Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/Pvr740YZgaKX1tsgXfaFO47gcGM.roa
File: Pvr740YZgaKX1tsgXfaFO47gcGM.roa (raw, json)
Hash identifier: vpmSHmd7s/hcO0NhraeTrKYsdEhzrxBzPYdVcZsYHl0=
Subject key identifier: 3E:FA:FB:E3:46:19:81:A2:97:D6:DB:20:5D:F6:85:3B:8E:E0:70:63
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1222
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Pvr740YZgaKX1tsgXfaFO47gcGM.roa
Signing time: Mon 10 Feb 2025 14:28:06 +0000
ROA not before: Mon 10 Feb 2025 14:28:06 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 210.203.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4642 (0x1222)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:06 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3EFAFBE3461981A297D6DB205DF6853B8EE07063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:38:8e:74:ec:ca:48:5c:73:6b:57:c0:7f:72:
40:7b:17:9a:a1:67:29:84:8f:cc:0a:ab:69:8d:7b:
51:a9:31:ab:e1:70:45:e9:06:67:f0:53:10:c4:ab:
bf:57:3c:1f:56:33:2e:0c:67:67:37:51:61:17:58:
e8:da:03:92:21:93:8b:11:e5:d1:72:2b:25:72:b4:
23:de:aa:69:ad:da:87:50:b9:16:46:e9:a3:83:4d:
b0:0c:ce:27:f2:76:3e:f3:32:39:4d:7e:48:f4:22:
5a:7d:a1:fa:25:e9:84:33:53:2f:fc:33:c9:2a:fe:
c2:07:0b:1d:c3:c2:60:ba:83:7f:93:fe:02:d9:09:
6d:9b:d8:80:f3:03:56:a1:f5:87:3e:ce:d0:93:64:
88:8c:7c:a4:93:82:be:76:20:f2:c6:0d:e7:09:05:
2c:98:41:54:80:35:df:5e:c3:16:04:a8:67:5f:b0:
e9:87:8d:0c:be:11:77:f9:02:4a:a9:15:5c:8d:55:
db:6a:04:ba:92:91:8f:8d:66:3a:ee:7c:54:32:7a:
67:2d:06:2b:e8:2c:50:cd:c7:ec:6d:a8:1c:2a:81:
0a:0c:ec:dc:e4:81:d2:4f:90:c8:fa:9f:2b:ec:07:
dc:ae:b2:57:3c:fd:31:ab:a9:61:8b:6a:43:23:e1:
c5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:FA:FB:E3:46:19:81:A2:97:D6:DB:20:5D:F6:85:3B:8E:E0:70:63
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Pvr740YZgaKX1tsgXfaFO47gcGM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.0.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:3d:15:b1:07:ad:21:80:90:e1:2a:ac:ed:09:86:dc:95:c9:
8d:84:9c:ba:8b:68:fa:a0:b7:0e:bd:62:8c:d6:c8:12:bb:14:
29:b7:e1:5c:73:f5:04:0e:fb:66:d0:03:fe:31:aa:a0:4b:47:
ab:4e:71:75:bd:89:67:77:83:9e:05:82:55:fc:6f:69:22:84:
e8:cc:d4:9f:1f:03:2d:4b:2b:30:e2:7f:bb:06:cc:80:c8:e3:
2f:fb:74:bd:6a:b3:f9:57:9f:e4:11:57:73:73:4b:b0:7c:87:
96:c7:47:8e:f4:fc:9f:5a:1d:1f:48:c6:49:db:55:06:30:d7:
30:c3:2c:c8:46:6d:1d:1e:4d:49:56:63:d6:25:32:11:4b:c4:
d2:3e:d0:f9:22:bd:17:60:4a:e6:d6:dd:b4:11:6e:86:c3:12:
58:76:9a:d2:47:a6:d9:dc:93:35:6c:06:11:7a:39:94:37:68:
12:db:3e:63:90:68:59:76:67:33:40:0d:93:08:3e:4a:e0:1a:
6e:af:36:4d:24:72:54:d9:bc:8d:1b:5f:26:63:86:67:6d:f3:
c9:f4:83:00:08:8a:c5:ce:7c:95:1f:5c:3d:3b:f3:4a:b7:52:
ea:d1:0e:8a:d7:1c:66:9d:b9:6f:0c:a3:e0:94:7f:a9:88:9f:
21:7b:2c:46
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEiIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNFRkFGQkUzNDYxOTgx
QTI5N0Q2REIyMDVERjY4NTNCOEVFMDcwNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkOI507MpIXHNrV8B/ckB7F5qhZymEj8wKq2mNe1GpMavhcEXp
BmfwUxDEq79XPB9WMy4MZ2c3UWEXWOjaA5Ihk4sR5dFyKyVytCPeqmmt2odQuRZG
6aODTbAMzifydj7zMjlNfkj0Ilp9ofol6YQzUy/8M8kq/sIHCx3DwmC6g3+T/gLZ
CW2b2IDzA1ah9Yc+ztCTZIiMfKSTgr52IPLGDecJBSyYQVSANd9ewxYEqGdfsOmH
jQy+EXf5AkqpFVyNVdtqBLqSkY+NZjrufFQyemctBivoLFDNx+xtqBwqgQoM7Nzk
gdJPkMj6nyvsB9yuslc8/TGrqWGLakMj4cUvAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUPvr740YZgaKX1tsgXfaFO47gcGMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1B2cjc0MFlaZ2FLWDF0c2dYZmFGTzQ3
Z2NHTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADSywAwDQYJ
KoZIhvcNAQELBQADggEBALc9FbEHrSGAkOEqrO0JhtyVyY2EnLqLaPqgtw69YozW
yBK7FCm34Vxz9QQO+2bQA/4xqqBLR6tOcXW9iWd3g54FglX8b2kihOjM1J8fAy1L
KzDif7sGzIDI4y/7dL1qs/lXn+QRV3NzS7B8h5bHR470/J9aHR9IxknbVQYw1zDD
LMhGbR0eTUlWY9YlMhFLxNI+0PkivRdgSubW3bQRbobDElh2mtJHptnckzVsBhF6
OZQ3aBLbPmOQaFl2ZzNADZMIPkrgGm6vNk0kclTZvI0bXyZjhmdt88n0gwAIisXO
fJUfXD0780q3UurRDorXHGaduW8Mo+CUf6mInyF7LEY=
-----END CERTIFICATE-----
Generated at Mon Apr 14 23:47:39 2025 by rpki-client