Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/qECAy54eDTKPCedm62jftkWGpUM.roa
File: qECAy54eDTKPCedm62jftkWGpUM.roa (raw, json)
Hash identifier: 8A5nPVSm3NI12S6ILFB+ZNb/z3CTpDeRyd/BnHTYKpY=
Subject key identifier: A8:40:80:CB:9E:1E:0D:32:8F:09:E7:66:EB:68:DF:B6:45:86:A5:43
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 10BE
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/qECAy54eDTKPCedm62jftkWGpUM.roa
Signing time: Mon 10 Feb 2025 13:56:28 +0000
ROA not before: Mon 10 Feb 2025 13:56:28 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18046
IP address blocks: 119.15.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 02:38:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4286 (0x10be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 10 13:56:28 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A84080CB9E1E0D328F09E766EB68DFB64586A543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b4:f0:5b:a5:ef:94:77:5e:b8:f7:eb:6b:e6:
94:08:d0:75:76:b8:e2:b8:ec:6e:cc:2b:ee:a3:78:
0b:3e:66:02:e5:72:ff:79:3b:f7:f6:a2:eb:f4:c1:
22:08:f0:fd:90:f9:8c:39:b9:b7:79:fa:e7:4d:19:
75:bf:5b:c8:79:9f:f1:dc:ea:a5:9c:99:50:88:ab:
b7:60:04:6c:d2:c9:c6:f9:de:aa:24:21:7e:36:f9:
cb:69:42:d0:d7:0e:99:16:1a:87:ea:fb:4d:07:cc:
bc:d9:af:11:9b:99:40:14:8d:0b:cc:b8:fa:36:e3:
68:6f:6b:50:09:b4:c3:0a:75:5f:59:d7:6f:3b:86:
d7:89:13:84:34:5f:ba:72:b4:70:95:65:5c:f0:57:
b5:7c:c5:42:b4:6d:9b:84:1e:f9:77:2f:c8:63:e0:
b6:ab:8a:c7:e2:df:72:bd:91:21:71:d3:4a:9c:4c:
f5:97:89:d1:e6:73:92:01:b7:f6:09:2a:d8:82:b1:
59:8f:c5:5c:c8:9b:50:05:9b:e5:4b:29:cf:96:07:
71:df:22:b2:f5:3a:5b:b6:59:ec:b7:5f:b5:64:e3:
64:e9:8f:1f:d7:54:cf:21:e8:5b:a7:ad:60:1d:8b:
a5:3d:aa:d0:d3:ad:83:42:45:0a:1b:73:35:60:32:
a9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:40:80:CB:9E:1E:0D:32:8F:09:E7:66:EB:68:DF:B6:45:86:A5:43
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/qECAy54eDTKPCedm62jftkWGpUM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.15.192.0/18
Signature Algorithm: sha256WithRSAEncryption
a2:de:3b:9a:f6:47:d2:34:0e:36:44:4d:5a:03:05:4e:aa:3e:
26:0b:36:76:10:15:e7:a4:3f:d4:38:9a:b1:4b:f8:f9:05:e2:
52:f3:e1:97:00:99:fd:d3:1b:a9:ac:5a:d1:b7:01:83:42:7b:
f2:82:cd:77:e9:06:2a:d5:85:d5:fd:6f:2f:4e:53:10:d5:93:
09:77:e4:31:f7:5e:80:ac:02:62:67:ec:f4:a1:7b:7a:f5:a1:
0f:2a:8e:bf:5a:bc:88:b7:96:f9:06:cc:6d:4c:ac:79:2e:cd:
a5:d5:9d:2c:6c:c5:6c:80:08:5e:6a:13:cb:96:7d:1b:93:36:
65:16:bb:cf:ba:53:e6:1c:5c:60:c4:9f:e8:89:88:0d:2b:c8:
3f:31:a5:56:6b:9e:5e:1d:56:cf:e5:26:ce:2e:14:af:02:53:
65:5a:6a:72:ff:b5:9f:45:f5:c2:43:2c:a3:90:9b:66:48:04:
dc:18:ff:28:19:53:b5:e2:7f:be:21:4f:70:5e:cf:38:31:ea:
fd:17:4a:4a:b2:8d:ba:ae:2e:22:2d:ea:7f:5b:dc:58:e9:89:
f0:ec:6e:52:2a:12:a4:87:10:2b:41:29:dc:b6:14:85:fc:19:
83:fb:45:24:ac:7b:f0:d3:f5:f5:27:c9:95:09:e9:49:ae:e3:
82:a8:bb:b0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEL4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx
MzU2MjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE4NDA4MENCOUUxRTBE
MzI4RjA5RTc2NkVCNjhERkI2NDU4NkE1NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvtPBbpe+Ud1649+tr5pQI0HV2uOK47G7MK+6jeAs+ZgLlcv95
O/f2ouv0wSII8P2Q+Yw5ubd5+udNGXW/W8h5n/Hc6qWcmVCIq7dgBGzSycb53qok
IX42+ctpQtDXDpkWGofq+00HzLzZrxGbmUAUjQvMuPo242hva1AJtMMKdV9Z1287
hteJE4Q0X7pytHCVZVzwV7V8xUK0bZuEHvl3L8hj4Larisfi33K9kSFx00qcTPWX
idHmc5IBt/YJKtiCsVmPxVzIm1AFm+VLKc+WB3HfIrL1Olu2Wey3X7Vk42Tpjx/X
VM8h6FunrWAdi6U9qtDTrYNCRQobczVgMqnPAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUqECAy54eDTKPCedm62jftkWGpUMwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvcUVDQXk1NGVEVEtQQ2VkbTYyamZ0
a1dHcFVNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBncPwDAN
BgkqhkiG9w0BAQsFAAOCAQEAot47mvZH0jQONkRNWgMFTqo+Jgs2dhAV56Q/1Dia
sUv4+QXiUvPhlwCZ/dMbqaxa0bcBg0J78oLNd+kGKtWF1f1vL05TENWTCXfkMfde
gKwCYmfs9KF7evWhDyqOv1q8iLeW+QbMbUyseS7NpdWdLGzFbIAIXmoTy5Z9G5M2
ZRa7z7pT5hxcYMSf6ImIDSvIPzGlVmueXh1Wz+Umzi4UrwJTZVpqcv+1n0X1wkMs
o5CbZkgE3Bj/KBlTteJ/viFPcF7PODHq/RdKSrKNuq4uIi3qf1vcWOmJ8OxuUioS
pIcQK0Ep3LYUhfwZg/tFJKx78NP19SfJlQnpSa7jgqi7sA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 01:36:11 2025 by rpki-client