Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/itMRX-WNJayMAXi4XYp9Nw5JxGg.roa
File:                     itMRX-WNJayMAXi4XYp9Nw5JxGg.roa (download)
Hash identifier:          3ao1kXTKCT5TkDjDVKj1RNtal2aNKmKM16DSgzXDz2s=
Subject key identifier:   8A:D3:11:5F:E5:8D:25:AC:8C:01:78:B8:5D:8A:7D:37:0E:49:C4:68
Certificate issuer:       /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial:       0A68
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/itMRX-WNJayMAXi4XYp9Nw5JxGg.roa
ROA valid until:          Sep 06 03:00:35 2023 GMT
asID:                     20473
IP address blocks:
    1: 103.122.191.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2664 (0xa68)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
        Validity
            Not Before: Sep 15 02:47:52 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=8AD3115FE58D25AC8C0178B85D8A7D370E49C468
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:92:10:7a:2e:fd:96:9b:b9:b8:2c:b9:00:73:
                    10:31:66:9e:7f:5e:57:6c:cf:d8:9d:22:a9:9e:3c:
                    11:d5:d8:d9:fa:7f:6f:7f:8c:d4:44:94:aa:af:1d:
                    ab:87:54:01:85:06:ef:31:7f:e7:df:85:7d:e9:b2:
                    a6:b0:04:45:13:ca:fa:4f:04:cd:fe:68:02:7d:40:
                    93:71:44:d6:2c:4b:10:0a:b6:f5:b8:7c:11:9f:a3:
                    90:52:d2:ad:19:9a:a4:f9:e5:e2:04:93:02:0a:c3:
                    3d:fe:b1:1b:d0:e0:26:80:42:53:9e:4e:94:e8:75:
                    ba:11:71:be:20:8b:16:5f:85:4d:18:33:64:b6:2f:
                    5c:a4:07:ed:f1:ed:0a:b2:05:46:71:63:95:ea:3e:
                    38:2b:fc:bd:33:82:63:a2:07:c2:ee:51:92:72:2d:
                    57:c5:1a:45:d1:fe:1b:8e:4b:4c:7a:40:f6:6a:17:
                    9b:2d:7b:67:b5:18:7c:8d:e6:0d:40:51:aa:2f:02:
                    3f:80:b6:3c:f4:26:28:d7:b2:ef:17:ab:46:c5:06:
                    6c:8b:06:bf:e8:81:b8:37:3c:94:c0:08:1f:7e:e4:
                    df:76:44:50:e2:92:35:6a:d3:25:e8:48:10:b4:76:
                    a0:98:27:bf:80:37:cb:67:95:91:e2:e2:a8:7f:fe:
                    e9:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                8A:D3:11:5F:E5:8D:25:AC:8C:01:78:B8:5D:8A:7D:37:0E:49:C4:68
            X509v3 Authority Key Identifier: 
                keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access: 
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/itMRX-WNJayMAXi4XYp9Nw5JxGg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.122.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:2f:3a:96:fe:67:81:72:96:d7:66:80:82:2f:df:68:70:4e:
         a3:c3:16:6f:dc:61:e7:93:ec:80:04:79:fd:2b:67:70:a0:3f:
         2f:20:b3:91:a7:49:18:2a:d7:72:42:2f:20:5e:c4:4c:be:01:
         f7:74:d1:dd:94:09:61:f1:d5:c9:d2:31:48:b4:39:dd:3d:97:
         af:b9:65:e5:72:05:56:6f:3f:70:81:a4:27:f7:49:d3:5b:53:
         91:f2:e5:4b:84:24:85:85:88:52:f3:87:26:a5:cf:81:c0:a4:
         70:16:b1:15:46:cc:00:3f:5e:3e:72:9f:44:a4:47:8e:e0:58:
         1c:a6:ed:33:8f:c4:e0:19:bd:b6:fd:9a:e2:ef:dc:8c:2e:1c:
         3b:68:65:a2:97:f0:1b:30:b5:d6:74:f5:09:b5:e1:c4:80:6b:
         a3:ae:4a:48:03:49:17:b2:8a:f0:95:bb:cb:22:7f:69:04:9e:
         cb:19:31:3e:12:f8:40:b0:5b:03:3a:31:5c:45:bb:f1:ab:66:
         e2:9f:ca:cc:c6:f3:ee:5f:30:4e:09:90:d9:d9:37:6b:88:82:
         ad:c4:9f:af:e9:8e:7a:44:61:36:f0:bb:b5:47:ce:c4:49:5a:
         fa:80:70:38:67:7f:dd:6b:6b:08:ba:6b:c9:c5:9b:ee:54:05:
         57:42:9a:76
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCmgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMjA5MTUw
MjQ3NTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDhBRDMxMTVGRTU4RDI1
QUM4QzAxNzhCODVEOEE3RDM3MEU0OUM0NjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChkhB6Lv2Wm7m4LLkAcxAxZp5/Xldsz9idIqmePBHV2Nn6f29/
jNRElKqvHauHVAGFBu8xf+ffhX3psqawBEUTyvpPBM3+aAJ9QJNxRNYsSxAKtvW4
fBGfo5BS0q0ZmqT55eIEkwIKwz3+sRvQ4CaAQlOeTpTodboRcb4gixZfhU0YM2S2
L1ykB+3x7QqyBUZxY5XqPjgr/L0zgmOiB8LuUZJyLVfFGkXR/huOS0x6QPZqF5st
e2e1GHyN5g1AUaovAj+Atjz0JijXsu8Xq0bFBmyLBr/ogbg3PJTACB9+5N92RFDi
kjVq0yXoSBC0dqCYJ7+AN8tnlZHi4qh//unHAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUitMRX+WNJayMAXi4XYp9Nw5JxGgwHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9pdE1SWC1XTkpheU1B
WGk0WFlwOU53NUp4R2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ3q/MA0GCSqGSIb3DQEBCwUAA4IBAQAiLzqW/meBcpbXZoCCL99ocE6jwxZv
3GHnk+yABHn9K2dwoD8vILORp0kYKtdyQi8gXsRMvgH3dNHdlAlh8dXJ0jFItDnd
PZevuWXlcgVWbz9wgaQn90nTW1OR8uVLhCSFhYhS84cmpc+BwKRwFrEVRswAP14+
cp9EpEeO4Fgcpu0zj8TgGb22/Zri79yMLhw7aGWil/AbMLXWdPUJteHEgGujrkpI
A0kXsorwlbvLIn9pBJ7LGTE+EvhAsFsDOjFcRbvxq2bin8rMxvPuXzBOCZDZ2Tdr
iIKtxJ+v6Y56RGE28Lu1R87ESVr6gHA4Z3/da2sIumvJxZvuVAVXQpp2
-----END CERTIFICATE-----
Generated at Fri Dec 9 01:46:25 2022 by rpki-client.