Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/aJAD1FnRgJ6ptLwnL2kSJ504tB4.roa
File: aJAD1FnRgJ6ptLwnL2kSJ504tB4.roa (raw, json)
Hash identifier: +TtF04Ov9hPgQQVFJqppZbCWwimcPv2B83jkqG9hZX4=
Subject key identifier: 68:90:03:D4:59:D1:80:9E:A9:B4:BC:27:2F:69:12:27:9D:38:B4:1E
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11A3
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/aJAD1FnRgJ6ptLwnL2kSJ504tB4.roa
Signing time: Mon 10 Feb 2025 14:27:35 +0000
ROA not before: Mon 10 Feb 2025 14:27:35 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 7482
IP address blocks: 210.201.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 07:08:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4515 (0x11a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:35 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=689003D459D1809EA9B4BC272F6912279D38B41E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:69:73:45:d8:9d:8e:e3:b4:71:9c:77:de:6f:
98:82:b6:a5:47:0f:c0:c0:66:f4:81:e4:df:4b:da:
d2:9a:4f:3f:5a:52:f3:02:04:a7:2d:55:6a:34:00:
9d:9f:13:f9:5e:73:13:1a:cc:b8:5d:45:11:53:52:
58:c7:a6:81:86:bf:da:b5:9f:4b:ab:58:95:2d:bf:
67:cb:3f:f4:e4:df:98:cb:12:4a:8c:96:1e:ee:ca:
c3:89:02:ca:c8:68:5d:75:69:4d:03:59:4d:ad:77:
55:82:1e:73:e2:d0:e4:bf:f0:e7:17:0e:b4:39:48:
f0:07:9a:dd:42:40:9e:88:d8:15:ec:2e:d5:3f:8d:
ec:48:ef:a3:a5:d4:8a:96:2c:61:8c:b2:2e:8f:c1:
21:6b:22:e9:ee:8d:ab:5d:54:5b:68:5b:5f:80:6f:
a8:da:c0:81:d8:c2:ed:6d:92:a4:ff:e6:4e:01:6f:
6e:6c:91:0d:d1:64:6d:51:5a:40:a0:c0:ca:3e:fd:
19:42:d7:bf:fd:b7:70:c9:38:00:5d:e5:d6:92:58:
26:25:a8:ee:c7:4e:83:32:02:83:f4:93:91:7d:18:
b1:e7:22:24:a4:9c:5d:30:d5:13:13:9b:0f:d1:21:
fa:7d:0e:b1:9d:ce:a3:29:32:ae:8d:cf:b5:1e:f6:
39:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:90:03:D4:59:D1:80:9E:A9:B4:BC:27:2F:69:12:27:9D:38:B4:1E
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/aJAD1FnRgJ6ptLwnL2kSJ504tB4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.201.192.0/18
Signature Algorithm: sha256WithRSAEncryption
12:19:fb:0c:6f:ab:35:ff:dd:ba:3e:02:f9:1a:4d:9a:a7:f0:
b9:fd:fc:35:85:b5:96:93:23:15:a8:ec:87:d2:bd:a8:79:b2:
a5:03:c4:83:55:6b:ef:6a:20:ce:82:f3:83:c3:c6:8d:61:c4:
bf:f0:db:2d:00:92:7c:c7:51:12:ad:cf:04:84:ce:37:21:69:
7a:31:68:48:4e:ee:43:98:8e:9a:6d:51:5d:a9:88:f1:ca:f2:
a5:4d:7c:9e:89:14:5c:24:c4:c3:c8:d8:fb:bf:a7:fd:e1:0a:
1d:c4:3c:db:a7:3a:f1:2c:9a:91:0a:43:e9:c7:0e:d9:2f:0c:
de:1a:21:f5:7c:db:34:c5:a3:b5:34:e7:ad:67:ca:11:7f:f9:
03:cc:e6:21:26:6f:48:a7:ef:2e:6b:7a:48:e7:ef:c6:b1:0c:
a9:60:16:bd:47:79:85:67:e3:f1:16:52:a9:2f:57:bf:f0:3c:
fb:35:a9:2b:1e:95:06:25:2e:2c:14:95:02:f6:71:30:45:9c:
36:30:10:74:81:38:a9:1f:90:90:08:a0:2d:a3:07:b6:ae:cf:
28:37:6c:d3:dd:83:59:0a:6a:f1:bb:6b:db:2b:b5:70:3b:9e:
e2:3e:06:25:df:97:f5:b5:3f:49:34:7c:06:5b:73:49:e9:5c:
58:24:56:de
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEaMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3MzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY4OTAwM0Q0NTlEMTgw
OUVBOUI0QkMyNzJGNjkxMjI3OUQzOEI0MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoaXNF2J2O47RxnHfeb5iCtqVHD8DAZvSB5N9L2tKaTz9aUvMC
BKctVWo0AJ2fE/lecxMazLhdRRFTUljHpoGGv9q1n0urWJUtv2fLP/Tk35jLEkqM
lh7uysOJAsrIaF11aU0DWU2td1WCHnPi0OS/8OcXDrQ5SPAHmt1CQJ6I2BXsLtU/
jexI76Ol1IqWLGGMsi6PwSFrIunujatdVFtoW1+Ab6jawIHYwu1tkqT/5k4Bb25s
kQ3RZG1RWkCgwMo+/RlC17/9t3DJOABd5daSWCYlqO7HToMyAoP0k5F9GLHnIiSk
nF0w1RMTmw/RIfp9DrGdzqMpMq6Nz7Ue9jmNAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUaJAD1FnRgJ6ptLwnL2kSJ504tB4wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2FKQUQxRm5SZ0o2cHRMd25MMmtTSjUw
NHRCNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbSycAwDQYJ
KoZIhvcNAQELBQADggEBABIZ+wxvqzX/3bo+AvkaTZqn8Ln9/DWFtZaTIxWo7IfS
vah5sqUDxINVa+9qIM6C84PDxo1hxL/w2y0AknzHURKtzwSEzjchaXoxaEhO7kOY
jpptUV2piPHK8qVNfJ6JFFwkxMPI2Pu/p/3hCh3EPNunOvEsmpEKQ+nHDtkvDN4a
IfV82zTFo7U0561nyhF/+QPM5iEmb0in7y5rekjn78axDKlgFr1HeYVn4/EWUqkv
V7/wPPs1qSselQYlLiwUlQL2cTBFnDYwEHSBOKkfkJAIoC2jB7auzyg3bNPdg1kK
avG7a9srtXA7nuI+BiXfl/W1P0k0fAZbc0npXFgkVt4=
-----END CERTIFICATE-----
Generated at Mon Apr 14 04:06:42 2025 by rpki-client