Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SHANGFU/h84pfOtmCU32q2rKMze-fH6ShR4.roa
File: h84pfOtmCU32q2rKMze-fH6ShR4.roa (raw, json)
Hash identifier: DHhDWGPjpgk7L7BdkuMmYFqjKdII5kYbNkeavfzc0zg=
Subject key identifier: 87:CE:29:7C:EB:66:09:4D:F6:AB:6A:CA:33:37:BE:7C:7E:92:85:1E
Certificate issuer: /CN=0BDA25C630F8FF46E307B194CD2AAD1E6D06331D
Certificate serial: 0A17
Authority key identifier: 0B:DA:25:C6:30:F8:FF:46:E3:07:B1:94:CD:2A:AD:1E:6D:06:33:1D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/C9olxjD4_0bjB7GUzSqtHm0GMx0.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SHANGFU/h84pfOtmCU32q2rKMze-fH6ShR4.roa
Signing time: Mon 10 Feb 2025 13:46:10 +0000
ROA not before: Mon 10 Feb 2025 13:46:10 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 48024
IP address blocks: 103.126.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/SHANGFU/C9olxjD4_0bjB7GUzSqtHm0GMx0.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/SHANGFU/C9olxjD4_0bjB7GUzSqtHm0GMx0.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/C9olxjD4_0bjB7GUzSqtHm0GMx0.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 16:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2583 (0xa17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0BDA25C630F8FF46E307B194CD2AAD1E6D06331D
Validity
Not Before: Feb 10 13:46:10 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=87CE297CEB66094DF6AB6ACA3337BE7C7E92851E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c5:87:02:5a:62:18:64:a7:fc:ee:a7:65:16:
42:1d:72:9c:2a:e3:c7:f3:81:08:f8:60:f7:e9:06:
65:6d:04:cb:5c:84:2d:71:1f:a0:fa:e6:2d:a7:4d:
f1:d6:70:eb:61:9a:4b:7c:af:19:a1:a2:6a:46:c2:
d0:58:e1:37:c6:1c:7f:5d:a7:e0:34:25:81:16:35:
96:ea:9d:e8:3c:ec:b1:4c:39:27:12:2b:cc:79:ef:
ab:e4:c6:ad:3c:57:b5:6c:c8:61:fb:81:ba:b6:42:
7d:d3:47:a4:55:d4:54:d1:35:e9:1d:6f:55:45:13:
4d:9d:2f:5e:7c:dd:37:95:e6:58:1a:ea:c2:68:5d:
81:00:0c:df:e7:dd:90:3f:eb:07:83:e2:e6:a5:af:
79:cf:09:ea:24:6f:f2:c3:bb:2c:bc:cc:b1:30:52:
06:12:c1:84:f4:9d:36:78:9f:e4:4d:52:76:e4:9b:
14:49:4e:03:5a:ae:55:2e:d5:8d:55:10:a4:85:e8:
5e:cb:35:2e:ea:c4:50:22:b2:be:44:39:93:aa:a4:
5a:4d:fa:05:bb:88:f1:3f:14:d7:29:37:34:63:ae:
c5:8e:d5:a8:b1:ae:4b:9a:3b:35:5c:ae:26:5f:38:
b7:55:51:05:ff:8b:a3:c9:35:be:3e:00:1e:3f:64:
ae:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:CE:29:7C:EB:66:09:4D:F6:AB:6A:CA:33:37:BE:7C:7E:92:85:1E
X509v3 Authority Key Identifier:
keyid:0B:DA:25:C6:30:F8:FF:46:E3:07:B1:94:CD:2A:AD:1E:6D:06:33:1D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHANGFU/C9olxjD4_0bjB7GUzSqtHm0GMx0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/C9olxjD4_0bjB7GUzSqtHm0GMx0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SHANGFU/h84pfOtmCU32q2rKMze-fH6ShR4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.126.88.0/24
