Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/V4bO6HNejdlYjxe3VFTJYgcrwnI.roa
File: V4bO6HNejdlYjxe3VFTJYgcrwnI.roa (raw, json)
Hash identifier: 9hgMV0FnZRYJXUIhtqclNAWtzawgSJmU8gKWpYiQ3tA=
Subject key identifier: 57:86:CE:E8:73:5E:8D:D9:58:8F:17:B7:54:54:C9:62:07:2B:C2:72
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1794
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/V4bO6HNejdlYjxe3VFTJYgcrwnI.roa
Signing time: Mon 10 Feb 2025 14:07:04 +0000
ROA not before: Mon 10 Feb 2025 14:07:04 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9919
IP address blocks: 106.105.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 16:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6036 (0x1794)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 10 14:07:04 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5786CEE8735E8DD9588F17B75454C962072BC272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dd:f7:9a:cb:17:6b:a0:d1:04:85:09:ea:fd:
e4:50:6f:08:17:8f:db:eb:44:35:9f:6e:aa:3c:a3:
c9:08:25:6d:2a:91:e4:a0:45:05:f7:35:19:7a:af:
57:87:fc:69:b3:46:e4:9a:f7:71:57:18:f1:2c:38:
a5:1b:30:6a:6f:c9:2d:e7:55:6b:a2:c5:65:51:96:
55:ca:66:40:d0:40:50:71:49:0e:18:90:4c:c1:60:
a4:5a:db:da:ea:e1:ee:da:37:56:19:f3:06:b9:2c:
f7:a2:47:c4:9f:95:9c:eb:88:a2:c7:3e:72:33:87:
4e:03:72:d5:6f:c9:6d:9c:24:d1:da:67:15:e4:52:
c1:97:34:1f:4b:b3:84:6a:bf:c2:5d:da:36:1b:7b:
bc:06:58:b6:f3:18:7f:3c:02:83:48:c1:50:6b:40:
a9:59:39:f8:ef:1e:59:3e:79:09:ce:cd:52:ae:03:
69:f7:ed:e8:0d:21:14:04:52:0c:bf:6e:0a:7d:30:
c8:b3:47:74:ad:29:d7:0c:0f:13:86:3b:72:9f:95:
b7:48:a2:2c:d9:4e:f7:ca:0d:5f:2b:89:51:7e:4e:
05:8b:72:12:8b:8e:82:76:a0:24:1a:3a:27:57:f5:
c9:81:b4:80:5f:5b:f5:e0:b5:2d:fb:eb:00:27:f8:
26:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:86:CE:E8:73:5E:8D:D9:58:8F:17:B7:54:54:C9:62:07:2B:C2:72
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/V4bO6HNejdlYjxe3VFTJYgcrwnI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.105.32.0/19
Signature Algorithm: sha256WithRSAEncryption
74:7e:f1:46:ca:66:e3:6f:6e:dc:9c:87:37:42:19:0f:0e:a0:
fe:8e:a1:13:94:c7:9a:87:21:f6:51:57:22:57:4c:e9:2f:aa:
12:55:3a:42:d8:09:dc:04:0b:a2:64:de:ba:70:d2:bb:24:3d:
df:25:9e:ec:87:73:b0:00:50:b9:17:b9:1f:a9:dd:67:75:1b:
86:34:00:57:42:d9:36:78:c1:5a:9f:3a:75:90:a8:d2:f8:82:
9b:ef:a3:b9:9c:43:04:3a:19:63:25:28:e7:14:58:8e:64:2f:
e9:7a:d1:4c:e9:68:80:21:e6:22:97:ae:e7:c3:aa:cc:46:bf:
01:ae:c0:27:44:97:5a:27:71:56:98:b0:6e:5e:d7:d9:91:48:
7f:6a:01:11:49:b6:47:0c:35:2b:07:37:4d:b8:a1:27:9a:f6:
33:a2:5d:6b:82:4c:5a:05:f1:6a:ba:6a:f9:31:3e:a0:d7:17:
10:de:a7:6e:c3:90:74:90:3f:3b:b2:90:e2:c5:d6:6b:98:31:
b2:bd:0a:a2:7c:ba:f9:9f:1c:96:a7:00:37:c3:5f:c9:1a:67:
a5:68:c1:bf:9d:7f:0f:74:99:b2:65:fc:49:4e:d6:94:d3:7c:
c8:d2:64:6a:93:92:d6:bf:0c:95:1b:74:6a:21:70:a7:56:7c:
1a:34:de:89
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICF5QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx
NDA3MDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDU3ODZDRUU4NzM1RThE
RDk1ODhGMTdCNzU0NTRDOTYyMDcyQkMyNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz3feayxdroNEEhQnq/eRQbwgXj9vrRDWfbqo8o8kIJW0qkeSg
RQX3NRl6r1eH/GmzRuSa93FXGPEsOKUbMGpvyS3nVWuixWVRllXKZkDQQFBxSQ4Y
kEzBYKRa29rq4e7aN1YZ8wa5LPeiR8SflZzriKLHPnIzh04DctVvyW2cJNHaZxXk
UsGXNB9Ls4Rqv8Jd2jYbe7wGWLbzGH88AoNIwVBrQKlZOfjvHlk+eQnOzVKuA2n3
7egNIRQEUgy/bgp9MMizR3StKdcMDxOGO3KflbdIoizZTvfKDV8riVF+TgWLchKL
joJ2oCQaOidX9cmBtIBfW/XgtS376wAn+CbXAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUV4bO6HNejdlYjxe3VFTJYgcrwnIwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvVjRiTzZITmVqZGxZanhlM1ZGVEpZ
Z2Nyd25JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBWppIDAN
BgkqhkiG9w0BAQsFAAOCAQEAdH7xRspm429u3JyHN0IZDw6g/o6hE5THmoch9lFX
IldM6S+qElU6QtgJ3AQLomTeunDSuyQ93yWe7IdzsABQuRe5H6ndZ3UbhjQAV0LZ
NnjBWp86dZCo0viCm++juZxDBDoZYyUo5xRYjmQv6XrRTOlogCHmIpeu58OqzEa/
Aa7AJ0SXWidxVpiwbl7X2ZFIf2oBEUm2Rww1Kwc3TbihJ5r2M6Jda4JMWgXxarpq
+TE+oNcXEN6nbsOQdJA/O7KQ4sXWa5gxsr0Kony6+Z8clqcAN8NfyRpnpWjBv51/
D3SZsmX8SU7WlNN8yNJkapOS1r8MlRt0aiFwp1Z8GjTeiQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 15:19:44 2025 by rpki-client