Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/YeQHF4zByNUTpl3w8cLy_nerPzw.roa
File: YeQHF4zByNUTpl3w8cLy_nerPzw.roa (raw, json)
Hash identifier: h3QVIG051stgnDdX/6T/I5SXPxGcq0v4qwYfY7OTiPg=
Subject key identifier: 61:E4:07:17:8C:C1:C8:D5:13:A6:5D:F0:F1:C2:F2:FE:77:AB:3F:3C
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 172D
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/YeQHF4zByNUTpl3w8cLy_nerPzw.roa
Signing time: Wed 12 Feb 2025 01:36:28 +0000
ROA not before: Wed 12 Feb 2025 01:36:28 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17421
IP address blocks: 42.64.0.0/12 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 11:38:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5933 (0x172d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 12 01:36:28 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=61E407178CC1C8D513A65DF0F1C2F2FE77AB3F3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:af:33:47:6c:80:01:c9:a8:ad:7c:a1:37:09:
f8:3f:90:ba:ec:d8:e1:5e:26:86:66:5d:3b:7c:79:
98:42:79:5e:e9:63:cc:3e:23:5b:d5:71:e1:f1:33:
bb:31:64:fe:5f:f7:ef:16:2d:b1:e9:1b:e3:09:d2:
da:84:f2:62:43:20:d6:75:c3:e6:45:38:a4:a4:da:
21:cf:3a:40:9c:55:c6:a1:dc:1b:33:32:78:be:51:
fb:46:3d:a4:10:29:f6:c6:90:dd:d5:e1:b0:fd:17:
ab:05:c9:f5:22:ed:db:69:95:dd:c9:48:47:f7:48:
dc:4b:e4:23:6f:77:ff:b0:85:75:0f:35:c9:a7:10:
1c:7a:27:05:af:15:8c:4c:81:6c:d2:b0:f2:40:7d:
92:36:6f:d6:75:42:b4:71:fd:19:8b:74:29:b6:5a:
df:7b:d7:6d:13:6d:1d:7c:13:c2:7e:11:27:a6:c0:
5d:32:56:4f:3f:fc:34:6a:c0:0f:fd:73:b9:f8:1d:
af:2b:75:39:ca:ae:4c:f4:29:ff:f5:1d:6f:da:da:
bf:1d:82:79:69:e2:0b:62:a4:02:d0:58:b1:2f:a5:
fe:2b:a3:b2:00:6f:a7:8a:0a:cc:8e:8e:4f:4f:c2:
d2:57:a7:0f:9f:32:1d:7d:ee:f4:fd:a7:8d:be:97:
f3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:E4:07:17:8C:C1:C8:D5:13:A6:5D:F0:F1:C2:F2:FE:77:AB:3F:3C
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/YeQHF4zByNUTpl3w8cLy_nerPzw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
42.64.0.0/12
Signature Algorithm: sha256WithRSAEncryption
60:9b:6c:93:b6:f1:96:97:2c:10:d6:bd:e0:be:87:8c:0f:08:
65:f7:4a:2e:ca:1b:e7:2a:89:f5:2b:c9:16:23:f7:3e:11:be:
66:59:e6:96:34:c1:be:d3:b3:6a:e4:50:c8:10:7c:95:16:49:
fa:dd:a9:c5:df:d6:50:0a:48:f6:c8:e9:29:4a:5c:da:9f:f4:
9b:f0:b9:3e:62:3d:12:3e:07:45:fc:2d:7d:f9:6a:2f:6a:9e:
ee:d8:ee:aa:77:31:22:56:99:48:1d:13:bf:2c:90:f6:68:59:
35:b9:76:36:d2:ef:1b:90:7a:dd:83:7b:30:4d:77:59:49:4e:
cf:76:47:e4:03:2f:b7:f2:ac:bc:b9:5c:a4:2a:32:61:7c:83:
64:b8:0a:09:14:7b:91:b9:f5:04:a5:85:06:6f:03:a9:c3:a0:
cd:53:7e:da:c8:ec:e0:91:e7:1a:a3:8a:e2:d9:8c:2b:40:38:
3a:b3:3b:96:00:a1:6d:e9:fd:64:3c:29:18:1c:ff:5d:9d:bf:
9b:f4:fe:89:1d:2b:46:ea:6a:41:ab:3c:79:8e:74:84:7c:51:
b8:9a:d8:8a:ec:54:ae:a1:85:0a:1d:7c:8d:92:ff:0c:9a:be:
6a:27:38:a4:69:ba:6b:71:43:70:54:22:45:16:44:34:ba:35:
cb:b3:51:68
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFy0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw
MTM2MjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYxRTQwNzE3OENDMUM4
RDUxM0E2NURGMEYxQzJGMkZFNzdBQjNGM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0rzNHbIAByaitfKE3Cfg/kLrs2OFeJoZmXTt8eZhCeV7pY8w+
I1vVceHxM7sxZP5f9+8WLbHpG+MJ0tqE8mJDINZ1w+ZFOKSk2iHPOkCcVcah3Bsz
Mni+UftGPaQQKfbGkN3V4bD9F6sFyfUi7dtpld3JSEf3SNxL5CNvd/+whXUPNcmn
EBx6JwWvFYxMgWzSsPJAfZI2b9Z1QrRx/RmLdCm2Wt97120TbR18E8J+ESemwF0y
Vk8//DRqwA/9c7n4Ha8rdTnKrkz0Kf/1HW/a2r8dgnlp4gtipALQWLEvpf4ro7IA
b6eKCsyOjk9PwtJXpw+fMh197vT9p42+l/PzAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUYeQHF4zByNUTpl3w8cLy/nerPzwwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9ZZVFIRjR6QnlOVVRwbDN3OGNM
eV9uZXJQencucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMEKkAw
DQYJKoZIhvcNAQELBQADggEBAGCbbJO28ZaXLBDWveC+h4wPCGX3Si7KG+cqifUr
yRYj9z4RvmZZ5pY0wb7Ts2rkUMgQfJUWSfrdqcXf1lAKSPbI6SlKXNqf9JvwuT5i
PRI+B0X8LX35ai9qnu7Y7qp3MSJWmUgdE78skPZoWTW5djbS7xuQet2DezBNd1lJ
Ts92R+QDL7fyrLy5XKQqMmF8g2S4CgkUe5G59QSlhQZvA6nDoM1TftrI7OCR5xqj
iuLZjCtAODqzO5YAoW3p/WQ8KRgc/12dv5v0/okdK0bqakGrPHmOdIR8Ubia2Irs
VK6hhQodfI2S/wyavmonOKRpumtxQ3BUIkUWRDS6NcuzUWg=
-----END CERTIFICATE-----
Generated at Mon Apr 14 08:59:10 2025 by rpki-client