Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/-kyV2owheKuDZv3HNcGzbgymWOM.roa
File:                     -kyV2owheKuDZv3HNcGzbgymWOM.roa (download)
Hash identifier:          b1n25FA9gYt1EwN6gE42TubiwkOA/EC3Q1IyZv4ZpoQ=
Subject key identifier:   FA:4C:95:DA:8C:21:78:AB:83:66:FD:C7:35:C1:B3:6E:0C:A6:58:E3
Certificate issuer:       /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Certificate serial:       0A6D
Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/-kyV2owheKuDZv3HNcGzbgymWOM.roa
ROA valid until:          Sep 06 03:00:35 2023 GMT
asID:                     2914
IP address blocks:
    1: 122.255.80.0/20 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2669 (0xa6d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
        Validity
            Not Before: Sep 15 02:50:48 2022 GMT
            Not After : Sep  6 03:00:35 2023 GMT
        Subject: CN=FA4C95DA8C2178AB8366FDC735C1B36E0CA658E3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:fa:bb:fe:da:c8:82:61:f1:2c:68:f3:f5:dd:
                    bb:f5:6e:fa:3c:80:2b:eb:55:4a:fe:d9:c6:49:79:
                    98:56:14:02:2a:bc:05:a8:ac:ac:1f:07:a8:6c:21:
                    37:b8:6f:d6:99:4a:9b:27:a9:78:cb:08:7c:3e:a1:
                    9c:11:2c:08:b0:e5:83:da:3c:87:be:7c:eb:5d:26:
                    fa:d1:16:5f:75:c6:6b:94:38:2d:a9:62:43:52:71:
                    73:df:28:77:ed:2b:1d:2b:ca:56:94:4b:79:c9:01:
                    24:f2:82:06:e1:e4:32:6c:20:60:d0:68:7a:67:95:
                    f6:c6:03:10:09:a0:c9:24:2d:c0:85:66:3c:a2:a6:
                    26:c0:4f:b7:b7:18:06:89:63:f4:c4:be:8a:34:e8:
                    af:c3:cc:2b:97:e1:13:27:fa:61:4a:ea:e2:0d:3f:
                    d5:7c:6d:25:f9:22:0f:bb:ea:ed:64:be:35:d5:d9:
                    ea:ce:f5:91:64:51:e3:d7:d2:78:e2:bc:5e:74:ee:
                    44:5d:2b:a0:20:8b:d4:5f:6f:5d:64:ac:59:30:a5:
                    5b:06:b4:04:fe:df:86:f1:e8:3a:2d:4d:86:c2:90:
                    bb:a4:7d:e2:30:26:d5:77:64:7c:c1:77:9d:08:84:
                    2e:58:9c:3f:72:b4:b0:a6:38:8e:46:3a:de:12:03:
                    78:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                FA:4C:95:DA:8C:21:78:AB:83:66:FD:C7:35:C1:B3:6E:0C:A6:58:E3
            X509v3 Authority Key Identifier: 
                keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access: 
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/-kyV2owheKuDZv3HNcGzbgymWOM.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  122.255.80.0/20

    Signature Algorithm: sha256WithRSAEncryption
         46:9e:07:87:6c:08:1f:7b:81:ec:7f:29:90:d0:af:f3:82:28:
         8e:ad:cc:7f:db:99:da:18:d3:ef:53:60:80:e4:58:e6:49:3b:
         ed:fc:c4:6d:08:97:4a:e1:c6:05:9c:16:31:03:e9:36:49:94:
         84:03:fd:73:08:89:43:b3:ed:e6:6d:75:56:07:c6:ad:14:ae:
         a1:48:b5:6a:68:99:23:1f:d1:9f:7e:dd:4d:3d:f2:40:d9:78:
         79:55:c2:84:b0:4f:9f:cf:26:6c:17:fb:e3:36:4d:1f:8c:a2:
         a8:26:ca:94:f9:a3:02:02:7d:ea:66:77:2a:34:fe:f2:99:c9:
         22:da:c2:07:61:a8:12:76:61:89:b1:90:a9:28:6b:23:6c:2f:
         cd:cf:4e:ab:10:49:fc:d2:e9:66:b5:8c:7c:ef:68:cd:0c:8d:
         0b:d2:65:20:78:12:09:a8:89:44:92:0a:d3:97:99:36:36:9f:
         80:44:c0:df:7b:25:f4:e2:59:b8:09:44:bd:4f:bd:6e:03:d1:
         36:20:db:7a:f9:49:cc:a4:ea:05:60:68:31:e5:27:02:bc:ee:
         78:a2:11:8e:6d:8b:bc:f2:fd:53:a4:8a:26:cb:ef:07:2f:63:
         ea:4a:90:c7:96:ba:03:36:df:97:72:b4:3f:a1:7a:d5:db:fe:
         ab:df:8e:9e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCm0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy
Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yMjA5MTUw
MjUwNDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEZBNEM5NURBOEMyMTc4
QUI4MzY2RkRDNzM1QzFCMzZFMENBNjU4RTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDe+rv+2siCYfEsaPP13bv1bvo8gCvrVUr+2cZJeZhWFAIqvAWo
rKwfB6hsITe4b9aZSpsnqXjLCHw+oZwRLAiw5YPaPIe+fOtdJvrRFl91xmuUOC2p
YkNScXPfKHftKx0rylaUS3nJASTyggbh5DJsIGDQaHpnlfbGAxAJoMkkLcCFZjyi
pibAT7e3GAaJY/TEvoo06K/DzCuX4RMn+mFK6uINP9V8bSX5Ig+76u1kvjXV2erO
9ZFkUePX0njivF507kRdK6Agi9Rfb11krFkwpVsGtAT+34bx6DotTYbCkLukfeIw
JtV3ZHzBd50IhC5YnD9ytLCmOI5GOt4SA3iFAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU+kyV2owheKuDZv3HNcGzbgymWOMwHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe
wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv
bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC8ta3lWMm93aGVLdURadjNITmNH
emJneW1XT00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEev9Q
MA0GCSqGSIb3DQEBCwUAA4IBAQBGngeHbAgfe4HsfymQ0K/zgiiOrcx/25naGNPv
U2CA5FjmSTvt/MRtCJdK4cYFnBYxA+k2SZSEA/1zCIlDs+3mbXVWB8atFK6hSLVq
aJkjH9Gfft1NPfJA2Xh5VcKEsE+fzyZsF/vjNk0fjKKoJsqU+aMCAn3qZncqNP7y
mcki2sIHYagSdmGJsZCpKGsjbC/Nz06rEEn80ulmtYx872jNDI0L0mUgeBIJqIlE
kgrTl5k2Np+ARMDfeyX04lm4CUS9T71uA9E2INt6+UnMpOoFYGgx5ScCvO54ohGO
bYu88v1TpIomy+8HL2PqSpDHlroDNt+XcrQ/oXrV2/6r346e
-----END CERTIFICATE-----
Generated at Thu Dec 8 19:35:15 2022 by rpki-client.