Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Frg9VOSWb5iraswr00IxPVpzmRo.roa
File: Frg9VOSWb5iraswr00IxPVpzmRo.roa (raw, json)
Hash identifier: dgQAxi3zwV5mBaHQtfc6UHmz77Gq+ZXQqC6Ms+dhDrU=
Subject key identifier: 16:B8:3D:54:E4:96:6F:98:AB:6A:CC:2B:D3:42:31:3D:5A:73:99:1A
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 1288
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Frg9VOSWb5iraswr00IxPVpzmRo.roa
Signing time: Mon 10 Feb 2025 14:14:58 +0000
ROA not before: Mon 10 Feb 2025 14:14:58 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131627
IP address blocks: 150.116.224.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 18:07:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4744 (0x1288)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 10 14:14:58 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=16B83D54E4966F98AB6ACC2BD342313D5A73991A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9f:9c:87:74:f2:85:6a:ed:b3:45:11:bf:15:
c3:29:9b:5a:a8:b6:8d:6a:63:36:94:8f:98:29:99:
1f:ef:97:cc:2e:06:68:ce:0d:a0:e5:5e:77:b9:4a:
2c:44:fb:35:a2:e6:01:8f:22:52:96:55:3e:f8:67:
7d:5a:08:5b:e2:49:9e:d0:db:7a:81:41:2d:b8:83:
f7:44:ee:0f:58:2c:7c:89:84:92:86:c6:a3:d9:2e:
3a:2f:a5:c7:22:55:c9:ac:79:68:08:e9:b2:ac:bf:
48:09:4b:9d:b3:3b:de:6c:90:a4:08:fa:cb:d8:ef:
23:3b:0d:1e:f8:45:f2:92:10:f3:d1:a9:18:26:77:
50:f3:d3:af:04:ef:5c:c9:ef:0a:a0:ab:b7:c3:55:
51:7a:b3:c0:d1:d9:47:ac:bd:7d:68:9f:da:8b:9f:
ce:8e:fe:52:99:84:45:0f:5f:39:79:f6:c7:62:05:
06:13:44:00:fa:da:9d:f7:8b:e8:47:42:15:6e:bc:
e4:dc:35:b7:27:eb:59:19:6f:67:ba:e0:ff:ae:e2:
07:ce:c7:12:93:31:67:a9:97:25:0e:4d:1e:fe:9a:
37:56:cf:44:47:1e:0f:31:02:54:bc:d6:12:32:dd:
fe:54:af:dc:ba:04:26:0d:71:3a:5c:cb:c5:62:55:
6d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B8:3D:54:E4:96:6F:98:AB:6A:CC:2B:D3:42:31:3D:5A:73:99:1A
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Frg9VOSWb5iraswr00IxPVpzmRo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.224.0/21
Signature Algorithm: sha256WithRSAEncryption
13:90:d7:f6:71:b0:9b:48:7f:81:63:44:86:d7:87:1c:21:46:
b6:29:19:76:af:13:46:04:d1:77:35:61:71:d1:04:c9:b4:72:
c0:bd:2b:6b:9d:48:33:55:4a:6e:c7:63:e8:45:e9:d3:21:3e:
36:2e:cb:22:97:98:75:7b:e8:94:7d:5d:3e:d6:29:58:6d:28:
b8:5a:f8:59:c2:5a:2c:c6:f9:90:36:f9:90:e4:0d:80:68:25:
a8:d8:7d:f9:55:4b:dc:ce:4b:ce:62:08:44:75:cf:fd:32:17:
ff:0b:69:25:e4:82:5f:db:1c:6b:d5:19:b8:58:55:56:72:f4:
3d:9c:fc:45:e0:b8:23:f8:ae:01:46:b9:2f:1a:2c:d8:1b:19:
85:7a:74:c8:b3:e9:a4:35:28:f3:1e:1a:fd:56:f6:ed:ea:6a:
d1:16:de:10:28:f0:c5:ef:a7:d5:9e:63:f5:76:9f:ff:1b:e9:
8d:02:70:da:f4:6e:e9:0b:96:15:da:63:8d:8f:34:01:3f:f3:
2d:03:e2:ae:fb:28:e6:65:a9:3a:f7:88:b5:dd:0b:6d:07:35:
a0:01:06:e9:fd:39:c5:20:1f:34:19:07:92:66:76:0e:20:6c:
3a:df:46:15:57:1d:55:bb:de:50:5d:81:e5:e9:98:57:ea:40:
ca:a5:b3:8b
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEogwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx
NDE0NThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDE2QjgzRDU0RTQ5NjZG
OThBQjZBQ0MyQkQzNDIzMTNENUE3Mzk5MUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKn5yHdPKFau2zRRG/FcMpm1qoto1qYzaUj5gpmR/vl8wuBmjO
DaDlXne5SixE+zWi5gGPIlKWVT74Z31aCFviSZ7Q23qBQS24g/dE7g9YLHyJhJKG
xqPZLjovpcciVcmseWgI6bKsv0gJS52zO95skKQI+svY7yM7DR74RfKSEPPRqRgm
d1Dz068E71zJ7wqgq7fDVVF6s8DR2UesvX1on9qLn86O/lKZhEUPXzl59sdiBQYT
RAD62p33i+hHQhVuvOTcNbcn61kZb2e64P+u4gfOxxKTMWeplyUOTR7+mjdWz0RH
Hg8xAlS81hIy3f5Ur9y6BCYNcTpcy8ViVW1lAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUFrg9VOSWb5iraswr00IxPVpzmRowHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9Gcmc5Vk9TV2I1aXJh
c3dyMDBJeFBWcHptUm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnTgMA0GCSqGSIb3DQEBCwUAA4IBAQATkNf2cbCbSH+BY0SG14ccIUa2KRl2
rxNGBNF3NWFx0QTJtHLAvStrnUgzVUpux2PoRenTIT42Lssil5h1e+iUfV0+1ilY
bSi4WvhZwlosxvmQNvmQ5A2AaCWo2H35VUvczkvOYghEdc/9Mhf/C2kl5IJf2xxr
1Rm4WFVWcvQ9nPxF4Lgj+K4BRrkvGizYGxmFenTIs+mkNSjzHhr9Vvbt6mrRFt4Q
KPDF76fVnmP1dp//G+mNAnDa9G7pC5YV2mONjzQBP/MtA+Ku+yjmZak694i13Qtt
BzWgAQbp/TnFIB80GQeSZnYOIGw630YVVx1Vu95QXYHl6ZhX6kDKpbOL
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:42:49 2025 by rpki-client