Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/N0mko646A4WvrlMUkUFc_2QPx7U.roa
File: N0mko646A4WvrlMUkUFc_2QPx7U.roa (raw, json)
Hash identifier: 9ccXMsSxrcm5M36AG22tS6pAnv/wmdOHkLZNur+OmWM=
Subject key identifier: 37:49:A4:A3:AE:3A:03:85:AF:AE:53:14:91:41:5C:FF:64:0F:C7:B5
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11E6
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/N0mko646A4WvrlMUkUFc_2QPx7U.roa
Signing time: Mon 10 Feb 2025 14:27:51 +0000
ROA not before: Mon 10 Feb 2025 14:27:51 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18412
IP address blocks: 2401:e180:8c00::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4582 (0x11e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:51 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3749A4A3AE3A0385AFAE531491415CFF640FC7B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d5:5f:54:3d:65:b3:ff:1c:dc:be:7e:28:83:
ae:51:5e:14:66:20:cc:5a:f5:c6:03:df:1d:ab:e2:
b0:fa:4c:9f:bf:90:73:f2:3d:ea:75:b6:52:3f:26:
60:ac:3e:82:19:f2:ed:c3:55:90:f6:a2:bf:22:06:
0b:e7:c1:e5:5f:9b:d3:b2:52:41:76:ba:b0:b9:2e:
a4:33:a2:d0:cb:6b:fa:9d:9f:b3:79:d5:5f:e0:f5:
c6:e2:84:fd:9f:ee:13:ba:a2:b3:23:19:96:82:39:
76:9d:10:aa:e7:a7:50:f4:8d:05:65:40:e7:b7:43:
5c:6e:64:e5:13:40:14:35:29:e1:7a:4d:c9:dc:0c:
8d:29:e4:f3:9e:69:6f:36:69:e1:c2:56:74:07:ee:
6a:06:81:b6:2e:6e:e4:73:f5:31:d8:e2:87:6c:de:
ca:8d:4d:b0:73:a6:d1:47:4e:93:4a:53:d0:e7:48:
c4:b2:d8:5e:c1:48:bf:05:c9:2e:71:41:89:bf:e9:
c8:44:63:2a:4f:80:71:be:4d:79:13:1e:9f:50:36:
72:bd:c4:7b:bf:3d:52:04:c7:7e:e1:4c:d1:0e:25:
43:1e:25:26:85:35:79:2d:65:48:65:85:dc:27:e1:
15:09:75:f7:81:a4:8a:a7:c9:63:26:02:63:7d:64:
5a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:49:A4:A3:AE:3A:03:85:AF:AE:53:14:91:41:5C:FF:64:0F:C7:B5
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/N0mko646A4WvrlMUkUFc_2QPx7U.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:e180:8c00::/44
Signature Algorithm: sha256WithRSAEncryption
11:80:77:f3:99:bc:8b:d3:27:0d:f0:44:03:e6:9d:fd:b8:8d:
c7:dc:33:b8:9b:d0:1e:a9:cf:67:e4:4e:ea:21:a8:cc:d8:b3:
66:eb:52:9b:30:49:a9:7b:22:76:68:3a:df:42:c4:fd:8a:28:
a6:63:89:91:e5:f6:58:d5:89:71:0d:6c:73:5e:bc:e7:df:d9:
14:dd:5d:04:02:04:ec:18:b5:97:28:d7:81:48:91:76:ec:b8:
aa:a9:95:9d:ea:24:78:2b:f9:46:65:85:ee:2f:59:6e:0a:3b:
56:01:b0:6a:6a:7e:1f:ae:09:97:b3:c5:d6:ce:ba:44:8b:74:
53:a2:cf:ea:39:0f:2d:64:78:01:12:77:b2:f9:f9:cc:00:21:
04:9b:07:d5:9a:64:7c:3a:2f:38:93:c6:86:f1:48:72:0a:2d:
f4:47:3e:8d:d4:2d:d7:36:2d:6e:bd:d0:f7:b5:f8:f5:6d:eb:
72:95:cc:7e:48:97:9e:aa:d3:3a:c0:bd:da:0f:83:b7:6b:ed:
53:74:47:08:4e:83:67:45:74:b1:dc:d1:a7:8d:6a:88:21:8a:
0b:07:14:a4:3f:d1:cf:aa:25:90:6f:04:84:b6:d9:3e:23:14:
1e:3d:51:fd:3a:b1:43:56:1f:8e:8e:83:54:f1:58:dc:45:6f:
fd:d6:5d:48
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICEeYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3NTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM3NDlBNEEzQUUzQTAz
ODVBRkFFNTMxNDkxNDE1Q0ZGNjQwRkM3QjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD1V9UPWWz/xzcvn4og65RXhRmIMxa9cYD3x2r4rD6TJ+/kHPy
Pep1tlI/JmCsPoIZ8u3DVZD2or8iBgvnweVfm9OyUkF2urC5LqQzotDLa/qdn7N5
1V/g9cbihP2f7hO6orMjGZaCOXadEKrnp1D0jQVlQOe3Q1xuZOUTQBQ1KeF6Tcnc
DI0p5POeaW82aeHCVnQH7moGgbYubuRz9THY4ods3sqNTbBzptFHTpNKU9DnSMSy
2F7BSL8FyS5xQYm/6chEYypPgHG+TXkTHp9QNnK9xHu/PVIEx37hTNEOJUMeJSaF
NXktZUhlhdwn4RUJdfeBpIqnyWMmAmN9ZFqzAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUN0mko646A4WvrlMUkUFc/2QPx7UwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL04wbWtvNjQ2QTRXdnJsTVVrVUZjXzJR
UHg3VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQkAeGAjAAw
DQYJKoZIhvcNAQELBQADggEBABGAd/OZvIvTJw3wRAPmnf24jcfcM7ib0B6pz2fk
TuohqMzYs2brUpswSal7InZoOt9CxP2KKKZjiZHl9ljViXENbHNevOff2RTdXQQC
BOwYtZco14FIkXbsuKqplZ3qJHgr+UZlhe4vWW4KO1YBsGpqfh+uCZezxdbOukSL
dFOiz+o5Dy1keAESd7L5+cwAIQSbB9WaZHw6LziTxobxSHIKLfRHPo3ULdc2LW69
0Pe1+PVt63KVzH5Il56q0zrAvdoPg7dr7VN0RwhOg2dFdLHc0aeNaoghigsHFKQ/
0c+qJZBvBIS22T4jFB49Uf06sUNWH46Og1TxWNxFb/3WXUg=
-----END CERTIFICATE-----
Generated at Mon Apr 14 23:47:23 2025 by rpki-client