Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/s1zSHoMw6AQO_C0BNrC-Uq2n7l4.roa
File: s1zSHoMw6AQO_C0BNrC-Uq2n7l4.roa (raw, json)
Hash identifier: FdYZrMvFt5aC8Ij6ECcznS0oEhnQ9jVj1hBH/UwwkfA=
Subject key identifier: B3:5C:D2:1E:83:30:E8:04:0E:FC:2D:01:36:B0:BE:52:AD:A7:EE:5E
Certificate issuer: /CN=BB88A91785A782C8EA3CDDED3E7C1F09DA79F647
Certificate serial: 3E
Authority key identifier: BB:88:A9:17:85:A7:82:C8:EA:3C:DD:ED:3E:7C:1F:09:DA:79:F6:47
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/s1zSHoMw6AQO_C0BNrC-Uq2n7l4.roa
Signing time: Mon 10 Feb 2025 14:22:47 +0000
ROA not before: Mon 10 Feb 2025 14:22:47 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9678
IP address blocks: 2.58.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/u4ipF4WngsjqPN3tPnwfCdp59kc.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/u4ipF4WngsjqPN3tPnwfCdp59kc.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/0dL1XCbbKFIKeZb_cu0BBCAHmKI.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/0dL1XCbbKFIKeZb_cu0BBCAHmKI.mft
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0dL1XCbbKFIKeZb_cu0BBCAHmKI.cer
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 20:38:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62 (0x3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BB88A91785A782C8EA3CDDED3E7C1F09DA79F647
Validity
Not Before: Feb 10 14:22:47 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B35CD21E8330E8040EFC2D0136B0BE52ADA7EE5E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:34:7f:e4:01:e5:11:be:2c:ff:62:b3:e8:a4:
e4:c1:69:97:b0:1d:42:1f:d1:83:af:f5:6a:0f:df:
06:11:6a:e4:d9:f4:aa:48:1c:5d:5b:7e:52:27:97:
f8:a3:60:d8:a2:bf:c5:a5:fb:d0:95:77:52:9a:ba:
8d:17:73:ce:61:da:d5:29:e5:11:0e:e8:5b:d2:2b:
b6:8c:84:e2:7a:96:23:a9:98:e6:75:91:c5:ff:47:
35:0e:91:af:c6:5c:63:3d:5b:7d:d4:c0:e5:01:74:
47:3f:8c:db:73:91:be:f8:ca:ac:6f:c3:67:52:e7:
5a:6f:94:1c:5e:47:d1:f3:75:a5:3e:6d:71:89:25:
d8:61:8a:aa:58:7e:4a:fe:ec:3f:37:78:b9:af:75:
3d:7f:3c:7f:7e:2f:b1:9a:f0:54:3b:46:57:9e:ab:
c9:d4:c4:1c:85:1b:6d:65:2a:52:a4:bd:5a:9a:03:
79:1c:8b:dc:03:d2:c8:4b:14:c3:70:9f:56:16:8e:
fc:a0:02:2b:ce:0a:7c:49:30:88:69:28:99:d4:9d:
bc:c1:1b:d2:52:1a:b4:3d:d8:d5:77:f9:d6:c5:57:
f4:64:80:cd:a2:04:7a:5f:cb:4c:3c:bf:3e:0e:08:
16:3d:5b:f6:e9:9b:0a:f8:c8:18:45:82:66:ef:5b:
70:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:5C:D2:1E:83:30:E8:04:0E:FC:2D:01:36:B0:BE:52:AD:A7:EE:5E
X509v3 Authority Key Identifier:
keyid:BB:88:A9:17:85:A7:82:C8:EA:3C:DD:ED:3E:7C:1F:09:DA:79:F6:47
