Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/6Bc8StYgeV3TTQpd3JB1s0isouQ.roa
File: 6Bc8StYgeV3TTQpd3JB1s0isouQ.roa (raw, json)
Hash identifier: 9tjUKIywkC3Egr21PUrdQp2FMpQykqjkaUZFp+AEEGA=
Subject key identifier: E8:17:3C:4A:D6:20:79:5D:D3:4D:0A:5D:DC:90:75:B3:48:AC:A2:E4
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11EE
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/6Bc8StYgeV3TTQpd3JB1s0isouQ.roa
Signing time: Mon 10 Feb 2025 14:27:53 +0000
ROA not before: Mon 10 Feb 2025 14:27:53 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 24154
IP address blocks: 210.200.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 20:38:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4590 (0x11ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:53 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=E8173C4AD620795DD34D0A5DDC9075B348ACA2E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:76:ab:53:8e:9e:0f:e3:d5:63:ba:27:b4:a6:
26:67:0e:fc:8d:01:e5:81:f6:25:59:61:c5:49:da:
f9:db:c1:61:0e:73:c1:0d:37:43:ff:99:19:75:67:
e8:7c:e6:8d:86:7e:23:32:f2:59:58:4a:c3:27:63:
36:18:32:f4:81:94:48:af:17:c1:8d:15:00:5c:53:
53:a0:d9:67:f9:9d:2b:4f:3d:3a:39:68:5c:8d:d5:
5c:19:85:cf:ec:cb:d2:12:71:e1:09:a1:aa:7f:96:
9f:d5:68:25:0d:30:d4:8d:d6:2e:47:7d:b3:88:51:
6a:15:76:a5:fa:e1:5f:4f:1f:5b:b4:46:45:88:6a:
ca:85:d1:e5:4a:c8:0d:8a:37:e8:ad:87:dc:2d:52:
fe:eb:73:f2:d6:8d:13:e3:d4:97:08:b0:2b:2c:54:
0d:96:a4:81:72:4d:99:d5:03:d6:e0:5e:58:98:8e:
3c:72:6e:b7:09:ec:57:6f:40:67:69:fe:22:2d:1f:
e7:ae:65:46:b5:20:38:2c:57:e2:e9:ff:b7:87:ea:
8a:31:5d:2d:44:60:c8:a6:85:82:d6:a6:6b:b9:13:
09:63:e4:0f:0d:3a:16:f1:ab:6a:d8:61:29:33:36:
91:29:60:b8:8f:d1:78:fc:ce:f5:6e:ee:3a:1c:0d:
80:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:17:3C:4A:D6:20:79:5D:D3:4D:0A:5D:DC:90:75:B3:48:AC:A2:E4
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/6Bc8StYgeV3TTQpd3JB1s0isouQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.8.0/21
Signature Algorithm: sha256WithRSAEncryption
1f:7b:b6:2a:12:a5:1e:4d:b1:f7:3e:78:d5:bb:ba:20:43:1f:
13:9c:dc:2a:84:45:d5:b3:c8:d4:b8:8b:be:a7:d9:cc:46:46:
e7:e3:13:12:69:66:bc:60:5b:db:df:52:23:c4:f6:33:6c:db:
0e:ca:6c:0d:3b:44:1e:37:c0:2e:7c:38:72:4e:d4:32:83:31:
2f:ba:65:f5:63:db:b9:3d:af:f4:6b:c6:5c:4d:f9:d1:db:39:
84:eb:89:e6:6c:ed:f7:51:06:c6:92:04:21:bc:0a:f8:19:8f:
dd:e0:e4:fc:6e:94:30:f2:f4:ab:63:13:94:58:6d:60:1e:3b:
bc:4e:c9:da:c8:33:0f:3c:13:a4:0a:87:0f:4d:cb:b1:9d:d4:
b1:68:43:3d:67:b0:85:35:7e:91:9c:e1:16:c4:2d:75:71:1c:
43:3e:2b:4d:7c:f9:74:ce:54:3e:e4:8c:9e:2d:6c:3d:29:98:
04:4a:38:39:26:da:91:6f:56:15:6f:34:99:e9:30:1b:cc:b8:
a1:4d:e5:34:4e:74:13:d3:20:1f:f2:c8:06:e5:59:71:12:7b:
fa:4b:55:8b:d4:2a:95:3d:86:46:c3:9f:50:3f:ac:53:86:4d:
2d:fe:c2:64:53:6c:90:e1:92:c7:b9:2a:9b:11:e8:09:fe:89:
8b:cd:b0:04
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEe4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3NTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEU4MTczQzRBRDYyMDc5
NUREMzREMEE1RERDOTA3NUIzNDhBQ0EyRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5dqtTjp4P49Vjuie0piZnDvyNAeWB9iVZYcVJ2vnbwWEOc8EN
N0P/mRl1Z+h85o2GfiMy8llYSsMnYzYYMvSBlEivF8GNFQBcU1Og2Wf5nStPPTo5
aFyN1VwZhc/sy9ISceEJoap/lp/VaCUNMNSN1i5HfbOIUWoVdqX64V9PH1u0RkWI
asqF0eVKyA2KN+ith9wtUv7rc/LWjRPj1JcIsCssVA2WpIFyTZnVA9bgXliYjjxy
brcJ7FdvQGdp/iItH+euZUa1IDgsV+Lp/7eH6ooxXS1EYMimhYLWpmu5Ewlj5A8N
Ohbxq2rYYSkzNpEpYLiP0Xj8zvVu7jocDYAZAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU6Bc8StYgeV3TTQpd3JB1s0isouQwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzZCYzhTdFlnZVYzVFRRcGQzSkIxczBp
c291US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPSyAgwDQYJ
KoZIhvcNAQELBQADggEBAB97tioSpR5Nsfc+eNW7uiBDHxOc3CqERdWzyNS4i76n
2cxGRufjExJpZrxgW9vfUiPE9jNs2w7KbA07RB43wC58OHJO1DKDMS+6ZfVj27k9
r/RrxlxN+dHbOYTrieZs7fdRBsaSBCG8CvgZj93g5PxulDDy9KtjE5RYbWAeO7xO
ydrIMw88E6QKhw9Ny7Gd1LFoQz1nsIU1fpGc4RbELXVxHEM+K018+XTOVD7kjJ4t
bD0pmARKODkm2pFvVhVvNJnpMBvMuKFN5TROdBPTIB/yyAblWXESe/pLVYvUKpU9
hkbDn1A/rFOGTS3+wmRTbJDhkse5KpsR6An+iYvNsAQ=
-----END CERTIFICATE-----
Generated at Mon Apr 14 19:58:19 2025 by rpki-client