Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/xO5J_apXuhM4nZyLUT7fDkCBQoI.roa
File: xO5J_apXuhM4nZyLUT7fDkCBQoI.roa (raw, json)
Hash identifier: isXAaoxC7XaNpvAo+qRfNkrlPOyAzhMS2DQ0EBLNJRg=
Subject key identifier: C4:EE:49:FD:AA:57:BA:13:38:9D:9C:8B:51:3E:DF:0E:40:81:42:82
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 17A6
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/xO5J_apXuhM4nZyLUT7fDkCBQoI.roa
Signing time: Mon 10 Feb 2025 14:07:07 +0000
ROA not before: Mon 10 Feb 2025 14:07:07 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9919
IP address blocks: 113.196.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 20:38:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6054 (0x17a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 10 14:07:07 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C4EE49FDAA57BA13389D9C8B513EDF0E40814282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8a:82:a6:81:43:b8:88:01:9b:4c:d4:1e:09:
cc:7f:d3:1b:20:8b:79:25:85:2c:b7:f7:05:d6:21:
98:ad:53:f2:a7:bd:cd:00:c4:62:af:93:31:53:d4:
3c:45:8a:cf:88:d7:ca:c0:74:c5:5a:67:d8:6a:69:
35:26:17:73:59:a2:b2:6c:2e:1d:72:d7:95:bb:95:
7a:db:db:e6:e9:44:0d:ad:51:f0:f2:c2:7a:1e:0b:
b8:9b:41:99:9c:c2:97:9f:75:fa:c7:be:00:5e:6e:
d5:c9:0a:eb:1d:c6:4c:62:3d:b9:a2:ef:8a:f7:f0:
de:c6:7a:34:5b:08:d8:e3:7f:d4:50:13:38:0c:7e:
47:ca:f5:a6:9c:06:40:b4:b4:1a:56:c2:45:5f:66:
fe:0e:72:c3:a7:4a:6a:f7:ff:d6:51:2b:82:3a:33:
de:b4:4d:58:7f:0d:ed:fd:c8:4b:22:6b:d8:17:b6:
4c:a2:a2:2c:59:35:a0:af:2c:f6:bf:bb:62:96:d7:
40:bf:84:56:31:05:94:c7:d1:73:bd:0d:e7:9c:57:
96:a3:75:f3:18:83:92:84:10:f0:5a:fc:a3:33:43:
f0:df:46:8e:42:43:28:5c:03:71:fa:e2:92:e1:95:
54:58:3f:a3:ed:32:f7:09:21:ac:55:64:81:2d:f1:
3b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:EE:49:FD:AA:57:BA:13:38:9D:9C:8B:51:3E:DF:0E:40:81:42:82
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/xO5J_apXuhM4nZyLUT7fDkCBQoI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.196.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:95:57:b4:6d:a5:05:4f:8e:45:6c:88:60:76:26:5b:08:14:
40:2c:94:1e:3a:ed:fe:f3:f8:cc:f0:1b:d8:ff:f4:6d:03:3b:
3f:89:06:14:73:c9:ee:e7:47:3c:90:d9:22:e3:66:4a:1b:cf:
51:3f:fa:1b:cb:73:13:7d:5a:47:33:c1:48:ec:f7:ff:d4:f9:
a4:a2:c7:bb:d9:3a:b7:b4:f1:33:4d:18:fa:35:ef:df:98:88:
1b:32:de:11:fc:54:e0:8e:0e:c3:0d:f0:7a:a5:d6:52:84:cf:
15:52:8f:2a:aa:b5:85:e3:63:5a:1d:96:53:51:d5:63:cd:97:
75:dc:6f:9b:a1:30:73:9d:40:23:0b:ed:da:b1:d2:c4:63:c2:
e7:6d:7e:99:83:29:de:dc:39:0a:d4:db:ec:24:ec:30:2b:06:
d9:d9:5f:a5:9b:20:55:20:59:47:00:e6:e8:a9:d2:7f:31:01:
dd:79:d0:0d:a3:3d:ae:da:a7:c3:db:3a:ec:4d:38:3d:f3:24:
a3:17:c6:89:37:24:4e:46:80:b7:e3:b1:c8:da:32:b8:a8:4d:
e2:70:90:bb:16:ed:ad:a4:b1:56:77:d2:cd:1c:2a:bb:c1:1d:
ba:62:26:6c:d9:26:30:26:3b:f7:33:7d:c0:3b:d6:66:96:3d:
18:a7:d4:65
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICF6YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx
NDA3MDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM0RUU0OUZEQUE1N0JB
MTMzODlEOUM4QjUxM0VERjBFNDA4MTQyODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUioKmgUO4iAGbTNQeCcx/0xsgi3klhSy39wXWIZitU/Knvc0A
xGKvkzFT1DxFis+I18rAdMVaZ9hqaTUmF3NZorJsLh1y15W7lXrb2+bpRA2tUfDy
wnoeC7ibQZmcwpefdfrHvgBebtXJCusdxkxiPbmi74r38N7GejRbCNjjf9RQEzgM
fkfK9aacBkC0tBpWwkVfZv4OcsOnSmr3/9ZRK4I6M960TVh/De39yEsia9gXtkyi
oixZNaCvLPa/u2KW10C/hFYxBZTH0XO9DeecV5ajdfMYg5KEEPBa/KMzQ/DfRo5C
QyhcA3H64pLhlVRYP6PtMvcJIaxVZIEt8TtzAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUxO5J/apXuhM4nZyLUT7fDkCBQoIwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMveE81Sl9hcFh1aE00blp5TFVUN2ZE
a0NCUW9JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAHHEMA0G
CSqGSIb3DQEBCwUAA4IBAQBalVe0baUFT45FbIhgdiZbCBRALJQeOu3+8/jM8BvY
//RtAzs/iQYUc8nu50c8kNki42ZKG89RP/oby3MTfVpHM8FI7Pf/1Pmkose72Tq3
tPEzTRj6Ne/fmIgbMt4R/FTgjg7DDfB6pdZShM8VUo8qqrWF42NaHZZTUdVjzZd1
3G+boTBznUAjC+3asdLEY8LnbX6Zgyne3DkK1NvsJOwwKwbZ2V+lmyBVIFlHAObo
qdJ/MQHdedANoz2u2qfD2zrsTTg98ySjF8aJNyRORoC347HI2jK4qE3icJC7Fu2t
pLFWd9LNHCq7wR26YiZs2SYwJjv3M33AO9Zmlj0Yp9Rl
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:49:35 2025 by rpki-client