Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/_0flNW0He9xVJnY42yk5iUl1hU4.roa
File: _0flNW0He9xVJnY42yk5iUl1hU4.roa (raw, json)
Hash identifier: KzoVtGJLPVqK7bEQrvg0y8et2bcAiNdRXgsBe4bUp9U=
Subject key identifier: FF:47:E5:35:6D:07:7B:DC:55:26:76:38:DB:29:39:89:49:75:85:4E
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11CF
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/_0flNW0He9xVJnY42yk5iUl1hU4.roa
Signing time: Mon 10 Feb 2025 14:27:46 +0000
ROA not before: Mon 10 Feb 2025 14:27:46 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 16625
IP address blocks: 210.203.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4559 (0x11cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:46 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=FF47E5356D077BDC55267638DB2939894975854E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:26:0e:dd:7b:2c:97:ba:cc:e9:0b:fd:0c:b7:
21:fa:84:15:19:6b:ca:96:58:81:3d:b2:2c:d3:e9:
2a:38:7e:a3:3e:46:5f:c4:a9:fe:a9:9c:77:b0:50:
55:02:45:1a:a1:16:64:00:91:7e:52:90:45:cd:72:
d7:5e:4a:01:e3:41:eb:d6:83:fa:dd:e1:ce:d0:53:
b8:c5:16:7f:25:60:05:f8:fc:1c:59:6e:7a:b3:3d:
8c:00:93:6a:39:aa:80:b2:55:e9:be:cf:7e:c9:b8:
01:48:9d:9b:b3:0e:de:9a:c7:5e:b7:26:13:19:18:
2c:49:9e:9b:2a:06:21:1c:8d:78:42:74:45:4c:05:
26:eb:a3:3c:3b:82:52:6f:e8:94:c5:c3:fd:81:60:
ae:8f:ea:1c:84:00:72:b7:49:11:13:a7:91:84:53:
c4:03:15:90:99:14:c4:cf:12:c4:23:41:fa:d8:3c:
d5:32:d7:96:c0:21:36:a1:5b:56:7b:b8:64:75:08:
45:02:60:20:60:3d:ff:24:9c:8a:43:d4:97:7f:8e:
10:49:d9:19:5f:f5:3d:0a:d9:6d:eb:d7:d8:a6:65:
b6:62:ee:bf:1f:fa:a8:ed:c2:1a:c0:29:ab:62:d2:
2b:62:8d:7c:84:eb:64:5f:4f:28:dd:86:fc:64:e8:
2d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:47:E5:35:6D:07:7B:DC:55:26:76:38:DB:29:39:89:49:75:85:4E
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/_0flNW0He9xVJnY42yk5iUl1hU4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.8.0/21
Signature Algorithm: sha256WithRSAEncryption
a1:87:e7:47:6d:6d:55:a5:aa:00:62:05:bb:65:e6:1f:3c:e4:
79:9c:bb:44:13:cb:de:82:97:c7:ec:77:5d:24:9b:90:67:ff:
55:7e:6d:c8:7c:8b:12:f9:29:f2:43:37:49:ad:bd:79:ef:4c:
b7:90:80:b0:af:ee:7a:4f:1b:ef:d8:a3:ed:62:c8:5c:78:93:
bd:ad:ac:c2:74:76:b8:b7:ce:50:83:c5:4a:91:5b:3a:de:15:
1e:48:a1:0c:74:dd:43:cf:76:8c:e6:97:fc:15:19:a4:0c:24:
fb:86:05:be:3e:e1:a2:4a:2c:7b:30:1f:97:54:2e:a2:07:a6:
30:d4:f6:51:86:15:91:3f:16:0a:9c:46:77:85:99:2c:ed:f8:
08:73:b3:ed:82:c3:b0:a6:c2:1b:24:2d:c4:e3:01:d5:d5:d4:
0d:05:ce:8e:45:f3:0a:46:05:2b:99:6d:08:f0:26:dc:34:b6:
f3:f4:38:4c:29:a2:40:13:16:70:3a:75:03:66:ca:0d:20:86:
ab:ea:6c:78:e6:0c:2e:ff:e9:9a:c8:e4:f9:f0:37:50:6b:6f:
9b:3a:ae:62:85:15:d8:11:02:73:e0:62:7c:1a:88:d0:ce:05:
49:73:74:ac:66:86:c4:95:f0:a8:88:b9:2f:7b:d4:6f:b9:a5:
af:c5:84:10
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEc8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3NDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEZGNDdFNTM1NkQwNzdC
REM1NTI2NzYzOERCMjkzOTg5NDk3NTg1NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNJg7deyyXuszpC/0MtyH6hBUZa8qWWIE9sizT6So4fqM+Rl/E
qf6pnHewUFUCRRqhFmQAkX5SkEXNctdeSgHjQevWg/rd4c7QU7jFFn8lYAX4/BxZ
bnqzPYwAk2o5qoCyVem+z37JuAFInZuzDt6ax163JhMZGCxJnpsqBiEcjXhCdEVM
BSbrozw7glJv6JTFw/2BYK6P6hyEAHK3SRETp5GEU8QDFZCZFMTPEsQjQfrYPNUy
15bAITahW1Z7uGR1CEUCYCBgPf8knIpD1Jd/jhBJ2Rlf9T0K2W3r19imZbZi7r8f
+qjtwhrAKati0itijXyE62RfTyjdhvxk6C1VAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU/0flNW0He9xVJnY42yk5iUl1hU4wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL18wZmxOVzBIZTl4VkpuWTQyeWs1aVVs
MWhVNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPSywgwDQYJ
KoZIhvcNAQELBQADggEBAKGH50dtbVWlqgBiBbtl5h885Hmcu0QTy96Cl8fsd10k
m5Bn/1V+bch8ixL5KfJDN0mtvXnvTLeQgLCv7npPG+/Yo+1iyFx4k72trMJ0dri3
zlCDxUqRWzreFR5IoQx03UPPdozml/wVGaQMJPuGBb4+4aJKLHswH5dULqIHpjDU
9lGGFZE/FgqcRneFmSzt+Ahzs+2Cw7CmwhskLcTjAdXV1A0Fzo5F8wpGBSuZbQjw
Jtw0tvP0OEwpokATFnA6dQNmyg0ghqvqbHjmDC7/6ZrI5PnwN1Brb5s6rmKFFdgR
AnPgYnwaiNDOBUlzdKxmhsSV8KiIuS971G+5pa/FhBA=
-----END CERTIFICATE-----
Generated at Tue Apr 15 00:13:35 2025 by rpki-client