Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/wAFmjQzhGmSxInMjjsIptnHEmLc.roa
File: wAFmjQzhGmSxInMjjsIptnHEmLc.roa (raw, json)
Hash identifier: f01JOhLEnDJPrakMlakUAZ0sK/oXdlgZraJU8q5ZdbM=
Subject key identifier: C0:01:66:8D:0C:E1:1A:64:B1:22:73:23:8E:C2:29:B6:71:C4:98:B7
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 134C
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/wAFmjQzhGmSxInMjjsIptnHEmLc.roa
Signing time: Mon 10 Feb 2025 14:09:20 +0000
ROA not before: Mon 10 Feb 2025 14:09:20 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 135596
IP address blocks: 60.198.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 20:38:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4940 (0x134c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Feb 10 14:09:20 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C001668D0CE11A64B12273238EC229B671C498B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7d:24:84:33:24:f6:95:b2:81:a5:58:b2:44:
48:45:50:5b:8d:09:25:eb:71:22:80:37:1a:24:f8:
d0:a2:05:cc:1e:f2:ba:28:b0:83:f9:b9:5d:58:91:
41:6b:47:56:f2:2b:60:34:92:68:c4:61:ef:cc:33:
06:87:d4:2e:de:62:4d:29:42:9f:4a:04:f4:86:95:
63:4f:96:94:e3:48:ad:e7:38:8e:a6:96:80:7a:1d:
65:1e:3d:51:c2:61:3a:ae:1d:6b:32:0d:9b:2f:5a:
63:fd:91:f8:9a:95:94:98:e4:5e:fc:3e:dc:90:55:
69:53:fd:f9:0c:50:b2:fb:27:09:8f:8c:e8:74:5c:
17:e1:7a:3d:ac:6a:a0:6c:08:1c:55:e2:86:fc:49:
e6:55:43:bf:a3:37:e2:20:27:56:e8:d3:c4:be:a9:
65:c1:fb:c1:28:a5:b2:d9:2e:b3:1c:04:99:e4:9d:
07:91:2e:84:e0:ba:78:b1:17:5c:4c:d2:ed:7e:d9:
52:cc:ab:be:0e:03:45:e6:08:c1:e6:8b:ed:42:34:
f4:32:12:14:c0:6f:df:6a:03:c7:b7:d5:f0:71:71:
ab:e1:d1:fa:79:ea:36:08:0f:d7:27:21:d1:75:5b:
c9:6c:bc:72:1d:fd:20:b8:bd:f8:c9:fd:5b:34:b2:
2f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:01:66:8D:0C:E1:1A:64:B1:22:73:23:8E:C2:29:B6:71:C4:98:B7
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/wAFmjQzhGmSxInMjjsIptnHEmLc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.198.153.0/24
Signature Algorithm: sha256WithRSAEncryption
01:ae:f2:04:31:5f:b5:80:07:84:5b:dc:a7:04:1a:de:4d:f1:
e5:05:42:a1:09:1b:d0:74:ee:81:d5:d9:12:f3:11:1a:22:f8:
09:ab:92:78:4f:d4:18:79:20:6d:90:a0:be:5f:89:e0:52:82:
b2:97:fa:0c:0d:bf:57:b4:ce:fd:7c:65:40:bd:a4:c0:1c:a4:
a2:f1:ba:45:bd:7e:92:4b:25:54:a3:58:72:23:5c:7d:cf:e2:
51:69:6a:ab:45:3b:00:4d:3c:26:d8:b9:29:74:0a:a7:dd:bc:
30:33:0b:99:dd:f9:cd:39:6e:65:06:25:1a:63:ad:1f:5c:07:
ff:97:4b:ab:b0:78:e6:8b:02:f7:40:d6:45:17:ae:b4:e2:4a:
2a:86:ef:ff:99:5b:e0:dd:2b:36:68:ba:09:04:dd:b3:a7:8d:
45:81:ca:c0:8b:29:6d:87:c7:04:0d:bc:ff:ef:ee:da:58:09:
f4:5b:ee:4c:65:1b:98:ff:da:1f:85:0b:ff:5a:cf:4c:8e:42:
6b:fe:ae:ca:80:80:8d:88:98:d6:ed:96:59:75:7b:dc:f7:e1:
c0:cf:ff:1e:c7:3b:a2:f2:a0:96:ca:13:91:4f:8c:1e:07:e3:
d1:dd:bd:76:51:57:6f:8e:f2:70:68:8c:bd:fe:cd:d1:bd:e4:
66:64:24:cc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE0wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTAyMTAx
NDA5MjBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEMwMDE2NjhEMENFMTFB
NjRCMTIyNzMyMzhFQzIyOUI2NzFDNDk4QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1fSSEMyT2lbKBpViyREhFUFuNCSXrcSKANxok+NCiBcwe8roo
sIP5uV1YkUFrR1byK2A0kmjEYe/MMwaH1C7eYk0pQp9KBPSGlWNPlpTjSK3nOI6m
loB6HWUePVHCYTquHWsyDZsvWmP9kfialZSY5F78PtyQVWlT/fkMULL7JwmPjOh0
XBfhej2saqBsCBxV4ob8SeZVQ7+jN+IgJ1bo08S+qWXB+8EopbLZLrMcBJnknQeR
LoTgunixF1xM0u1+2VLMq74OA0XmCMHmi+1CNPQyEhTAb99qA8e31fBxcavh0fp5
6jYID9cnIdF1W8lsvHId/SC4vfjJ/Vs0si8pAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUwAFmjQzhGmSxInMjjsIptnHEmLcwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvd0FGbWpRemhHbVN4SW5N
ampzSXB0bkhFbUxjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ADzGmTANBgkqhkiG9w0BAQsFAAOCAQEAAa7yBDFftYAHhFvcpwQa3k3x5QVCoQkb
0HTugdXZEvMRGiL4CauSeE/UGHkgbZCgvl+J4FKCspf6DA2/V7TO/XxlQL2kwByk
ovG6Rb1+kkslVKNYciNcfc/iUWlqq0U7AE08Jti5KXQKp928MDMLmd35zTluZQYl
GmOtH1wH/5dLq7B45osC90DWRReutOJKKobv/5lb4N0rNmi6CQTds6eNRYHKwIsp
bYfHBA28/+/u2lgJ9FvuTGUbmP/aH4UL/1rPTI5Ca/6uyoCAjYiY1u2WWXV73Pfh
wM//Hsc7ovKglsoTkU+MHgfj0d29dlFXb47ycGiMvf7N0b3kZmQkzA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 18:34:40 2025 by rpki-client