Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCCC/f7wqDeRXGd8HAgEYfy2iYfm9KSc.roa
File: f7wqDeRXGd8HAgEYfy2iYfm9KSc.roa (raw, json)
Hash identifier: oQVbMDysH0EvVArOvRjEggbwIyG/2KOT+sd/earRGWU=
Subject key identifier: 7F:BC:2A:0D:E4:57:19:DF:07:02:01:18:7F:2D:A2:61:F9:BD:29:27
Certificate issuer: /CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE
Certificate serial: FB
Authority key identifier: 07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/f7wqDeRXGd8HAgEYfy2iYfm9KSc.roa
Signing time: Mon 10 Feb 2025 13:45:43 +0000
ROA not before: Mon 10 Feb 2025 13:45:43 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 19551
IP address blocks: 157.20.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/B-NqPSGaivyE-IswVT5jjObCzs4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/B-NqPSGaivyE-IswVT5jjObCzs4.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 26 Apr 2025 21:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 251 (0xfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE
Validity
Not Before: Feb 10 13:45:43 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=7FBC2A0DE45719DF070201187F2DA261F9BD2927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bb:8b:c4:72:44:79:90:f7:29:b6:4f:7c:a8:
a1:bd:55:f3:d0:6b:3e:49:ea:fa:4f:a3:3d:0c:2a:
c5:6e:d2:93:83:e7:12:15:27:fa:e5:f3:28:98:76:
73:6f:72:35:7c:ed:fa:e9:04:08:c4:8b:92:24:1f:
ed:d6:2c:74:21:ea:18:95:13:f5:85:0e:61:69:92:
20:81:8e:b5:7a:01:e0:9e:70:b2:5e:8e:9d:70:44:
31:ef:f2:6e:ab:fc:f8:34:1c:90:66:01:e3:c4:c8:
7d:3d:93:98:b0:e2:d8:eb:63:68:68:80:7a:fd:3d:
11:e7:8a:69:22:c2:e0:ae:8b:a6:27:42:c5:82:a4:
e1:bb:26:9c:d9:ba:2d:b8:ca:ef:dd:01:f2:9d:7c:
b5:a6:47:81:06:96:af:45:fb:15:90:1f:2c:f0:f2:
b3:5f:52:b2:88:87:f1:4e:66:46:9f:4a:2d:c0:df:
9f:3e:84:6d:cd:99:be:c7:1d:22:50:e8:b6:fc:2c:
69:f1:8a:da:e6:06:f6:aa:4e:8b:3b:fd:f8:8e:8b:
6a:5d:d9:ed:fe:79:9d:6a:a0:cc:eb:9c:72:96:76:
1f:9d:e4:f6:74:15:16:9d:76:5a:99:6c:a2:8f:2d:
4a:ee:16:e9:45:2e:5a:d6:21:a9:20:09:70:d3:16:
41:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:BC:2A:0D:E4:57:19:DF:07:02:01:18:7F:2D:A2:61:F9:BD:29:27
X509v3 Authority Key Identifier:
keyid:07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/B-NqPSGaivyE-IswVT5jjObCzs4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/f7wqDeRXGd8HAgEYfy2iYfm9KSc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.107.0/24
Signature Algorithm: sha256WithRSAEncryption
06:5b:19:de:b1:db:b2:e0:83:3b:aa:f4:d4:f8:f6:b1:07:ba:
e0:00:19:b7:1e:61:94:79:c9:76:e6:46:17:8e:b9:a9:89:c4:
26:40:65:bc:69:e1:78:b0:15:f6:60:5d:bc:18:c0:e5:50:b3:
ba:cf:cd:b3:06:4a:b7:7f:37:51:73:7f:1f:3b:9a:75:3f:d8:
90:f9:60:b0:d9:9d:46:8d:fc:de:57:28:95:96:8a:a6:c4:e6:
ce:d8:24:c6:40:14:94:77:98:20:38:e9:a1:62:28:cb:de:63:
62:3a:9c:83:9f:3d:a2:04:bd:4e:a1:ef:a6:0a:e1:20:27:e2:
c9:8c:25:ff:77:26:48:18:a8:7d:9c:41:98:4e:9c:6d:dc:5b:
e2:36:3b:d1:ec:70:4a:5b:17:0c:18:14:f8:77:88:e9:c4:54:
6b:8a:37:66:46:9e:29:3c:65:a2:04:e8:42:d9:c5:b9:4d:0c:
bb:3b:e3:32:97:d2:99:7d:05:88:17:93:54:68:e6:3d:51:3e:
af:c1:4b:cd:ca:ee:87:fa:bd:7d:14:59:7d:4f:80:bd:10:6c:
92:c0:8a:32:de:cf:e2:23:35:03:35:33:f7:29:a1:cc:bc:e3:
1d:4f:7e:44:2e:df:d1:9f:f1:27:1b:13:f6:3a:54:5d:e6:65:
1a:c7:75:49
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICAPswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdF
MzZBM0QyMTlBOEFGQzg0Rjg4QjMwNTUzRTYzOENFNkMyQ0VDRTAeFw0yNTAyMTAx
MzQ1NDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDdGQkMyQTBERTQ1NzE5
REYwNzAyMDExODdGMkRBMjYxRjlCRDI5MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzu4vEckR5kPcptk98qKG9VfPQaz5J6vpPoz0MKsVu0pOD5xIV
J/rl8yiYdnNvcjV87frpBAjEi5IkH+3WLHQh6hiVE/WFDmFpkiCBjrV6AeCecLJe
jp1wRDHv8m6r/Pg0HJBmAePEyH09k5iw4tjrY2hogHr9PRHnimkiwuCui6YnQsWC
pOG7JpzZui24yu/dAfKdfLWmR4EGlq9F+xWQHyzw8rNfUrKIh/FOZkafSi3A358+
hG3Nmb7HHSJQ6Lb8LGnxitrmBvaqTos7/fiOi2pd2e3+eZ1qoMzrnHKWdh+d5PZ0
FRaddlqZbKKPLUruFulFLlrWIakgCXDTFkHjAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUf7wqDeRXGd8HAgEYfy2iYfm9KScwHwYDVR0jBBgwFoAUB+NqPSGaivyE+Isw
VT5jjObCzs4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNDQy9C
LU5xUFNHYWl2eUUtSXN3VlQ1ampPYkN6czQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0ItTnFQU0dhaXZ5RS1Jc3dWVDVqak9iQ3pzNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DQ0MvZjd3cURlUlhHZDhIQWdFWWZ5MmlZ
Zm05S1NjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0UazAN
BgkqhkiG9w0BAQsFAAOCAQEABlsZ3rHbsuCDO6r01Pj2sQe64AAZtx5hlHnJduZG
F465qYnEJkBlvGnheLAV9mBdvBjA5VCzus/NswZKt383UXN/HzuadT/YkPlgsNmd
Ro383lcolZaKpsTmztgkxkAUlHeYIDjpoWIoy95jYjqcg589ogS9TqHvpgrhICfi
yYwl/3cmSBiofZxBmE6cbdxb4jY70exwSlsXDBgU+HeI6cRUa4o3ZkaeKTxlogTo
QtnFuU0MuzvjMpfSmX0FiBeTVGjmPVE+r8FLzcruh/q9fRRZfU+AvRBsksCKMt7P
4iM1AzUz9ymhzLzjHU9+RC7f0Z/xJxsT9jpUXeZlGsd1SQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:00:06 2025 by rpki-client