Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/XzBirwJdShBzkUDIIY8mjn8aGLw.roa
File: XzBirwJdShBzkUDIIY8mjn8aGLw.roa (raw, json)
Hash identifier: 480yYWrppp7SbKmCIdnPEWjk02R9l0xhNjAfujnUngM=
Subject key identifier: 5F:30:62:AF:02:5D:4A:10:73:91:40:C8:21:8F:26:8E:7F:1A:18:BC
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 175C
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/XzBirwJdShBzkUDIIY8mjn8aGLw.roa
Signing time: Wed 12 Feb 2025 01:36:37 +0000
ROA not before: Wed 12 Feb 2025 01:36:37 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 220.128.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 07:08:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5980 (0x175c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 12 01:36:37 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5F3062AF025D4A10739140C8218F268E7F1A18BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:65:68:e4:3c:fd:ca:e0:68:a0:8d:8a:1d:bd:
31:92:05:5a:41:dc:82:8b:93:6f:e4:29:40:07:33:
9b:7c:63:97:27:5c:a6:17:fe:8a:3b:50:27:0b:ef:
f3:5d:13:0e:3f:bf:1c:83:2a:49:06:6a:dd:25:86:
14:16:4a:d1:08:83:20:8f:16:f0:e3:f1:1e:0d:29:
71:8b:e4:03:ea:34:df:47:26:c8:6f:ad:83:98:3b:
f0:01:23:ec:19:21:6d:48:de:4c:23:9b:1e:05:20:
f7:6b:99:23:50:6a:aa:2c:66:3c:45:4a:6c:d6:39:
5d:6a:6b:95:a3:12:f7:07:58:a9:f2:4f:d3:b4:c0:
c1:1d:f5:96:5d:54:1f:e8:fb:5a:a8:03:6e:6a:a7:
f3:d5:07:b8:3f:1c:31:87:bf:23:27:c3:f4:7e:70:
30:36:20:ad:ca:82:13:fb:fe:e6:39:5c:7d:c1:0d:
fe:bb:cb:cd:89:c8:22:6d:a1:b5:dd:a0:cb:5d:e7:
38:e5:ed:20:c1:f5:4d:b2:16:a6:ea:82:e9:11:77:
33:d9:95:8c:65:a4:9b:63:7c:26:e5:dc:0d:66:f6:
ec:02:16:33:a3:ed:db:87:37:00:1b:51:54:26:19:
d0:e3:91:49:27:72:a5:bd:ae:a7:c2:53:d3:04:e5:
6a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:30:62:AF:02:5D:4A:10:73:91:40:C8:21:8F:26:8E:7F:1A:18:BC
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/XzBirwJdShBzkUDIIY8mjn8aGLw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.67.0/24
Signature Algorithm: sha256WithRSAEncryption
36:b7:18:ad:1f:9e:12:5f:96:a4:02:7e:5a:4d:b7:60:1d:ff:
eb:86:1e:0f:ff:a8:93:76:a8:c0:59:6b:85:98:08:d9:93:f9:
cd:f4:fa:b4:2f:b9:73:17:e6:89:37:a4:d6:65:de:20:86:1a:
6f:06:1b:c8:ec:02:04:e1:29:8b:63:50:82:1e:33:8a:1e:cc:
22:ba:d9:38:23:9e:9a:60:6d:86:a2:f6:c7:cb:78:5d:51:75:
1f:5f:d7:68:fa:33:70:a3:17:e5:4c:94:d0:68:c3:18:97:5c:
18:c2:37:ba:02:6d:bd:d2:54:52:58:24:99:7b:45:ba:d2:a3:
1a:7a:cb:47:d5:7a:ee:f1:a5:88:6a:a1:6b:76:96:24:ab:6f:
18:94:13:97:b3:24:27:1b:3c:07:7a:2e:a3:d6:c9:b5:31:a0:
eb:62:b9:ce:6f:60:68:6b:bc:91:34:7a:22:62:61:3d:1c:a4:
35:e2:55:d8:6f:9b:db:21:6f:4a:0d:4f:14:e3:2b:76:eb:d8:
31:62:05:67:a5:ba:5b:23:54:54:55:00:81:7c:0e:4c:61:f7:
88:95:4f:84:cf:77:89:4a:3a:4c:36:d5:9b:b0:7a:12:92:0a:
a3:5f:27:ad:7f:26:2b:1a:fd:c8:72:f3:be:b0:a0:e4:d0:4f:
97:85:12:df
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICF1wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw
MTM2MzdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVGMzA2MkFGMDI1RDRB
MTA3MzkxNDBDODIxOEYyNjhFN0YxQTE4QkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfZWjkPP3K4GigjYodvTGSBVpB3IKLk2/kKUAHM5t8Y5cnXKYX
/oo7UCcL7/NdEw4/vxyDKkkGat0lhhQWStEIgyCPFvDj8R4NKXGL5APqNN9HJshv
rYOYO/ABI+wZIW1I3kwjmx4FIPdrmSNQaqosZjxFSmzWOV1qa5WjEvcHWKnyT9O0
wMEd9ZZdVB/o+1qoA25qp/PVB7g/HDGHvyMnw/R+cDA2IK3KghP7/uY5XH3BDf67
y82JyCJtobXdoMtd5zjl7SDB9U2yFqbqgukRdzPZlYxlpJtjfCbl3A1m9uwCFjOj
7duHNwAbUVQmGdDjkUkncqW9rqfCU9ME5WqvAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUXzBirwJdShBzkUDIIY8mjn8aGLwwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9YekJpcndKZFNoQnprVURJSVk4
bWpuOGFHTHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IBD
MA0GCSqGSIb3DQEBCwUAA4IBAQA2txitH54SX5akAn5aTbdgHf/rhh4P/6iTdqjA
WWuFmAjZk/nN9Pq0L7lzF+aJN6TWZd4ghhpvBhvI7AIE4SmLY1CCHjOKHswiutk4
I56aYG2GovbHy3hdUXUfX9do+jNwoxflTJTQaMMYl1wYwje6Am290lRSWCSZe0W6
0qMaestH1Xru8aWIaqFrdpYkq28YlBOXsyQnGzwHei6j1sm1MaDrYrnOb2Boa7yR
NHoiYmE9HKQ14lXYb5vbIW9KDU8U4yt269gxYgVnpbpbI1RUVQCBfA5MYfeIlU+E
z3eJSjpMNtWbsHoSkgqjXyetfyYrGv3IcvO+sKDk0E+XhRLf
-----END CERTIFICATE-----
Generated at Mon Apr 14 06:22:42 2025 by rpki-client