Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/Nc_NxnDXyxp2tEElP-v3OcRxdNw.roa
File: Nc_NxnDXyxp2tEElP-v3OcRxdNw.roa (raw, json)
Hash identifier: km6lFD9G1GhEfdkoUXdHvHD03mPqh861bPlFOpjN/VY=
Subject key identifier: 35:CF:CD:C6:70:D7:CB:1A:76:B4:41:25:3F:EB:F7:39:C4:71:74:DC
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 10D7
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Nc_NxnDXyxp2tEElP-v3OcRxdNw.roa
Signing time: Mon 10 Feb 2025 13:56:32 +0000
ROA not before: Mon 10 Feb 2025 13:56:32 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 113.61.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 20:38:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4311 (0x10d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 10 13:56:32 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=35CFCDC670D7CB1A76B441253FEBF739C47174DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:82:99:77:f4:d0:c1:88:42:69:df:a1:5c:7e:
c9:dd:a7:b5:1f:a6:2b:69:19:6c:4e:a5:23:ef:46:
a1:8a:96:e8:66:05:5f:f8:ff:9b:00:29:50:40:c8:
ac:66:49:ba:dd:51:56:0b:a4:5f:8d:09:ee:a1:fb:
02:83:cc:22:3a:5f:de:e4:ce:4b:2d:bd:ad:56:2a:
d5:a3:c8:39:ec:e6:35:c3:4a:76:d7:10:10:ea:9a:
17:b9:be:6b:29:3b:90:db:fc:1a:5f:40:8a:c8:2f:
54:81:5c:9a:29:a3:3e:31:12:4c:9d:d5:76:4d:83:
b7:1c:7c:d8:44:a0:3d:b8:fb:a2:d2:3f:88:96:f0:
ac:e9:d3:c4:42:d7:d3:17:60:b1:f4:f4:84:0e:d8:
a0:d6:87:2c:1b:3d:a8:5f:0d:39:d8:75:8d:26:db:
91:cf:ce:4a:18:fd:68:82:ef:f2:03:2a:38:c2:6f:
4b:4b:a4:5e:7f:52:bc:eb:14:e3:3f:0e:d9:e3:18:
2d:ba:b4:eb:46:e2:aa:86:7b:86:02:e9:4e:2c:3f:
5c:0f:58:86:f8:18:4c:e5:04:8b:21:03:1e:3d:d1:
9e:55:57:e6:59:6f:51:fe:4d:8f:ce:51:9f:23:5d:
9d:5a:55:84:32:6a:25:9c:32:51:90:0d:2f:9a:68:
a8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:CF:CD:C6:70:D7:CB:1A:76:B4:41:25:3F:EB:F7:39:C4:71:74:DC
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Nc_NxnDXyxp2tEElP-v3OcRxdNw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.61.171.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:83:52:89:b3:95:20:4b:8b:2a:6e:ab:07:14:9e:2b:07:71:
72:9f:57:19:20:ca:ee:63:4a:93:a0:5e:df:c0:36:bb:f0:d6:
3e:5c:9c:b5:78:86:b9:d7:77:a9:5f:38:60:0c:6b:66:a0:5b:
ee:5a:08:c6:6a:3e:3d:29:87:e3:3d:64:8f:4a:cd:82:a9:d1:
04:73:2f:cd:5c:60:e1:37:c8:3d:23:e0:a5:68:7d:69:03:6d:
cd:a2:ca:c0:14:0c:79:85:f2:dc:5c:10:93:8b:8f:d8:ce:45:
e7:c2:fc:60:84:a8:39:4f:43:cc:d0:64:dd:ac:0f:fc:a9:86:
41:24:61:72:9b:fc:45:32:ef:85:0b:f0:d5:9b:19:45:5d:be:
81:0d:d9:5d:5b:65:30:c2:e2:4e:d5:c3:72:9a:96:04:cb:65:
4c:3d:18:8c:eb:b1:54:0d:dd:8b:b1:85:eb:f5:11:13:73:d9:
e5:5d:26:eb:75:3d:8d:5d:45:b9:f7:a8:13:a2:96:fb:aa:dd:
50:24:38:bb:76:5e:49:a6:b6:33:c0:c9:5b:a9:d1:7b:bd:1e:
42:d5:0b:7f:c9:65:9e:78:8a:ce:de:5c:79:34:68:49:fd:38:
9e:e9:9b:63:0f:da:e6:18:ab:a6:65:56:35:73:ff:ad:26:e3:
fb:85:1a:44
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICENcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx
MzU2MzJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM1Q0ZDREM2NzBEN0NC
MUE3NkI0NDEyNTNGRUJGNzM5QzQ3MTc0REMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMgpl39NDBiEJp36Fcfsndp7UfpitpGWxOpSPvRqGKluhmBV/4
/5sAKVBAyKxmSbrdUVYLpF+NCe6h+wKDzCI6X97kzkstva1WKtWjyDns5jXDSnbX
EBDqmhe5vmspO5Db/BpfQIrIL1SBXJopoz4xEkyd1XZNg7ccfNhEoD24+6LSP4iW
8Kzp08RC19MXYLH09IQO2KDWhywbPahfDTnYdY0m25HPzkoY/WiC7/IDKjjCb0tL
pF5/UrzrFOM/DtnjGC26tOtG4qqGe4YC6U4sP1wPWIb4GEzlBIshAx490Z5VV+ZZ
b1H+TY/OUZ8jXZ1aVYQyaiWcMlGQDS+aaKiZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUNc/NxnDXyxp2tEElP+v3OcRxdNwwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvTmNfTnhuRFh5eHAydEVFbFAtdjNP
Y1J4ZE53LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHE9qzAN
BgkqhkiG9w0BAQsFAAOCAQEAb4NSibOVIEuLKm6rBxSeKwdxcp9XGSDK7mNKk6Be
38A2u/DWPlyctXiGudd3qV84YAxrZqBb7loIxmo+PSmH4z1kj0rNgqnRBHMvzVxg
4TfIPSPgpWh9aQNtzaLKwBQMeYXy3FwQk4uP2M5F58L8YISoOU9DzNBk3awP/KmG
QSRhcpv8RTLvhQvw1ZsZRV2+gQ3ZXVtlMMLiTtXDcpqWBMtlTD0YjOuxVA3di7GF
6/URE3PZ5V0m63U9jV1FufeoE6KW+6rdUCQ4u3ZeSaa2M8DJW6nRe70eQtULf8ll
nniKzt5ceTRoSf04numbYw/a5hirpmVWNXP/rSbj+4UaRA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:49:41 2025 by rpki-client