Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/6woDNs5O5oO1IFNykGHRUsKiec4.roa
File: 6woDNs5O5oO1IFNykGHRUsKiec4.roa (raw, json)
Hash identifier: IQsYPMpuSxb+q0CfYHRh5i12IdAQM7vQJTm4OpsH6Ig=
Subject key identifier: EB:0A:03:36:CE:4E:E6:83:B5:20:53:72:90:61:D1:52:C2:A2:79:CE
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0EE9
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/6woDNs5O5oO1IFNykGHRUsKiec4.roa
Signing time: Tue 18 Feb 2025 01:49:44 +0000
ROA not before: Tue 18 Feb 2025 01:49:44 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17712
IP address blocks: 140.123.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 20:38:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3817 (0xee9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Feb 18 01:49:44 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=EB0A0336CE4EE683B52053729061D152C2A279CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b7:4f:05:e9:5b:b4:e0:fa:b4:0f:3f:f8:f7:
d9:80:c3:86:79:d3:f9:20:32:f4:6a:a5:f4:a1:a5:
70:af:10:1e:cb:b7:0f:36:0f:10:76:4b:55:71:a6:
45:17:71:74:44:46:a0:85:59:de:4f:26:69:88:a4:
88:11:c4:fe:28:67:e9:4f:16:1e:58:42:23:9e:ee:
54:63:2c:97:9f:40:1f:58:ba:18:5d:27:75:25:4a:
c0:fa:65:ec:49:f2:1b:70:6a:ac:c0:a3:5b:46:4b:
38:cd:eb:db:9a:01:28:47:77:57:2b:c1:fc:19:a0:
7d:22:bf:90:dd:60:f4:a0:83:72:52:ae:ff:b7:f5:
5b:55:d7:d6:f6:d7:6b:33:78:fd:05:78:05:c9:8f:
5b:a6:8c:80:f4:2c:78:b5:d7:bf:2b:a8:fc:76:2a:
3a:da:d8:06:45:74:85:ae:8c:ee:73:3c:eb:73:ea:
4b:fb:fd:f4:71:f9:73:5f:98:f2:1c:57:97:40:79:
3a:76:45:6d:a1:a9:25:c9:0a:cb:58:4f:20:99:e3:
87:49:dc:82:1a:d0:52:0d:f0:d9:9f:4d:77:37:3d:
ad:65:bb:ab:21:c3:fa:e9:46:33:89:e7:44:94:a2:
49:8d:98:b5:1e:50:f1:01:37:eb:7c:e7:a3:d5:77:
ca:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:0A:03:36:CE:4E:E6:83:B5:20:53:72:90:61:D1:52:C2:A2:79:CE
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/6woDNs5O5oO1IFNykGHRUsKiec4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.123.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:7a:7e:0f:1c:2f:cc:be:38:4d:46:ad:49:09:c7:ef:29:a6:
5a:c3:98:c2:05:61:b0:2a:97:20:fa:3e:be:83:05:bb:71:a5:
4d:e1:b7:49:54:e4:cd:be:3f:0f:36:ed:d0:60:ef:67:93:63:
5a:ca:b7:12:6b:5c:40:e3:f7:3d:fd:6d:26:85:c5:80:40:47:
ff:7f:34:12:44:37:10:62:73:45:5f:9d:3c:f3:d6:4e:58:fb:
05:06:35:f3:d0:c9:93:ec:f9:aa:5e:88:a4:bc:96:fc:cd:5c:
85:43:d5:48:d0:7c:63:b0:44:dd:2d:2c:f5:ec:62:91:a4:05:
d8:d0:af:26:3c:3b:4e:76:79:e9:54:fc:4b:ee:93:84:86:5a:
97:1d:4d:da:30:3b:12:6b:de:95:08:4a:bd:e1:53:a6:bf:4f:
02:45:78:63:7a:e1:7c:54:62:af:af:9c:9b:19:22:1f:f9:19:
5a:63:a3:5d:70:95:a4:61:ed:01:61:77:85:72:78:eb:6e:c9:
8f:b7:65:54:1c:df:b8:fd:fc:fd:0d:19:b0:22:cd:a0:4d:46:
a5:2d:8c:4e:d3:a3:c8:a7:eb:6f:d5:dd:b1:61:4e:41:e0:79:
42:15:61:3b:c2:a2:4a:65:d8:e0:f8:05:3c:33:75:e4:ca:3e:
28:7e:dd:d0
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDukwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTgw
MTQ5NDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEVCMEEwMzM2Q0U0RUU2
ODNCNTIwNTM3MjkwNjFEMTUyQzJBMjc5Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbt08F6Vu04Pq0Dz/499mAw4Z50/kgMvRqpfShpXCvEB7Ltw82
DxB2S1VxpkUXcXRERqCFWd5PJmmIpIgRxP4oZ+lPFh5YQiOe7lRjLJefQB9Yuhhd
J3UlSsD6ZexJ8htwaqzAo1tGSzjN69uaAShHd1crwfwZoH0iv5DdYPSgg3JSrv+3
9VtV19b212szeP0FeAXJj1umjID0LHi1178rqPx2Kjra2AZFdIWujO5zPOtz6kv7
/fRx+XNfmPIcV5dAeTp2RW2hqSXJCstYTyCZ44dJ3IIa0FIN8NmfTXc3Pa1lu6sh
w/rpRjOJ50SUokmNmLUeUPEBN+t856PVd8rHAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU6woDNs5O5oO1IFNykGHRUsKiec4wHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC82d29ETnM1TzVvTzFJRk55a0dI
UlVzS2llYzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjHsw
DQYJKoZIhvcNAQELBQADggEBAF96fg8cL8y+OE1GrUkJx+8pplrDmMIFYbAqlyD6
Pr6DBbtxpU3ht0lU5M2+Pw827dBg72eTY1rKtxJrXEDj9z39bSaFxYBAR/9/NBJE
NxBic0VfnTzz1k5Y+wUGNfPQyZPs+apeiKS8lvzNXIVD1UjQfGOwRN0tLPXsYpGk
BdjQryY8O052eelU/Evuk4SGWpcdTdowOxJr3pUISr3hU6a/TwJFeGN64XxUYq+v
nJsZIh/5GVpjo11wlaRh7QFhd4VyeOtuyY+3ZVQc37j9/P0NGbAizaBNRqUtjE7T
o8in62/V3bFhTkHgeUIVYTvCokpl2OD4BTwzdeTKPih+3dA=
-----END CERTIFICATE-----
Generated at Mon Apr 14 18:34:00 2025 by rpki-client