Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/yRapCyHL21_E98VLeWUlIND6U3A.roa
File: yRapCyHL21_E98VLeWUlIND6U3A.roa (raw, json)
Hash identifier: Oxr0z2c4mmZmue89rgnrvGq34nCcsHoBQqXTq6wfQWg=
Subject key identifier: C9:16:A9:0B:21:CB:DB:5F:C4:F7:C5:4B:79:65:25:20:D0:FA:53:70
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11F7
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/yRapCyHL21_E98VLeWUlIND6U3A.roa
Signing time: Mon 10 Feb 2025 14:27:55 +0000
ROA not before: Mon 10 Feb 2025 14:27:55 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 202.178.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 20:38:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4599 (0x11f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:55 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C916A90B21CBDB5FC4F7C54B79652520D0FA5370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6e:e8:9c:4f:44:67:c3:ba:56:30:bb:83:6a:
87:8f:99:f3:dd:3a:c1:9a:6a:ff:96:cc:1e:dd:a2:
b0:30:af:06:5a:1d:38:b3:91:64:23:e2:87:24:3b:
c1:ed:6e:05:d2:88:52:86:2f:83:b7:f5:64:17:79:
fd:33:82:d0:48:d0:9d:d3:7a:1f:81:9d:6b:38:d6:
5a:f2:00:8b:2b:af:fb:0c:57:92:6d:9d:7d:42:f4:
5e:03:3c:64:ca:76:af:65:20:c5:d0:bc:df:6b:7b:
94:98:0d:b5:a2:2a:4a:72:c5:f5:55:59:88:69:60:
2a:de:2b:73:77:52:18:ed:2d:19:87:c1:41:df:a6:
3a:83:aa:98:ca:5c:4f:c9:2a:f2:94:1f:ce:a8:db:
69:11:aa:9a:d2:6c:24:f2:3c:04:8b:8d:fc:5b:4c:
56:95:4b:57:e3:57:e4:c7:1e:86:da:1d:8a:79:ea:
c6:24:cd:4b:35:eb:ef:c1:55:2b:fc:f1:80:7c:ce:
04:77:f3:b5:41:70:82:94:6c:d2:e8:23:50:d5:2b:
5c:e8:9b:b2:68:a5:4f:07:23:7d:ab:8d:bf:62:70:
1e:cd:5a:19:9b:e7:08:72:b8:f3:70:b8:a1:39:49:
f3:e1:69:3d:33:ac:06:d3:94:b1:64:94:86:d5:9c:
0e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:16:A9:0B:21:CB:DB:5F:C4:F7:C5:4B:79:65:25:20:D0:FA:53:70
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/yRapCyHL21_E98VLeWUlIND6U3A.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.178.128.0/17
Signature Algorithm: sha256WithRSAEncryption
c3:74:14:f1:2a:b9:4b:37:9b:b7:bf:28:47:36:46:88:42:08:
6f:5a:09:6f:ae:b3:cd:d7:63:e6:aa:92:44:04:63:c7:f8:58:
21:54:86:e2:3b:0a:50:66:b4:06:6c:85:fd:ca:fb:91:33:8a:
1d:4d:73:69:17:c2:c4:c0:25:71:72:0a:68:50:d5:62:bf:4a:
21:5c:0d:cf:8f:66:f1:eb:89:fb:da:26:c8:4a:20:a9:ce:07:
4b:71:f3:75:68:31:40:b2:56:c0:3e:b3:38:96:e7:ca:26:47:
22:d2:90:c1:f2:92:d4:9f:f1:a6:6c:67:f7:bd:42:54:60:e5:
a1:fb:08:7d:e1:f7:55:2b:b7:fd:cc:62:9a:6f:27:79:d4:f1:
ee:bc:5c:b2:af:04:6c:20:72:7b:8d:48:66:19:aa:80:fc:ed:
9f:d1:b4:1e:93:86:51:b0:e2:68:2e:66:74:28:58:8c:95:47:
b3:2c:7e:3a:ab:a0:00:12:55:51:56:1a:4e:cf:cc:51:28:b1:
72:39:2f:14:0a:cb:28:21:fd:c6:03:fe:79:0a:06:68:26:08:
bc:d7:7e:e4:f3:d6:56:c3:a5:b4:06:25:29:38:fe:fe:65:09:
21:55:b4:ff:c4:a3:92:fa:13:fd:5a:d6:14:dd:88:8f:9b:86:
6e:d0:85:77
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEfcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3NTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM5MTZBOTBCMjFDQkRC
NUZDNEY3QzU0Qjc5NjUyNTIwRDBGQTUzNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5buicT0Rnw7pWMLuDaoePmfPdOsGaav+WzB7dorAwrwZaHTiz
kWQj4ockO8HtbgXSiFKGL4O39WQXef0zgtBI0J3Teh+BnWs41lryAIsrr/sMV5Jt
nX1C9F4DPGTKdq9lIMXQvN9re5SYDbWiKkpyxfVVWYhpYCreK3N3UhjtLRmHwUHf
pjqDqpjKXE/JKvKUH86o22kRqprSbCTyPASLjfxbTFaVS1fjV+THHobaHYp56sYk
zUs16+/BVSv88YB8zgR387VBcIKUbNLoI1DVK1zom7JopU8HI32rjb9icB7NWhmb
5whyuPNwuKE5SfPhaT0zrAbTlLFklIbVnA7vAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUyRapCyHL21/E98VLeWUlIND6U3AwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3lSYXBDeUhMMjFfRTk4VkxlV1VsSU5E
NlUzQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAfKsoAwDQYJ
KoZIhvcNAQELBQADggEBAMN0FPEquUs3m7e/KEc2RohCCG9aCW+us83XY+aqkkQE
Y8f4WCFUhuI7ClBmtAZshf3K+5Ezih1Nc2kXwsTAJXFyCmhQ1WK/SiFcDc+PZvHr
ifvaJshKIKnOB0tx83VoMUCyVsA+sziW58omRyLSkMHyktSf8aZsZ/e9QlRg5aH7
CH3h91Urt/3MYppvJ3nU8e68XLKvBGwgcnuNSGYZqoD87Z/RtB6ThlGw4mguZnQo
WIyVR7MsfjqroAASVVFWGk7PzFEosXI5LxQKyygh/cYD/nkKBmgmCLzXfuTz1lbD
pbQGJSk4/v5lCSFVtP/Eo5L6E/1a1hTdiI+bhm7QhXc=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:13:47 2025 by rpki-client