Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/B6j3v12GSJHWYt2um-a7KvlbtJE.roa
File: B6j3v12GSJHWYt2um-a7KvlbtJE.roa (raw, json)
Hash identifier: KBXXqsfPCVwOBwh2dmSLcIjBt7gzWsRYG4OPa4NDAS0=
Subject key identifier: 07:A8:F7:BF:5D:86:48:91:D6:62:DD:AE:9B:E6:BB:2A:F9:5B:B4:91
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1229
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/B6j3v12GSJHWYt2um-a7KvlbtJE.roa
Signing time: Mon 10 Feb 2025 14:28:07 +0000
ROA not before: Mon 10 Feb 2025 14:28:07 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 210.200.148.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 02:38:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4649 (0x1229)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:07 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=07A8F7BF5D864891D662DDAE9BE6BB2AF95BB491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:32:a5:a7:82:ff:cc:f5:e0:1f:8f:1e:19:72:
9e:47:4c:d1:56:db:0e:4a:6d:80:19:53:a1:55:36:
3f:5c:8c:e2:d0:60:a9:05:5f:88:1d:d2:75:2c:ec:
25:c3:2d:7b:f7:93:76:4e:81:d9:10:8b:f8:1e:1b:
07:de:9a:89:08:19:89:cd:c5:9c:58:fc:76:50:63:
85:48:57:9a:5d:5a:71:af:4f:cc:dc:ba:4b:c3:97:
27:6a:52:ae:7a:4e:dd:32:ff:cb:9b:24:e3:d3:56:
a1:44:60:f1:0c:d3:26:00:1e:fe:3c:a6:fe:6d:9e:
56:ad:a0:11:82:f4:0c:cc:4e:73:71:61:d7:00:c4:
19:af:43:a9:0e:2b:91:cb:09:ba:62:7e:e8:99:d4:
25:96:fe:bb:3d:d8:8a:e9:db:bf:2e:9c:06:04:92:
db:9f:16:d3:cb:28:a5:92:90:bf:2d:42:bd:a7:5e:
2e:44:6e:a6:16:9a:d7:e1:a0:1d:84:d4:db:cd:90:
ca:b5:ac:f7:a3:aa:ea:e5:8b:1f:4e:dc:8c:5a:78:
7e:b3:91:32:a7:15:77:c3:05:a4:11:f4:07:8e:38:
22:37:1f:df:18:db:01:17:69:ba:42:27:e4:92:68:
9e:4e:b6:3a:7c:04:15:98:4b:fd:af:25:21:ff:b5:
0e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:A8:F7:BF:5D:86:48:91:D6:62:DD:AE:9B:E6:BB:2A:F9:5B:B4:91
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/B6j3v12GSJHWYt2um-a7KvlbtJE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.148.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:b0:9a:94:db:3d:e1:73:ca:9d:8c:0b:f8:ff:ce:7e:4d:5e:
d3:20:c0:4c:75:71:55:bc:1e:08:24:8c:f9:cb:22:df:b8:23:
b4:ae:d3:74:5f:88:63:e5:8a:9e:e0:50:88:c7:76:e8:f9:21:
8e:42:7c:43:cb:33:a1:6b:a8:6e:d3:a2:48:0a:a2:fd:02:a2:
06:a5:e8:fb:50:b9:89:23:86:29:0f:6c:50:cf:18:64:db:c1:
84:86:d3:62:b7:b9:94:ec:bd:cb:4f:23:19:c2:1c:cd:ba:8f:
b9:7a:ba:06:c9:a0:ca:81:ad:08:28:bc:66:c9:02:fe:76:55:
7e:ad:40:18:f3:ce:8d:15:9f:fa:88:d5:34:ba:91:21:26:04:
6b:35:7a:e1:d4:d3:5b:d1:a0:41:dc:e3:63:9f:34:b9:5d:37:
62:22:52:1e:50:90:6a:a7:b0:e4:ba:ad:c0:5a:0f:34:03:8f:
92:de:38:65:5f:6e:52:49:1f:97:fb:8e:eb:cc:30:ae:1d:3d:
94:c1:e0:94:21:cf:f5:bd:4c:09:9d:01:cb:8a:da:65:90:e6:
18:ff:c2:52:15:3f:ea:9c:6a:77:01:5f:27:58:55:3e:1f:e1:
c9:cd:88:ab:dd:e0:50:c5:c3:51:e1:a4:cd:08:a7:14:98:6a:
e2:2c:95:1d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEikwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA3QThGN0JGNUQ4NjQ4
OTFENjYyRERBRTlCRTZCQjJBRjk1QkI0OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuMqWngv/M9eAfjx4Zcp5HTNFW2w5KbYAZU6FVNj9cjOLQYKkF
X4gd0nUs7CXDLXv3k3ZOgdkQi/geGwfemokIGYnNxZxY/HZQY4VIV5pdWnGvT8zc
ukvDlydqUq56Tt0y/8ubJOPTVqFEYPEM0yYAHv48pv5tnlatoBGC9AzMTnNxYdcA
xBmvQ6kOK5HLCbpifuiZ1CWW/rs92Irp278unAYEktufFtPLKKWSkL8tQr2nXi5E
bqYWmtfhoB2E1NvNkMq1rPejqurlix9O3IxaeH6zkTKnFXfDBaQR9AeOOCI3H98Y
2wEXabpCJ+SSaJ5Otjp8BBWYS/2vJSH/tQ5hAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUB6j3v12GSJHWYt2um+a7KvlbtJEwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0I2ajN2MTJHU0pIV1l0MnVtLWE3S3Zs
YnRKRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALSyJQwDQYJ
KoZIhvcNAQELBQADggEBACuwmpTbPeFzyp2MC/j/zn5NXtMgwEx1cVW8HggkjPnL
It+4I7Su03RfiGPlip7gUIjHduj5IY5CfEPLM6FrqG7TokgKov0Cogal6PtQuYkj
hikPbFDPGGTbwYSG02K3uZTsvctPIxnCHM26j7l6ugbJoMqBrQgovGbJAv52VX6t
QBjzzo0Vn/qI1TS6kSEmBGs1euHU01vRoEHc42OfNLldN2IiUh5QkGqnsOS6rcBa
DzQDj5LeOGVfblJJH5f7juvMMK4dPZTB4JQhz/W9TAmdAcuK2mWQ5hj/wlIVP+qc
ancBXydYVT4f4cnNiKvd4FDFw1HhpM0IpxSYauIslR0=
-----END CERTIFICATE-----
Generated at Mon Apr 14 00:38:38 2025 by rpki-client