Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APPIER/sqW9Ss6FGBJ8JZ9xRnDKaYFTNpY.roa
File: sqW9Ss6FGBJ8JZ9xRnDKaYFTNpY.roa (raw, json)
Hash identifier: MG4Wy2efkvSpbc1yPWr9rKUgLUOxccXgjAD4AOXxRtc=
Subject key identifier: B2:A5:BD:4A:CE:85:18:12:7C:25:9F:71:46:70:CA:69:81:53:36:96
Certificate issuer: /CN=4640D988EC8146BA430596012122D1A1CFC1C36B
Certificate serial: 0C98
Authority key identifier: 46:40:D9:88:EC:81:46:BA:43:05:96:01:21:22:D1:A1:CF:C1:C3:6B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/sqW9Ss6FGBJ8JZ9xRnDKaYFTNpY.roa
Signing time: Mon 10 Feb 2025 13:59:39 +0000
ROA not before: Mon 10 Feb 2025 13:59:39 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 396982
IP address blocks: 2403:8640::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3224 (0xc98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4640D988EC8146BA430596012122D1A1CFC1C36B
Validity
Not Before: Feb 10 13:59:39 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B2A5BD4ACE8518127C259F714670CA6981533696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:58:a4:f7:29:d8:70:14:25:36:1c:df:77:9c:
51:44:08:36:51:30:91:35:fd:f8:c0:72:df:81:7c:
d0:68:49:e1:77:39:bd:78:43:72:c7:a0:b8:71:19:
8a:85:d0:8c:fb:68:cd:09:23:1d:e1:40:cd:6f:81:
7d:17:64:06:dd:51:3c:94:e5:08:87:4a:52:83:8c:
5d:91:10:b5:c0:0c:bf:8c:1a:36:71:95:b2:41:d6:
5c:46:4a:83:b3:ac:73:c1:60:4d:11:13:56:81:15:
9b:35:1f:51:39:1b:e5:4d:0b:e5:0f:2d:bf:b7:2e:
d3:d4:e6:f8:f2:a1:e2:77:67:af:69:b7:60:eb:4f:
a3:d4:cc:63:ef:66:70:34:37:bf:ca:34:5f:c0:4f:
32:03:41:2b:17:54:35:b7:b6:70:14:dd:e1:53:48:
e5:49:79:dd:4a:85:75:15:f9:e0:c5:e7:12:4e:5b:
28:dc:09:8f:a4:a2:ac:a4:39:c6:ad:5f:de:4d:b1:
46:8d:d4:b0:dc:e4:43:53:89:5e:eb:70:6d:91:d5:
8e:9d:20:f4:bf:10:31:bb:7c:72:de:07:49:47:a7:
f8:70:36:08:96:28:b0:2e:83:c5:68:bf:c6:95:8a:
ab:ad:0b:b6:45:d9:00:33:8b:c0:c9:27:70:d9:5a:
7d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A5:BD:4A:CE:85:18:12:7C:25:9F:71:46:70:CA:69:81:53:36:96
X509v3 Authority Key Identifier:
keyid:46:40:D9:88:EC:81:46:BA:43:05:96:01:21:22:D1:A1:CF:C1:C3:6B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/sqW9Ss6FGBJ8JZ9xRnDKaYFTNpY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:8640::/32
Signature Algorithm: sha256WithRSAEncryption
61:b6:c3:14:98:78:13:62:31:03:0c:ac:f9:d9:f9:ec:d8:dc:
e4:26:95:02:8b:c0:17:6f:9b:db:95:fc:3d:5f:66:4e:4b:33:
93:95:06:b4:1d:9b:96:17:ad:dd:1c:af:a3:bd:08:7c:16:b0:
98:4e:5f:25:9e:f7:e3:80:c2:90:32:18:07:37:dd:e5:27:e7:
05:82:1f:23:16:1e:61:7b:84:ca:16:9f:e7:26:20:fd:84:26:
87:77:ad:22:bf:e2:a3:64:dc:47:04:c2:e6:a3:13:59:15:76:
f5:6d:75:ff:70:84:d3:d2:fa:3f:9d:78:44:9a:ed:0a:1b:8d:
dd:6f:82:e3:99:1b:1d:dd:de:da:32:d0:5d:4c:0c:01:60:ee:
fc:28:00:61:35:3b:64:81:54:a5:86:8b:9b:5b:29:4d:99:9d:
70:b5:ef:0b:8b:eb:34:2d:39:54:01:d5:41:25:89:d3:0f:b0:
09:1d:07:d9:ed:ba:26:67:e1:b2:9b:9f:27:e2:3f:f3:e2:19:
44:7b:3e:22:3c:af:34:19:35:dd:1b:be:50:29:d6:d1:f8:e1:
9c:4e:14:ee:ac:61:63:bc:e2:55:45:c7:f8:05:c6:58:7c:86:
90:c7:de:57:df:a7:ed:b0:f5:b0:87:17:76:da:07:f8:b8:45:
05:33:5d:50
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDJgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDY0
MEQ5ODhFQzgxNDZCQTQzMDU5NjAxMjEyMkQxQTFDRkMxQzM2QjAeFw0yNTAyMTAx
MzU5MzlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIyQTVCRDRBQ0U4NTE4
MTI3QzI1OUY3MTQ2NzBDQTY5ODE1MzM2OTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMWKT3KdhwFCU2HN93nFFECDZRMJE1/fjAct+BfNBoSeF3Ob14
Q3LHoLhxGYqF0Iz7aM0JIx3hQM1vgX0XZAbdUTyU5QiHSlKDjF2RELXADL+MGjZx
lbJB1lxGSoOzrHPBYE0RE1aBFZs1H1E5G+VNC+UPLb+3LtPU5vjyoeJ3Z69pt2Dr
T6PUzGPvZnA0N7/KNF/ATzIDQSsXVDW3tnAU3eFTSOVJed1KhXUV+eDF5xJOWyjc
CY+koqykOcatX95NsUaN1LDc5ENTiV7rcG2R1Y6dIPS/EDG7fHLeB0lHp/hwNgiW
KLAug8Vov8aViqutC7ZF2QAzi8DJJ3DZWn0zAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUsqW9Ss6FGBJ8JZ9xRnDKaYFTNpYwHwYDVR0jBBgwFoAURkDZiOyBRrpDBZYB
ISLRoc/Bw2swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBQSUVS
L1JrRFppT3lCUnJwREJaWUJJU0xSb2NfQncycy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvUmtEWmlPeUJScnBEQlpZQklTTFJvY19CdzJzLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBQSUVSL3NxVzlTczZGR0JKOEpaOXhS
bkRLYVlGVE5wWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk
A4ZAMA0GCSqGSIb3DQEBCwUAA4IBAQBhtsMUmHgTYjEDDKz52fns2NzkJpUCi8AX
b5vblfw9X2ZOSzOTlQa0HZuWF63dHK+jvQh8FrCYTl8lnvfjgMKQMhgHN93lJ+cF
gh8jFh5he4TKFp/nJiD9hCaHd60iv+KjZNxHBMLmoxNZFXb1bXX/cITT0vo/nXhE
mu0KG43db4LjmRsd3d7aMtBdTAwBYO78KABhNTtkgVSlhoubWylNmZ1wte8Li+s0
LTlUAdVBJYnTD7AJHQfZ7bomZ+Gym58n4j/z4hlEez4iPK80GTXdG75QKdbR+OGc
ThTurGFjvOJVRcf4BcZYfIaQx95X36ftsPWwhxd22gf4uEUFM11Q
-----END CERTIFICATE-----
Generated at Mon Apr 14 22:22:09 2025 by rpki-client