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/u4ipF4WngsjqPN3tPnwfCdp59kc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/s1zSHoMw6AQO_C0BNrC-Uq2n7l4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
2.58.243.0/24
Signature Algorithm: sha256WithRSAEncryption
56:77:2f:be:0d:9e:86:f9:82:d6:eb:bd:63:ee:31:cb:cd:d9:
b1:b1:37:9a:d1:cc:15:9e:41:6c:45:d2:1c:c2:18:cb:67:da:
a2:53:07:c5:3d:b5:87:ec:27:bc:eb:76:4a:1a:b3:ed:60:12:
ef:ee:9c:7c:2e:41:ee:51:60:78:10:cd:93:6e:ec:fb:0f:d2:
0a:66:9c:5b:2b:3b:49:77:35:39:ff:b3:b5:ad:75:59:a5:8c:
21:86:1f:af:d6:c4:0c:0f:18:01:93:3e:cc:8f:de:87:42:50:
65:54:3c:93:48:2c:07:54:b6:c1:4a:91:92:71:7e:b7:00:e6:
73:2f:35:fb:17:14:9e:d2:dd:97:9f:5e:e2:2c:18:b4:c6:3e:
30:80:d3:db:be:d1:5e:80:cc:df:94:42:c4:3c:65:d2:b2:fa:
0a:5e:88:1d:a0:20:5d:e7:c2:08:2c:b3:fc:43:29:4c:24:2e:
89:ee:d9:a5:be:36:d4:ec:0c:1a:27:53:31:38:90:5a:36:c7:
75:fc:61:4a:a2:de:47:e2:e8:0a:cf:d6:d6:65:58:86:cb:e4:
ff:64:10:5b:5c:12:4d:c7:02:a3:c5:23:be:15:94:84:4c:1c:
69:79:a7:a3:28:51:c5:f2:82:a0:bb:0e:89:d9:49:ca:d4:c3:
a1:b9:80:97
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIBPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhCQjg4
QTkxNzg1QTc4MkM4RUEzQ0RERUQzRTdDMUYwOURBNzlGNjQ3MB4XDTI1MDIxMDE0
MjI0N1oXDTI1MDgyNjAxNTcwM1owMzExMC8GA1UEAxMoQjM1Q0QyMUU4MzMwRTgw
NDBFRkMyRDAxMzZCMEJFNTJBREE3RUU1RTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALk0f+QB5RG+LP9is+ik5MFpl7AdQh/Rg6/1ag/fBhFq5Nn0qkgc
XVt+UieX+KNg2KK/xaX70JV3Upq6jRdzzmHa1SnlEQ7oW9IrtoyE4nqWI6mY5nWR
xf9HNQ6Rr8ZcYz1bfdTA5QF0Rz+M23ORvvjKrG/DZ1LnWm+UHF5H0fN1pT5tcYkl
2GGKqlh+Sv7sPzd4ua91PX88f34vsZrwVDtGV56rydTEHIUbbWUqUqS9WpoDeRyL
3APSyEsUw3CfVhaO/KACK84KfEkwiGkomdSdvMEb0lIatD3Y1Xf51sVX9GSAzaIE
el/LTDy/Pg4IFj1b9umbCvjIGEWCZu9bcJcCAwEAAaOCAe4wggHqMB0GA1UdDgQW
BBSzXNIegzDoBA78LQE2sL5SrafuXjAfBgNVHSMEGDAWgBS7iKkXhaeCyOo83e0+
fB8J2nn2RzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9IT1NUSU4v
dTRpcEY0V25nc2pxUE4zdFBud2ZDZHA1OWtjLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS91NGlwRjRXbmdzanFQTjN0UG53ZkNkcDU5a2MuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9IT1NUSU4vczF6U0hvTXc2QVFPX0MwQk5y
Qy1VcTJuN2w0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI6
8zANBgkqhkiG9w0BAQsFAAOCAQEAVncvvg2ehvmC1uu9Y+4xy83ZsbE3mtHMFZ5B
bEXSHMIYy2faolMHxT21h+wnvOt2Shqz7WAS7+6cfC5B7lFgeBDNk27s+w/SCmac
Wys7SXc1Of+zta11WaWMIYYfr9bEDA8YAZM+zI/eh0JQZVQ8k0gsB1S2wUqRknF+
twDmcy81+xcUntLdl59e4iwYtMY+MIDT277RXoDM35RCxDxl0rL6Cl6IHaAgXefC
CCyz/EMpTCQuie7Zpb421OwMGidTMTiQWjbHdfxhSqLeR+LoCs/W1mVYhsvk/2QQ
W1wSTccCo8UjvhWUhEwcaXmnoyhRxfKCoLsOidlJytTDobmAlw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:59:06 2025 by rpki-client