Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/-fD2iUlPJPPmqO7x8rZdxW_UsG4.roa
File: -fD2iUlPJPPmqO7x8rZdxW_UsG4.roa (raw, json)
Hash identifier: D/ep7/a65OJsDs3DCMz2Eci63UIQ8QsSNTwAix+igA4=
Subject key identifier: F9:F0:F6:89:49:4F:24:F3:E6:A8:EE:F1:F2:B6:5D:C5:6F:D4:B0:6E
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 123B
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/-fD2iUlPJPPmqO7x8rZdxW_UsG4.roa
Signing time: Mon 10 Feb 2025 14:28:11 +0000
ROA not before: Mon 10 Feb 2025 14:28:11 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 210.63.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 07:08:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4667 (0x123b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:11 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=F9F0F689494F24F3E6A8EEF1F2B65DC56FD4B06E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c5:c3:a7:6e:bd:a1:86:e3:2f:17:c2:d7:99:
6b:a3:66:5b:c5:2a:fb:00:68:e5:81:ff:1c:96:ab:
86:ec:e0:bb:d6:14:99:fa:35:7a:9e:9d:9a:2a:7c:
99:7e:df:01:6e:53:d8:1c:cf:fb:cc:54:1b:a1:b7:
38:d4:9e:4f:b7:27:fc:15:e6:e4:14:be:95:8a:2a:
8d:09:e9:60:42:ad:29:f9:c7:0e:97:69:7d:32:cb:
b6:11:40:ef:3d:b1:f5:47:87:fa:38:9c:50:09:cc:
a1:49:e9:c2:5d:36:47:35:2e:34:08:9f:33:ab:46:
62:37:ee:62:ef:8d:00:1c:c5:be:97:d6:be:79:32:
9e:87:bf:91:34:7d:48:3f:ef:70:41:86:2e:5f:6f:
ef:1d:3d:6a:6f:24:cf:34:4e:de:fd:12:7c:67:7d:
2d:38:9b:71:32:a2:d2:d1:c8:d7:06:8a:39:3c:57:
3e:b1:92:b2:97:48:ea:06:05:ee:ea:73:b9:49:3f:
17:4a:a1:5d:16:77:6d:58:ea:be:0b:b6:2b:f9:25:
9b:ab:07:ba:2b:3a:de:0c:83:fa:c5:3a:cc:c4:00:
69:10:f5:02:87:f9:76:3c:db:68:9e:f8:36:fd:06:
75:28:cc:df:83:e9:0e:4e:55:c6:1a:7f:a6:e4:62:
5e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F0:F6:89:49:4F:24:F3:E6:A8:EE:F1:F2:B6:5D:C5:6F:D4:B0:6E
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/-fD2iUlPJPPmqO7x8rZdxW_UsG4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.63.224.0/19
Signature Algorithm: sha256WithRSAEncryption
1e:5d:df:72:29:96:3f:9e:be:d2:17:20:e7:94:01:c8:23:77:
02:6f:16:59:f7:78:cc:c8:8f:52:80:20:6d:ea:7b:33:f2:4f:
79:8b:0d:3e:ff:cc:92:a4:be:36:3a:86:75:dd:e4:b6:ba:2f:
2b:f0:97:67:9f:86:0f:68:07:06:3e:89:c6:13:cc:fd:68:99:
4d:59:09:0f:53:17:e6:d5:49:11:f3:0d:ae:e2:01:59:9d:12:
1a:e3:e6:28:a4:1f:41:bf:60:51:6d:53:e0:2e:5e:42:ff:57:
cf:d8:f5:fb:fa:1e:7a:21:2e:0b:04:85:65:5e:a4:a5:2f:59:
f0:3a:4e:68:ef:e2:1d:d8:36:41:ab:49:f8:fc:bd:c0:1d:60:
23:f2:be:14:6a:0f:69:ad:ad:3a:c0:fb:c2:77:fd:78:b5:34:
22:48:07:09:7a:3a:04:f6:2b:78:ba:5d:ed:1f:59:e3:a8:75:
45:d4:06:b7:56:aa:28:06:a1:98:80:c6:c6:3e:86:e4:a8:e9:
db:50:37:f0:65:fd:ea:25:26:1e:e0:79:25:d8:59:48:95:ed:
bb:d8:42:7b:9c:44:c5:0e:69:d9:c2:8d:09:06:9b:6e:30:d9:
62:61:04:23:48:4f:77:c6:37:c9:69:85:5d:11:d5:f4:aa:0f:
68:0d:12:bc
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEjswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEY5RjBGNjg5NDk0RjI0
RjNFNkE4RUVGMUYyQjY1REM1NkZENEIwNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsxcOnbr2hhuMvF8LXmWujZlvFKvsAaOWB/xyWq4bs4LvWFJn6
NXqenZoqfJl+3wFuU9gcz/vMVBuhtzjUnk+3J/wV5uQUvpWKKo0J6WBCrSn5xw6X
aX0yy7YRQO89sfVHh/o4nFAJzKFJ6cJdNkc1LjQInzOrRmI37mLvjQAcxb6X1r55
Mp6Hv5E0fUg/73BBhi5fb+8dPWpvJM80Tt79EnxnfS04m3EyotLRyNcGijk8Vz6x
krKXSOoGBe7qc7lJPxdKoV0Wd21Y6r4Ltiv5JZurB7orOt4Mg/rFOszEAGkQ9QKH
+XY822ie+Db9BnUozN+D6Q5OVcYaf6bkYl6HAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU+fD2iUlPJPPmqO7x8rZdxW/UsG4wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULy1mRDJpVWxQSlBQbXFPN3g4clpkeFdf
VXNHNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXSP+AwDQYJ
KoZIhvcNAQELBQADggEBAB5d33Iplj+evtIXIOeUAcgjdwJvFln3eMzIj1KAIG3q
ezPyT3mLDT7/zJKkvjY6hnXd5La6Lyvwl2efhg9oBwY+icYTzP1omU1ZCQ9TF+bV
SRHzDa7iAVmdEhrj5iikH0G/YFFtU+AuXkL/V8/Y9fv6HnohLgsEhWVepKUvWfA6
Tmjv4h3YNkGrSfj8vcAdYCPyvhRqD2mtrTrA+8J3/Xi1NCJIBwl6OgT2K3i6Xe0f
WeOodUXUBrdWqigGoZiAxsY+huSo6dtQN/Bl/eolJh7geSXYWUiV7bvYQnucRMUO
adnCjQkGm24w2WJhBCNIT3fGN8lphV0R1fSqD2gNErw=
-----END CERTIFICATE-----
Generated at Mon Apr 14 06:22:26 2025 by rpki-client