Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/CLp1aw9XNH4aqP-IbV66ODPesgU.roa
File: CLp1aw9XNH4aqP-IbV66ODPesgU.roa (raw, json)
Hash identifier: hYjpaz5HD5xqshB1wsqDWeEiGFaTh8SCLdumFu085vA=
Subject key identifier: 08:BA:75:6B:0F:57:34:7E:1A:A8:FF:88:6D:5E:BA:38:33:DE:B2:05
Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial: 0F9B
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/CLp1aw9XNH4aqP-IbV66ODPesgU.roa
Signing time: Wed 19 Feb 2025 02:33:42 +0000
ROA not before: Wed 19 Feb 2025 02:33:42 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 1659
IP address blocks: 163.25.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3995 (0xf9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Validity
Not Before: Feb 19 02:33:42 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=08BA756B0F57347E1AA8FF886D5EBA3833DEB205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c6:54:2b:f2:6e:e9:ed:37:7d:09:d6:92:db:
b0:9d:23:ec:30:4f:5c:14:01:93:04:90:e9:4f:47:
4f:3c:10:a1:96:6a:68:ce:09:89:23:07:90:1d:30:
f6:0c:bc:90:05:cf:47:9f:5c:ba:3b:33:83:3d:32:
f1:7e:54:ee:eb:30:a1:9a:d6:e9:77:1f:26:06:e7:
a0:20:09:3c:39:83:c1:93:6e:6d:ea:81:46:91:72:
91:09:48:51:38:18:b0:2b:5c:aa:88:ad:eb:94:6e:
ee:fd:c7:91:d7:ed:f7:74:12:19:b9:01:eb:8a:dc:
a5:43:eb:b4:02:e9:9c:66:8f:2b:dc:34:6a:8f:b9:
d4:3f:03:0c:a0:e7:57:be:b6:27:9e:4b:d2:9a:00:
02:95:49:25:5d:48:55:59:c5:0d:d4:82:6c:41:87:
0d:4b:0b:4d:85:d4:56:3b:80:7d:c5:e9:d9:9d:cd:
e2:35:53:7f:71:6f:48:fd:6c:3b:09:85:78:86:a0:
3d:f3:99:27:57:10:54:f5:6d:ab:f3:31:55:1a:16:
f9:57:83:7d:0d:e3:a9:e4:f9:63:4b:2c:05:69:de:
0a:4c:4e:70:50:fe:a8:8d:b5:18:63:1d:09:89:91:
9d:56:89:bc:98:ff:62:c6:4c:95:cc:de:e7:01:62:
f7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:BA:75:6B:0F:57:34:7E:1A:A8:FF:88:6D:5E:BA:38:33:DE:B2:05
X509v3 Authority Key Identifier:
keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/CLp1aw9XNH4aqP-IbV66ODPesgU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
163.25.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:21:f5:5c:0d:a9:5b:9c:6b:3a:eb:32:d7:2b:4e:7d:9a:16:
15:e4:84:09:54:1d:5f:cc:71:4d:f1:3d:05:0b:8c:19:5a:95:
6b:f9:31:71:b5:14:00:a0:bf:6c:3d:09:f6:4c:3c:dc:25:b7:
dd:b8:47:c1:04:25:3e:9a:8a:fc:f9:b0:78:1f:49:7f:1d:fe:
54:91:04:d5:3f:bf:2f:f4:4f:be:f8:dd:dd:44:0c:52:75:41:
a3:e1:10:90:bd:fe:4f:8d:d0:81:95:3b:54:b7:b7:53:ca:14:
aa:de:97:49:1e:3f:f1:0f:d5:7c:32:ce:ab:b3:7c:23:c2:64:
08:cc:e2:a2:48:fd:1c:76:7a:b8:4f:af:cf:df:b7:c0:af:0c:
49:b3:e7:6c:e3:d5:00:c6:53:cd:11:43:2b:77:80:ee:7e:ca:
6e:62:88:a5:b5:a9:81:69:cf:bd:18:9c:fc:9a:94:c7:5a:fd:
d8:99:f8:7a:f4:39:63:1c:2c:6f:41:6e:fd:d3:e8:b9:14:89:
05:f5:11:65:9f:f9:a2:7e:82:0b:57:ac:78:83:a1:2d:0a:00:
82:79:d9:c9:05:da:ff:15:9b:df:da:f5:9b:ce:a4:8b:96:5b:
83:64:ec:56:f4:c4:13:6d:dc:bc:4b:5d:c2:86:37:86:e8:8a:
c2:b5:77:fe
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICD5swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yNTAyMTkw
MjMzNDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA4QkE3NTZCMEY1NzM0
N0UxQUE4RkY4ODZENUVCQTM4MzNERUIyMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIxlQr8m7p7Td9CdaS27CdI+wwT1wUAZMEkOlPR088EKGWamjO
CYkjB5AdMPYMvJAFz0efXLo7M4M9MvF+VO7rMKGa1ul3HyYG56AgCTw5g8GTbm3q
gUaRcpEJSFE4GLArXKqIreuUbu79x5HX7fd0Ehm5AeuK3KVD67QC6ZxmjyvcNGqP
udQ/Awyg51e+tieeS9KaAAKVSSVdSFVZxQ3UgmxBhw1LC02F1FY7gH3F6dmdzeI1
U39xb0j9bDsJhXiGoD3zmSdXEFT1bavzMVUaFvlXg30N46nk+WNLLAVp3gpMTnBQ
/qiNtRhjHQmJkZ1WibyY/2LGTJXM3ucBYvdzAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUCLp1aw9XNH4aqP+IbV66ODPesgUwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9DTHAxYXc5WE5INGFxUC1JYlY2
Nk9EUGVzZ1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAoxkw
DQYJKoZIhvcNAQELBQADggEBAIEh9VwNqVucazrrMtcrTn2aFhXkhAlUHV/McU3x
PQULjBlalWv5MXG1FACgv2w9CfZMPNwlt924R8EEJT6aivz5sHgfSX8d/lSRBNU/
vy/0T7743d1EDFJ1QaPhEJC9/k+N0IGVO1S3t1PKFKrel0keP/EP1XwyzquzfCPC
ZAjM4qJI/Rx2erhPr8/ft8CvDEmz52zj1QDGU80RQyt3gO5+ym5iiKW1qYFpz70Y
nPyalMda/diZ+Hr0OWMcLG9Bbv3T6LkUiQX1EWWf+aJ+ggtXrHiDoS0KAIJ52ckF
2v8Vm9/a9ZvOpIuWW4Nk7Fb0xBNt3LxLXcKGN4boisK1d/4=
-----END CERTIFICATE-----
Generated at Mon Apr 14 21:55:45 2025 by rpki-client