Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/ZJ1HrYvawsIR-23I2xvrlKLfCX4.roa
File: ZJ1HrYvawsIR-23I2xvrlKLfCX4.roa (raw, json)
Hash identifier: DObV0E5H8rGW0Vm/RT+hC25eB82lIev6wgikDXoq0e8=
Subject key identifier: 64:9D:47:AD:8B:DA:C2:C2:11:FB:6D:C8:DB:1B:EB:94:A2:DF:09:7E
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 1376
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/ZJ1HrYvawsIR-23I2xvrlKLfCX4.roa
Signing time: Mon 10 Feb 2025 14:09:28 +0000
ROA not before: Mon 10 Feb 2025 14:09:28 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 24164
IP address blocks: 203.77.80.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4982 (0x1376)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Feb 10 14:09:28 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=649D47AD8BDAC2C211FB6DC8DB1BEB94A2DF097E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e8:93:56:c0:43:3c:64:3f:ab:f8:72:ed:ed:
24:0a:51:38:ac:d3:f8:5a:8d:ce:b0:58:d1:e5:53:
4f:46:a3:33:66:09:97:54:30:c7:6d:5a:9c:e3:32:
f1:30:7b:d2:19:27:d6:c6:00:77:ac:ef:2f:55:37:
01:dd:9d:71:af:24:e4:55:42:85:12:19:2a:3c:61:
b9:4e:0a:d3:6f:45:2c:55:4d:11:93:f0:fa:fa:97:
b8:d6:c4:8d:83:99:2a:2c:5f:be:0b:1a:36:39:82:
83:3b:28:86:e8:47:1c:6f:2c:81:90:50:e9:de:fe:
bf:67:0d:e0:99:b8:a6:69:01:73:10:3f:81:14:6d:
f5:cf:af:3a:e2:1d:bf:1a:a9:80:a1:d3:cb:9a:e8:
b1:23:48:37:8c:c1:df:62:92:0b:0c:05:9f:51:05:
70:57:f5:47:f0:ed:8c:13:d1:f7:ed:d8:e8:23:02:
f4:f9:e5:ff:37:ea:bf:61:40:9f:17:fd:a0:ea:a6:
ed:3c:73:ba:8a:7a:08:96:bd:6f:d6:72:3f:70:06:
da:73:e4:5e:0d:d4:45:d8:4b:70:5c:09:92:d3:82:
41:df:86:c5:15:a4:be:a0:09:34:d8:e4:e9:a8:3f:
71:52:6c:da:bb:c0:ea:19:1a:c9:01:12:4c:a7:0d:
84:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:9D:47:AD:8B:DA:C2:C2:11:FB:6D:C8:DB:1B:EB:94:A2:DF:09:7E
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/ZJ1HrYvawsIR-23I2xvrlKLfCX4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.77.80.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:cb:d2:62:54:ad:39:dd:b2:3e:ad:d2:20:3c:9f:b4:73:ae:
c9:1e:8f:10:a5:78:d2:8d:86:0e:50:a7:6f:42:74:52:40:ea:
96:8e:2f:c7:df:0e:83:0d:c1:f7:bc:59:f9:c3:c8:2e:92:25:
ee:c5:59:da:3e:bf:93:1f:9c:ec:c5:f3:f4:0c:ad:0f:a0:18:
61:6c:99:ff:dd:19:0a:da:30:99:13:bd:0e:aa:1e:49:40:60:
79:4c:a7:a0:21:e3:ea:77:af:93:01:42:08:f8:95:95:3d:04:
28:42:d1:43:e3:22:67:ac:41:04:9f:69:3e:a2:71:8f:63:cb:
ae:d7:e2:de:8b:b1:64:48:9b:5e:36:6e:3d:99:68:89:79:78:
94:26:d2:9a:b6:8b:03:83:03:06:4a:26:6d:9d:0d:07:68:5c:
9b:65:ed:77:d2:07:31:5c:73:40:84:48:7d:60:ec:58:54:57:
05:e4:ed:23:32:b6:9c:75:08:ae:e4:fb:ce:32:e0:f9:4f:d5:
39:cd:9b:a1:d2:a1:fd:38:52:8c:89:6a:f5:3c:3b:9e:37:76:
64:30:88:1a:89:3a:0f:3b:f3:bf:25:89:27:db:f3:74:b6:37:
54:e9:7d:42:bf:c7:8b:5c:db:e8:64:00:b7:80:ab:b4:79:44:
3e:a7:ff:cc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE3YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTAyMTAx
NDA5MjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY0OUQ0N0FEOEJEQUMy
QzIxMUZCNkRDOERCMUJFQjk0QTJERjA5N0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCi6JNWwEM8ZD+r+HLt7SQKUTis0/hajc6wWNHlU09GozNmCZdU
MMdtWpzjMvEwe9IZJ9bGAHes7y9VNwHdnXGvJORVQoUSGSo8YblOCtNvRSxVTRGT
8Pr6l7jWxI2DmSosX74LGjY5goM7KIboRxxvLIGQUOne/r9nDeCZuKZpAXMQP4EU
bfXPrzriHb8aqYCh08ua6LEjSDeMwd9ikgsMBZ9RBXBX9Ufw7YwT0fft2OgjAvT5
5f836r9hQJ8X/aDqpu08c7qKegiWvW/Wcj9wBtpz5F4N1EXYS3BcCZLTgkHfhsUV
pL6gCTTY5OmoP3FSbNq7wOoZGskBEkynDYTNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUZJ1HrYvawsIR+23I2xvrlKLfCX4wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvWkoxSHJZdmF3c0lSLTIz
STJ4dnJsS0xmQ1g0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ActNUDANBgkqhkiG9w0BAQsFAAOCAQEAXcvSYlStOd2yPq3SIDyftHOuyR6PEKV4
0o2GDlCnb0J0UkDqlo4vx98Ogw3B97xZ+cPILpIl7sVZ2j6/kx+c7MXz9AytD6AY
YWyZ/90ZCtowmRO9DqoeSUBgeUynoCHj6nevkwFCCPiVlT0EKELRQ+MiZ6xBBJ9p
PqJxj2PLrtfi3ouxZEibXjZuPZloiXl4lCbSmraLA4MDBkombZ0NB2hcm2Xtd9IH
MVxzQIRIfWDsWFRXBeTtIzK2nHUIruT7zjLg+U/VOc2bodKh/ThSjIlq9Tw7njd2
ZDCIGok6DzvzvyWJJ9vzdLY3VOl9Qr/Hi1zb6GQAt4CrtHlEPqf/zA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 22:07:28 2025 by rpki-client