Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/IeC-xKdhVluLGumHMuh-oXvbKL0.roa
File: IeC-xKdhVluLGumHMuh-oXvbKL0.roa (raw, json)
Hash identifier: qoLjsAqG4jK7L02LjRJQXCH7kd8SvGYiasxwgddPmSA=
Subject key identifier: 21:E0:BE:C4:A7:61:56:5B:8B:1A:E9:87:32:E8:7E:A1:7B:DB:28:BD
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 12A6
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/IeC-xKdhVluLGumHMuh-oXvbKL0.roa
Signing time: Mon 10 Feb 2025 14:15:06 +0000
ROA not before: Mon 10 Feb 2025 14:15:06 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131627
IP address blocks: 150.117.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 17 Apr 2025 18:08:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4774 (0x12a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 10 14:15:06 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=21E0BEC4A761565B8B1AE98732E87EA17BDB28BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:41:2d:61:aa:38:4f:d2:e7:a3:08:60:5d:70:
38:7f:2e:58:f9:b8:b1:a5:d2:2a:d7:f7:5b:e2:04:
d9:83:e8:77:54:a6:32:07:7c:0c:39:41:27:84:f1:
91:31:58:6b:fb:03:92:e8:2a:97:2c:1b:a3:30:45:
97:f2:8d:1e:8d:9a:41:c8:bb:5d:82:c8:0f:6e:51:
65:91:8e:99:64:df:f8:69:77:1e:03:22:54:42:ef:
70:14:17:bb:67:8c:e1:47:d8:53:d7:93:5c:95:8c:
84:d8:b3:4e:59:6f:1e:76:cd:cf:ea:31:95:3a:ec:
14:39:32:0c:a3:82:e3:82:85:94:f1:0d:7b:e8:57:
71:a0:9a:a0:ef:54:68:f7:b2:2e:42:03:f8:f7:f7:
96:3c:a1:b7:71:2d:d8:da:c6:86:bb:52:c2:5f:54:
49:f2:ac:cc:33:5d:94:33:57:c0:bd:4e:ee:c2:0e:
6a:5f:26:18:97:07:3a:d0:61:8f:d5:60:85:34:76:
08:f1:bd:5f:56:15:14:17:6c:37:c5:ae:1d:16:1f:
28:b2:4f:68:47:9c:eb:d6:27:1b:db:88:e1:1f:6c:
7d:03:3c:53:e8:00:0b:96:60:a1:e0:c9:74:61:4d:
f8:a5:10:a9:91:2a:92:22:94:eb:98:f3:d2:70:44:
cc:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E0:BE:C4:A7:61:56:5B:8B:1A:E9:87:32:E8:7E:A1:7B:DB:28:BD
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/IeC-xKdhVluLGumHMuh-oXvbKL0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.117.240.0/20
Signature Algorithm: sha256WithRSAEncryption
2e:cc:b8:9b:fe:bf:56:37:bf:51:a4:ef:c5:80:45:e7:b6:5c:
d2:56:3b:0d:8d:a3:c2:50:1e:c2:9d:d2:63:e1:98:03:fd:7d:
44:97:9b:e2:28:0b:d0:4c:6a:51:f8:02:a9:c0:3f:4e:c5:fb:
07:39:fe:bd:65:e1:63:db:77:f2:9e:b7:26:e7:22:94:7e:2f:
f3:57:d3:16:44:06:d6:24:62:99:f8:c7:a0:cb:db:3c:e6:d9:
50:f4:cd:92:1b:20:34:da:8f:21:c4:b4:ef:23:1c:c3:46:1e:
2f:5e:05:fb:a0:e9:c2:6e:14:04:aa:93:44:a4:fb:80:14:d7:
e6:8c:60:6f:83:8c:88:9e:f9:b9:be:b5:f1:75:d2:7c:8a:4c:
3e:e1:df:ac:bb:d6:d6:ae:cc:df:a6:ea:06:da:d2:6d:82:bc:
c6:8a:bf:46:9b:7a:76:34:7e:2e:ed:94:19:2d:c2:2a:59:7b:
70:f7:1b:82:4e:d9:0f:ec:8e:b9:c8:3b:3e:6b:6d:20:64:97:
67:0c:d1:53:21:b5:fa:39:e0:40:47:aa:7c:5e:d8:67:56:4f:
0f:8d:80:e6:44:21:0c:2f:01:0b:23:a9:f6:91:29:a9:f3:7a:
aa:c1:94:1b:3c:f4:d2:51:10:ef:81:e4:7b:ea:e4:de:18:ac:
00:87:36:5e
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEqYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx
NDE1MDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIxRTBCRUM0QTc2MTU2
NUI4QjFBRTk4NzMyRTg3RUExN0JEQjI4QkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8QS1hqjhP0uejCGBdcDh/Llj5uLGl0irX91viBNmD6HdUpjIH
fAw5QSeE8ZExWGv7A5LoKpcsG6MwRZfyjR6NmkHIu12CyA9uUWWRjplk3/hpdx4D
IlRC73AUF7tnjOFH2FPXk1yVjITYs05Zbx52zc/qMZU67BQ5MgyjguOChZTxDXvo
V3GgmqDvVGj3si5CA/j395Y8obdxLdjaxoa7UsJfVEnyrMwzXZQzV8C9Tu7CDmpf
JhiXBzrQYY/VYIU0dgjxvV9WFRQXbDfFrh0WHyiyT2hHnOvWJxvbiOEfbH0DPFPo
AAuWYKHgyXRhTfilEKmRKpIilOuY89JwRMyjAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUIeC+xKdhVluLGumHMuh+oXvbKL0wHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9JZUMteEtkaFZsdUxH
dW1ITXVoLW9YdmJLTDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQElnXwMA0GCSqGSIb3DQEBCwUAA4IBAQAuzLib/r9WN79RpO/FgEXntlzSVjsN
jaPCUB7CndJj4ZgD/X1El5viKAvQTGpR+AKpwD9OxfsHOf69ZeFj23fynrcm5yKU
fi/zV9MWRAbWJGKZ+Megy9s85tlQ9M2SGyA02o8hxLTvIxzDRh4vXgX7oOnCbhQE
qpNEpPuAFNfmjGBvg4yInvm5vrXxddJ8ikw+4d+su9bWrszfpuoG2tJtgrzGir9G
m3p2NH4u7ZQZLcIqWXtw9xuCTtkP7I65yDs+a20gZJdnDNFTIbX6OeBAR6p8Xthn
Vk8PjYDmRCEMLwELI6n2kSmp83qqwZQbPPTSURDvgeR76uTeGKwAhzZe
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:31:44 2025 by rpki-client