Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/sy-4mMQaY9Nvr4X6jbNkSRzFWlY.roa
File: sy-4mMQaY9Nvr4X6jbNkSRzFWlY.roa (raw, json)
Hash identifier: 2eDUeOMAQdSta/DEQIvUrbWIhkO6zpml8eGYhoOAWks=
Subject key identifier: B3:2F:B8:98:C4:1A:63:D3:6F:AF:85:FA:8D:B3:64:49:1C:C5:5A:56
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1741
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/sy-4mMQaY9Nvr4X6jbNkSRzFWlY.roa
Signing time: Wed 12 Feb 2025 01:36:32 +0000
ROA not before: Wed 12 Feb 2025 01:36:32 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 8068
IP address blocks: 61.220.60.200/29 maxlen: 29
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5953 (0x1741)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 12 01:36:32 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B32FB898C41A63D36FAF85FA8DB364491CC55A56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b5:f4:2a:ff:65:27:7f:6b:72:ba:22:1d:88:
ca:28:8a:24:0d:8a:e4:7d:d4:e8:28:bf:8d:de:c6:
d3:a2:42:3d:bf:10:f1:f7:68:54:e2:39:ca:7b:1e:
b2:f4:6f:5e:2d:a5:52:b8:f0:e5:0e:66:81:e0:88:
84:56:97:05:4c:a4:e9:ad:29:ec:c0:f4:01:1b:2b:
a2:8f:f5:ea:70:d0:3e:f7:81:b4:c9:2c:78:e7:23:
3d:0b:c2:e5:f6:b4:4e:f7:61:54:37:31:e9:33:b9:
b2:0f:ba:4f:cc:67:f6:e1:06:9f:0d:6f:ef:05:c0:
48:e6:4e:c7:71:17:aa:be:64:71:b9:a7:7b:7f:c0:
59:b5:ab:6f:0e:80:d2:16:b8:67:d1:5d:a3:5b:61:
62:be:49:9e:b4:f8:ee:da:6c:81:1a:dd:6e:fc:ca:
d5:7e:da:97:ee:ae:0f:39:0f:f0:9e:5a:5a:df:d2:
82:79:80:86:1f:9f:d4:1b:b1:dc:7a:32:b5:58:3b:
53:90:60:7f:c3:52:b0:87:10:38:52:68:e2:0d:f2:
c9:ba:e1:86:9b:e9:ea:6b:7b:16:89:60:5e:56:5a:
b3:98:6e:c0:5f:48:36:e0:7b:55:4c:58:5e:79:fd:
ea:ab:ad:63:f6:e4:22:78:f4:63:33:36:d6:60:fc:
84:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:2F:B8:98:C4:1A:63:D3:6F:AF:85:FA:8D:B3:64:49:1C:C5:5A:56
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/sy-4mMQaY9Nvr4X6jbNkSRzFWlY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.220.60.200/29
Signature Algorithm: sha256WithRSAEncryption
77:9f:78:18:9b:ef:ea:49:5a:3f:a4:a3:c2:cb:cf:cf:2f:cc:
5e:ab:c1:28:18:37:d5:a7:3d:54:f4:ab:e2:ff:1d:a4:65:11:
61:82:df:db:ca:59:01:99:b4:ca:3d:87:92:83:8d:7a:9a:c6:
ac:b3:ef:ea:11:06:da:c9:41:97:29:9d:d7:6e:9d:5a:02:dc:
78:92:60:90:35:ce:8f:3d:fe:0f:58:ba:b7:0f:fc:03:6b:0d:
e3:02:75:ab:53:1f:c1:84:9b:4e:89:91:45:0b:44:12:a5:22:
0f:cd:f0:9e:4f:ab:61:d9:a4:d5:95:af:32:b8:f8:7b:4e:90:
07:85:c2:d3:d2:40:02:38:5f:df:81:34:6a:66:87:d6:1a:7e:
8a:02:39:3e:ff:04:cd:33:00:8d:8a:2e:a6:64:84:d3:f1:27:
59:a0:5b:2a:27:4c:21:38:93:72:b0:fb:4c:6f:88:f7:08:ae:
fe:01:a9:a1:5a:a8:fa:7b:cb:11:93:69:91:21:93:79:5e:f0:
f7:fb:e8:f6:2e:f3:d8:bb:f2:85:9a:07:a3:7a:9d:3f:d0:92:
8e:e5:b6:33:87:d7:4d:37:1b:72:36:9b:d0:e4:61:be:aa:70:
a3:07:1c:e5:8f:3d:37:28:96:cf:f1:25:39:31:e0:5f:58:80:
c7:eb:3e:fd
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICF0EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw
MTM2MzJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIzMkZCODk4QzQxQTYz
RDM2RkFGODVGQThEQjM2NDQ5MUNDNTVBNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0tfQq/2Unf2tyuiIdiMooiiQNiuR91Ogov43extOiQj2/EPH3
aFTiOcp7HrL0b14tpVK48OUOZoHgiIRWlwVMpOmtKezA9AEbK6KP9epw0D73gbTJ
LHjnIz0LwuX2tE73YVQ3MekzubIPuk/MZ/bhBp8Nb+8FwEjmTsdxF6q+ZHG5p3t/
wFm1q28OgNIWuGfRXaNbYWK+SZ60+O7abIEa3W78ytV+2pfurg85D/CeWlrf0oJ5
gIYfn9Qbsdx6MrVYO1OQYH/DUrCHEDhSaOIN8sm64Yab6eprexaJYF5WWrOYbsBf
SDbge1VMWF55/eqrrWP25CJ49GMzNtZg/ITHAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUsy+4mMQaY9Nvr4X6jbNkSRzFWlYwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9zeS00bU1RYVk5TnZyNFg2amJO
a1NSekZXbFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUDPdw8
yDANBgkqhkiG9w0BAQsFAAOCAQEAd594GJvv6klaP6SjwsvPzy/MXqvBKBg31ac9
VPSr4v8dpGURYYLf28pZAZm0yj2HkoONeprGrLPv6hEG2slBlymd126dWgLceJJg
kDXOjz3+D1i6tw/8A2sN4wJ1q1MfwYSbTomRRQtEEqUiD83wnk+rYdmk1ZWvMrj4
e06QB4XC09JAAjhf34E0amaH1hp+igI5Pv8EzTMAjYoupmSE0/EnWaBbKidMITiT
crD7TG+I9wiu/gGpoVqo+nvLEZNpkSGTeV7w9/vo9i7z2LvyhZoHo3qdP9CSjuW2
M4fXTTcbcjab0ORhvqpwowcc5Y89NyiWz/ElOTHgX1iAx+s+/Q==
-----END CERTIFICATE-----
Generated at Mon Apr 14 21:30:39 2025 by rpki-client