Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/AkeXALxErXuTFob3QcqSz10qjys.roa
File: AkeXALxErXuTFob3QcqSz10qjys.roa (raw, json)
Hash identifier: Ie0ta/HmqWhEvC1v4tDrZ0KdnfoRhnHsqNpPnztI7HM=
Subject key identifier: 02:47:97:00:BC:44:AD:7B:93:16:86:F7:41:CA:92:CF:5D:2A:8F:2B
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 121D
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/AkeXALxErXuTFob3QcqSz10qjys.roa
Signing time: Mon 10 Feb 2025 14:28:05 +0000
ROA not before: Mon 10 Feb 2025 14:28:05 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 210.200.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4637 (0x121d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:05 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=02479700BC44AD7B931686F741CA92CF5D2A8F2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:86:b1:fa:3c:f3:93:2b:e2:3d:f7:25:7c:61:
7e:70:50:34:57:ae:cb:c1:90:f6:81:2d:da:62:7a:
48:1d:ff:81:c8:f1:e0:db:aa:89:6b:c8:0d:1f:cd:
54:b0:b3:ca:ca:e7:57:17:af:50:42:53:4e:db:ba:
3d:19:54:69:09:8d:7c:f1:da:fb:69:99:50:ba:cb:
55:83:7f:43:ed:98:4d:b9:db:5f:b0:74:6a:7e:23:
d5:23:01:cb:e6:99:d6:6e:ec:33:4f:2f:a9:5d:3a:
87:fa:e8:96:ef:c8:6e:75:52:44:da:8b:6d:a7:1a:
3d:95:86:bf:c4:ba:20:55:f3:01:e5:20:b7:09:66:
84:82:9a:55:cf:ca:06:25:9c:7e:bd:d6:0e:1d:a6:
9e:c6:0c:3e:87:d8:f7:54:b1:7f:dc:fa:a3:62:91:
86:5e:f1:81:b0:40:70:a1:f3:0d:de:02:6d:82:28:
c1:8e:0c:92:d5:17:be:b5:ab:1f:ac:ce:45:40:39:
53:ed:e2:51:55:ac:d8:d2:29:5a:b9:fb:d0:9c:2a:
d7:d5:7f:e9:4e:d2:92:76:cf:7d:10:f0:40:1e:8b:
e2:24:40:87:52:29:2e:41:71:4b:b6:87:ed:85:c4:
cd:bc:ad:6b:9c:7c:b6:fb:3b:05:c5:63:df:ee:22:
55:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:47:97:00:BC:44:AD:7B:93:16:86:F7:41:CA:92:CF:5D:2A:8F:2B
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/AkeXALxErXuTFob3QcqSz10qjys.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4b:db:21:2c:e0:fa:c7:b6:50:8d:69:05:38:40:08:7d:2b:f5:
5d:4c:83:ad:90:89:e3:a4:9e:16:a2:ee:64:f7:bf:8e:ec:0a:
7a:79:a9:c0:f2:cb:cf:d1:fa:7a:49:c1:ad:ac:e6:d8:b2:51:
51:93:ea:4d:59:19:b1:a0:57:21:c8:11:a1:7e:93:f3:31:70:
26:a2:7f:d9:17:68:35:de:7b:51:a4:09:92:a8:1a:28:95:7e:
1f:de:74:67:fc:dc:aa:85:8d:d4:8a:83:a1:46:54:14:5f:44:
b9:7d:f3:36:32:4a:ef:2a:6a:a9:fe:4a:e0:0c:2c:0e:a4:43:
4c:76:59:a5:8a:24:e5:2a:b5:ee:0c:09:24:61:18:bb:b7:8b:
c0:f9:4d:45:4b:69:da:8b:ef:84:cd:e2:1e:4f:de:8d:18:f3:
34:a1:3f:64:90:85:3d:c3:9c:7d:97:1e:c2:9b:c1:c8:c5:a3:
76:fa:90:ca:7b:8e:97:e0:fa:a8:f8:c5:88:1a:b4:b3:b4:86:
60:48:df:8e:da:46:e2:fa:09:07:fb:90:a6:59:55:b0:73:e8:
87:4b:47:7c:6c:53:0e:11:a0:3f:cf:31:67:b0:ca:29:76:a6:
e6:ff:bc:cb:ee:9c:8c:54:22:3d:43:af:11:7e:e4:7c:25:24:
9d:b3:4c:7f
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEh0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDAyNDc5NzAwQkM0NEFE
N0I5MzE2ODZGNzQxQ0E5MkNGNUQyQThGMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwhrH6PPOTK+I99yV8YX5wUDRXrsvBkPaBLdpiekgd/4HI8eDb
qolryA0fzVSws8rK51cXr1BCU07buj0ZVGkJjXzx2vtpmVC6y1WDf0PtmE2521+w
dGp+I9UjAcvmmdZu7DNPL6ldOof66JbvyG51UkTai22nGj2Vhr/EuiBV8wHlILcJ
ZoSCmlXPygYlnH691g4dpp7GDD6H2PdUsX/c+qNikYZe8YGwQHCh8w3eAm2CKMGO
DJLVF761qx+szkVAOVPt4lFVrNjSKVq5+9CcKtfVf+lO0pJ2z30Q8EAei+IkQIdS
KS5BcUu2h+2FxM28rWucfLb7OwXFY9/uIlV5AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUAkeXALxErXuTFob3QcqSz10qjyswHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0FrZVhBTHhFclh1VEZvYjNRY3FTejEw
cWp5cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbSyEAwDQYJ
KoZIhvcNAQELBQADggEBAEvbISzg+se2UI1pBThACH0r9V1Mg62QieOknhai7mT3
v47sCnp5qcDyy8/R+npJwa2s5tiyUVGT6k1ZGbGgVyHIEaF+k/MxcCaif9kXaDXe
e1GkCZKoGiiVfh/edGf83KqFjdSKg6FGVBRfRLl98zYySu8qaqn+SuAMLA6kQ0x2
WaWKJOUqte4MCSRhGLu3i8D5TUVLadqL74TN4h5P3o0Y8zShP2SQhT3DnH2XHsKb
wcjFo3b6kMp7jpfg+qj4xYgatLO0hmBI347aRuL6CQf7kKZZVbBz6IdLR3xsUw4R
oD/PMWewyil2pub/vMvunIxUIj1DrxF+5HwlJJ2zTH8=
-----END CERTIFICATE-----
Generated at Mon Apr 14 23:01:04 2025 by rpki-client