Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/FhIdsdXxmltI4BicmwEST9-005o.roa
File: FhIdsdXxmltI4BicmwEST9-005o.roa (raw, json)
Hash identifier: NVJn3vG5jPmGGjpQo2dMXKol4cFj4qe13cRtPE4/2ts=
Subject key identifier: 16:12:1D:B1:D5:F1:9A:5B:48:E0:18:9C:9B:01:12:4F:DF:B4:D3:9A
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1181
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/FhIdsdXxmltI4BicmwEST9-005o.roa
Signing time: Mon 10 Feb 2025 14:27:26 +0000
ROA not before: Mon 10 Feb 2025 14:27:26 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9674
IP address blocks: 211.77.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 11:38:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4481 (0x1181)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:26 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=16121DB1D5F19A5B48E0189C9B01124FDFB4D39A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:60:b9:cf:55:db:bd:c5:e2:98:97:b5:9e:f4:
a5:37:99:8d:12:09:dc:5f:60:ce:14:e3:4a:d7:5d:
2d:23:a8:bf:af:72:13:e9:b2:af:1b:6a:67:60:54:
25:3e:66:5c:c7:11:be:e2:f3:e4:5e:f7:2e:c3:67:
67:50:c0:41:47:05:2e:80:a1:5d:ff:0c:bf:7c:1b:
c0:34:ec:c2:1e:3f:c5:7b:79:b4:13:92:e0:18:d8:
ff:16:0d:96:6d:ac:0e:0d:ae:d8:fa:3b:62:f8:d7:
65:38:9e:6a:60:b9:52:e8:df:8f:7c:f1:1e:4b:5f:
b1:58:45:6b:4a:20:39:9d:e1:f1:2e:5e:54:58:0d:
a8:1c:a9:ef:9d:1c:fa:14:39:33:40:18:33:f3:25:
b4:b9:24:98:69:46:dc:f3:c0:c6:f1:13:03:64:c6:
c2:6a:7b:97:d5:84:3c:9d:ee:b6:d0:b2:11:41:f5:
40:31:02:c8:97:cc:7a:fa:b0:27:31:d2:c7:e4:53:
ac:80:53:a4:45:81:12:56:ed:a0:92:46:d7:ec:75:
04:44:96:f3:1f:3c:ed:62:47:69:be:2a:1d:e0:5b:
57:24:07:34:2a:95:f2:24:ce:24:c9:a6:b3:a9:f7:
02:42:df:a3:79:b1:d5:3b:a5:60:8e:9a:29:c9:12:
98:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:12:1D:B1:D5:F1:9A:5B:48:E0:18:9C:9B:01:12:4F:DF:B4:D3:9A
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/FhIdsdXxmltI4BicmwEST9-005o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.77.64.0/18
Signature Algorithm: sha256WithRSAEncryption
28:92:5a:4e:78:eb:98:33:c0:92:52:e0:fb:bd:60:20:91:a8:
87:6c:ab:88:bd:32:9a:d9:3e:64:f3:56:66:8a:cc:2d:df:d8:
07:9d:3a:26:29:6d:c1:d6:d8:11:ac:f8:08:13:65:4c:19:27:
12:e6:9b:a8:5b:a1:5b:0d:73:17:9e:7c:28:af:54:19:10:51:
3e:1d:c5:f0:c6:d4:f3:cb:7e:bc:e9:93:20:f6:36:5e:c1:3a:
0e:b9:86:31:82:ab:c7:a3:59:08:06:02:db:1a:ec:9c:7c:2d:
b3:d3:35:e7:ca:76:67:8b:8e:4c:b2:6d:6c:f3:e3:f7:dc:3b:
9f:b2:63:96:ac:22:3d:c6:56:d0:03:ba:37:3d:1e:6a:93:08:
48:2d:e0:cb:68:bc:a3:85:b4:ae:02:ca:07:79:eb:81:17:a1:
3f:23:b7:57:1f:00:da:cf:da:64:e4:c9:09:9a:c1:e3:3e:22:
d6:90:93:b9:e4:a6:42:64:4e:fa:de:9f:a7:a5:ea:5a:96:83:
2d:c7:34:4e:99:f0:9e:59:dd:73:99:78:a7:86:40:ef:45:91:
b5:7f:e4:0d:60:48:76:cb:7d:c1:06:1d:af:68:44:05:fe:1d:
56:f9:dd:b3:79:f7:73:dc:c9:11:36:af:22:c1:b9:4e:ed:2d:
43:e6:e2:03
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEYEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3MjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDE2MTIxREIxRDVGMTlB
NUI0OEUwMTg5QzlCMDExMjRGREZCNEQzOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHYLnPVdu9xeKYl7We9KU3mY0SCdxfYM4U40rXXS0jqL+vchPp
sq8bamdgVCU+ZlzHEb7i8+Re9y7DZ2dQwEFHBS6AoV3/DL98G8A07MIeP8V7ebQT
kuAY2P8WDZZtrA4Nrtj6O2L412U4nmpguVLo34988R5LX7FYRWtKIDmd4fEuXlRY
Dagcqe+dHPoUOTNAGDPzJbS5JJhpRtzzwMbxEwNkxsJqe5fVhDyd7rbQshFB9UAx
AsiXzHr6sCcx0sfkU6yAU6RFgRJW7aCSRtfsdQRElvMfPO1iR2m+Kh3gW1ckBzQq
lfIkziTJprOp9wJC36N5sdU7pWCOminJEpjHAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUFhIdsdXxmltI4BicmwEST9+005owHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0ZoSWRzZFh4bWx0STRCaWNtd0VTVDkt
MDA1by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbTTUAwDQYJ
KoZIhvcNAQELBQADggEBACiSWk5465gzwJJS4Pu9YCCRqIdsq4i9MprZPmTzVmaK
zC3f2AedOiYpbcHW2BGs+AgTZUwZJxLmm6hboVsNcxeefCivVBkQUT4dxfDG1PPL
frzpkyD2Nl7BOg65hjGCq8ejWQgGAtsa7Jx8LbPTNefKdmeLjkyybWzz4/fcO5+y
Y5asIj3GVtADujc9HmqTCEgt4MtovKOFtK4Cygd564EXoT8jt1cfANrP2mTkyQma
weM+ItaQk7nkpkJkTvren6el6lqWgy3HNE6Z8J5Z3XOZeKeGQO9FkbV/5A1gSHbL
fcEGHa9oRAX+HVb53bN593PcyRE2ryLBuU7tLUPm4gM=
-----END CERTIFICATE-----
Generated at Mon Apr 14 09:38:57 2025 by rpki-client