Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/wC90nYpu2RchM0SeJE4BtNLJjUE.roa
File: wC90nYpu2RchM0SeJE4BtNLJjUE.roa (raw, json)
Hash identifier: 7HOPDCYePul6HlxEutrWo1Ke3bhEWOEihwixdMjXtOo=
Subject key identifier: C0:2F:74:9D:8A:6E:D9:17:21:33:44:9E:24:4E:01:B4:D2:C9:8D:41
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 117F
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/wC90nYpu2RchM0SeJE4BtNLJjUE.roa
Signing time: Mon 10 Feb 2025 14:27:25 +0000
ROA not before: Mon 10 Feb 2025 14:27:25 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 7482
IP address blocks: 210.201.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4479 (0x117f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:25 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C02F749D8A6ED9172133449E244E01B4D2C98D41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6b:b9:78:e6:28:75:73:9e:d0:68:66:97:ff:
52:90:be:d3:5d:c9:5f:a9:2e:da:66:19:23:8a:7e:
ee:57:7c:32:f9:a9:b3:1a:27:4b:80:39:4c:50:a3:
c1:a0:1c:69:d0:b8:dd:01:29:5c:2a:e3:b5:a2:bc:
97:10:38:fd:b9:31:ec:84:fe:46:5d:ae:c8:2f:49:
d1:47:1f:e5:20:b9:09:12:ee:86:bc:63:3e:a1:37:
51:cf:c0:cf:ed:85:78:6c:99:22:65:f5:70:cf:31:
dd:44:f8:42:92:c3:c4:28:b8:6c:59:1c:f5:31:ce:
28:80:ff:20:46:8c:8f:42:de:36:dd:50:6f:b9:f6:
b4:0f:09:12:90:72:07:64:ef:64:34:90:01:38:a3:
4c:a6:10:5b:5f:5c:70:0c:a9:88:a6:34:bd:97:02:
40:0d:2b:a0:db:ef:02:18:b6:7c:81:5e:76:01:75:
e8:5a:7b:6d:6e:4c:e7:f4:ab:e1:90:81:2b:83:a8:
5a:18:5d:72:e1:5a:0a:28:00:c7:77:a9:dd:b5:96:
df:75:33:0b:f9:e7:a6:50:94:9f:30:46:69:7c:94:
52:37:9a:dc:12:d6:31:7c:72:69:d6:2d:da:3e:6a:
13:f1:d9:36:e3:89:e1:6d:77:79:68:8a:dc:5e:c2:
06:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:2F:74:9D:8A:6E:D9:17:21:33:44:9E:24:4E:01:B4:D2:C9:8D:41
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/wC90nYpu2RchM0SeJE4BtNLJjUE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.201.128.0/18
Signature Algorithm: sha256WithRSAEncryption
26:e7:de:29:8f:2c:19:79:5d:85:fe:16:be:99:fb:d6:a2:90:
52:1d:63:72:97:d0:66:68:e5:0a:d0:bf:3c:5d:a9:bf:7e:1b:
07:82:8b:4c:91:74:c4:89:82:56:31:e6:17:6e:59:a6:b7:c9:
e1:b3:4f:30:85:9e:e1:42:17:71:2f:fa:1d:1a:c7:70:2b:c8:
1f:b3:f7:08:57:61:79:ec:f5:99:62:15:33:54:d1:99:67:b0:
68:be:f1:8c:ca:f9:12:eb:63:8c:c2:9b:cf:a2:d2:6b:e4:bc:
cd:07:22:62:94:21:dc:03:f7:91:fb:7c:68:d1:20:dd:d7:71:
09:f1:93:cd:9c:64:cf:3c:5a:3e:a2:a4:4c:f7:6d:8a:2e:1d:
82:73:23:29:aa:d7:25:ab:76:ca:b1:99:73:38:b2:f3:cd:6b:
15:64:f0:de:4b:a6:38:20:cc:bf:29:77:c3:58:da:c8:0d:35:
6f:b7:3e:52:fc:70:27:42:05:37:d1:29:78:34:4a:0e:d4:46:
62:3c:a4:e5:40:3d:5e:a8:73:b4:67:16:b2:cb:3c:95:7a:e6:
61:a6:9d:f0:3a:35:73:98:69:7b:57:40:65:41:68:75:84:e5:
34:5a:d8:50:50:7a:fb:15:46:ec:84:7b:1d:3c:19:ec:59:bb:
a9:01:4d:15
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEX8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3MjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEMwMkY3NDlEOEE2RUQ5
MTcyMTMzNDQ5RTI0NEUwMUI0RDJDOThENDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9a7l45ih1c57QaGaX/1KQvtNdyV+pLtpmGSOKfu5XfDL5qbMa
J0uAOUxQo8GgHGnQuN0BKVwq47WivJcQOP25MeyE/kZdrsgvSdFHH+UguQkS7oa8
Yz6hN1HPwM/thXhsmSJl9XDPMd1E+EKSw8QouGxZHPUxziiA/yBGjI9C3jbdUG+5
9rQPCRKQcgdk72Q0kAE4o0ymEFtfXHAMqYimNL2XAkANK6Db7wIYtnyBXnYBdeha
e21uTOf0q+GQgSuDqFoYXXLhWgooAMd3qd21lt91Mwv556ZQlJ8wRml8lFI3mtwS
1jF8cmnWLdo+ahPx2TbjieFtd3loitxewgZtAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUwC90nYpu2RchM0SeJE4BtNLJjUEwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3dDOTBuWXB1MlJjaE0wU2VKRTRCdE5M
SmpVRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbSyYAwDQYJ
KoZIhvcNAQELBQADggEBACbn3imPLBl5XYX+Fr6Z+9aikFIdY3KX0GZo5QrQvzxd
qb9+GweCi0yRdMSJglYx5hduWaa3yeGzTzCFnuFCF3Ev+h0ax3AryB+z9whXYXns
9ZliFTNU0ZlnsGi+8YzK+RLrY4zCm8+i0mvkvM0HImKUIdwD95H7fGjRIN3XcQnx
k82cZM88Wj6ipEz3bYouHYJzIymq1yWrdsqxmXM4svPNaxVk8N5LpjggzL8pd8NY
2sgNNW+3PlL8cCdCBTfRKXg0Sg7URmI8pOVAPV6oc7RnFrLLPJV65mGmnfA6NXOY
aXtXQGVBaHWE5TRa2FBQevsVRuyEex08GexZu6kBTRU=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:59:50 2025 by rpki-client