Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/W4NhpagyGfPJN6bb2y10MPSXERg.roa
File: W4NhpagyGfPJN6bb2y10MPSXERg.roa (raw, json)
Hash identifier: ghJSWtR+3aRHDaakw0UWimYQN4OLDmmmpwL37h7Y10o=
Subject key identifier: 5B:83:61:A5:A8:32:19:F3:C9:37:A6:DB:DB:2D:74:30:F4:97:11:18
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 10D5
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/W4NhpagyGfPJN6bb2y10MPSXERg.roa
Signing time: Mon 10 Feb 2025 13:56:31 +0000
ROA not before: Mon 10 Feb 2025 13:56:31 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 121.254.96.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 07:08:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4309 (0x10d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 10 13:56:31 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5B8361A5A83219F3C937A6DBDB2D7430F4971118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:75:da:a7:e6:2a:61:94:b6:01:62:97:3e:60:
14:52:86:0f:92:ba:32:89:e6:2a:07:51:44:9f:73:
3e:b8:6b:54:59:de:ed:db:9e:df:a8:cf:40:ed:41:
2b:b7:86:cf:83:0f:69:4d:46:5b:b3:6b:b8:ff:65:
72:52:22:9a:70:e3:00:f3:dd:50:7e:6b:d4:63:b1:
27:f6:8d:b2:95:0a:7e:46:60:77:ec:0b:02:ac:54:
6c:3c:a7:6e:51:76:0f:dd:80:a0:f7:b0:bd:64:5e:
f1:be:aa:01:62:a0:c0:f6:76:84:02:40:eb:c3:c1:
bb:9f:b6:e4:d8:7d:2a:6f:9d:1e:17:6e:bf:10:08:
3a:aa:84:44:9c:4a:e4:e2:c2:90:8a:a5:8e:cd:48:
b6:63:b7:72:34:97:f2:9a:a2:62:3a:52:f4:74:88:
2f:96:dd:86:0d:a9:4c:04:2f:15:0d:3f:da:d5:d0:
bd:a1:e4:86:ed:e1:64:56:e3:53:8e:33:37:f6:d6:
92:47:67:32:f7:cf:a6:07:2d:42:70:e2:4f:f3:1b:
2a:37:a8:78:97:46:60:be:38:8e:72:d4:75:a7:59:
37:0e:78:f1:47:b3:b6:72:ef:e2:b7:10:01:53:50:
a1:52:66:e8:51:f8:cc:8a:ae:24:9b:ba:cb:c7:fa:
c1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:83:61:A5:A8:32:19:F3:C9:37:A6:DB:DB:2D:74:30:F4:97:11:18
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/W4NhpagyGfPJN6bb2y10MPSXERg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.96.0/20
Signature Algorithm: sha256WithRSAEncryption
28:a7:30:e1:46:0a:54:63:04:ac:83:59:fa:7a:1b:3b:ca:91:
78:91:1d:64:ec:85:f2:6c:e7:95:46:1b:08:cc:0b:09:72:c0:
0e:ed:99:fa:ae:d4:0b:18:70:a2:21:21:c0:b7:81:a6:77:08:
98:4f:da:16:be:be:e4:1e:87:90:32:a2:d5:bf:01:d5:e6:73:
54:4a:0b:f0:fe:12:9d:85:f7:36:2b:c3:99:a2:11:04:71:47:
99:95:41:84:58:8f:ab:2e:8e:54:dd:d6:8e:83:7a:4c:80:d1:
08:72:70:74:f1:10:f3:eb:4b:d5:54:20:e9:23:f4:27:83:19:
87:5a:5a:96:33:84:da:11:6a:20:50:31:e9:66:e8:c0:1f:d1:
17:a4:5e:4c:ca:9a:f5:7f:47:b9:8a:5a:c8:1e:af:04:a7:5a:
b8:15:94:ae:a4:1f:e3:32:db:32:7f:6d:a8:ec:72:63:c6:3d:
64:83:38:80:25:8c:e8:c3:71:35:e0:46:c3:65:e5:dc:d5:54:
c4:27:f5:3f:d1:ce:cd:29:c1:32:26:26:c8:22:1c:97:db:a8:
ed:85:1b:0a:42:eb:81:88:67:05:90:13:08:b7:dd:28:f2:2c:
7a:bb:6c:e6:16:be:eb:ce:33:59:fb:b2:ec:16:88:1b:5e:ca:
83:54:f2:e5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICENUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx
MzU2MzFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVCODM2MUE1QTgzMjE5
RjNDOTM3QTZEQkRCMkQ3NDMwRjQ5NzExMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9ddqn5iphlLYBYpc+YBRShg+SujKJ5ioHUUSfcz64a1RZ3u3b
nt+oz0DtQSu3hs+DD2lNRluza7j/ZXJSIppw4wDz3VB+a9RjsSf2jbKVCn5GYHfs
CwKsVGw8p25Rdg/dgKD3sL1kXvG+qgFioMD2doQCQOvDwbuftuTYfSpvnR4Xbr8Q
CDqqhEScSuTiwpCKpY7NSLZjt3I0l/KaomI6UvR0iC+W3YYNqUwELxUNP9rV0L2h
5Ibt4WRW41OOMzf21pJHZzL3z6YHLUJw4k/zGyo3qHiXRmC+OI5y1HWnWTcOePFH
s7Zy7+K3EAFTUKFSZuhR+MyKriSbusvH+sG1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUW4NhpagyGfPJN6bb2y10MPSXERgwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvVzROaHBhZ3lHZlBKTjZiYjJ5MTBN
UFNYRVJnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBHn+YDAN
BgkqhkiG9w0BAQsFAAOCAQEAKKcw4UYKVGMErINZ+nobO8qReJEdZOyF8mznlUYb
CMwLCXLADu2Z+q7UCxhwoiEhwLeBpncImE/aFr6+5B6HkDKi1b8B1eZzVEoL8P4S
nYX3NivDmaIRBHFHmZVBhFiPqy6OVN3WjoN6TIDRCHJwdPEQ8+tL1VQg6SP0J4MZ
h1paljOE2hFqIFAx6WbowB/RF6ReTMqa9X9HuYpayB6vBKdauBWUrqQf4zLbMn9t
qOxyY8Y9ZIM4gCWM6MNxNeBGw2Xl3NVUxCf1P9HOzSnBMiYmyCIcl9uo7YUbCkLr
gYhnBZATCLfdKPIserts5ha+684zWfuy7BaIG17Kg1Ty5Q==
-----END CERTIFICATE-----
Generated at Mon Apr 14 05:52:47 2025 by rpki-client