Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/STW/YaQpCWAKC9tUppCHG9-rOfTu6bg.roa
File: YaQpCWAKC9tUppCHG9-rOfTu6bg.roa (raw, json)
Hash identifier: FMHp4ON7Uq3Fg/+iT+yTBDOUIs/Z7ZOuEXB1WvJ+5jM=
Subject key identifier: 61:A4:29:09:60:0A:0B:DB:54:A6:90:87:1B:DF:AB:39:F4:EE:E9:B8
Certificate issuer: /CN=C758420CF762E48AD7CAA60EB39DCD622B1FB4F6
Certificate serial: F8
Authority key identifier: C7:58:42:0C:F7:62:E4:8A:D7:CA:A6:0E:B3:9D:CD:62:2B:1F:B4:F6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/x1hCDPdi5IrXyqYOs53NYisftPY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/STW/YaQpCWAKC9tUppCHG9-rOfTu6bg.roa
Signing time: Wed 26 Mar 2025 05:15:21 +0000
ROA not before: Wed 26 Mar 2025 05:15:21 +0000
ROA not after: Sat 10 Jan 2026 15:30:20 +0000
asID: 63897
IP address blocks: 161.248.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/STW/x1hCDPdi5IrXyqYOs53NYisftPY.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/STW/x1hCDPdi5IrXyqYOs53NYisftPY.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/x1hCDPdi5IrXyqYOs53NYisftPY.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 02:38:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 248 (0xf8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C758420CF762E48AD7CAA60EB39DCD622B1FB4F6
Validity
Not Before: Mar 26 05:15:21 2025 GMT
Not After : Jan 10 15:30:20 2026 GMT
Subject: CN=61A42909600A0BDB54A690871BDFAB39F4EEE9B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c8:40:7b:a3:38:5f:7f:da:a5:6a:4a:b7:81:
2a:77:33:29:7f:f6:b5:3c:c9:5c:a7:bf:62:d5:db:
e0:fc:34:5c:c8:c7:86:a1:47:3d:3c:b4:16:1d:ef:
a7:e5:de:e8:1b:76:76:73:8a:3e:69:0c:a1:46:9d:
2c:26:46:6c:07:70:d2:71:2d:8e:d3:14:3a:5e:a3:
64:64:27:47:37:41:cd:fc:2f:10:5d:ec:e1:a7:37:
ad:1a:bb:5b:e0:ba:df:47:32:a6:b2:ef:c9:cb:56:
68:d8:d0:b3:dd:1a:9a:f4:bb:a4:88:8d:83:62:78:
1d:4f:31:51:c7:53:9e:36:58:37:64:47:63:57:bb:
9b:24:9f:97:7f:5d:a3:00:6e:25:ed:1b:d3:50:ca:
85:d5:5c:3e:1c:7d:67:ee:9f:7a:7a:62:53:78:7c:
c7:a8:21:ed:e1:07:72:0f:bb:d8:7b:fe:89:0d:23:
39:42:60:c0:a9:cf:e8:a4:0a:a6:da:80:42:73:ad:
df:28:90:50:eb:9c:ea:c7:fa:af:30:5d:1a:d9:47:
cb:72:73:0c:60:2c:86:3b:69:2a:e4:e5:7e:ca:d5:
3c:0b:08:08:e4:b3:1f:66:e4:a9:1a:c5:e8:3c:01:
b5:03:b7:41:be:39:d7:55:67:f4:d7:2a:e5:15:4a:
48:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A4:29:09:60:0A:0B:DB:54:A6:90:87:1B:DF:AB:39:F4:EE:E9:B8
X509v3 Authority Key Identifier:
keyid:C7:58:42:0C:F7:62:E4:8A:D7:CA:A6:0E:B3:9D:CD:62:2B:1F:B4:F6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/STW/x1hCDPdi5IrXyqYOs53NYisftPY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/x1hCDPdi5IrXyqYOs53NYisftPY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/STW/YaQpCWAKC9tUppCHG9-rOfTu6bg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.160.0/24
