Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/WOLFNET/d9qKp45X7kRDVuV4nNFYSIt-Yh0.roa
File: d9qKp45X7kRDVuV4nNFYSIt-Yh0.roa (raw, json)
Hash identifier: bFGP/HT+DX0mM+gNWGpKWVFh6IgkSTpNfivTyf5M2sI=
Subject key identifier: 77:DA:8A:A7:8E:57:EE:44:43:56:E5:78:9C:D1:58:48:8B:7E:62:1D
Certificate issuer: /CN=C3FC116A3CCB105AB50DA417679B1F9C70A4BD97
Certificate serial: 03AD
Authority key identifier: C3:FC:11:6A:3C:CB:10:5A:B5:0D:A4:17:67:9B:1F:9C:70:A4:BD:97
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/w_wRajzLEFq1DaQXZ5sfnHCkvZc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/WOLFNET/d9qKp45X7kRDVuV4nNFYSIt-Yh0.roa
Signing time: Mon 10 Feb 2025 13:46:05 +0000
ROA not before: Mon 10 Feb 2025 13:46:05 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 138997
IP address blocks: 103.169.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/WOLFNET/w_wRajzLEFq1DaQXZ5sfnHCkvZc.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/WOLFNET/w_wRajzLEFq1DaQXZ5sfnHCkvZc.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/w_wRajzLEFq1DaQXZ5sfnHCkvZc.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 07:08:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941 (0x3ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C3FC116A3CCB105AB50DA417679B1F9C70A4BD97
Validity
Not Before: Feb 10 13:46:05 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=77DA8AA78E57EE444356E5789CD158488B7E621D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d1:79:bd:a7:87:24:70:d9:52:f1:b4:a1:d4:
b5:04:68:f6:69:94:ef:72:85:23:8b:a4:f5:d6:4a:
7a:c0:69:59:44:f0:7d:e1:9b:ee:e5:06:c2:df:6e:
be:c2:6b:d8:ce:2a:d5:0f:2e:14:78:69:9f:83:dc:
2c:b7:3a:0c:28:0c:5e:6b:1f:f0:18:18:22:cf:0a:
de:d4:a5:08:dc:6d:f5:2e:8a:c5:82:fa:1f:f6:f6:
82:89:2f:a1:9a:25:64:ad:7c:a3:83:4a:aa:8f:1f:
46:94:d0:aa:06:98:4e:98:57:5d:74:db:df:13:ae:
a1:fb:bc:6e:d2:5f:3b:71:88:c2:79:52:87:c5:07:
67:a8:32:d3:2a:fb:44:1f:af:f4:21:54:f3:82:f1:
ea:59:09:70:7d:fd:ac:97:3b:50:c8:92:0a:de:94:
82:f7:75:99:49:ac:ef:b4:74:1e:92:82:3f:03:24:
f1:42:da:62:bf:e5:ca:49:6e:06:e5:75:4b:32:e3:
57:28:9c:05:c6:95:f2:a4:02:d3:39:ae:67:72:43:
1f:e4:ac:49:03:cd:6f:20:54:36:b1:c6:35:a0:1d:
90:c1:b0:c9:d8:b3:3f:27:ea:e3:8d:4d:0e:9b:57:
ee:37:48:ec:ec:6c:e8:69:54:c6:70:0c:f6:b5:20:
0c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DA:8A:A7:8E:57:EE:44:43:56:E5:78:9C:D1:58:48:8B:7E:62:1D
X509v3 Authority Key Identifier:
keyid:C3:FC:11:6A:3C:CB:10:5A:B5:0D:A4:17:67:9B:1F:9C:70:A4:BD:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WOLFNET/w_wRajzLEFq1DaQXZ5sfnHCkvZc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/w_wRajzLEFq1DaQXZ5sfnHCkvZc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WOLFNET/d9qKp45X7kRDVuV4nNFYSIt-Yh0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.169.126.0/23
