Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/xn3OdZc7nWJugFzNq5NQXcPtI4g.roa
File: xn3OdZc7nWJugFzNq5NQXcPtI4g.roa (raw, json)
Hash identifier: wiGP0Z/EhbS8dpbvt7JMOdwT88TnYECHefX5LwCTm5w=
Subject key identifier: C6:7D:CE:75:97:3B:9D:62:6E:80:5C:CD:AB:93:50:5D:C3:ED:23:88
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 17DE
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/xn3OdZc7nWJugFzNq5NQXcPtI4g.roa
Signing time: Mon 10 Feb 2025 14:07:21 +0000
ROA not before: Mon 10 Feb 2025 14:07:21 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131602
IP address blocks: 60.245.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6110 (0x17de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 10 14:07:21 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C67DCE75973B9D626E805CCDAB93505DC3ED2388
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ed:bb:2b:3b:0b:56:2c:48:be:08:0a:e3:60:
cc:67:48:15:2d:ca:a9:ed:4d:22:ce:3c:2f:15:ee:
5e:17:d3:7e:58:9c:dd:14:1b:de:b1:61:bf:f4:7a:
63:0c:62:1c:df:dc:77:98:0d:34:f3:9e:03:a1:d5:
1a:cd:23:12:00:dd:18:72:d2:da:90:b0:48:be:69:
fa:2d:56:0e:e6:0e:ab:d3:8b:cb:e3:a9:2f:df:94:
d5:2f:da:c6:84:a9:48:a7:6a:f1:ff:8d:95:fc:f1:
80:91:f1:e7:a9:08:36:a8:ea:6f:f0:b8:55:37:b1:
a1:3d:c3:f6:09:bf:00:48:0b:a2:a5:e0:5c:3e:a6:
b1:ac:54:d8:70:d9:2a:ba:ce:14:a9:28:9a:ed:9d:
30:ca:9c:53:f3:fd:7f:8d:26:4a:8a:9d:46:44:86:
1d:a3:88:1a:c4:14:03:60:5f:51:fa:fc:f1:72:e5:
6b:fd:82:d9:e0:2a:b3:03:ec:f6:7b:a3:02:87:68:
49:cf:c6:d1:8d:2c:bf:57:e6:73:03:32:9e:c2:1e:
1b:54:f9:c4:c5:b8:51:1e:a9:25:05:d5:b1:e3:db:
13:ee:02:c5:4a:84:78:c9:84:51:76:d6:49:e5:24:
23:61:52:6c:80:94:6d:03:85:62:72:68:f5:ec:70:
da:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:7D:CE:75:97:3B:9D:62:6E:80:5C:CD:AB:93:50:5D:C3:ED:23:88
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/xn3OdZc7nWJugFzNq5NQXcPtI4g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.245.112.0/21
Signature Algorithm: sha256WithRSAEncryption
8f:9d:17:4d:81:68:ec:64:e9:d9:6e:22:68:89:cd:be:f0:55:
13:42:1c:7e:fa:d2:89:c7:35:92:d3:b5:36:52:b4:bf:8e:db:
08:89:ac:12:68:ba:36:cc:25:02:52:b5:7b:88:f0:3e:64:e5:
fc:da:50:9b:33:d3:78:7e:07:79:24:cc:9e:ee:b9:14:08:db:
f6:39:e7:08:50:79:df:cb:e8:dc:c8:95:e9:9b:f8:3f:e7:c4:
1d:15:81:a2:b5:fb:f2:ea:eb:7a:de:21:5f:2b:c9:11:fc:21:
b4:ec:10:18:a2:13:56:d8:97:88:30:25:a8:83:73:56:2d:f1:
38:52:32:7f:86:ca:f5:1a:7a:56:b5:ca:3f:e7:d3:54:97:08:
5e:fc:d8:43:89:8f:d4:70:dc:8a:de:c1:d2:29:0a:1a:07:ee:
b6:35:f5:6a:f6:02:4a:5d:b2:4a:af:47:43:8a:7a:ad:54:0c:
86:c8:a8:d7:34:ee:08:b0:da:16:71:4d:08:d7:7c:1c:dc:ca:
86:23:3c:1b:e2:ff:54:a4:c3:6e:e0:5b:8d:a2:d5:e1:c5:d3:
fe:c7:f2:42:f3:b4:9e:73:d3:e2:dc:bb:4e:f0:37:2c:2e:cd:
67:d4:5c:16:c9:f2:19:19:52:5b:94:24:ad:56:eb:99:67:44:
08:89:c4:ba
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICF94wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx
NDA3MjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM2N0RDRTc1OTczQjlE
NjI2RTgwNUNDREFCOTM1MDVEQzNFRDIzODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC87bsrOwtWLEi+CArjYMxnSBUtyqntTSLOPC8V7l4X035YnN0U
G96xYb/0emMMYhzf3HeYDTTzngOh1RrNIxIA3Rhy0tqQsEi+afotVg7mDqvTi8vj
qS/flNUv2saEqUinavH/jZX88YCR8eepCDao6m/wuFU3saE9w/YJvwBIC6Kl4Fw+
prGsVNhw2Sq6zhSpKJrtnTDKnFPz/X+NJkqKnUZEhh2jiBrEFANgX1H6/PFy5Wv9
gtngKrMD7PZ7owKHaEnPxtGNLL9X5nMDMp7CHhtU+cTFuFEeqSUF1bHj2xPuAsVK
hHjJhFF21knlJCNhUmyAlG0DhWJyaPXscNonAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUxn3OdZc7nWJugFzNq5NQXcPtI4gwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMveG4zT2RaYzduV0p1Z0Z6TnE1TlFY
Y1B0STRnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzz1cDAN
BgkqhkiG9w0BAQsFAAOCAQEAj50XTYFo7GTp2W4iaInNvvBVE0IcfvrSicc1ktO1
NlK0v47bCImsEmi6NswlAlK1e4jwPmTl/NpQmzPTeH4HeSTMnu65FAjb9jnnCFB5
38vo3MiV6Zv4P+fEHRWBorX78urret4hXyvJEfwhtOwQGKITVtiXiDAlqINzVi3x
OFIyf4bK9Rp6VrXKP+fTVJcIXvzYQ4mP1HDcit7B0ikKGgfutjX1avYCSl2ySq9H
Q4p6rVQMhsio1zTuCLDaFnFNCNd8HNzKhiM8G+L/VKTDbuBbjaLV4cXT/sfyQvO0
nnPT4ty7TvA3LC7NZ9RcFsnyGRlSW5QkrVbrmWdECInEug==
-----END CERTIFICATE-----
Generated at Mon Apr 14 21:12:16 2025 by rpki-client