Signature Algorithm: sha256WithRSAEncryption
94:16:d9:ac:11:fe:c0:e4:9d:a5:fb:23:f7:ad:1d:bd:dd:c4:
70:d6:23:d7:d1:0f:09:e4:2e:02:48:55:ec:89:85:df:8e:02:
d6:83:09:9e:9c:cc:7e:59:e9:84:af:cb:80:67:03:3f:9a:0d:
1f:2d:37:99:df:0c:51:4c:99:59:0c:23:81:5c:97:20:b8:ce:
4a:a0:3f:5e:df:89:bf:74:8b:7c:16:4b:9b:81:82:f6:61:56:
02:e0:fb:b7:ee:e0:1d:b8:70:01:4d:5e:89:28:ad:fd:24:b6:
d0:4e:19:48:0b:12:e5:43:95:0d:fb:3c:50:2d:78:dd:69:5b:
d9:99:58:86:51:03:a2:56:3a:9a:1a:40:2c:3e:00:a1:99:3c:
1f:dc:81:d3:09:d7:01:4b:8c:4d:cd:04:49:72:f8:04:17:c9:
8d:b5:72:83:67:34:30:62:c9:bd:e2:14:fb:94:92:d2:a2:48:
84:a8:25:e4:eb:de:3c:24:01:d7:15:78:e2:18:fc:3b:32:0f:
98:63:79:26:52:c4:63:4a:9d:ad:73:49:a6:a4:8f:8d:94:e3:
03:26:29:4c:ee:02:9d:cc:22:08:d5:67:f4:02:fd:50:7c:08:
02:34:42:0b:c9:bf:be:bf:6c:54:4e:35:a3:0d:4e:b8:8b:9a:
9e:b5:b1:60
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICChcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEJE
QTI1QzYzMEY4RkY0NkUzMDdCMTk0Q0QyQUFEMUU2RDA2MzMxRDAeFw0yNTAyMTAx
MzQ2MTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg3Q0UyOTdDRUI2NjA5
NERGNkFCNkFDQTMzMzdCRTdDN0U5Mjg1MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDxYcCWmIYZKf87qdlFkIdcpwq48fzgQj4YPfpBmVtBMtchC1x
H6D65i2nTfHWcOthmkt8rxmhompGwtBY4TfGHH9dp+A0JYEWNZbqneg87LFMOScS
K8x576vkxq08V7VsyGH7gbq2Qn3TR6RV1FTRNekdb1VFE02dL1583TeV5lga6sJo
XYEADN/n3ZA/6weD4ualr3nPCeokb/LDuyy8zLEwUgYSwYT0nTZ4n+RNUnbkmxRJ
TgNarlUu1Y1VEKSF6F7LNS7qxFAisr5EOZOqpFpN+gW7iPE/FNcpNzRjrsWO1aix
rkuaOzVcriZfOLdVUQX/i6PJNb4+AB4/ZK5xAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUh84pfOtmCU32q2rKMze+fH6ShR4wHwYDVR0jBBgwFoAUC9olxjD4/0bjB7GU
zSqtHm0GMx0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0hBTkdG
VS9DOW9seGpENF8wYmpCN0dVelNxdEhtMEdNeDAuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0M5b2x4akQ0XzBiakI3R1V6U3F0SG0wR014MC5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NIQU5HRlUvaDg0cGZPdG1DVTMycTJy
S016ZS1mSDZTaFI0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGd+WDANBgkqhkiG9w0BAQsFAAOCAQEAlBbZrBH+wOSdpfsj960dvd3EcNYj19EP
CeQuAkhV7ImF344C1oMJnpzMflnphK/LgGcDP5oNHy03md8MUUyZWQwjgVyXILjO
SqA/Xt+Jv3SLfBZLm4GC9mFWAuD7t+7gHbhwAU1eiSit/SS20E4ZSAsS5UOVDfs8
UC143Wlb2ZlYhlEDolY6mhpALD4AoZk8H9yB0wnXAUuMTc0ESXL4BBfJjbVyg2c0
MGLJveIU+5SS0qJIhKgl5OvePCQB1xV44hj8OzIPmGN5JlLEY0qdrXNJpqSPjZTj
AyYpTO4CncwiCNVn9AL9UHwIAjRCC8m/vr9sVE41ow1OuIuanrWxYA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 15:05:03 2025 by rpki-client