Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/A9U1dE5vuASCoSammYUFHz2SJCQ.roa
File: A9U1dE5vuASCoSammYUFHz2SJCQ.roa (raw, json)
Hash identifier: tKOteLyzbcYqhRUk9Oew7Wioz+lamQNXkHWtBPMN2uw=
Subject key identifier: 03:D5:35:74:4E:6F:B8:04:82:A1:26:A6:99:85:05:1F:3D:92:24:24
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0EB6
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/A9U1dE5vuASCoSammYUFHz2SJCQ.roa
Signing time: Mon 10 Feb 2025 13:59:48 +0000
ROA not before: Mon 10 Feb 2025 13:59:48 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38843
IP address blocks: 124.150.128.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3766 (0xeb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 10 13:59:48 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=03D535744E6FB80482A126A69985051F3D922424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5b:e0:72:34:ee:de:6a:0f:94:d7:23:4f:45:
fb:61:3f:84:b4:78:0a:92:7f:40:b6:11:b4:9c:7e:
82:7f:4c:e8:d7:d6:38:e7:38:9f:41:62:c4:c2:9e:
aa:ff:5c:f7:77:4d:a0:dd:ff:f4:8d:1f:ee:3e:4f:
6c:60:20:ed:83:bb:ed:d4:6b:26:b9:72:5f:1d:e7:
9f:a0:f4:b6:8f:2d:56:80:16:b6:17:0c:33:85:fa:
95:36:31:13:36:aa:e0:db:b7:d9:f8:10:f2:df:40:
ee:31:40:a6:cc:34:bb:b9:c4:6d:7b:c2:3c:f2:07:
3e:2f:a3:ce:39:d9:9b:fe:5b:2e:c6:0d:10:5b:d7:
0d:46:19:e4:04:e8:fe:ae:6d:11:57:79:dd:6d:a2:
39:e5:23:d8:96:d5:e0:50:14:aa:29:dc:74:87:45:
27:28:7c:2c:96:e9:78:5b:51:47:33:6a:80:58:95:
36:ee:27:57:93:eb:7f:38:7b:9d:ff:8a:4e:38:da:
b5:90:12:0b:04:d9:88:02:a9:66:8f:21:ef:93:b9:
b0:24:b1:27:df:4e:e9:8b:2e:e5:c6:5c:5d:ba:c8:
b0:61:ab:f3:c5:43:20:4f:06:e7:68:6b:98:06:90:
e0:38:17:ca:20:18:b6:11:7b:48:a8:36:63:8f:d3:
d9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D5:35:74:4E:6F:B8:04:82:A1:26:A6:99:85:05:1F:3D:92:24:24
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/A9U1dE5vuASCoSammYUFHz2SJCQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.150.128.0/21
Signature Algorithm: sha256WithRSAEncryption
94:96:1d:58:60:cc:0a:2f:93:84:a2:c1:f4:75:2d:11:5a:9e:
08:e0:e1:7d:32:e5:80:b2:84:a2:6c:0c:81:e7:f6:27:fd:cf:
6e:bf:23:1d:2e:10:4c:7a:a2:0b:02:a4:c5:70:0c:99:60:c2:
21:61:2c:e9:b0:e4:7c:56:55:11:4e:70:c8:9b:2e:01:4f:87:
cf:2d:73:96:38:aa:27:e3:a1:4e:64:3c:8e:95:22:c8:da:73:
f8:d7:03:76:8d:88:f7:d7:ef:03:42:b3:e4:2d:52:4e:37:1f:
2c:bb:1d:01:5c:82:cf:e4:71:26:8f:e1:f3:c7:e1:01:ab:d6:
de:1e:27:a7:39:a5:9f:8f:07:59:46:5a:87:af:99:66:4d:25:
75:5b:fe:c6:5f:a7:74:60:86:4f:67:24:c2:fb:95:ce:9d:87:
f7:33:40:9e:ea:8a:22:06:5f:0c:08:13:73:35:63:7f:7e:ed:
0b:b2:a9:77:1c:3b:3c:10:79:85:ba:f6:41:6a:bf:8b:78:75:
f6:37:fc:95:74:4b:30:11:56:7b:fd:b5:ea:14:ff:91:c1:9e:
71:ca:44:39:94:92:3c:14:ce:bb:a9:d9:ff:65:ae:4c:30:05:
7a:33:e4:be:a1:09:1d:08:8a:fb:44:80:15:e1:ef:fe:10:65:
98:09:44:64
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDrYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTAyMTAx
MzU5NDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDAzRDUzNTc0NEU2RkI4
MDQ4MkExMjZBNjk5ODUwNTFGM0Q5MjI0MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyW+ByNO7eag+U1yNPRfthP4S0eAqSf0C2EbScfoJ/TOjX1jjn
OJ9BYsTCnqr/XPd3TaDd//SNH+4+T2xgIO2Du+3Uaya5cl8d55+g9LaPLVaAFrYX
DDOF+pU2MRM2quDbt9n4EPLfQO4xQKbMNLu5xG17wjzyBz4vo8452Zv+Wy7GDRBb
1w1GGeQE6P6ubRFXed1tojnlI9iW1eBQFKop3HSHRScofCyW6XhbUUczaoBYlTbu
J1eT6384e53/ik442rWQEgsE2YgCqWaPIe+TubAksSffTumLLuXGXF26yLBhq/PF
QyBPBudoa5gGkOA4F8ogGLYRe0ioNmOP09mXAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUA9U1dE5vuASCoSammYUFHz2SJCQwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vQTlVMWRFNXZ1QVNDb1NhbW1ZVUZI
ejJTSkNRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3yWgDAN
BgkqhkiG9w0BAQsFAAOCAQEAlJYdWGDMCi+ThKLB9HUtEVqeCODhfTLlgLKEomwM
gef2J/3Pbr8jHS4QTHqiCwKkxXAMmWDCIWEs6bDkfFZVEU5wyJsuAU+Hzy1zljiq
J+OhTmQ8jpUiyNpz+NcDdo2I99fvA0Kz5C1STjcfLLsdAVyCz+RxJo/h88fhAavW
3h4npzmln48HWUZah6+ZZk0ldVv+xl+ndGCGT2ckwvuVzp2H9zNAnuqKIgZfDAgT
czVjf37tC7Kpdxw7PBB5hbr2QWq/i3h19jf8lXRLMBFWe/216hT/kcGeccpEOZSS
PBTOu6nZ/2WuTDAFejPkvqEJHQiK+0SAFeHv/hBlmAlEZA==
-----END CERTIFICATE-----
Generated at Tue Apr 15 00:13:07 2025 by rpki-client