDCK0oaZznUE60/ayTuNZsLc9CoOEpDmiErSgc75vgCsBgV4IJCF
uF6LqNj7GRByAWepitOQjJRGBJuL1dkh6//THfg6LkQoDv53htbc8fDjJf3C2JFP
el5GiZykK2Ls8LitGfc4WNTHZOECxF77BPbxZEftryw=
-----END CERTIFICATE-----
Generated at Mon Feb 6 18:25:01 2023 by rpki-client.