Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GMW9mTgC46vhuD-AYBr7hQKJzig.roa
File: GMW9mTgC46vhuD-AYBr7hQKJzig.roa (raw, json)
Hash identifier: gJqTZIcVX8dco4KUbUsjuYVbyg4lWWmShUmYQHhWI0Y=
Subject key identifier: 18:C5:BD:99:38:02:E3:AB:E1:B8:3F:80:60:1A:FB:85:02:89:CE:28
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 12E7
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GMW9mTgC46vhuD-AYBr7hQKJzig.roa
Signing time: Mon 10 Feb 2025 14:08:53 +0000
ROA not before: Mon 10 Feb 2025 14:08:53 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9924
IP address blocks: 60.199.134.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 16:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4839 (0x12e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Feb 10 14:08:53 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=18C5BD993802E3ABE1B83F80601AFB850289CE28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:01:1a:c3:77:65:98:24:07:a4:dd:0a:76:c1:
5e:d3:93:dd:5c:3c:a6:40:a6:6d:33:a2:25:86:43:
d8:5f:81:e6:1d:d1:3f:83:c3:34:2e:36:2e:7b:4c:
cb:b5:41:2f:19:89:8c:0d:97:d8:0e:4c:94:10:07:
32:09:c1:3a:34:69:c3:99:76:86:f7:ac:48:08:34:
47:e9:24:59:2b:b5:c4:94:5a:fd:49:ef:28:41:59:
ae:c1:10:7b:ea:83:d5:78:c7:91:ff:ab:81:9a:b8:
cf:d9:82:ee:ce:40:8a:2e:a0:4c:b4:5a:37:de:ef:
76:41:12:1d:bf:35:0e:2b:46:aa:bb:f4:b9:7d:e1:
5f:e3:88:d2:65:d3:4e:bd:fc:77:23:cc:4f:c1:26:
33:c7:e8:c6:6e:74:06:48:48:30:13:25:03:f4:50:
bc:1f:67:fb:bd:36:aa:b9:08:dd:14:17:b5:d9:94:
b2:cb:e5:a5:a9:6f:5d:8b:c6:53:83:2d:ae:b1:e9:
44:9b:af:bd:87:c4:da:59:1b:53:ea:3f:3a:1f:b8:
06:10:5b:88:e3:f9:0a:20:eb:63:3b:83:e0:6e:32:
5c:ac:65:59:e2:ea:3f:d4:81:40:e4:b6:19:13:ea:
dd:8b:59:59:7e:c8:b7:2b:7d:77:55:eb:d2:7b:fd:
3d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:C5:BD:99:38:02:E3:AB:E1:B8:3F:80:60:1A:FB:85:02:89:CE:28
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GMW9mTgC46vhuD-AYBr7hQKJzig.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.199.134.0/24
Signature Algorithm: sha256WithRSAEncryption
02:43:63:6b:a2:92:de:f4:65:d9:d6:33:ab:3e:c3:8b:14:4e:
c7:f1:d5:6b:9a:7f:63:21:e1:9e:e8:d2:48:11:63:cd:6c:82:
fd:24:de:43:e3:bf:b5:3f:31:5d:a0:f5:45:68:b2:4d:5c:fa:
7b:9f:f2:a3:77:21:09:0f:5f:f3:9d:e8:9a:f4:e0:d5:f9:93:
fc:c5:4b:4c:f4:cf:e5:ec:56:1c:93:e1:33:5a:3a:1f:6a:f4:
ec:19:cf:9e:ed:46:df:29:3b:8e:b0:69:36:fe:07:d8:16:98:
33:49:0e:77:88:3a:0c:7e:80:fd:ee:fc:23:dc:12:6b:76:50:
fb:37:2b:7c:6d:e3:92:26:79:2b:67:08:0c:cb:6f:b5:4b:20:
f1:97:30:2c:5c:ed:1e:81:82:a5:f0:d9:31:08:e4:f9:33:a0:
ff:52:0d:07:9d:f3:28:20:4d:bb:62:52:6e:65:31:02:b0:65:
65:dd:8d:f2:b2:57:50:9a:de:4c:a6:e2:21:f7:cd:c5:6d:84:
63:02:ef:78:a2:96:34:68:3e:8b:a7:05:d6:c5:72:78:02:c5:
6c:6b:6b:00:50:08:1f:d7:d7:38:6e:bc:f4:29:7b:cd:1c:2d:
bf:49:0b:84:4c:5e:3f:1e:b3:b2:a1:02:d6:9b:b9:f2:cf:9c:
eb:ec:8a:5d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEucwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTAyMTAx
NDA4NTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDE4QzVCRDk5MzgwMkUz
QUJFMUI4M0Y4MDYwMUFGQjg1MDI4OUNFMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBARrDd2WYJAek3Qp2wV7Tk91cPKZApm0zoiWGQ9hfgeYd0T+D
wzQuNi57TMu1QS8ZiYwNl9gOTJQQBzIJwTo0acOZdob3rEgINEfpJFkrtcSUWv1J
7yhBWa7BEHvqg9V4x5H/q4GauM/Zgu7OQIouoEy0Wjfe73ZBEh2/NQ4rRqq79Ll9
4V/jiNJl0069/HcjzE/BJjPH6MZudAZISDATJQP0ULwfZ/u9Nqq5CN0UF7XZlLLL
5aWpb12LxlODLa6x6USbr72HxNpZG1PqPzofuAYQW4jj+Qog62M7g+BuMlysZVni
6j/UgUDkthkT6t2LWVl+yLcrfXdV69J7/T1rAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUGMW9mTgC46vhuD+AYBr7hQKJzigwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvR01XOW1UZ0M0NnZodUQt
QVlCcjdoUUtKemlnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ADzHhjANBgkqhkiG9w0BAQsFAAOCAQEAAkNja6KS3vRl2dYzqz7DixROx/HVa5p/
YyHhnujSSBFjzWyC/STeQ+O/tT8xXaD1RWiyTVz6e5/yo3chCQ9f853omvTg1fmT
/MVLTPTP5exWHJPhM1o6H2r07BnPnu1G3yk7jrBpNv4H2BaYM0kOd4g6DH6A/e78
I9wSa3ZQ+zcrfG3jkiZ5K2cIDMtvtUsg8ZcwLFztHoGCpfDZMQjk+TOg/1INB53z
KCBNu2JSbmUxArBlZd2N8rJXUJreTKbiIffNxW2EYwLveKKWNGg+i6cF1sVyeALF
bGtrAFAIH9fXOG689Cl7zRwtv0kLhExePx6zsqEC1pu58s+c6+yKXQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 12:38:16 2025 by rpki-client