Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/DDxZ2KzkAduWUh6EQAPLPeew6FM.roa
File:                     DDxZ2KzkAduWUh6EQAPLPeew6FM.roa (download)
Hash identifier:          eXPZWTTIC1jPKFsMY7pukcWnkFZBIwCyJMakXUGyFRc=
Subject key identifier:   0C:3C:59:D8:AC:E4:01:DB:96:52:1E:84:40:03:CB:3D:E7:B0:E8:53
Certificate issuer:       /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial:       0A54
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/DDxZ2KzkAduWUh6EQAPLPeew6FM.roa
ROA valid until:          Sep 06 03:00:35 2023 GMT
asID:                     20473
IP address blocks:
    1: 103.129.147.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2644 (0xa54)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
        Validity
            Not Before: Sep 15 02:51:08 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=0C3C59D8ACE401DB96521E844003CB3DE7B0E853
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:bd:16:b9:f2:fa:f6:98:a1:d6:de:4f:92:ba:
                    1f:73:1e:73:72:d2:bc:3b:71:bf:bc:b6:0f:49:c9:
                    6c:cf:c4:03:6d:07:cd:ae:cf:b9:ae:96:eb:f8:e7:
                    2c:d2:2f:52:b8:a8:77:e1:48:a3:da:b6:86:f0:e6:
                    41:22:70:c1:49:db:66:4a:d3:c6:16:bf:00:14:1e:
                    77:85:f1:51:6c:fc:ba:6e:aa:dd:70:c9:48:f2:b5:
                    46:da:25:f7:35:44:6f:ca:28:7a:3d:5a:4b:9f:11:
                    e1:02:a9:d4:d7:3f:a4:9c:33:d2:a2:92:b0:9f:00:
                    a0:76:dd:f8:8f:af:68:cf:0a:7f:16:ac:81:9a:01:
                    c0:3a:9f:97:bd:8c:27:29:d3:80:3c:34:fb:91:d8:
                    1b:3c:a6:a8:54:46:59:51:7a:25:c2:05:52:0f:d3:
                    7c:36:f7:7c:72:38:83:8a:0a:a9:a8:b0:30:7c:ab:
                    0c:9b:e2:ca:d1:4a:32:8c:24:08:bd:43:78:28:df:
                    a6:e6:4c:74:1e:b8:60:39:9b:1d:71:fc:43:7e:c0:
                    c3:6b:b2:aa:d2:6c:86:b7:f2:ee:5f:3c:62:bc:b1:
                    93:f8:7e:d6:75:2a:d1:3c:2b:dc:af:ea:19:e1:42:
                    16:a4:f2:2b:97:46:63:58:f0:82:b6:50:84:79:4e:
                    8f:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                0C:3C:59:D8:AC:E4:01:DB:96:52:1E:84:40:03:CB:3D:E7:B0:E8:53
            X509v3 Authority Key Identifier: 
                keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access: 
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/DDxZ2KzkAduWUh6EQAPLPeew6FM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.129.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:d1:20:dd:10:86:ae:66:fa:4c:fc:07:a7:96:b5:02:ad:70:
         86:4f:56:e7:50:e1:09:f3:02:d2:ee:36:68:8d:f8:fd:80:90:
         8f:7f:8c:8d:06:9e:ae:3c:f9:85:cf:37:33:a3:a6:aa:3a:2f:
         35:04:e7:34:89:4e:f2:b2:1f:2d:ba:b4:88:67:ed:c3:0f:84:
         c7:2d:53:0a:eb:b3:ff:5b:07:74:39:75:ea:c8:27:f3:b9:8d:
         ca:8c:ff:39:b9:20:10:2d:db:30:4e:5f:3b:16:c3:4e:6a:4f:
         11:9d:be:10:cb:28:5f:93:85:d4:64:72:ba:58:f2:2f:4e:75:
         be:76:f1:20:b7:09:1a:e0:1d:58:77:56:15:48:fb:a4:9d:ba:
         41:34:f0:99:6d:68:d7:6e:67:3c:d1:c5:f9:67:8f:d8:cd:7c:
         16:81:71:10:d9:b2:2a:b8:1f:a1:a3:39:81:dc:2a:bd:f7:43:
         56:ac:26:a9:1f:3b:22:9e:b6:9b:4e:09:68:92:e2:64:1b:76:
         c9:2b:a9:9c:80:d5:0c:04:6e:49:e8:22:e8:e0:94:eb:f2:64:
         8b:eb:1b:90:c6:d7:fa:a8:f0:c8:d1:93:1d:80:2f:5f:e9:3c:
         dc:5b:5b:39:62:35:13:d5:04:63:a7:1b:f6:4f:79:89:7d:65:
         75:f7:87:4b
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICClQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yMjA5MTUw
MjUxMDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDBDM0M1OUQ4QUNFNDAx
REI5NjUyMUU4NDQwMDNDQjNERTdCMEU4NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrvRa58vr2mKHW3k+Suh9zHnNy0rw7cb+8tg9JyWzPxANtB82u
z7muluv45yzSL1K4qHfhSKPatobw5kEicMFJ22ZK08YWvwAUHneF8VFs/Lpuqt1w
yUjytUbaJfc1RG/KKHo9WkufEeECqdTXP6ScM9KikrCfAKB23fiPr2jPCn8WrIGa
AcA6n5e9jCcp04A8NPuR2Bs8pqhURllReiXCBVIP03w293xyOIOKCqmosDB8qwyb
4srRSjKMJAi9Q3go36bmTHQeuGA5mx1x/EN+wMNrsqrSbIa38u5fPGK8sZP4ftZ1
KtE8K9yv6hnhQhak8iuXRmNY8IK2UIR5To8XAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUDDxZ2KzkAduWUh6EQAPLPeew6FMwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0REeFoyS3prQWR1V1VoNkVRQVBMUGVl
dzZGTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZMwDQYJ
KoZIhvcNAQELBQADggEBAAfRIN0Qhq5m+kz8B6eWtQKtcIZPVudQ4QnzAtLuNmiN
+P2AkI9/jI0Gnq48+YXPNzOjpqo6LzUE5zSJTvKyHy26tIhn7cMPhMctUwrrs/9b
B3Q5derIJ/O5jcqM/zm5IBAt2zBOXzsWw05qTxGdvhDLKF+ThdRkcrpY8i9Odb52
8SC3CRrgHVh3VhVI+6SdukE08JltaNduZzzRxflnj9jNfBaBcRDZsiq4H6GjOYHc
Kr33Q1asJqkfOyKetptOCWiS4mQbdskrqZyA1QwEbknoIujglOvyZIvrG5DG1/qo
8MjRkx2AL1/pPNxbWzliNRPVBGOnG/ZPeYl9ZXX3h0s=
-----END CERTIFICATE-----
Generated at Fri Dec 9 01:46:23 2022 by rpki-client.