Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/v8BpW71yUlg4wLI1NjuQQ_DljEM.roa
File: v8BpW71yUlg4wLI1NjuQQ_DljEM.roa (raw, json)
Hash identifier: rVW4v27WPAaz4IhlRFm+rOmX0ie1e6p8xWY0KDJ1TbA=
Subject key identifier: BF:C0:69:5B:BD:72:52:58:38:C0:B2:35:36:3B:90:43:F0:E5:8C:43
Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial: 0F99
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/v8BpW71yUlg4wLI1NjuQQ_DljEM.roa
Signing time: Wed 19 Feb 2025 02:31:18 +0000
ROA not before: Wed 19 Feb 2025 02:31:18 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 1659
IP address blocks: 163.22.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 01:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3993 (0xf99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Validity
Not Before: Feb 19 02:31:18 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=BFC0695BBD72525838C0B235363B9043F0E58C43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:86:98:c6:2c:b6:4b:ee:a3:db:1c:a3:c8:e0:
fc:eb:94:66:ac:51:f6:7f:19:e7:33:aa:e0:3c:40:
1c:53:d5:c1:89:82:66:c0:77:db:56:f4:17:49:b4:
b1:78:85:ff:ab:a6:da:94:61:c7:5f:6d:94:7d:f6:
ec:c9:a4:cb:8d:8d:48:d5:c8:f6:f3:6f:f7:5a:09:
1c:5a:c5:c8:af:f0:f9:d2:93:98:5f:73:6f:5d:47:
5c:60:9c:c9:ae:98:b3:10:9b:b9:6d:45:7d:55:2e:
67:51:07:45:c9:01:29:57:e9:c2:e2:e7:28:4b:0f:
1b:ec:bf:57:b8:58:25:1b:6b:93:86:d8:79:5d:1d:
7f:43:ce:82:c5:f5:72:20:97:25:24:57:0e:0f:c2:
92:38:fc:94:14:da:21:19:9b:53:6d:b5:16:c2:09:
e9:30:69:51:4c:ac:a9:ac:38:dc:bc:46:d5:0a:73:
94:8b:e3:34:1a:17:fd:b7:68:af:f0:88:7b:0e:34:
a4:c2:fd:86:a0:a2:00:f5:a2:bd:3d:a8:10:0c:a8:
42:3c:6f:01:aa:b2:9e:02:fd:56:93:92:a4:d3:90:
88:b4:8f:9b:91:8d:60:ec:00:bc:88:fe:de:e3:5e:
ef:14:68:1d:20:e4:6f:a1:83:77:ef:f5:d1:f9:10:
3c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C0:69:5B:BD:72:52:58:38:C0:B2:35:36:3B:90:43:F0:E5:8C:43
X509v3 Authority Key Identifier:
keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/v8BpW71yUlg4wLI1NjuQQ_DljEM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
163.22.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0d:fa:f1:ef:0e:39:a0:68:3c:f8:0f:0f:ad:62:aa:65:37:3b:
6b:aa:f3:e3:48:02:51:7e:aa:69:fd:f0:5c:f3:d4:f7:37:65:
2f:68:66:89:3d:7c:3d:76:f2:20:1c:42:04:4c:86:70:98:26:
1d:86:bf:c7:6b:a4:bb:e1:1c:65:32:b5:04:13:36:1b:6e:70:
92:29:83:84:12:c1:86:69:34:12:53:28:3b:92:8d:87:95:d8:
cd:39:06:62:88:d0:6b:48:67:36:18:d6:26:2a:ea:5f:f0:d6:
d0:55:0c:2c:97:32:f8:79:10:06:cb:3d:d1:f3:4b:b1:cf:65:
15:5b:3f:98:8d:93:4a:99:34:7f:74:f9:c1:06:a4:4c:6c:79:
54:cc:5e:74:e8:b4:7d:ec:52:3f:48:3e:ff:1a:5d:8b:ad:af:
25:bb:94:f8:9f:af:25:d2:0a:f3:92:84:f2:50:3d:1f:b8:a5:
42:b0:18:06:79:3c:09:d6:21:fe:8b:49:6c:c3:a6:0d:ed:b4:
03:81:74:88:9c:3e:48:6d:39:20:17:28:f9:42:80:3c:5f:b5:
52:1f:57:42:e4:04:0b:5c:9a:e8:97:72:9b:90:cf:52:ec:92:
0d:73:80:69:65:e0:b5:be:a9:c9:8f:c1:11:2d:27:34:00:2a:
4c:e5:ee:6d
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICD5kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yNTAyMTkw
MjMxMThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJGQzA2OTVCQkQ3MjUy
NTgzOEMwQjIzNTM2M0I5MDQzRjBFNThDNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmhpjGLLZL7qPbHKPI4PzrlGasUfZ/GeczquA8QBxT1cGJgmbA
d9tW9BdJtLF4hf+rptqUYcdfbZR99uzJpMuNjUjVyPbzb/daCRxaxciv8PnSk5hf
c29dR1xgnMmumLMQm7ltRX1VLmdRB0XJASlX6cLi5yhLDxvsv1e4WCUba5OG2Hld
HX9DzoLF9XIglyUkVw4PwpI4/JQU2iEZm1NttRbCCekwaVFMrKmsONy8RtUKc5SL
4zQaF/23aK/wiHsONKTC/YagogD1or09qBAMqEI8bwGqsp4C/VaTkqTTkIi0j5uR
jWDsALyI/t7jXu8UaB0g5G+hg3fv9dH5EDxLAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUv8BpW71yUlg4wLI1NjuQQ/DljEMwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC92OEJwVzcxeVVsZzR3TEkxTmp1
UVFfRGxqRU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAoxYw
DQYJKoZIhvcNAQELBQADggEBAA368e8OOaBoPPgPD61iqmU3O2uq8+NIAlF+qmn9
8Fzz1Pc3ZS9oZok9fD128iAcQgRMhnCYJh2Gv8drpLvhHGUytQQTNhtucJIpg4QS
wYZpNBJTKDuSjYeV2M05BmKI0GtIZzYY1iYq6l/w1tBVDCyXMvh5EAbLPdHzS7HP
ZRVbP5iNk0qZNH90+cEGpExseVTMXnTotH3sUj9IPv8aXYutryW7lPifryXSCvOS
hPJQPR+4pUKwGAZ5PAnWIf6LSWzDpg3ttAOBdIicPkhtOSAXKPlCgDxftVIfV0Lk
BAtcmuiXcpuQz1Lskg1zgGll4LW+qcmPwREtJzQAKkzl7m0=
-----END CERTIFICATE-----
Generated at Mon Apr 14 21:56:10 2025 by rpki-client