Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CCETECH/g-bCaS0yRc1qLrI6UlTqaTVu-Fc.roa
File: g-bCaS0yRc1qLrI6UlTqaTVu-Fc.roa (raw, json)
Hash identifier: hCDaW5iYF6vs3968YgVCgJkngB8R9H3qX2i+vdh7xDY=
Subject key identifier: 83:E6:C2:69:2D:32:45:CD:6A:2E:B2:3A:52:54:EA:69:35:6E:F8:57
Certificate issuer: /CN=BD8533BC896A55C6C8C3FADEFA5787310C5F340E
Certificate serial: 047D
Authority key identifier: BD:85:33:BC:89:6A:55:C6:C8:C3:FA:DE:FA:57:87:31:0C:5F:34:0E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/vYUzvIlqVcbIw_re-leHMQxfNA4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CCETECH/g-bCaS0yRc1qLrI6UlTqaTVu-Fc.roa
Signing time: Mon 10 Feb 2025 13:57:46 +0000
ROA not before: Mon 10 Feb 2025 13:57:46 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 208223
IP address blocks: 2401:af20::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CCETECH/vYUzvIlqVcbIw_re-leHMQxfNA4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/CCETECH/vYUzvIlqVcbIw_re-leHMQxfNA4.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/vYUzvIlqVcbIw_re-leHMQxfNA4.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 20:38:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1149 (0x47d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BD8533BC896A55C6C8C3FADEFA5787310C5F340E
Validity
Not Before: Feb 10 13:57:46 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=83E6C2692D3245CD6A2EB23A5254EA69356EF857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2b:2d:b6:11:6b:24:40:3f:0d:aa:3f:05:b7:
46:b7:d0:2c:6f:3d:51:5a:e8:51:96:60:b5:6e:c7:
1f:49:f8:da:05:62:9c:42:1c:e4:4c:2d:77:33:36:
12:9b:c3:61:8f:24:9b:6d:d6:56:9b:e0:bd:14:3a:
05:ae:82:76:d0:4c:ba:d5:a9:b9:b0:41:7e:48:ba:
36:a4:d6:a7:30:27:e4:5f:20:6c:73:e1:d0:42:77:
89:51:2a:06:f0:94:65:80:fb:0d:7e:b4:86:31:00:
a7:0a:de:22:a7:31:00:72:a9:96:21:8d:14:8e:2f:
72:f6:b4:5d:5b:8b:72:22:a8:75:5c:cc:c6:bd:bd:
59:16:1d:19:2e:b7:66:43:8b:e6:cf:b3:da:fb:27:
71:e3:12:a0:cc:62:75:ad:eb:ce:af:e9:e7:6a:10:
c7:96:f9:26:dc:c2:40:cb:ab:17:99:9f:42:f4:3d:
41:9b:c6:1a:57:c5:93:a4:5a:29:82:b2:31:db:73:
cc:ee:46:bb:29:c8:a8:24:b4:e7:06:50:ca:41:ca:
1f:60:3a:74:f6:d2:47:9b:23:fb:70:96:30:c8:5f:
a5:ee:61:5a:28:42:97:ff:6b:7d:00:3f:98:1f:39:
1e:dc:d9:d2:35:1f:1c:1a:aa:c1:a6:58:55:f7:9e:
60:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E6:C2:69:2D:32:45:CD:6A:2E:B2:3A:52:54:EA:69:35:6E:F8:57
X509v3 Authority Key Identifier:
keyid:BD:85:33:BC:89:6A:55:C6:C8:C3:FA:DE:FA:57:87:31:0C:5F:34:0E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CCETECH/vYUzvIlqVcbIw_re-leHMQxfNA4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/vYUzvIlqVcbIw_re-leHMQxfNA4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CCETECH/g-bCaS0yRc1qLrI6UlTqaTVu-Fc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:af20::/32
