Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/TMU-lCmYZI0dbMAhc0nOMQEDdcg.roa
File: TMU-lCmYZI0dbMAhc0nOMQEDdcg.roa (raw, json)
Hash identifier: qrLJU2oetDE2jQ/j2VprRGRnHPHFEl6nYYORnuPKgIM=
Subject key identifier: 4C:C5:3E:94:29:98:64:8D:1D:6C:C0:21:73:49:CE:31:01:03:75:C8
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0CD3
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/TMU-lCmYZI0dbMAhc0nOMQEDdcg.roa
Signing time: Mon 10 Feb 2025 13:49:21 +0000
ROA not before: Mon 10 Feb 2025 13:49:21 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131639
IP address blocks: 2403:7f40:f000::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 26 Apr 2025 16:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3283 (0xcd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Feb 10 13:49:21 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=4CC53E942998648D1D6CC0217349CE31010375C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:5c:61:f6:d4:e6:a5:24:af:d9:e4:33:7a:fc:
2a:dd:fd:9d:a3:c4:68:da:d9:9e:c2:fc:54:b7:cd:
7c:79:79:8f:61:8f:2e:85:4e:ec:78:2d:93:47:33:
5f:1a:a9:1f:71:e2:f2:06:19:dd:3d:cc:b1:7c:b9:
48:ec:0a:a0:31:31:40:f8:06:c0:68:79:57:4a:fa:
2b:38:79:0f:51:63:91:ec:42:c0:0b:6a:dc:86:46:
89:60:a5:5d:3e:c3:74:92:3f:41:02:30:67:93:80:
a6:b8:e7:59:13:7e:ef:4f:94:7d:3c:9c:30:68:f6:
e2:22:55:66:cb:fa:9e:f2:05:83:a3:86:50:08:4b:
67:6e:26:ce:e5:5b:72:a3:2f:b3:ed:56:df:cf:09:
4d:95:c2:c7:ae:4c:6b:7c:63:93:23:0c:bf:44:e0:
2b:b5:e2:12:39:cd:0d:37:88:61:c3:68:0f:bc:54:
a8:f7:49:c3:92:cf:82:aa:dc:ba:06:8a:7b:5a:f0:
c1:00:45:6f:7b:dc:02:74:af:ee:a3:f6:f8:6f:a8:
dc:0c:b4:7f:ac:8d:32:13:ec:b6:38:19:ec:69:d4:
cf:13:82:f3:bd:44:bb:a2:e1:42:33:25:74:60:f3:
62:4f:86:31:df:f3:97:7a:8a:0f:fa:55:b3:f7:be:
e3:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C5:3E:94:29:98:64:8D:1D:6C:C0:21:73:49:CE:31:01:03:75:C8
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/TMU-lCmYZI0dbMAhc0nOMQEDdcg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:7f40:f000::/48
Signature Algorithm: sha256WithRSAEncryption
2a:b1:9b:9c:b8:16:ef:de:6f:5e:14:14:34:1d:df:56:14:63:
95:65:1f:2d:10:74:72:e1:db:1e:9a:93:26:86:29:eb:ef:1b:
26:f9:fe:53:06:16:5c:e9:fc:ec:6b:4c:43:aa:34:8a:88:21:
00:5d:7f:b1:6a:c9:1f:60:e5:84:ce:1d:2a:38:b7:13:e5:0f:
56:c0:f7:44:74:db:e9:2c:3f:06:34:ba:5b:16:3f:ef:c1:09:
bf:be:96:19:9e:6a:85:f8:cf:64:16:ea:1c:5f:c4:40:75:10:
ce:bf:3f:72:a3:a5:46:e8:87:7b:06:f3:2f:cc:67:ec:db:c8:
69:4d:3e:7f:a2:29:dd:fe:5b:6c:4a:95:13:45:fd:14:f7:71:
b4:f4:f4:52:45:31:a5:ad:ff:f6:a3:1c:5e:6d:35:34:51:c6:
80:b8:6c:e1:82:69:18:86:b7:dd:57:7d:59:a9:d8:d6:4e:bc:
97:b6:4b:42:96:dd:f4:cb:8b:56:ba:72:78:05:6b:c6:44:e2:
eb:4b:fa:aa:fa:9f:77:1c:53:2e:ec:9d:ad:fc:59:80:67:2f:
b4:95:94:d2:d0:ad:6f:45:bc:9d:aa:00:f1:87:36:9b:ac:6d:
31:5a:fc:35:b3:12:f6:59:67:21:7b:b7:dc:91:2a:65:81:04:
e6:17:6c:a2
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDNMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNTAyMTAx
MzQ5MjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDRDQzUzRTk0Mjk5ODY0
OEQxRDZDQzAyMTczNDlDRTMxMDEwMzc1QzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxXGH21OalJK/Z5DN6/Crd/Z2jxGja2Z7C/FS3zXx5eY9hjy6F
Tux4LZNHM18aqR9x4vIGGd09zLF8uUjsCqAxMUD4BsBoeVdK+is4eQ9RY5HsQsAL
atyGRolgpV0+w3SSP0ECMGeTgKa451kTfu9PlH08nDBo9uIiVWbL+p7yBYOjhlAI
S2duJs7lW3KjL7PtVt/PCU2VwseuTGt8Y5MjDL9E4Cu14hI5zQ03iGHDaA+8VKj3
ScOSz4Kq3LoGinta8MEARW973AJ0r+6j9vhvqNwMtH+sjTIT7LY4Gexp1M8TgvO9
RLui4UIzJXRg82JPhjHf85d6ig/6VbP3vuNlAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUTMU+lCmYZI0dbMAhc0nOMQEDdcgwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL1RNVS1sQ21ZWkkwZGJNQWhjMG5PTVFF
RGRjZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkA39A8AAw
DQYJKoZIhvcNAQELBQADggEBACqxm5y4Fu/eb14UFDQd31YUY5VlHy0QdHLh2x6a
kyaGKevvGyb5/lMGFlzp/OxrTEOqNIqIIQBdf7FqyR9g5YTOHSo4txPlD1bA90R0
2+ksPwY0ulsWP+/BCb++lhmeaoX4z2QW6hxfxEB1EM6/P3KjpUboh3sG8y/MZ+zb
yGlNPn+iKd3+W2xKlRNF/RT3cbT09FJFMaWt//ajHF5tNTRRxoC4bOGCaRiGt91X
fVmp2NZOvJe2S0KW3fTLi1a6cngFa8ZE4utL+qr6n3ccUy7sna38WYBnL7SVlNLQ
rW9FvJ2qAPGHNpusbTFa/DWzEvZZZyF7t9yRKmWBBOYXbKI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:33:57 2025 by rpki-client