Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/d3C878EhgUoFeE5PLNplwqA2ifw.roa
File: d3C878EhgUoFeE5PLNplwqA2ifw.roa (raw, json)
Hash identifier: E297kLUhMCXK4xD1n+3pUjYKQ6SEFyVofGPpV454nro=
Subject key identifier: 77:70:BC:EF:C1:21:81:4A:05:78:4E:4F:2C:DA:65:C2:A0:36:89:FC
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1836
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/d3C878EhgUoFeE5PLNplwqA2ifw.roa
Signing time: Mon 10 Feb 2025 14:07:41 +0000
ROA not before: Mon 10 Feb 2025 14:07:41 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131627
IP address blocks: 218.210.116.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 02:38:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6198 (0x1836)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 10 14:07:41 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=7770BCEFC121814A05784E4F2CDA65C2A03689FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:da:0e:02:3e:91:7e:eb:47:f0:fb:0f:0d:0a:
6f:b4:6b:9e:cf:25:a3:83:81:3a:16:be:3d:e1:22:
76:6d:d2:91:dd:bd:c0:89:32:0f:ca:25:7f:d3:31:
73:2d:fa:a6:3a:7b:0b:4d:ce:ef:ae:57:e5:4f:3e:
85:71:9c:5c:11:c7:78:ba:4d:a2:ef:b5:10:11:fb:
be:3e:ee:23:af:78:99:59:3b:10:8a:b0:a4:8f:d0:
01:5c:83:66:39:f9:f5:ac:ab:fc:08:56:25:a3:45:
82:ce:be:51:96:a1:0d:7d:51:ad:ce:d7:61:b0:28:
77:5b:1d:7e:e4:da:e0:ae:fb:6e:c3:b7:60:3a:4d:
5d:9e:c2:b6:b0:64:b9:b3:b5:b8:fe:d0:50:9c:96:
2f:12:86:6d:cc:c0:73:8b:16:48:6b:39:63:bc:5e:
34:10:55:4d:09:e8:12:54:38:32:8c:60:42:42:36:
5a:ce:80:98:56:b7:bf:4b:d9:65:6e:53:5b:1f:ac:
14:3b:b6:46:54:ed:14:76:e9:0e:8f:da:5d:5a:9f:
5c:91:c6:7c:7b:c0:f7:65:d8:2f:f3:f3:0a:d4:8a:
82:2a:83:d3:7e:f5:22:00:75:d0:be:a3:36:9f:f5:
d2:e7:50:fd:50:63:3a:ab:af:25:18:c0:43:ca:a1:
26:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:70:BC:EF:C1:21:81:4A:05:78:4E:4F:2C:DA:65:C2:A0:36:89:FC
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/d3C878EhgUoFeE5PLNplwqA2ifw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.210.116.0/23
Signature Algorithm: sha256WithRSAEncryption
ca:47:7e:02:39:11:a4:23:1f:ae:9a:6b:31:70:e4:e4:07:c0:
16:fd:70:7b:1e:70:85:a4:f9:b7:99:a9:e6:1b:97:91:f9:39:
76:90:60:c0:c1:6f:5f:92:5a:84:ac:fd:ba:4e:ca:84:26:e7:
53:77:6e:5e:78:bb:8f:5b:ab:56:b3:d4:67:d1:20:2f:6b:66:
2b:b8:43:9e:89:2c:ce:e5:e1:1a:c8:f7:d9:1b:de:a4:ef:9b:
10:40:6a:d4:05:d1:27:f0:a7:71:0d:3c:d0:9d:6d:90:8d:19:
c9:74:7b:91:85:ff:1c:5e:ac:e4:ad:3d:2b:89:02:2e:94:9a:
57:c7:5a:f6:17:59:5f:84:af:1a:91:d3:5c:44:80:15:18:4f:
b3:8d:a7:4a:4f:8e:87:f6:30:ca:ed:6a:d3:bc:65:a4:50:21:
19:d2:7f:14:3d:a7:84:26:9a:3d:8c:bf:12:52:e2:c2:b8:c7:
63:74:32:44:00:b1:73:d2:d1:71:80:f1:5c:85:15:80:34:71:
3f:dc:c2:f9:8d:93:be:f7:a4:d7:7b:23:e8:91:71:05:50:0b:
79:34:05:a1:42:f6:35:a8:23:e6:b7:35:90:0c:ab:ad:81:64:
d3:4b:00:4c:26:dd:c7:7e:a8:6f:42:76:db:29:aa:a4:03:17:
fa:d8:08:40
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICGDYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx
NDA3NDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc3NzBCQ0VGQzEyMTgx
NEEwNTc4NEU0RjJDREE2NUMyQTAzNjg5RkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN2g4CPpF+60fw+w8NCm+0a57PJaODgToWvj3hInZt0pHdvcCJ
Mg/KJX/TMXMt+qY6ewtNzu+uV+VPPoVxnFwRx3i6TaLvtRAR+74+7iOveJlZOxCK
sKSP0AFcg2Y5+fWsq/wIViWjRYLOvlGWoQ19Ua3O12GwKHdbHX7k2uCu+27Dt2A6
TV2ewrawZLmztbj+0FCcli8Shm3MwHOLFkhrOWO8XjQQVU0J6BJUODKMYEJCNlrO
gJhWt79L2WVuU1sfrBQ7tkZU7RR26Q6P2l1an1yRxnx7wPdl2C/z8wrUioIqg9N+
9SIAddC+ozaf9dLnUP1QYzqrryUYwEPKoSZDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUd3C878EhgUoFeE5PLNplwqA2ifwwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvZDNDODc4RWhnVW9GZUU1UExOcGx3
cUEyaWZ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdrSdDAN
BgkqhkiG9w0BAQsFAAOCAQEAykd+AjkRpCMfrpprMXDk5AfAFv1wex5whaT5t5mp
5huXkfk5dpBgwMFvX5JahKz9uk7KhCbnU3duXni7j1urVrPUZ9EgL2tmK7hDnoks
zuXhGsj32RvepO+bEEBq1AXRJ/CncQ080J1tkI0ZyXR7kYX/HF6s5K09K4kCLpSa
V8da9hdZX4SvGpHTXESAFRhPs42nSk+Oh/Ywyu1q07xlpFAhGdJ/FD2nhCaaPYy/
ElLiwrjHY3QyRACxc9LRcYDxXIUVgDRxP9zC+Y2Tvvek13sj6JFxBVALeTQFoUL2
Nagj5rc1kAyrrYFk00sATCbdx36ob0J22ymqpAMX+tgIQA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:06:50 2025 by rpki-client