Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/RXv2Opz9lONF_aZxHht4ynFSbkA.roa
File: RXv2Opz9lONF_aZxHht4ynFSbkA.roa (raw, json)
Hash identifier: u08WFMJOA++bDyxznnI3gi7+CoIvPJ1bvOW4DiaX2Rs=
Subject key identifier: 45:7B:F6:3A:9C:FD:94:E3:45:FD:A6:71:1E:1B:78:CA:71:52:6E:40
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 1291
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/RXv2Opz9lONF_aZxHht4ynFSbkA.roa
Signing time: Mon 10 Feb 2025 14:15:00 +0000
ROA not before: Mon 10 Feb 2025 14:15:00 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17408
IP address blocks: 150.116.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 11:38:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4753 (0x1291)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 10 14:15:00 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=457BF63A9CFD94E345FDA6711E1B78CA71526E40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b3:ea:ae:72:66:73:6c:50:25:a8:94:46:dc:
4d:c6:91:2a:05:34:b1:7b:a7:c6:29:5d:67:4d:e6:
ff:d2:53:55:14:69:92:27:b2:5d:da:2d:0b:89:01:
58:68:14:55:a5:47:3f:24:19:ee:0f:20:e6:d0:da:
b5:76:7d:95:ba:db:bb:2a:de:fa:eb:5e:51:28:82:
cb:e2:f9:c5:48:50:06:c1:1c:5b:37:e8:d7:ae:94:
13:1a:e4:8c:76:75:fe:4f:dd:6d:47:64:60:cd:31:
ea:1e:9d:08:19:a0:f7:33:ec:e7:14:7d:1f:ab:80:
5f:87:1b:36:f6:e2:78:7d:1f:2f:ae:4b:2c:67:d1:
b3:93:d4:54:d5:e3:af:77:06:ac:6a:ff:76:17:09:
7d:a8:e2:80:fe:97:fa:fc:eb:77:d7:6c:5b:58:78:
e1:bd:7a:a9:4a:37:d0:54:2d:34:88:23:ab:d2:2e:
a0:5c:b2:28:2e:03:c7:20:da:d4:4b:31:f1:f8:27:
0c:31:c5:88:26:85:83:8a:3f:22:70:c0:4b:aa:dd:
58:07:c0:80:d6:d8:be:19:b2:cb:33:50:16:ae:42:
53:ba:a3:98:f8:02:0b:87:a9:7b:12:0f:89:48:b2:
f8:55:48:bc:74:e5:57:0b:86:43:20:56:a5:04:2f:
ca:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:7B:F6:3A:9C:FD:94:E3:45:FD:A6:71:1E:1B:78:CA:71:52:6E:40
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/RXv2Opz9lONF_aZxHht4ynFSbkA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.239.0/24
Signature Algorithm: sha256WithRSAEncryption
86:84:58:16:45:1d:64:2a:d4:a6:a2:da:65:1f:cf:78:66:f8:
fb:54:2d:93:f5:d0:55:61:4a:a4:84:32:6d:79:b3:e5:b8:9e:
0d:0b:f1:96:88:81:9b:d9:72:99:4a:fd:36:98:37:ac:0e:6d:
5b:0d:76:c6:32:6e:e5:dd:1e:65:7d:6d:ab:ad:89:3c:1c:29:
ff:34:33:42:2e:47:e7:b9:24:92:e8:4a:90:86:02:06:d7:a9:
cb:40:3c:14:9f:37:51:ed:43:0a:56:2b:55:c6:dc:be:22:95:
82:82:67:6d:c2:c3:c3:81:44:12:6b:e1:39:27:55:0a:da:70:
66:32:6c:e6:76:d1:1f:5b:bb:87:be:e1:bb:4c:a1:c9:6a:b9:
f1:a9:44:44:67:54:eb:24:c5:40:3b:8d:b3:d1:33:4b:99:84:
dd:e7:62:26:b9:a1:d4:09:4a:0f:d1:88:b6:a7:2b:ac:bc:8f:
a1:54:9e:c2:21:5a:3a:6d:89:83:08:6a:fc:9f:1a:f4:83:19:
21:0c:23:87:4f:f0:48:35:cf:96:5a:c1:da:cf:71:7b:24:f4:
cc:8b:04:4c:a1:4b:a2:97:7d:ee:74:48:09:73:02:98:c8:a4:
d3:29:5c:29:bb:72:15:47:3d:c7:a6:02:56:3b:b5:6d:de:fe:
b5:5e:92:38
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEpEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx
NDE1MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ1N0JGNjNBOUNGRDk0
RTM0NUZEQTY3MTFFMUI3OENBNzE1MjZFNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVs+qucmZzbFAlqJRG3E3GkSoFNLF7p8YpXWdN5v/SU1UUaZIn
sl3aLQuJAVhoFFWlRz8kGe4PIObQ2rV2fZW627sq3vrrXlEogsvi+cVIUAbBHFs3
6NeulBMa5Ix2df5P3W1HZGDNMeoenQgZoPcz7OcUfR+rgF+HGzb24nh9Hy+uSyxn
0bOT1FTV4693Bqxq/3YXCX2o4oD+l/r863fXbFtYeOG9eqlKN9BULTSII6vSLqBc
siguA8cg2tRLMfH4JwwxxYgmhYOKPyJwwEuq3VgHwIDW2L4ZssszUBauQlO6o5j4
AguHqXsSD4lIsvhVSLx05VcLhkMgVqUEL8r1AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQURXv2Opz9lONF/aZxHht4ynFSbkAwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9SWHYyT3B6OWxPTkZf
YVp4SGh0NHluRlNia0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAlnTvMA0GCSqGSIb3DQEBCwUAA4IBAQCGhFgWRR1kKtSmotplH894Zvj7VC2T
9dBVYUqkhDJtebPluJ4NC/GWiIGb2XKZSv02mDesDm1bDXbGMm7l3R5lfW2rrYk8
HCn/NDNCLkfnuSSS6EqQhgIG16nLQDwUnzdR7UMKVitVxty+IpWCgmdtwsPDgUQS
a+E5J1UK2nBmMmzmdtEfW7uHvuG7TKHJarnxqUREZ1TrJMVAO42z0TNLmYTd52Im
uaHUCUoP0Yi2pyusvI+hVJ7CIVo6bYmDCGr8nxr0gxkhDCOHT/BINc+WWsHaz3F7
JPTMiwRMoUuil33udEgJcwKYyKTTKVwpu3IVRz3HpgJWO7Vt3v61XpI4
-----END CERTIFICATE-----
Generated at Mon Apr 14 09:09:41 2025 by rpki-client