Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/3u-kwYKTCI_XjoHvpEnuP1uD4gU.roa
File: 3u-kwYKTCI_XjoHvpEnuP1uD4gU.roa (raw, json)
Hash identifier: aXVbrvngr6DUTBdN1gxQ0orLdpgLCQdBwJu7mqqTAQI=
Subject key identifier: DE:EF:A4:C1:82:93:08:8F:D7:8E:81:EF:A4:49:EE:3F:5B:83:E2:05
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0E0A
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/3u-kwYKTCI_XjoHvpEnuP1uD4gU.roa
Signing time: Mon 10 Feb 2025 13:59:22 +0000
ROA not before: Mon 10 Feb 2025 13:59:22 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 211.78.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3594 (0xe0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Feb 10 13:59:22 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DEEFA4C18293088FD78E81EFA449EE3F5B83E205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:02:da:46:d4:97:65:54:fc:3e:14:6f:53:c7:
de:9a:1f:d2:e5:e8:9f:5e:6c:8b:74:87:bb:c7:3b:
23:c9:48:d5:37:b7:96:5d:3c:2c:f2:a7:62:67:3e:
fb:79:7c:22:f6:18:f8:0c:a2:62:f6:e7:8f:59:1f:
3f:fb:2d:e3:04:6e:70:75:e6:f0:54:11:ca:4c:78:
47:f2:40:ec:37:08:40:86:bc:86:17:ce:50:0d:02:
c3:bc:33:f4:49:c3:dc:a2:ed:6a:70:fa:65:08:87:
0f:2b:bb:02:27:30:b3:aa:fb:41:59:b0:76:68:de:
44:a8:55:e0:4f:41:81:08:8b:97:48:62:5c:39:1f:
c5:95:2f:27:39:5b:dc:cc:9e:50:09:c6:30:42:c4:
d7:d7:00:3c:fe:74:7b:6c:78:50:47:af:fb:7d:49:
e6:6e:9f:d4:ee:72:85:07:0a:4c:08:14:d9:75:a4:
74:54:43:17:71:b2:4a:af:ab:b1:1c:b3:fe:a5:41:
f6:00:67:80:d0:40:ab:7e:1f:10:d9:4b:eb:6c:33:
d6:25:4b:e4:e3:3f:77:4a:c7:f7:8b:1e:7b:2a:ae:
9e:b6:b8:53:60:43:54:e7:0b:3d:00:11:47:07:a9:
eb:94:bf:4e:5b:a6:10:64:05:5b:3d:c9:a1:0b:09:
b1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:EF:A4:C1:82:93:08:8F:D7:8E:81:EF:A4:49:EE:3F:5B:83:E2:05
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/3u-kwYKTCI_XjoHvpEnuP1uD4gU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.78.4.0/22
Signature Algorithm: sha256WithRSAEncryption
28:b4:08:a6:bc:ff:1f:aa:a7:09:4a:18:93:e6:61:ee:c3:61:
eb:db:e0:43:4c:20:20:91:47:27:b7:95:b0:03:83:ec:7f:d4:
2a:1a:84:7f:88:7f:8a:a9:76:f2:86:6b:21:ef:cc:c8:4c:a8:
08:51:7f:38:dc:83:6d:30:09:5f:6d:6a:1d:3f:00:bb:3a:45:
b2:e0:70:b9:af:2f:d5:b2:95:c3:19:bb:ac:d9:d8:29:4e:62:
ee:a9:fe:2e:89:45:7d:00:ec:cc:9e:86:9a:a2:b0:71:49:a8:
09:67:37:25:65:ce:a7:89:c9:ab:15:99:17:cc:19:70:f5:48:
0d:b3:93:84:10:c8:9b:b3:ec:f2:14:bf:5f:72:22:b0:6d:69:
59:52:bc:e5:ba:15:6e:83:de:27:3e:cb:43:53:67:0d:3c:47:
5c:a1:93:14:84:08:91:1b:b5:f5:ce:ac:69:56:21:d2:19:63:
20:82:04:78:42:db:58:bb:ff:b0:24:1c:5b:59:bb:75:04:29:
34:d5:63:c1:54:67:f9:20:c6:35:53:61:46:e6:a6:b1:94:6f:
b1:c4:ed:e5:f2:09:27:fe:f3:83:e2:7a:01:e9:c7:36:b7:ce:
19:d5:59:81:17:83:40:b9:bc:5c:6c:70:97:1b:dc:a9:57:f9:
d0:5b:98:7c
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDgowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTAyMTAx
MzU5MjJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERFRUZBNEMxODI5MzA4
OEZENzhFODFFRkE0NDlFRTNGNUI4M0UyMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXAtpG1JdlVPw+FG9Tx96aH9Ll6J9ebIt0h7vHOyPJSNU3t5Zd
PCzyp2JnPvt5fCL2GPgMomL2549ZHz/7LeMEbnB15vBUEcpMeEfyQOw3CECGvIYX
zlANAsO8M/RJw9yi7Wpw+mUIhw8ruwInMLOq+0FZsHZo3kSoVeBPQYEIi5dIYlw5
H8WVLyc5W9zMnlAJxjBCxNfXADz+dHtseFBHr/t9SeZun9TucoUHCkwIFNl1pHRU
Qxdxskqvq7Ecs/6lQfYAZ4DQQKt+HxDZS+tsM9YlS+TjP3dKx/eLHnsqrp62uFNg
Q1TnCz0AEUcHqeuUv05bphBkBVs9yaELCbGRAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU3u+kwYKTCI/XjoHvpEnuP1uD4gUwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dULzN1LWt3WUtUQ0lfWGpvSHZwRW51UDF1
RDRnVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALTTgQwDQYJ
KoZIhvcNAQELBQADggEBACi0CKa8/x+qpwlKGJPmYe7DYevb4ENMICCRRye3lbAD
g+x/1CoahH+If4qpdvKGayHvzMhMqAhRfzjcg20wCV9tah0/ALs6RbLgcLmvL9Wy
lcMZu6zZ2ClOYu6p/i6JRX0A7MyehpqisHFJqAlnNyVlzqeJyasVmRfMGXD1SA2z
k4QQyJuz7PIUv19yIrBtaVlSvOW6FW6D3ic+y0NTZw08R1yhkxSECJEbtfXOrGlW
IdIZYyCCBHhC21i7/7AkHFtZu3UEKTTVY8FUZ/kgxjVTYUbmprGUb7HE7eXyCSf+
84PiegHpxza3zhnVWYEXg0C5vFxscJcb3KlX+dBbmHw=
-----END CERTIFICATE-----
Generated at Tue Apr 15 00:00:47 2025 by rpki-client