Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/nbE_GAasM36m8mgXxTyCHlztc14.roa
File: nbE_GAasM36m8mgXxTyCHlztc14.roa (raw, json)
Hash identifier: Y1iagleO8G0NOGOQkjjuAPZj4IPTXzZMWXX3zwCMjuE=
Subject key identifier: 9D:B1:3F:18:06:AC:33:7E:A6:F2:68:17:C5:3C:82:1E:5C:ED:73:5E
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11D8
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nbE_GAasM36m8mgXxTyCHlztc14.roa
Signing time: Mon 10 Feb 2025 14:27:48 +0000
ROA not before: Mon 10 Feb 2025 14:27:48 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 22787
IP address blocks: 210.58.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4568 (0x11d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:48 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9DB13F1806AC337EA6F26817C53C821E5CED735E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:51:87:4a:9b:a6:b0:1f:64:90:7a:0d:72:1a:
97:8b:a4:fb:d5:65:ae:2a:31:69:01:28:17:5e:e0:
6b:7f:1f:7b:31:57:7a:f5:74:f0:94:cf:5e:f1:c6:
a1:c4:d6:8d:98:a2:82:cb:e8:0b:cd:b4:51:d5:14:
71:9a:24:3f:48:a8:6e:81:0d:18:52:44:ce:16:c2:
e7:55:62:b3:e4:69:fb:79:33:8d:fb:ab:af:e0:f2:
83:a0:b7:a5:ea:2b:c3:2c:4d:76:bd:d6:35:7a:e9:
8f:f7:72:0e:f4:f3:50:01:78:ac:a2:89:d3:4c:5d:
90:e7:90:32:52:2a:ab:2f:29:c6:2c:8c:aa:26:06:
46:81:39:6b:64:45:eb:17:a4:bc:80:24:f8:32:70:
8e:28:b9:60:2e:f7:91:e8:77:41:38:f1:68:97:82:
eb:2f:6e:8f:38:fb:b8:7f:2a:9d:a3:89:04:1e:a6:
48:fa:89:51:88:ad:34:2f:ef:53:75:da:3c:ef:14:
1e:10:cb:f7:9f:3d:76:4a:23:36:b4:db:4f:9f:a1:
1c:cc:72:d7:bc:af:bc:0a:c0:65:13:90:ae:e1:79:
8d:c5:ba:3a:a2:79:db:db:41:ef:00:a2:41:4c:44:
60:99:fc:c3:50:a6:3a:1f:dc:b3:44:85:fd:b7:93:
c4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B1:3F:18:06:AC:33:7E:A6:F2:68:17:C5:3C:82:1E:5C:ED:73:5E
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nbE_GAasM36m8mgXxTyCHlztc14.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.91.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:1e:bd:63:f0:61:44:94:70:bc:c3:b1:af:25:2a:68:6d:32:
8f:09:80:03:f7:25:23:da:a6:29:d5:70:e1:63:75:2c:69:40:
aa:ac:a8:00:42:d5:4e:71:7a:28:cc:86:a4:a5:87:19:0a:79:
74:fd:5e:03:95:50:76:34:29:50:fd:37:31:cb:63:79:3f:15:
af:06:fb:d9:91:63:61:7b:64:a8:c0:20:55:06:2b:84:33:d9:
b0:f8:1f:fc:a2:1b:18:d7:3a:fe:8d:d4:60:45:8c:1b:da:b8:
c9:c3:ca:55:28:2a:a0:30:70:ff:9a:be:4a:17:04:0f:0f:d9:
e3:23:20:72:f8:a9:24:7e:e5:54:f5:6c:7a:ec:d6:76:2d:29:
5d:e6:f5:34:8c:16:bf:53:4f:66:b5:2e:78:97:33:8e:e4:96:
34:60:11:7a:b0:17:3a:9d:ad:29:2b:92:95:9f:57:63:3b:ed:
ea:f1:4e:79:c5:5f:5e:4c:91:ac:59:70:be:01:2e:2d:17:b3:
30:03:c0:6c:8e:73:78:8d:bd:7b:74:da:03:bd:75:bf:d4:e9:
81:d5:4a:43:2c:6a:ba:6c:b0:41:3e:82:6b:f3:66:9e:52:7d:
df:b7:5a:0f:28:4e:b3:f9:d2:58:4b:48:66:58:00:6d:4d:30:
5f:6c:88:71
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEdgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3NDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlEQjEzRjE4MDZBQzMz
N0VBNkYyNjgxN0M1M0M4MjFFNUNFRDczNUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuUYdKm6awH2SQeg1yGpeLpPvVZa4qMWkBKBde4Gt/H3sxV3r1
dPCUz17xxqHE1o2YooLL6AvNtFHVFHGaJD9IqG6BDRhSRM4WwudVYrPkaft5M437
q6/g8oOgt6XqK8MsTXa91jV66Y/3cg7081ABeKyiidNMXZDnkDJSKqsvKcYsjKom
BkaBOWtkResXpLyAJPgycI4ouWAu95Hod0E48WiXgusvbo84+7h/Kp2jiQQepkj6
iVGIrTQv71N12jzvFB4Qy/efPXZKIza020+foRzMcte8r7wKwGUTkK7heY3Fujqi
edvbQe8AokFMRGCZ/MNQpjof3LNEhf23k8S7AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUnbE/GAasM36m8mgXxTyCHlztc14wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL25iRV9HQWFzTTM2bThtZ1h4VHlDSGx6
dGMxNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADSOlswDQYJ
KoZIhvcNAQELBQADggEBAKgevWPwYUSUcLzDsa8lKmhtMo8JgAP3JSPapinVcOFj
dSxpQKqsqABC1U5xeijMhqSlhxkKeXT9XgOVUHY0KVD9NzHLY3k/Fa8G+9mRY2F7
ZKjAIFUGK4Qz2bD4H/yiGxjXOv6N1GBFjBvauMnDylUoKqAwcP+avkoXBA8P2eMj
IHL4qSR+5VT1bHrs1nYtKV3m9TSMFr9TT2a1LniXM47kljRgEXqwFzqdrSkrkpWf
V2M77erxTnnFX15MkaxZcL4BLi0XszADwGyOc3iNvXt02gO9db/U6YHVSkMsarps
sEE+gmvzZp5Sfd+3Wg8oTrP50lhLSGZYAG1NMF9siHE=
-----END CERTIFICATE-----
Generated at Tue Apr 15 00:13:04 2025 by rpki-client