Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HONGDA/earjNJ22xSAf0h3LLM7zM53oSu4.roa
File: earjNJ22xSAf0h3LLM7zM53oSu4.roa (raw, json)
Hash identifier: FkFFZspIIy4AomQwl+A1qCP3G6CllbRW2n8EML6mOBY=
Subject key identifier: 79:AA:E3:34:9D:B6:C5:20:1F:D2:1D:CB:2C:CE:F3:33:9D:E8:4A:EE
Certificate issuer: /CN=257DB7B9919975697366B7014F8CFE28EF364E73
Certificate serial: 07A2
Authority key identifier: 25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/earjNJ22xSAf0h3LLM7zM53oSu4.roa
Signing time: Mon 10 Feb 2025 13:44:37 +0000
ROA not before: Mon 10 Feb 2025 13:44:37 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131657
IP address blocks: 2406:48c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 26 Apr 2025 07:49:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1954 (0x7a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=257DB7B9919975697366B7014F8CFE28EF364E73
Validity
Not Before: Feb 10 13:44:37 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=79AAE3349DB6C5201FD21DCB2CCEF3339DE84AEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cf:30:87:68:64:89:5f:be:f7:4d:8a:8b:d3:
e9:7b:46:5c:20:a3:c7:0c:cf:7c:82:c7:5b:3b:39:
a1:28:96:d8:60:f6:73:0d:ea:f2:ee:fc:06:e8:54:
2a:91:a5:28:fd:cb:8f:05:42:c8:2b:50:6c:3d:0f:
78:0d:f3:9d:28:69:6b:32:73:8c:64:e1:20:c6:30:
84:38:bb:cf:74:24:42:cb:35:0b:dc:08:1d:06:61:
41:4a:1f:ba:f1:bd:64:f6:62:21:e0:74:e2:b0:35:
64:39:8f:22:75:55:b7:e8:bb:08:f2:02:3f:0d:ee:
40:1b:84:35:da:39:b6:66:44:2a:c4:00:4c:39:ec:
ed:a5:8b:09:04:fa:97:4a:65:65:4e:66:cd:fd:ec:
85:b1:01:57:9e:d1:ae:c5:d7:fe:15:bb:a6:f9:ad:
94:04:c5:ba:88:a1:12:6e:8e:cb:5c:cd:7e:dc:e9:
77:7d:7a:c8:fe:b1:1a:0f:c1:75:4b:92:6f:72:19:
2f:7f:14:d5:cd:3b:17:fc:1e:64:b4:73:41:19:fa:
ad:64:b8:f5:42:89:89:ed:22:14:02:84:d7:db:05:
ca:37:88:b7:83:e1:17:ff:c1:06:31:1c:7c:94:63:
63:e0:4c:bc:5d:99:9f:fb:f9:47:cb:2b:98:96:c6:
96:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:AA:E3:34:9D:B6:C5:20:1F:D2:1D:CB:2C:CE:F3:33:9D:E8:4A:EE
X509v3 Authority Key Identifier:
keyid:25:7D:B7:B9:91:99:75:69:73:66:B7:01:4F:8C:FE:28:EF:36:4E:73
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/JX23uZGZdWlzZrcBT4z-KO82TnM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JX23uZGZdWlzZrcBT4z-KO82TnM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HONGDA/earjNJ22xSAf0h3LLM7zM53oSu4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:48c0::/48
Signature Algorithm: sha256WithRSAEncryption
65:bd:9e:20:a7:36:9b:06:e8:19:76:e1:d7:10:4c:18:3f:d0:
82:c1:93:7d:2e:30:0a:12:ce:af:97:54:1a:2c:36:14:da:8b:
f4:dc:33:0c:fc:ce:72:cb:bb:17:8f:f0:4b:43:db:13:c2:b8:
bb:fb:50:d0:8c:6e:7a:a1:4b:d6:05:fc:16:86:02:de:a5:bd:
88:14:39:68:f9:5b:b3:ca:43:0e:7c:3f:7b:02:ac:7c:37:06:
f2:a9:3c:ac:9f:6d:95:2f:56:c6:3f:fb:37:e1:27:ec:6d:33:
83:4c:cd:cb:d2:3c:69:1b:c3:03:4d:be:ea:19:5d:26:cc:59:
db:b1:c5:e2:62:8e:a8:cf:26:c1:dc:86:38:93:ca:f7:37:42:
46:19:27:26:e5:ac:68:04:de:69:c0:f8:13:d4:3f:bb:17:db:
a9:b8:4a:1c:66:b5:59:1e:03:d9:9c:d2:8f:77:09:19:5e:f6:
d5:3a:95:58:76:a7:07:35:0b:5f:a7:8d:03:ff:bd:e1:88:b5:
ff:1b:9f:55:11:a8:17:88:96:1b:e6:06:40:11:46:48:72:67:
d6:10:40:36:2c:6d:0b:6f:11:17:e4:4a:41:a7:fb:9c:9f:7c:
e4:b9:86:d6:21:6c:ba:a4:c1:69:00:08:19:c9:f3:5a:12:a2:
3d:66:e8:7e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICB6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjU3
REI3Qjk5MTk5NzU2OTczNjZCNzAxNEY4Q0ZFMjhFRjM2NEU3MzAeFw0yNTAyMTAx
MzQ0MzdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc5QUFFMzM0OURCNkM1
MjAxRkQyMURDQjJDQ0VGMzMzOURFODRBRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRzzCHaGSJX773TYqL0+l7Rlwgo8cMz3yCx1s7OaEolthg9nMN
6vLu/AboVCqRpSj9y48FQsgrUGw9D3gN850oaWsyc4xk4SDGMIQ4u890JELLNQvc
CB0GYUFKH7rxvWT2YiHgdOKwNWQ5jyJ1VbfouwjyAj8N7kAbhDXaObZmRCrEAEw5
7O2liwkE+pdKZWVOZs397IWxAVee0a7F1/4Vu6b5rZQExbqIoRJujstczX7c6Xd9
esj+sRoPwXVLkm9yGS9/FNXNOxf8HmS0c0EZ+q1kuPVCiYntIhQChNfbBco3iLeD
4Rf/wQYxHHyUY2PgTLxdmZ/7+UfLK5iWxpYNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUearjNJ22xSAf0h3LLM7zM53oSu4wHwYDVR0jBBgwFoAUJX23uZGZdWlzZrcB
T4z+KO82TnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RB
L0pYMjN1WkdaZFdselpyY0JUNHotS084MlRuTS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvSlgyM3VaR1pkV2x6WnJjQlQ0ei1LTzgyVG5NLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9OR0RBL2VhcmpOSjIyeFNBZjBoM0xM
TTd6TTUzb1N1NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk
BkjAAAAwDQYJKoZIhvcNAQELBQADggEBAGW9niCnNpsG6Bl24dcQTBg/0ILBk30u
MAoSzq+XVBosNhTai/TcMwz8znLLuxeP8EtD2xPCuLv7UNCMbnqhS9YF/BaGAt6l
vYgUOWj5W7PKQw58P3sCrHw3BvKpPKyfbZUvVsY/+zfhJ+xtM4NMzcvSPGkbwwNN
vuoZXSbMWduxxeJijqjPJsHchjiTyvc3QkYZJyblrGgE3mnA+BPUP7sX26m4Shxm
tVkeA9mc0o93CRle9tU6lVh2pwc1C1+njQP/veGItf8bn1URqBeIlhvmBkARRkhy
Z9YQQDYsbQtvERfkSkGn+5yffOS5htYhbLqkwWkACBnJ81oSoj1m6H4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:30:14 2025 by rpki-client