Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/73NNkFR9ZLKzWkQUVWmNQsCzfpg.roa
File: 73NNkFR9ZLKzWkQUVWmNQsCzfpg.roa (raw, json)
Hash identifier: j2W3Q7yCSd9UttaCbqOEs/6QO4RYTBsxUoifZlTN9r8=
Subject key identifier: EF:73:4D:90:54:7D:64:B2:B3:5A:44:14:55:69:8D:42:C0:B3:7E:98
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0E7C
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/73NNkFR9ZLKzWkQUVWmNQsCzfpg.roa
Signing time: Mon 10 Feb 2025 14:16:25 +0000
ROA not before: Mon 10 Feb 2025 14:16:25 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18217
IP address blocks: 140.109.224.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FDE5Ly-m0Y9mdB4uoa7qF4GGF0M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 26 Apr 2025 12:19:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3708 (0xe7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Feb 10 14:16:25 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=EF734D90547D64B2B35A441455698D42C0B37E98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b4:5b:73:c4:8f:d3:d6:6c:1a:17:12:15:de:
88:6e:56:b3:7a:ac:af:04:b8:ff:1f:e3:fe:b1:90:
df:90:5a:3c:8f:9f:92:4e:d9:e0:48:7c:89:af:6e:
30:b7:20:09:56:13:34:4e:4e:52:92:85:80:ed:23:
e6:6d:6f:df:07:48:22:0b:61:f1:ca:fa:43:62:3e:
89:19:23:5e:7e:55:fb:6a:1e:d8:f5:71:6e:af:5b:
56:cc:4b:e7:d5:b9:d4:24:61:bf:7f:62:c2:83:73:
35:f3:34:88:79:1b:d2:44:05:13:14:0b:62:fa:2a:
29:61:28:d4:16:5b:65:86:8c:34:e6:e5:58:81:bb:
28:1f:d0:44:19:29:39:80:64:66:e5:d3:1f:ce:d1:
22:a5:ed:8f:ca:e9:dd:03:04:e6:f2:9b:22:a4:da:
39:1d:03:43:0b:21:86:71:46:bb:74:c8:ce:ea:aa:
7b:33:f4:fe:c0:a4:5f:a0:d8:f3:88:32:db:85:da:
af:b1:ec:2f:0c:cc:72:70:6f:c1:fc:d0:88:a4:d6:
3d:17:7d:78:73:79:70:62:fe:e5:35:55:fd:57:46:
eb:cd:f5:1b:51:1d:be:88:85:fe:00:22:c9:76:53:
ba:7a:f2:87:6a:41:80:a2:3a:98:ee:75:5a:58:74:
a8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:73:4D:90:54:7D:64:B2:B3:5A:44:14:55:69:8D:42:C0:B3:7E:98
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/73NNkFR9ZLKzWkQUVWmNQsCzfpg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.109.224.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:ee:76:dc:d5:9f:a7:d6:68:d5:ad:3a:e1:53:d3:64:be:bf:
70:2e:76:80:c8:35:0e:f1:6b:2a:d9:6b:83:59:e0:34:18:c0:
75:64:69:b4:20:9f:42:98:29:dd:9c:80:94:95:72:d6:7b:2c:
a8:27:a4:56:58:38:ce:55:7d:6f:7a:aa:ec:24:23:0c:70:aa:
f8:85:d9:a0:91:82:5b:32:b6:fa:00:7c:c5:e8:99:90:e9:90:
26:27:de:23:10:1b:45:25:a6:94:d9:0b:3f:4e:3d:a8:35:6a:
68:da:23:de:fa:6b:27:cc:ac:3d:7f:23:21:6e:0c:42:74:c1:
73:06:df:fb:eb:20:3d:e7:1b:b2:19:aa:c3:2b:2e:53:78:f8:
e5:64:b3:c2:79:59:cd:7c:ac:59:8a:11:56:ea:0f:d1:01:dd:
0b:69:94:bd:7e:07:25:8f:bc:64:6a:c8:0c:fd:0a:a1:d0:9b:
b2:d2:06:bb:ef:05:53:d6:cc:d8:65:d5:35:66:4a:59:95:6a:
d5:11:7c:c7:a2:20:c4:9c:37:31:b9:9d:a4:70:f9:ca:cb:48:
2d:3c:5d:7e:bc:0a:d1:37:9d:6f:1a:6b:28:56:c8:2d:c2:1d:
d5:39:0e:f5:bd:ee:1c:0c:7d:61:ea:aa:98:2c:c7:96:2f:ff:
88:68:46:6d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDnwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx
NDE2MjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEVGNzM0RDkwNTQ3RDY0
QjJCMzVBNDQxNDU1Njk4RDQyQzBCMzdFOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPtFtzxI/T1mwaFxIV3ohuVrN6rK8EuP8f4/6xkN+QWjyPn5JO
2eBIfImvbjC3IAlWEzROTlKShYDtI+Ztb98HSCILYfHK+kNiPokZI15+VftqHtj1
cW6vW1bMS+fVudQkYb9/YsKDczXzNIh5G9JEBRMUC2L6KilhKNQWW2WGjDTm5ViB
uygf0EQZKTmAZGbl0x/O0SKl7Y/K6d0DBObymyKk2jkdA0MLIYZxRrt0yM7qqnsz
9P7ApF+g2POIMtuF2q+x7C8MzHJwb8H80Iik1j0XfXhzeXBi/uU1Vf1XRuvN9RtR
Hb6Ihf4AIsl2U7p68odqQYCiOpjudVpYdKizAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU73NNkFR9ZLKzWkQUVWmNQsCzfpgwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC83M05Oa0ZSOVpMS3pXa1FVVldt
TlFzQ3pmcGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBjG3g
MA0GCSqGSIb3DQEBCwUAA4IBAQBt7nbc1Z+n1mjVrTrhU9Nkvr9wLnaAyDUO8Wsq
2WuDWeA0GMB1ZGm0IJ9CmCndnICUlXLWeyyoJ6RWWDjOVX1veqrsJCMMcKr4hdmg
kYJbMrb6AHzF6JmQ6ZAmJ94jEBtFJaaU2Qs/Tj2oNWpo2iPe+msnzKw9fyMhbgxC
dMFzBt/76yA95xuyGarDKy5TePjlZLPCeVnNfKxZihFW6g/RAd0LaZS9fgclj7xk
asgM/Qqh0Juy0ga77wVT1szYZdU1ZkpZlWrVEXzHoiDEnDcxuZ2kcPnKy0gtPF1+
vArRN51vGmsoVsgtwh3VOQ71ve4cDH1h6qqYLMeWL/+IaEZt
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:06:06 2025 by rpki-client