Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/rxOcDyYeSW8Bg0cWnUpxYZOLUpg.roa
File: rxOcDyYeSW8Bg0cWnUpxYZOLUpg.roa (raw, json)
Hash identifier: +XUkjLzckiKKP8Zuz7ebH2w1Y+m1n9wu78DgI1SrTlk=
Subject key identifier: AF:13:9C:0F:26:1E:49:6F:01:83:47:16:9D:4A:71:61:93:8B:52:98
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1232
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/rxOcDyYeSW8Bg0cWnUpxYZOLUpg.roa
Signing time: Mon 10 Feb 2025 14:28:09 +0000
ROA not before: Mon 10 Feb 2025 14:28:09 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9311
IP address blocks: 210.203.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 02:38:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4658 (0x1232)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:09 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=AF139C0F261E496F018347169D4A7161938B5298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:83:54:87:fe:3b:16:34:07:08:bd:f6:7f:57:
28:c3:4c:a8:5f:26:a2:9b:04:19:11:d2:2a:7a:d9:
c7:3c:f6:d5:6a:22:07:a2:54:bc:bc:d7:80:ae:17:
dd:ca:82:f4:73:78:23:ee:c1:b4:e3:d6:ca:31:93:
e6:d0:fc:a4:59:33:f1:53:71:cd:f0:f7:59:5d:2b:
50:d0:19:a1:89:ed:be:87:40:97:d0:df:e0:c3:30:
30:d8:da:f0:03:17:b3:e6:71:27:45:46:e8:09:88:
b3:9a:ee:79:b3:ab:7e:fb:a3:f8:8a:3f:84:86:83:
10:91:b6:be:9d:3b:47:f4:07:ae:07:63:f1:7a:45:
91:02:83:9c:0f:37:5d:ca:5f:ab:81:93:cb:aa:33:
a5:79:1e:bb:7c:79:c3:d9:91:3b:0d:51:83:13:7b:
ae:ca:5b:27:e0:0f:68:ec:17:5c:c7:ad:bd:37:0d:
c8:b7:81:4a:d4:84:7a:ac:6b:60:97:76:70:65:f9:
04:9d:3c:1a:d0:cd:08:f1:86:fa:c9:38:f7:24:fb:
1e:3f:a7:72:31:69:e1:f4:e9:67:d0:68:3d:2a:58:
e0:d9:0d:c0:19:c6:cc:c7:60:46:01:38:31:75:ea:
65:99:01:a2:dd:6e:99:c9:c9:d4:67:97:5d:f1:ee:
a2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:13:9C:0F:26:1E:49:6F:01:83:47:16:9D:4A:71:61:93:8B:52:98
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/rxOcDyYeSW8Bg0cWnUpxYZOLUpg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.0.0/17
Signature Algorithm: sha256WithRSAEncryption
b5:bd:26:ac:4a:8d:1f:45:a2:98:a3:56:c7:10:ed:b6:04:fd:
25:05:0d:38:a1:41:4f:15:86:c0:52:1c:55:4d:c7:04:95:cd:
9f:0a:68:98:a4:e9:7e:e3:b1:37:8a:d1:b4:40:79:b9:6a:71:
a0:ec:79:4a:2a:fc:aa:25:6c:57:d7:bb:28:24:0e:e9:a6:d3:
3d:15:77:ef:cc:5f:12:3d:f8:90:21:9e:31:bc:cf:7e:82:8a:
b9:8a:ab:e1:63:61:d4:43:04:64:58:6c:6d:54:c2:c7:d5:f4:
54:ac:35:2d:0a:25:e5:ab:38:64:fd:62:e7:79:4b:7c:43:9b:
fd:9f:4d:64:2a:cc:23:46:f2:68:42:3a:13:44:68:0f:f7:b3:
f6:0b:0b:d4:82:54:df:ba:ea:11:71:bd:98:30:2e:b7:67:6e:
c1:3e:5d:0a:60:fe:c7:c2:76:b9:85:59:46:85:00:4b:7a:22:
92:57:d3:46:9b:90:40:9f:96:fd:f0:0e:e8:f0:ef:3a:9b:ab:
24:10:33:c1:09:d9:2d:f2:86:8b:94:7e:8c:f5:f2:2a:82:e4:
26:a2:64:f4:10:da:71:7f:c9:bd:4d:c0:ec:ad:78:25:a7:3d:
82:d7:73:fb:02:bf:53:63:8d:b3:d0:5a:2f:d3:97:98:bf:cf:
da:11:b3:a8
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEjIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFGMTM5QzBGMjYxRTQ5
NkYwMTgzNDcxNjlENEE3MTYxOTM4QjUyOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxg1SH/jsWNAcIvfZ/VyjDTKhfJqKbBBkR0ip62cc89tVqIgei
VLy814CuF93KgvRzeCPuwbTj1soxk+bQ/KRZM/FTcc3w91ldK1DQGaGJ7b6HQJfQ
3+DDMDDY2vADF7PmcSdFRugJiLOa7nmzq377o/iKP4SGgxCRtr6dO0f0B64HY/F6
RZECg5wPN13KX6uBk8uqM6V5Hrt8ecPZkTsNUYMTe67KWyfgD2jsF1zHrb03Dci3
gUrUhHqsa2CXdnBl+QSdPBrQzQjxhvrJOPck+x4/p3IxaeH06WfQaD0qWODZDcAZ
xszHYEYBODF16mWZAaLdbpnJydRnl13x7qInAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUrxOcDyYeSW8Bg0cWnUpxYZOLUpgwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3J4T2NEeVllU1c4QmcwY1duVXB4WVpP
TFVwZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAfSywAwDQYJ
KoZIhvcNAQELBQADggEBALW9JqxKjR9FopijVscQ7bYE/SUFDTihQU8VhsBSHFVN
xwSVzZ8KaJik6X7jsTeK0bRAeblqcaDseUoq/KolbFfXuygkDumm0z0Vd+/MXxI9
+JAhnjG8z36CirmKq+FjYdRDBGRYbG1UwsfV9FSsNS0KJeWrOGT9Yud5S3xDm/2f
TWQqzCNG8mhCOhNEaA/3s/YLC9SCVN+66hFxvZgwLrdnbsE+XQpg/sfCdrmFWUaF
AEt6IpJX00abkECflv3wDujw7zqbqyQQM8EJ2S3yhouUfoz18iqC5CaiZPQQ2nF/
yb1NwOyteCWnPYLXc/sCv1NjjbPQWi/Tl5i/z9oRs6g=
-----END CERTIFICATE-----
Generated at Mon Apr 14 01:57:00 2025 by rpki-client