Signature Algorithm: sha256WithRSAEncryption
12:5a:29:c2:75:eb:6b:ea:57:11:f0:24:4f:ad:48:c7:65:93:
dc:56:15:33:fa:1d:93:3f:a7:0a:f4:3d:60:3c:80:09:42:46:
5f:6f:77:a9:a0:55:1c:b0:a2:f2:18:07:89:fb:2d:16:94:b9:
77:69:a5:24:65:c6:b3:51:70:b4:a5:b3:8f:cd:e2:2f:b6:05:
99:3e:e5:ca:83:57:98:7a:fc:b1:80:f4:72:29:ce:7d:14:de:
b9:41:b9:a1:a1:cb:d1:65:91:51:d2:e4:0c:ba:27:f2:df:28:
a2:7d:6b:3e:bb:df:ef:56:4a:47:9a:b9:34:99:b7:8e:50:43:
42:42:c6:5e:ad:c9:5d:24:f1:92:50:da:a4:95:b7:86:88:68:
fc:0b:1a:cc:a0:5a:0c:06:5e:5f:68:ba:d6:a8:c9:81:17:60:
01:55:37:89:75:31:ac:62:40:66:36:8a:6c:1f:1e:d5:44:7a:
47:f7:44:87:02:61:81:e9:35:c7:b0:84:bb:1f:f1:41:de:e1:
04:20:75:bc:b3:c9:5c:2e:d1:7d:ca:a9:f8:c7:1d:b4:7e:dc:
bb:0d:71:9d:e5:d9:90:a6:5c:62:14:6a:b3:9a:9f:7a:c4:42:
05:5a:f3:5c:54:cc:5a:0c:eb:f7:05:4d:af:7b:9c:c7:ec:b0:
69:e8:e8:eb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICA60wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzNG
QzExNkEzQ0NCMTA1QUI1MERBNDE3Njc5QjFGOUM3MEE0QkQ5NzAeFw0yNTAyMTAx
MzQ2MDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc3REE4QUE3OEU1N0VF
NDQ0MzU2RTU3ODlDRDE1ODQ4OEI3RTYyMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDW0Xm9p4ckcNlS8bSh1LUEaPZplO9yhSOLpPXWSnrAaVlE8H3h
m+7lBsLfbr7Ca9jOKtUPLhR4aZ+D3Cy3OgwoDF5rH/AYGCLPCt7UpQjcbfUuisWC
+h/29oKJL6GaJWStfKODSqqPH0aU0KoGmE6YV110298TrqH7vG7SXztxiMJ5UofF
B2eoMtMq+0Qfr/QhVPOC8epZCXB9/ayXO1DIkgrelIL3dZlJrO+0dB6Sgj8DJPFC
2mK/5cpJbgbldUsy41conAXGlfKkAtM5rmdyQx/krEkDzW8gVDaxxjWgHZDBsMnY
sz8n6uONTQ6bV+43SOzsbOhpVMZwDPa1IAzTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUd9qKp45X7kRDVuV4nNFYSIt+Yh0wHwYDVR0jBBgwFoAUw/wRajzLEFq1DaQX
Z5sfnHCkvZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV09MRk5F
VC93X3dSYWp6TEVGcTFEYVFYWjVzZm5IQ2t2WmMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3dfd1JhanpMRUZxMURhUVhaNXNmbkhDa3ZaYy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1dPTEZORVQvZDlxS3A0NVg3a1JEVnVW
NG5ORllTSXQtWWgwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AWepfjANBgkqhkiG9w0BAQsFAAOCAQEAElopwnXra+pXEfAkT61Ix2WT3FYVM/od
kz+nCvQ9YDyACUJGX293qaBVHLCi8hgHifstFpS5d2mlJGXGs1FwtKWzj83iL7YF
mT7lyoNXmHr8sYD0cinOfRTeuUG5oaHL0WWRUdLkDLon8t8oon1rPrvf71ZKR5q5
NJm3jlBDQkLGXq3JXSTxklDapJW3hoho/AsazKBaDAZeX2i61qjJgRdgAVU3iXUx
rGJAZjaKbB8e1UR6R/dEhwJhgek1x7CEux/xQd7hBCB1vLPJXC7Rfcqp+McdtH7c
uw1xneXZkKZcYhRqs5qfesRCBVrzXFTMWgzr9wVNr3ucx+ywaejo6w==
-----END CERTIFICATE-----
Generated at Mon Apr 14 03:29:11 2025 by rpki-client