Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/8Y-Zvfa6xXXARHpG0euLSu6PFQs.roa
File: 8Y-Zvfa6xXXARHpG0euLSu6PFQs.roa (raw, json)
Hash identifier: vuJmiiUq6saOcwMcnOutlovefE5aKDFn1kra4+kK3w0=
Subject key identifier: F1:8F:99:BD:F6:BA:C5:75:C0:44:7A:46:D1:EB:8B:4A:EE:8F:15:0B
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 135B
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/8Y-Zvfa6xXXARHpG0euLSu6PFQs.roa
Signing time: Mon 10 Feb 2025 14:09:23 +0000
ROA not before: Mon 10 Feb 2025 14:09:23 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 24164
IP address blocks: 203.77.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 20:38:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4955 (0x135b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Feb 10 14:09:23 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=F18F99BDF6BAC575C0447A46D1EB8B4AEE8F150B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:6f:53:16:9b:12:a5:bf:d0:cd:2c:2d:27:e9:
e7:d6:ad:ed:ab:55:43:bc:ba:a0:79:80:04:91:c0:
b1:02:2d:6e:34:02:2b:60:87:3b:d6:16:70:12:78:
7e:7b:fc:d5:86:e6:e3:62:93:8a:7e:f6:92:3a:d7:
9b:b5:e1:2b:f9:50:13:79:ed:03:c1:86:fb:77:c5:
e6:7c:6e:c1:d8:9a:a4:29:bb:6b:3c:16:c7:77:8b:
e8:74:5b:3d:7c:d0:45:3d:b0:88:2b:60:2a:30:8d:
5e:da:b9:9b:f8:32:ed:bc:8d:f7:4d:c5:0d:b9:97:
35:ad:02:f2:87:10:37:f5:f7:88:d2:39:58:7e:d1:
e2:58:a7:26:78:4a:62:ec:c0:8f:54:14:38:cb:98:
29:6a:c1:64:f0:3b:61:a3:00:24:f4:5b:0a:4b:e9:
69:0d:c7:c3:10:43:90:07:71:f7:82:5c:4e:40:52:
6b:ea:e0:4a:e1:89:0d:86:20:82:16:24:fd:5c:16:
cf:00:85:9b:72:b3:57:e3:69:65:c9:66:fc:20:7a:
2d:b4:1a:51:82:2d:db:15:d4:81:4c:3a:b3:90:87:
26:57:0e:68:ad:d9:f6:ac:32:81:ec:bb:33:18:4e:
f3:74:c0:42:f6:11:81:3d:76:91:7f:a6:9c:bc:0b:
23:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:8F:99:BD:F6:BA:C5:75:C0:44:7A:46:D1:EB:8B:4A:EE:8F:15:0B
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/8Y-Zvfa6xXXARHpG0euLSu6PFQs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.77.32.0/22
Signature Algorithm: sha256WithRSAEncryption
11:49:77:d0:20:70:c8:e7:ee:3a:16:c7:c2:d8:65:ef:51:f1:
3f:2c:40:d6:c0:39:69:30:4d:b8:95:e9:88:fa:3b:92:5a:f0:
be:d0:c8:b6:1a:48:7b:19:64:7f:04:c7:78:b8:bc:d4:a7:e3:
49:71:30:d2:1d:16:38:01:b9:dc:05:12:b2:d9:03:13:3e:0f:
02:62:fa:19:dd:5e:9a:5c:b0:85:71:35:ba:1f:79:ee:f6:bd:
04:70:23:09:ab:99:e5:3f:40:c4:76:45:39:a6:8b:63:f1:12:
19:76:34:92:67:15:61:ff:d8:03:88:6c:b9:f1:90:4c:91:5a:
d9:a6:10:66:31:e8:84:43:49:cd:bf:c9:6c:52:cb:b2:59:a2:
56:67:19:6f:16:bc:91:be:5b:e2:66:25:20:45:dc:c1:4d:c8:
6b:9c:9c:15:0c:42:81:22:9d:12:75:08:53:d7:6d:90:28:2a:
9c:38:3d:9c:17:38:e6:5f:e1:79:6c:4a:7b:a0:fe:60:6e:34:
9c:8e:cf:f3:4d:2e:f4:22:7f:30:7b:4b:3b:dd:bc:97:e1:dd:
71:01:85:af:a2:7d:fc:c3:70:ba:83:0b:64:ad:c9:2e:d5:78:
da:be:79:db:d1:b7:7e:a8:fb:b2:9a:87:2c:f7:af:d4:c0:cb:
4a:21:77:b7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE1swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTAyMTAx
NDA5MjNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEYxOEY5OUJERjZCQUM1
NzVDMDQ0N0E0NkQxRUI4QjRBRUU4RjE1MEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD5b1MWmxKlv9DNLC0n6efWre2rVUO8uqB5gASRwLECLW40Aitg
hzvWFnASeH57/NWG5uNik4p+9pI615u14Sv5UBN57QPBhvt3xeZ8bsHYmqQpu2s8
Fsd3i+h0Wz180EU9sIgrYCowjV7auZv4Mu28jfdNxQ25lzWtAvKHEDf194jSOVh+
0eJYpyZ4SmLswI9UFDjLmClqwWTwO2GjACT0WwpL6WkNx8MQQ5AHcfeCXE5AUmvq
4ErhiQ2GIIIWJP1cFs8AhZtys1fjaWXJZvwgei20GlGCLdsV1IFMOrOQhyZXDmit
2fasMoHsuzMYTvN0wEL2EYE9dpF/ppy8CyMVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU8Y+Zvfa6xXXARHpG0euLSu6PFQswHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvOFktWnZmYTZ4WFhBUkhw
RzBldUxTdTZQRlFzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AstNIDANBgkqhkiG9w0BAQsFAAOCAQEAEUl30CBwyOfuOhbHwthl71HxPyxA1sA5
aTBNuJXpiPo7klrwvtDIthpIexlkfwTHeLi81KfjSXEw0h0WOAG53AUSstkDEz4P
AmL6Gd1emlywhXE1uh957va9BHAjCauZ5T9AxHZFOaaLY/ESGXY0kmcVYf/YA4hs
ufGQTJFa2aYQZjHohENJzb/JbFLLslmiVmcZbxa8kb5b4mYlIEXcwU3Ia5ycFQxC
gSKdEnUIU9dtkCgqnDg9nBc45l/heWxKe6D+YG40nI7P800u9CJ/MHtLO928l+Hd
cQGFr6J9/MNwuoMLZK3JLtV42r5529G3fqj7spqHLPev1MDLSiF3tw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 18:06:35 2025 by rpki-client