Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/9M23OCNhTvdHx8I_vJmLFEskn5k.roa
File: 9M23OCNhTvdHx8I_vJmLFEskn5k.roa (raw, json)
Hash identifier: CGcpnphqmVyj0AyFe2Ty51M8sge2eV8Z7fuf2jZwhj0=
Subject key identifier: F4:CD:B7:38:23:61:4E:F7:47:C7:C2:3F:BC:99:8B:14:4B:24:9F:99
Certificate issuer: /CN=57A994BD60555145CB6452DC6A980FC851136BDA
Certificate serial: 05DB
Authority key identifier: 57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/9M23OCNhTvdHx8I_vJmLFEskn5k.roa
Signing time: Mon 10 Feb 2025 13:57:53 +0000
ROA not before: Mon 10 Feb 2025 13:57:53 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38136
IP address blocks: 2406:8dc0::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/V6mUvWBVUUXLZFLcapgPyFETa9o.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/V6mUvWBVUUXLZFLcapgPyFETa9o.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 20:38:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1499 (0x5db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A994BD60555145CB6452DC6A980FC851136BDA
Validity
Not Before: Feb 10 13:57:53 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=F4CDB73823614EF747C7C23FBC998B144B249F99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:06:26:47:ff:02:5b:6c:8a:df:b6:15:90:ed:
25:14:e2:ad:ad:5c:29:d9:db:aa:8f:f7:a2:59:4a:
99:fa:2c:68:1e:4b:d6:75:18:a5:ef:c1:d6:88:8b:
84:bf:e0:cb:ee:5b:9b:a7:6f:50:67:83:d0:c7:26:
46:d5:1a:4c:1a:73:0b:e3:d6:0d:16:2a:c2:35:ae:
e6:63:64:52:c5:f5:69:a8:cd:6c:56:02:ad:4f:4b:
ba:57:f1:7d:8e:2f:40:16:b2:1d:f8:a4:96:4c:45:
bb:b5:58:c9:91:8d:38:4c:85:9e:79:e6:3b:bc:83:
58:24:a0:69:74:50:45:03:cc:3c:58:55:ae:1c:19:
5a:82:f1:ea:c8:0c:51:0a:bb:20:28:51:e9:01:34:
9c:8e:29:cb:cc:7b:53:72:be:b6:9c:5a:a3:ef:f4:
e4:36:1a:9b:17:dc:6f:31:88:fd:8a:8f:58:f2:d1:
e7:69:d0:18:e2:9d:bf:46:05:c5:10:07:8e:6a:f2:
a9:ae:44:40:d6:dc:4f:3b:87:6f:43:4d:6a:11:80:
30:af:12:18:88:c0:c5:84:d6:d8:a3:cc:8a:25:4b:
84:b6:80:b1:41:82:72:05:61:e8:f2:20:2a:e2:63:
b3:c4:e7:ae:da:bd:20:30:bc:a7:e1:9a:b1:55:1d:
9d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:CD:B7:38:23:61:4E:F7:47:C7:C2:3F:BC:99:8B:14:4B:24:9F:99
X509v3 Authority Key Identifier:
keyid:57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/V6mUvWBVUUXLZFLcapgPyFETa9o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/9M23OCNhTvdHx8I_vJmLFEskn5k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:8dc0::/36
Signature Algorithm: sha256WithRSAEncryption
67:c4:4e:6f:20:71:9d:81:59:b1:ce:3c:58:5d:6f:7e:64:9d:
c6:79:30:20:27:8d:06:7e:28:7e:5e:a6:6f:e0:6b:9f:8c:98:
bc:aa:4f:af:78:a6:19:d4:e4:17:4b:19:6e:88:25:4b:23:cf:
9d:5f:3f:05:b6:75:a1:ca:6d:0f:c9:1d:2d:ff:31:5a:a8:c6:
20:36:02:7f:9f:9d:b7:44:70:ba:09:7c:b7:d5:88:32:07:95:
24:9d:b5:00:b1:71:9a:3b:43:ba:05:05:7a:76:cb:26:4b:56:
04:bc:21:43:71:69:05:3e:dd:28:57:be:08:e0:6c:0d:46:56:
d5:8c:b7:1a:8d:b8:8f:b7:9b:a1:f2:30:f3:25:b1:21:58:be:
22:28:08:16:d7:51:da:fb:f9:62:63:26:48:7b:8a:aa:82:7a:
44:99:f1:36:b9:2a:9a:b7:33:03:b9:13:73:2f:e0:b2:bf:39:
1a:a8:ee:02:3e:0a:bc:1e:13:cd:63:77:b4:96:8d:04:31:1e:
da:7e:e5:7e:cb:f7:a8:d4:38:77:f4:51:a1:40:35:71:48:5e:
ac:46:c1:d1:77:a8:3c:bb:d9:3c:fc:ae:3e:cc:7e:b2:69:26:
fd:2d:da:85:55:2d:14:fe:9c:75:39:91:1c:3d:bc:23:6a:dc:
8e:6d:96:79
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICBdswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTdB
OTk0QkQ2MDU1NTE0NUNCNjQ1MkRDNkE5ODBGQzg1MTEzNkJEQTAeFw0yNTAyMTAx
MzU3NTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEY0Q0RCNzM4MjM2MTRF
Rjc0N0M3QzIzRkJDOTk4QjE0NEIyNDlGOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIBiZH/wJbbIrfthWQ7SUU4q2tXCnZ26qP96JZSpn6LGgeS9Z1
GKXvwdaIi4S/4MvuW5unb1Bng9DHJkbVGkwacwvj1g0WKsI1ruZjZFLF9WmozWxW
Aq1PS7pX8X2OL0AWsh34pJZMRbu1WMmRjThMhZ555ju8g1gkoGl0UEUDzDxYVa4c
GVqC8erIDFEKuyAoUekBNJyOKcvMe1NyvracWqPv9OQ2GpsX3G8xiP2Kj1jy0edp
0Bjinb9GBcUQB45q8qmuREDW3E87h29DTWoRgDCvEhiIwMWE1tijzIolS4S2gLFB
gnIFYejyICriY7PE567avSAwvKfhmrFVHZ1RAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU9M23OCNhTvdHx8I/vJmLFEskn5kwHwYDVR0jBBgwFoAUV6mUvWBVUUXLZFLc
apgPyFETa9owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUxMUEFT
Uy9WNm1VdldCVlVVWExaRkxjYXBnUHlGRVRhOW8uY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1Y2bVV2V0JWVVVYTFpGTGNhcGdQeUZFVGE5by5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0FMTFBBU1MvOU0yM09DTmhUdmRIeDhJ
X3ZKbUxGRXNrbjVrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMG
BCQGjcAAMA0GCSqGSIb3DQEBCwUAA4IBAQBnxE5vIHGdgVmxzjxYXW9+ZJ3GeTAg
J40Gfih+XqZv4GufjJi8qk+veKYZ1OQXSxluiCVLI8+dXz8FtnWhym0PyR0t/zFa
qMYgNgJ/n523RHC6CXy31YgyB5UknbUAsXGaO0O6BQV6dssmS1YEvCFDcWkFPt0o
V74I4GwNRlbVjLcajbiPt5uh8jDzJbEhWL4iKAgW11Ha+/liYyZIe4qqgnpEmfE2
uSqatzMDuRNzL+CyvzkaqO4CPgq8HhPNY3e0lo0EMR7afuV+y/eo1Dh39FGhQDVx
SF6sRsHRd6g8u9k8/K4+zH6yaSb9LdqFVS0U/px1OZEcPbwjatyObZZ5
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:59:08 2025 by rpki-client