Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/N3kAzasfrx0r0nL4tQS7GkQw_bk.roa
File: N3kAzasfrx0r0nL4tQS7GkQw_bk.roa (raw, json)
Hash identifier: sF2LcDQjQ8UOL8rtu3g6rWOTCvKwQrNSSwl+fI36O1U=
Subject key identifier: 37:79:00:CD:AB:1F:AF:1D:2B:D2:72:F8:B5:04:BB:1A:44:30:FD:B9
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 182D
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/N3kAzasfrx0r0nL4tQS7GkQw_bk.roa
Signing time: Mon 10 Feb 2025 14:07:39 +0000
ROA not before: Mon 10 Feb 2025 14:07:39 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131627
IP address blocks: 106.105.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 07:08:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6189 (0x182d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 10 14:07:39 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=377900CDAB1FAF1D2BD272F8B504BB1A4430FDB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:89:61:98:0e:3e:7b:c2:f4:f4:c7:c1:41:0b:
d4:4b:c6:86:cc:ef:c2:6d:34:96:dc:08:c4:74:2c:
9e:39:93:ca:ee:c8:70:85:cb:c7:4e:91:94:c7:21:
ec:50:9b:91:06:7d:98:d4:93:14:62:b8:7c:45:b9:
31:e3:ea:ef:64:67:bf:cd:02:10:79:21:2e:7d:a8:
d7:f3:c2:f7:83:20:ab:04:1e:ce:b5:5c:03:59:69:
6c:7d:8c:3b:7f:7d:95:dc:81:e9:5e:a4:bd:a6:20:
42:ef:59:f3:5c:e7:fc:39:8a:73:10:3c:80:1c:7d:
71:d7:39:a5:48:42:7c:f3:c4:ee:b4:b8:b6:f9:d4:
f9:71:99:64:c6:6b:5e:dd:f8:ec:81:f1:36:f3:5e:
77:b0:be:61:74:61:52:46:25:95:6e:ea:41:68:57:
08:9a:6b:6d:e2:8a:1a:93:ee:09:3f:c7:6f:d2:94:
87:de:0c:eb:a4:87:51:0a:d8:6d:96:9d:a8:dc:81:
8e:8d:61:f3:b5:6e:c4:9b:aa:ae:9a:fe:ad:ac:ad:
43:80:ec:72:93:7e:0a:0e:12:1e:4c:b2:83:c4:06:
a1:a5:2c:ca:db:f2:fc:0c:cd:d9:f8:66:48:55:da:
db:a0:36:2e:06:85:6c:c4:cc:f5:33:81:0d:a1:16:
be:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:79:00:CD:AB:1F:AF:1D:2B:D2:72:F8:B5:04:BB:1A:44:30:FD:B9
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/N3kAzasfrx0r0nL4tQS7GkQw_bk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.105.96.0/21
Signature Algorithm: sha256WithRSAEncryption
99:33:9c:88:53:71:1a:30:d4:8f:c5:82:a2:ba:1b:61:41:e8:
26:a4:ff:69:c7:a2:b9:1f:92:56:91:22:cd:d3:1e:3d:28:c4:
0b:ec:d1:68:1f:43:3e:2c:05:ff:c1:ae:54:49:28:7d:87:a6:
2a:86:90:41:3e:7f:9f:6c:03:1a:26:bf:79:76:27:ee:b9:5d:
78:2b:bb:a0:e6:a4:1c:e7:50:8a:34:76:c7:45:3c:ff:5b:0a:
8a:cf:e6:89:e4:14:02:21:a8:a1:7d:6b:fb:76:09:21:1f:1c:
2e:85:72:f3:43:59:21:97:a4:2f:6d:ee:a3:5a:1b:17:a9:2d:
95:df:ca:98:68:5c:5d:ac:5d:dc:ab:9b:56:97:6f:00:6e:a4:
51:7a:5b:28:c6:90:d8:04:de:2e:cd:33:11:fa:f3:83:f2:2d:
c5:29:b7:ee:ff:7f:85:23:e1:84:4a:6a:97:f3:29:03:82:90:
ca:0c:5b:56:9c:8b:fc:16:f4:0f:42:d1:95:ac:a6:3f:97:ed:
c5:3c:40:f4:69:ed:66:20:39:b3:3f:24:28:ee:66:e2:a3:c4:
b0:a1:3d:6d:97:5a:2e:74:a0:5c:2a:9f:58:70:02:63:c1:45:
b1:a8:52:fd:a1:dd:ff:84:04:45:81:50:13:fc:e9:64:e3:9a:
02:30:8d:6f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICGC0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx
NDA3MzlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM3NzkwMENEQUIxRkFG
MUQyQkQyNzJGOEI1MDRCQjFBNDQzMEZEQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRiWGYDj57wvT0x8FBC9RLxobM78JtNJbcCMR0LJ45k8ruyHCF
y8dOkZTHIexQm5EGfZjUkxRiuHxFuTHj6u9kZ7/NAhB5IS59qNfzwveDIKsEHs61
XANZaWx9jDt/fZXcgelepL2mIELvWfNc5/w5inMQPIAcfXHXOaVIQnzzxO60uLb5
1PlxmWTGa17d+OyB8TbzXnewvmF0YVJGJZVu6kFoVwiaa23iihqT7gk/x2/SlIfe
DOukh1EK2G2WnajcgY6NYfO1bsSbqq6a/q2srUOA7HKTfgoOEh5MsoPEBqGlLMrb
8vwMzdn4ZkhV2tugNi4GhWzEzPUzgQ2hFr7zAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUN3kAzasfrx0r0nL4tQS7GkQw/bkwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvTjNrQXphc2ZyeDByMG5MNHRRUzdH
a1F3X2JrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA2ppYDAN
BgkqhkiG9w0BAQsFAAOCAQEAmTOciFNxGjDUj8WCorobYUHoJqT/aceiuR+SVpEi
zdMePSjEC+zRaB9DPiwF/8GuVEkofYemKoaQQT5/n2wDGia/eXYn7rldeCu7oOak
HOdQijR2x0U8/1sKis/mieQUAiGooX1r+3YJIR8cLoVy80NZIZekL23uo1obF6kt
ld/KmGhcXaxd3KubVpdvAG6kUXpbKMaQ2ATeLs0zEfrzg/ItxSm37v9/hSPhhEpq
l/MpA4KQygxbVpyL/Bb0D0LRlaymP5ftxTxA9GntZiA5sz8kKO5m4qPEsKE9bZda
LnSgXCqfWHACY8FFsahS/aHd/4QERYFQE/zpZOOaAjCNbw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 04:27:14 2025 by rpki-client