Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/gGKi90fZai32MWlQ6XXbvvLb8As.roa
File: gGKi90fZai32MWlQ6XXbvvLb8As.roa (raw, json)
Hash identifier: SBe2iMLHorKWSY6cqEAe5wfDF7JQeoubbtOqY/qpwV4=
Subject key identifier: 80:62:A2:F7:47:D9:6A:2D:F6:31:69:50:E9:75:DB:BE:F2:DB:F0:0B
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0F68
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/gGKi90fZai32MWlQ6XXbvvLb8As.roa
Signing time: Mon 10 Feb 2025 14:08:02 +0000
ROA not before: Mon 10 Feb 2025 14:08:02 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 192.72.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3944 (0xf68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 10 14:08:02 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8062A2F747D96A2DF6316950E975DBBEF2DBF00B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:75:7b:12:11:f6:dd:5c:c0:79:14:5a:6b:40:
b5:65:5d:e7:ee:f9:5e:47:d0:c1:29:aa:49:b2:d5:
14:ce:46:da:44:1a:ca:85:2b:cf:64:8f:70:ae:02:
8c:30:99:c8:a2:55:2e:74:4e:ce:f7:ef:04:e5:65:
71:a9:33:5e:e1:1f:37:14:60:bd:fe:24:57:0d:c0:
62:ac:4f:e5:72:f5:7e:25:37:3e:2f:fa:5f:99:c7:
bc:cf:e3:34:c0:27:0e:99:bb:ff:48:f9:12:2e:d4:
22:29:58:6c:3b:7e:54:c6:96:98:ab:bc:70:b2:58:
38:d2:66:e0:0a:8a:c6:75:a3:78:7c:f4:f0:11:80:
09:48:ec:65:fd:ba:16:a0:a6:3d:19:09:ac:ac:b9:
dd:58:07:67:2d:d5:92:1e:58:36:5c:17:1b:e4:61:
16:f9:d1:fe:d3:78:53:20:e2:54:e1:85:8c:11:9a:
e8:db:ad:1e:6d:98:fb:9a:eb:d5:0e:f2:6b:fe:8d:
70:f5:dd:74:a0:97:54:f7:f4:51:de:a5:18:63:c1:
04:36:e9:1f:4a:d8:a3:9c:12:a9:c9:62:ee:13:50:
f5:54:f2:20:fe:c6:4b:ee:a5:53:d8:ac:b8:ca:cb:
fe:c4:a0:3a:c6:aa:a0:52:f6:f4:ed:8d:22:bb:8d:
1e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:62:A2:F7:47:D9:6A:2D:F6:31:69:50:E9:75:DB:BE:F2:DB:F0:0B
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/gGKi90fZai32MWlQ6XXbvvLb8As.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.192.0/19
Signature Algorithm: sha256WithRSAEncryption
11:22:e2:2c:0b:e7:00:a8:9a:32:36:97:dd:87:5b:4a:39:f8:
c8:76:2a:9a:d0:e0:2d:fa:49:07:a6:e7:7b:04:74:e1:e9:45:
cb:b0:cb:cf:2f:f9:12:35:de:81:1e:56:e6:92:48:41:b8:9e:
29:9b:8c:7f:01:b5:bc:d8:36:4b:b7:79:74:19:e3:11:5c:d7:
7f:2f:76:5b:b4:01:34:fe:4d:f2:d6:b1:6b:d2:cd:bd:09:be:
a4:82:4b:60:9a:fd:e9:ac:e9:18:83:bc:4b:f8:54:e7:8a:c4:
3b:4c:55:97:18:7f:12:81:78:2c:eb:1d:17:eb:c6:67:2e:8c:
bd:c2:3b:c5:99:eb:58:41:63:e6:48:f1:53:4c:a9:04:e6:4d:
7f:14:42:8f:26:b8:55:6c:5f:b5:79:35:b3:16:44:7d:5b:08:
97:c6:36:1c:06:49:46:c7:64:6f:c2:cc:00:0d:13:72:29:f3:
e7:33:7a:61:e1:08:bf:27:20:45:9c:37:d2:6d:01:3b:49:8c:
11:57:26:e1:cd:5f:73:07:f4:35:8f:b0:f7:9e:55:d6:e0:cd:
d9:e1:aa:1f:6c:ea:68:3b:5a:0a:5c:a4:4f:a2:7f:c7:24:de:
83:43:85:70:81:bf:d6:05:ce:e1:98:2f:62:92:7d:0c:6a:f0:
8f:a8:49:55
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTAyMTAx
NDA4MDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDgwNjJBMkY3NDdEOTZB
MkRGNjMxNjk1MEU5NzVEQkJFRjJEQkYwMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCudXsSEfbdXMB5FFprQLVlXefu+V5H0MEpqkmy1RTORtpEGsqF
K89kj3CuAowwmciiVS50Ts737wTlZXGpM17hHzcUYL3+JFcNwGKsT+Vy9X4lNz4v
+l+Zx7zP4zTAJw6Zu/9I+RIu1CIpWGw7flTGlpirvHCyWDjSZuAKisZ1o3h89PAR
gAlI7GX9uhagpj0ZCaysud1YB2ct1ZIeWDZcFxvkYRb50f7TeFMg4lThhYwRmujb
rR5tmPua69UO8mv+jXD13XSgl1T39FHepRhjwQQ26R9K2KOcEqnJYu4TUPVU8iD+
xkvupVPYrLjKy/7EoDrGqqBS9vTtjSK7jR6BAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUgGKi90fZai32MWlQ6XXbvvLb8AswHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvZ0dLaTkwZlphaTMyTVdsUTZYWGJ2
dkxiOEFzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcBIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAESLiLAvnAKiaMjaX3YdbSjn4yHYqmtDgLfpJB6bn
ewR04elFy7DLzy/5EjXegR5W5pJIQbieKZuMfwG1vNg2S7d5dBnjEVzXfy92W7QB
NP5N8taxa9LNvQm+pIJLYJr96azpGIO8S/hU54rEO0xVlxh/EoF4LOsdF+vGZy6M
vcI7xZnrWEFj5kjxU0ypBOZNfxRCjya4VWxftXk1sxZEfVsIl8Y2HAZJRsdkb8LM
AA0Tcinz5zN6YeEIvycgRZw30m0BO0mMEVcm4c1fcwf0NY+w955V1uDN2eGqH2zq
aDtaClykT6J/xyTeg0OFcIG/1gXO4ZgvYpJ9DGrwj6hJVQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 22:35:29 2025 by rpki-client