Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/lr4AB380PVCnFsEtSFv9UzWZY30.roa
File: lr4AB380PVCnFsEtSFv9UzWZY30.roa (raw, json)
Hash identifier: T8seleh/k7N1t2iSLJZ5+jS5avh+t93P4xJKH5G56BQ=
Subject key identifier: 96:BE:00:07:7F:34:3D:50:A7:16:C1:2D:48:5B:FD:53:35:99:63:7D
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0F66
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/lr4AB380PVCnFsEtSFv9UzWZY30.roa
Signing time: Mon 10 Feb 2025 14:08:02 +0000
ROA not before: Mon 10 Feb 2025 14:08:02 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9919
IP address blocks: 139.175.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 11:38:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3942 (0xf66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 10 14:08:02 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=96BE00077F343D50A716C12D485BFD533599637D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7d:eb:2b:30:9a:4d:61:5b:85:26:a5:a0:d4:
c5:ee:de:42:08:bd:40:f9:73:08:d0:58:26:03:2a:
43:99:bf:a5:03:0a:92:be:44:e6:27:d7:e6:e6:a4:
5f:4e:a6:53:bc:54:ee:2f:00:54:a7:30:39:84:1b:
04:0d:b2:f2:e5:0c:22:2b:80:0c:f9:ef:47:81:a0:
d7:e3:6e:05:c2:58:0f:69:af:8c:b8:8a:58:d8:9e:
c5:d3:1e:33:60:d0:92:65:a0:05:c7:f1:cd:ef:7f:
24:e2:f2:ac:ee:69:50:9c:b5:0b:25:77:24:3b:b3:
21:3d:d4:56:c6:12:a6:35:ea:6e:d5:6b:94:4b:e8:
ec:1f:6c:23:98:99:18:42:7d:02:74:5f:da:38:f9:
70:33:ac:d9:a9:a0:58:b9:82:e7:0f:64:ae:82:7e:
60:35:dd:4f:d7:b7:d5:93:bc:b5:8f:f8:bc:e4:cd:
2f:da:a5:53:1c:b8:3a:d9:2f:a0:6f:3a:db:64:7e:
03:12:fe:0b:50:59:01:d1:5d:89:ef:e1:14:9a:7b:
0b:4d:f7:27:74:49:81:1c:1e:5e:c2:e5:33:af:5c:
13:49:f5:4b:09:e5:12:6f:4f:f4:8d:5c:bd:34:96:
a9:6a:4f:f4:68:2a:c8:9b:95:1d:08:bf:d8:b7:6d:
d4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BE:00:07:7F:34:3D:50:A7:16:C1:2D:48:5B:FD:53:35:99:63:7D
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/lr4AB380PVCnFsEtSFv9UzWZY30.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
139.175.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:fb:b9:90:44:5b:c0:04:8d:4a:54:76:87:33:58:21:5f:62:
e2:6f:d7:35:b6:78:ca:09:bf:81:74:ba:80:58:45:19:05:eb:
cb:ee:37:a3:86:d7:16:d9:40:d2:7a:8a:78:9c:fd:14:93:80:
8b:19:6c:dd:78:c3:8e:e6:e3:49:1f:2b:5d:79:c7:db:f1:05:
7d:09:16:83:e5:0f:17:1b:f2:80:07:3f:82:df:5e:70:4f:4a:
70:24:69:f2:93:4c:72:61:c4:8e:1e:29:78:96:2f:84:ed:56:
14:80:fc:f3:1c:c6:6f:1f:78:f4:05:b5:21:96:e5:97:a3:7c:
bf:82:80:ea:f9:7f:32:ad:d9:ef:25:fe:99:85:34:24:51:2f:
18:0c:54:4c:56:f5:f8:af:14:c4:59:2c:3b:87:6e:39:80:4b:
8d:81:d8:2c:c4:f4:5b:eb:d7:05:01:1c:ba:34:bc:ba:28:f9:
b0:3c:22:38:b5:06:1e:30:e9:5e:fa:f1:90:2c:87:61:5a:41:
44:cc:64:8c:c4:df:a3:a8:30:d5:38:b8:d5:1b:3e:fc:3c:92:
a5:ea:73:11:03:a9:32:c1:ff:6c:d8:76:1a:03:f4:f5:96:ba:
1d:38:63:75:b1:3a:47:b4:9d:c0:16:d6:0f:27:f4:95:29:30:
4d:39:61:7f
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICD2YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTAyMTAx
NDA4MDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk2QkUwMDA3N0YzNDNE
NTBBNzE2QzEyRDQ4NUJGRDUzMzU5OTYzN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqfesrMJpNYVuFJqWg1MXu3kIIvUD5cwjQWCYDKkOZv6UDCpK+
ROYn1+bmpF9OplO8VO4vAFSnMDmEGwQNsvLlDCIrgAz570eBoNfjbgXCWA9pr4y4
iljYnsXTHjNg0JJloAXH8c3vfyTi8qzuaVCctQsldyQ7syE91FbGEqY16m7Va5RL
6OwfbCOYmRhCfQJ0X9o4+XAzrNmpoFi5gucPZK6CfmA13U/Xt9WTvLWP+LzkzS/a
pVMcuDrZL6BvOttkfgMS/gtQWQHRXYnv4RSaewtN9yd0SYEcHl7C5TOvXBNJ9UsJ
5RJvT/SNXL00lqlqT/RoKsiblR0Iv9i3bdSbAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUlr4AB380PVCnFsEtSFv9UzWZY30wHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvbHI0QUIzODBQVkNuRnNFdFNGdjlV
eldaWTMwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIuvMA0G
CSqGSIb3DQEBCwUAA4IBAQB9+7mQRFvABI1KVHaHM1ghX2Lib9c1tnjKCb+BdLqA
WEUZBevL7jejhtcW2UDSeop4nP0Uk4CLGWzdeMOO5uNJHytdecfb8QV9CRaD5Q8X
G/KABz+C315wT0pwJGnyk0xyYcSOHil4li+E7VYUgPzzHMZvH3j0BbUhluWXo3y/
goDq+X8yrdnvJf6ZhTQkUS8YDFRMVvX4rxTEWSw7h245gEuNgdgsxPRb69cFARy6
NLy6KPmwPCI4tQYeMOle+vGQLIdhWkFEzGSMxN+jqDDVOLjVGz78PJKl6nMRA6ky
wf9s2HYaA/T1lrodOGN1sTpHtJ3AFtYPJ/SVKTBNOWF/
-----END CERTIFICATE-----
Generated at Mon Apr 14 10:29:20 2025 by rpki-client