Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/1IOW2f8x_tyPRPHqWPQOiWaaZ6o.roa
File: 1IOW2f8x_tyPRPHqWPQOiWaaZ6o.roa (raw, json)
Hash identifier: R6r/0ZHYW9aYrgomDkHz5Wfw47jNSxtQi2YRwJA5Ow8=
Subject key identifier: D4:83:96:D9:FF:31:FE:DC:8F:44:F1:EA:58:F4:0E:89:66:9A:67:AA
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 12F0
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/1IOW2f8x_tyPRPHqWPQOiWaaZ6o.roa
Signing time: Mon 10 Feb 2025 14:08:55 +0000
ROA not before: Mon 10 Feb 2025 14:08:55 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 24158
IP address blocks: 203.105.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 13 Apr 2025 21:38:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4848 (0x12f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Feb 10 14:08:55 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D48396D9FF31FEDC8F44F1EA58F40E89669A67AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:69:26:f8:f7:83:b4:64:71:cd:87:af:93:3c:
90:69:dd:8c:c4:72:01:1a:ba:f8:cb:db:b6:95:76:
11:02:0d:18:91:aa:df:6f:2f:b6:a5:58:3f:ea:00:
24:25:4e:6f:72:6f:5e:81:3a:b9:3b:af:14:1e:2e:
aa:2b:e2:e7:f3:fa:e7:75:24:b6:22:c2:be:8b:43:
d6:ea:59:64:99:0c:d1:d9:e1:57:c5:9c:09:43:07:
b1:a3:43:98:36:ab:c5:12:6a:ea:d6:14:a7:70:6e:
65:e5:25:cd:c2:9b:82:85:fc:82:ce:e3:91:64:6f:
5b:56:c0:f3:0e:a2:a0:9e:cb:3a:8f:3a:25:88:db:
30:f4:40:dc:e0:af:e9:6e:82:19:b5:33:21:65:10:
3c:43:c8:a7:c8:98:fb:43:a9:6e:83:ad:54:88:c7:
e1:80:30:43:3e:78:a1:11:26:19:57:4e:7b:25:09:
dd:99:1e:46:f4:d6:f8:ad:9c:f4:0b:65:e5:8f:0e:
27:67:32:87:b7:e0:6c:80:4c:0d:e0:e1:bc:3c:a0:
af:fb:63:b9:b5:ce:4a:33:55:e0:1d:f3:9d:b8:98:
28:76:d5:ad:49:5a:39:c0:9e:ad:4b:9a:d4:92:a4:
f0:da:df:f0:fa:c9:33:50:8d:19:ce:46:df:c3:e5:
41:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:83:96:D9:FF:31:FE:DC:8F:44:F1:EA:58:F4:0E:89:66:9A:67:AA
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/1IOW2f8x_tyPRPHqWPQOiWaaZ6o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.105.224.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:ef:bb:dc:dd:ee:cd:c3:0f:b5:d9:e2:e2:21:8d:d4:a0:6f:
82:07:85:35:5d:8c:25:75:d4:2a:d1:7f:86:d1:65:7f:be:ab:
92:65:a6:29:90:ec:05:ea:1c:65:43:6f:be:b0:69:a1:ab:6f:
10:fd:c9:ca:13:94:36:13:31:ad:82:19:2a:a9:a5:84:55:92:
0d:dd:6a:5f:25:05:22:88:ee:01:a9:1a:aa:6e:f6:45:23:75:
87:f0:86:df:97:7e:7f:49:c6:8c:0c:e1:2e:fd:7b:0f:57:2b:
ce:51:86:2d:8f:c8:f9:2c:f1:60:47:96:8b:cf:8d:1c:16:55:
4a:cf:60:8f:03:63:27:ed:7a:85:29:29:e6:7d:05:e4:8c:ef:
66:26:33:f7:57:26:05:06:a8:19:c1:97:5b:29:e0:34:4d:65:
99:4f:a2:49:a0:72:23:e5:66:cb:85:88:e0:ae:e1:55:4b:93:
d9:9f:46:c3:01:57:b5:eb:57:e9:bb:b5:88:bb:e3:34:c3:d6:
99:b1:62:3b:d1:3e:53:be:05:ec:52:4c:33:ad:25:a9:03:c1:
cd:c9:c8:2e:86:bf:70:a7:20:8f:fb:51:5b:0a:c7:b0:5e:e5:
02:65:f4:a7:4c:8b:6b:2b:19:0a:de:13:94:76:96:ab:96:2b:
fd:cb:dd:7d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEvAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTAyMTAx
NDA4NTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ0ODM5NkQ5RkYzMUZF
REM4RjQ0RjFFQTU4RjQwRTg5NjY5QTY3QUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClaSb494O0ZHHNh6+TPJBp3YzEcgEauvjL27aVdhECDRiRqt9v
L7alWD/qACQlTm9yb16BOrk7rxQeLqor4ufz+ud1JLYiwr6LQ9bqWWSZDNHZ4VfF
nAlDB7GjQ5g2q8USaurWFKdwbmXlJc3Cm4KF/ILO45Fkb1tWwPMOoqCeyzqPOiWI
2zD0QNzgr+lughm1MyFlEDxDyKfImPtDqW6DrVSIx+GAMEM+eKERJhlXTnslCd2Z
Hkb01vitnPQLZeWPDidnMoe34GyATA3g4bw8oK/7Y7m1zkozVeAd8524mCh21a1J
WjnAnq1LmtSSpPDa3/D6yTNQjRnORt/D5UFjAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU1IOW2f8x/tyPRPHqWPQOiWaaZ6owHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvMUlPVzJmOHhfdHlQUlBI
cVdQUU9pV2FhWjZvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AMtp4DANBgkqhkiG9w0BAQsFAAOCAQEAHu+73N3uzcMPtdni4iGN1KBvggeFNV2M
JXXUKtF/htFlf76rkmWmKZDsBeocZUNvvrBpoatvEP3JyhOUNhMxrYIZKqmlhFWS
Dd1qXyUFIojuAakaqm72RSN1h/CG35d+f0nGjAzhLv17D1crzlGGLY/I+SzxYEeW
i8+NHBZVSs9gjwNjJ+16hSkp5n0F5IzvZiYz91cmBQaoGcGXWyngNE1lmU+iSaBy
I+Vmy4WI4K7hVUuT2Z9GwwFXtetX6bu1iLvjNMPWmbFiO9E+U74F7FJMM60lqQPB
zcnILoa/cKcgj/tRWwrHsF7lAmX0p0yLaysZCt4TlHaWq5Yr/cvdfQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 20:47:18 2025 by rpki-client