Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/hi4e1zVzsRGKmbhSESfPV2tM-58.roa
File: hi4e1zVzsRGKmbhSESfPV2tM-58.roa (raw, json)
Hash identifier: e1cHrs7TQFemHN8c/Uwo/nwqAH2mbP76IyN086CTtio=
Subject key identifier: 86:2E:1E:D7:35:73:B1:11:8A:99:B8:52:11:27:CF:57:6B:4C:FB:9F
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0E02
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/hi4e1zVzsRGKmbhSESfPV2tM-58.roa
Signing time: Mon 10 Feb 2025 13:59:19 +0000
ROA not before: Mon 10 Feb 2025 13:59:19 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9919
IP address blocks: 61.61.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3586 (0xe02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Feb 10 13:59:19 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=862E1ED73573B1118A99B8521127CF576B4CFB9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:38:31:cb:1c:c2:25:4d:a0:89:d4:5f:87:f7:
ed:09:e3:57:df:ac:3c:2c:9b:f3:aa:92:5e:54:72:
ae:ef:48:eb:a4:4d:55:7f:19:28:5f:b1:71:6f:b4:
ff:80:8d:ce:93:8e:b3:bb:82:3b:f5:65:0a:09:ab:
dd:68:85:83:c5:6e:b2:82:d3:d5:40:4a:c2:47:60:
fe:1e:f5:12:c3:74:a1:b6:29:7e:9c:11:52:32:ff:
b6:98:2e:56:a3:38:77:53:15:87:08:18:7f:cf:44:
7e:b8:1f:21:50:f2:12:e7:70:d5:6b:89:84:f9:b9:
bb:cd:b1:da:ae:c6:5e:4b:ad:01:fe:aa:e5:31:09:
93:32:33:1e:66:d5:61:58:8d:d8:d0:91:d9:96:ca:
a4:cb:ea:ee:2d:a6:10:aa:d0:e0:da:b7:a8:76:07:
f8:de:9a:61:55:44:30:3a:53:f0:dd:97:e0:5d:f8:
a6:c2:a2:25:51:ca:c8:b5:4c:fa:24:4b:04:52:33:
a6:fe:fd:3a:92:0e:d8:d2:4a:13:3c:5d:32:32:f1:
cb:65:10:f4:af:a9:24:91:bf:a6:f3:da:67:19:6f:
e9:5d:36:98:6e:0e:7d:cd:ee:65:5e:76:4b:1e:3d:
f9:e9:36:fb:a5:d9:78:6e:e4:cb:6f:d3:8c:18:fb:
98:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:2E:1E:D7:35:73:B1:11:8A:99:B8:52:11:27:CF:57:6B:4C:FB:9F
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/hi4e1zVzsRGKmbhSESfPV2tM-58.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.128.0/18
Signature Algorithm: sha256WithRSAEncryption
3d:91:e6:76:ce:9f:59:dc:9b:36:e3:61:29:6f:5e:fb:d1:85:
43:5f:3e:68:70:2b:0f:68:c4:15:fa:a4:00:ba:9d:10:0d:27:
36:2b:da:57:c3:80:ec:65:e4:dd:8e:09:a5:2a:86:ee:df:9d:
7e:b0:93:41:c4:d2:ec:78:fa:21:7f:84:8c:74:12:44:81:c9:
ed:da:83:58:e3:3c:4b:20:92:48:34:5a:1c:36:95:48:71:b0:
f5:81:c2:83:29:cb:0b:ff:6e:31:d5:84:b5:d7:16:ad:49:de:
8e:d9:4c:3d:e1:67:4a:02:8b:09:8d:a1:7a:32:59:e5:07:4e:
b3:d0:21:aa:5a:92:ab:3d:c5:c5:b1:51:54:65:50:b9:b6:f9:
25:e8:84:b5:65:59:21:d0:d1:25:e5:3e:0b:50:24:e6:89:51:
ca:b1:b8:a5:52:1a:93:30:fe:e8:61:29:f1:c4:55:be:7c:8c:
4a:3a:94:f5:a2:42:3a:c1:1a:d8:a4:b1:90:82:bf:83:b1:bc:
b8:13:28:97:99:7b:d5:81:07:2e:b0:36:d4:27:f1:42:70:d6:
8c:5f:1c:d8:a5:d1:2f:dc:fc:e1:a5:3a:b6:ab:e0:97:1f:bc:
15:cf:30:29:ea:11:e0:c0:20:9b:a3:f3:c7:a8:67:33:09:ab:
8e:87:de:2b
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDgIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTAyMTAx
MzU5MTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg2MkUxRUQ3MzU3M0Ix
MTE4QTk5Qjg1MjExMjdDRjU3NkI0Q0ZCOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMODHLHMIlTaCJ1F+H9+0J41ffrDwsm/Oqkl5Ucq7vSOukTVV/
GShfsXFvtP+Ajc6TjrO7gjv1ZQoJq91ohYPFbrKC09VASsJHYP4e9RLDdKG2KX6c
EVIy/7aYLlajOHdTFYcIGH/PRH64HyFQ8hLncNVriYT5ubvNsdquxl5LrQH+quUx
CZMyMx5m1WFYjdjQkdmWyqTL6u4tphCq0ODat6h2B/jemmFVRDA6U/Ddl+Bd+KbC
oiVRysi1TPokSwRSM6b+/TqSDtjSShM8XTIy8ctlEPSvqSSRv6bz2mcZb+ldNphu
Dn3N7mVedksePfnpNvul2Xhu5Mtv04wY+5inAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUhi4e1zVzsRGKmbhSESfPV2tM+58wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2hpNGUxelZ6c1JHS21iaFNFU2ZQVjJ0
TS01OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAY9PYAwDQYJ
KoZIhvcNAQELBQADggEBAD2R5nbOn1ncmzbjYSlvXvvRhUNfPmhwKw9oxBX6pAC6
nRANJzYr2lfDgOxl5N2OCaUqhu7fnX6wk0HE0ux4+iF/hIx0EkSBye3ag1jjPEsg
kkg0Whw2lUhxsPWBwoMpywv/bjHVhLXXFq1J3o7ZTD3hZ0oCiwmNoXoyWeUHTrPQ
Iapakqs9xcWxUVRlULm2+SXohLVlWSHQ0SXlPgtQJOaJUcqxuKVSGpMw/uhhKfHE
Vb58jEo6lPWiQjrBGtiksZCCv4OxvLgTKJeZe9WBBy6wNtQn8UJw1oxfHNil0S/c
/OGlOrar4JcfvBXPMCnqEeDAIJuj88eoZzMJq46H3is=
-----END CERTIFICATE-----
Generated at Mon Apr 14 23:47:21 2025 by rpki-client