Signature Algorithm: sha256WithRSAEncryption
64:74:5c:e7:dc:96:6a:1e:b7:46:63:b5:f4:87:c2:48:9e:61:
7a:b7:c1:74:6a:0d:56:1f:7a:f8:3a:87:25:e6:aa:31:cc:b2:
a9:c8:88:ec:1a:5f:2a:50:a3:57:fb:9b:33:58:c7:56:ac:81:
a2:07:8b:a8:7e:7b:b6:57:b8:5f:a7:f2:fe:19:43:08:f3:96:
32:e7:9d:a6:6e:8d:00:10:ba:e8:f7:93:11:4e:77:90:66:96:
bb:fa:ff:a5:29:32:55:df:da:67:7e:77:51:10:e0:57:4d:b9:
50:05:b4:9c:1b:fe:d3:33:ac:a2:53:0f:d7:bf:7a:4c:bd:67:
b7:c2:dc:df:8b:ca:9d:80:3c:b3:d3:b1:ea:8c:ec:fa:f1:bf:
ce:82:33:29:a4:8c:e4:11:83:bb:dd:ef:c6:b1:50:a3:8c:7e:
93:db:b6:3b:7d:a7:a5:83:04:c5:3a:f8:16:ee:aa:6b:a8:bc:
92:12:bb:77:36:fe:13:66:96:51:e0:32:e1:b7:e6:10:11:ff:
ba:97:d4:d6:ef:89:6f:51:ce:2a:78:a5:2b:ea:2b:66:80:e0:
2d:a9:29:51:8e:6d:5d:c0:52:b3:4f:d4:74:1d:7e:1e:94:9e:
c3:c1:62:cf:da:6c:1d:a5:9d:7d:28:0a:ff:89:eb:25:b2:62:
09:ba:2f:9a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICAPgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzc1
ODQyMENGNzYyRTQ4QUQ3Q0FBNjBFQjM5RENENjIyQjFGQjRGNjAeFw0yNTAzMjYw
NTE1MjFaFw0yNjAxMTAxNTMwMjBaMDMxMTAvBgNVBAMTKDYxQTQyOTA5NjAwQTBC
REI1NEE2OTA4NzFCREZBQjM5RjRFRUU5QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpyEB7ozhff9qlakq3gSp3Myl/9rU8yVynv2LV2+D8NFzIx4ah
Rz08tBYd76fl3ugbdnZzij5pDKFGnSwmRmwHcNJxLY7TFDpeo2RkJ0c3Qc38LxBd
7OGnN60au1vgut9HMqay78nLVmjY0LPdGpr0u6SIjYNieB1PMVHHU542WDdkR2NX
u5skn5d/XaMAbiXtG9NQyoXVXD4cfWfun3p6YlN4fMeoIe3hB3IPu9h7/okNIzlC
YMCpz+ikCqbagEJzrd8okFDrnOrH+q8wXRrZR8tycwxgLIY7aSrk5X7K1TwLCAjk
sx9m5Kkaxeg8AbUDt0G+OddVZ/TXKuUVSkgFAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUYaQpCWAKC9tUppCHG9+rOfTu6bgwHwYDVR0jBBgwFoAUx1hCDPdi5IrXyqYO
s53NYisftPYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1RXL3gx
aENEUGRpNUlyWHlxWU9zNTNOWWlzZnRQWS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
eDFoQ0RQZGk1SXJYeXFZT3M1M05ZaXNmdFBZLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvU1RXL1lhUXBDV0FLQzl0VXBwQ0hHOS1yT2ZU
dTZiZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACh+KAwDQYJ
KoZIhvcNAQELBQADggEBAGR0XOfclmoet0ZjtfSHwkieYXq3wXRqDVYfevg6hyXm
qjHMsqnIiOwaXypQo1f7mzNYx1asgaIHi6h+e7ZXuF+n8v4ZQwjzljLnnaZujQAQ
uuj3kxFOd5Bmlrv6/6UpMlXf2md+d1EQ4FdNuVAFtJwb/tMzrKJTD9e/eky9Z7fC
3N+Lyp2APLPTseqM7Prxv86CMymkjOQRg7vd78axUKOMfpPbtjt9p6WDBMU6+Bbu
qmuovJISu3c2/hNmllHgMuG35hAR/7qX1NbviW9Rzip4pSvqK2aA4C2pKVGObV3A
UrNP1HQdfh6UnsPBYs/abB2lnX0oCv+J6yWyYgm6L5o=
-----END CERTIFICATE-----
Generated at Mon Apr 14 01:56:28 2025 by rpki-client