Signature Algorithm: sha256WithRSAEncryption
c1:17:93:3c:a6:51:10:72:fc:6b:1f:14:f6:5a:b6:25:71:d7:
8f:37:2c:a4:bf:67:47:ec:69:00:f8:69:cb:32:b2:ef:be:2f:
03:7d:dd:9f:b4:45:b9:e9:9e:3c:78:bd:1e:e2:af:4e:6d:6d:
90:8f:70:db:a6:69:36:ef:b9:3b:c9:ba:d0:0f:34:2a:e9:9c:
23:7a:4a:a1:84:fa:d0:95:99:83:a8:23:e5:0b:b1:18:c0:92:
2f:1b:fe:05:a5:48:e1:21:60:a2:d4:06:51:80:72:5f:f5:9c:
72:bf:16:da:0a:12:a3:fd:36:95:b2:00:57:a6:17:62:78:1b:
db:57:7c:c2:a2:43:e5:c5:7f:db:72:80:01:d5:6e:0b:27:e1:
64:34:35:14:fd:50:1b:5b:07:84:99:19:79:4b:4f:ff:2d:eb:
3c:c8:20:03:1f:c3:a8:ca:1b:b1:84:7c:52:e1:57:3b:dd:2a:
62:b2:be:c1:9b:a9:93:6d:35:b5:66:82:6b:93:c7:b9:a8:fc:
31:68:2f:d9:74:b9:5e:29:7d:db:3f:25:b6:e8:17:0c:4f:12:
ef:d9:5d:23:30:f5:c0:29:1d:41:28:ef:e4:10:3d:65:e3:2c:
b3:02:a8:83:cc:06:0d:9a:17:6b:fa:db:bf:9b:a4:29:6d:8b:
7d:91:0f:30
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICBH0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkQ4
NTMzQkM4OTZBNTVDNkM4QzNGQURFRkE1Nzg3MzEwQzVGMzQwRTAeFw0yNTAyMTAx
MzU3NDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDgzRTZDMjY5MkQzMjQ1
Q0Q2QTJFQjIzQTUyNTRFQTY5MzU2RUY4NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDKy22EWskQD8Nqj8Ft0a30CxvPVFa6FGWYLVuxx9J+NoFYpxC
HORMLXczNhKbw2GPJJtt1lab4L0UOgWugnbQTLrVqbmwQX5Iujak1qcwJ+RfIGxz
4dBCd4lRKgbwlGWA+w1+tIYxAKcK3iKnMQByqZYhjRSOL3L2tF1bi3IiqHVczMa9
vVkWHRkut2ZDi+bPs9r7J3HjEqDMYnWt686v6edqEMeW+SbcwkDLqxeZn0L0PUGb
xhpXxZOkWimCsjHbc8zuRrspyKgktOcGUMpByh9gOnT20kebI/twljDIX6XuYVoo
Qpf/a30AP5gfOR7c2dI1HxwaqsGmWFX3nmALAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUg+bCaS0yRc1qLrI6UlTqaTVu+FcwHwYDVR0jBBgwFoAUvYUzvIlqVcbIw/re
+leHMQxfNA4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0NFVEVD
SC92WVV6dklscVZjYkl3X3JlLWxlSE1ReGZOQTQuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3ZZVXp2SWxxVmNiSXdfcmUtbGVITVF4Zk5BNC5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NDRVRFQ0gvZy1iQ2FTMHlSYzFxTHJJ
NlVsVHFhVFZ1LUZjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACQBryAwDQYJKoZIhvcNAQELBQADggEBAMEXkzymURBy/GsfFPZatiVx1483LKS/
Z0fsaQD4acsysu++LwN93Z+0Rbnpnjx4vR7ir05tbZCPcNumaTbvuTvJutAPNCrp
nCN6SqGE+tCVmYOoI+ULsRjAki8b/gWlSOEhYKLUBlGAcl/1nHK/FtoKEqP9NpWy
AFemF2J4G9tXfMKiQ+XFf9tygAHVbgsn4WQ0NRT9UBtbB4SZGXlLT/8t6zzIIAMf
w6jKG7GEfFLhVzvdKmKyvsGbqZNtNbVmgmuTx7mo/DFoL9l0uV4pfds/JbboFwxP
Eu/ZXSMw9cApHUEo7+QQPWXjLLMCqIPMBg2aF2v627+bpClti32RDzA=
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:35:30 2025 by rpki-client