Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/UNIGATE/CCYYZgJUwOxcN6hx-tDn516FlZw.roa
File: CCYYZgJUwOxcN6hx-tDn516FlZw.roa (raw, json)
Hash identifier: z9D6nFjrqdRQJeeuG0aOh5Nk/MSX0sdNNwoZ3WRM5Mg=
Subject key identifier: 08:26:18:66:02:54:C0:EC:5C:37:A8:71:FA:D0:E7:E7:5E:85:95:9C
Certificate issuer: /CN=390A0412F8B5EC4F3F9FDBB3A61270DBD0EA9E6B
Certificate serial: 0CCB
Authority key identifier: 39:0A:04:12:F8:B5:EC:4F:3F:9F:DB:B3:A6:12:70:DB:D0:EA:9E:6B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OQoEEvi17E8_n9uzphJw29Dqnms.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UNIGATE/CCYYZgJUwOxcN6hx-tDn516FlZw.roa
Signing time: Mon 10 Feb 2025 14:15:25 +0000
ROA not before: Mon 10 Feb 2025 14:15:25 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17408
IP address blocks: 103.123.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/UNIGATE/OQoEEvi17E8_n9uzphJw29Dqnms.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/UNIGATE/OQoEEvi17E8_n9uzphJw29Dqnms.mft
rsync://rpkica.twnic.tw/rpki/TWNICCA/OQoEEvi17E8_n9uzphJw29Dqnms.cer
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl
rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 20:38:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3275 (0xccb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390A0412F8B5EC4F3F9FDBB3A61270DBD0EA9E6B
Validity
Not Before: Feb 10 14:15:25 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=082618660254C0EC5C37A871FAD0E7E75E85959C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:91:7a:30:90:1d:c2:01:80:25:58:b3:c1:47:
50:a7:9c:0a:b4:c5:31:4e:0f:48:85:ed:bc:a6:88:
b1:93:8d:ab:24:86:a1:de:b8:3b:d8:b4:01:cd:24:
32:e4:53:e3:d1:c3:79:21:bd:f3:00:f9:86:e1:ec:
1b:e5:5a:48:dd:54:d6:83:32:a2:cf:7b:6d:db:fc:
54:f3:e5:3e:23:85:85:8a:0f:22:d1:22:3d:45:cf:
ea:f1:b9:84:e2:50:87:dd:8a:dc:a0:2b:81:6f:ea:
c9:1a:cd:06:4f:a2:4f:0d:9b:34:13:4e:0f:1e:02:
ef:2a:2c:87:52:fb:57:f7:60:2c:12:82:91:b0:aa:
13:38:15:46:ad:e7:8b:75:25:ee:3f:83:e9:cd:65:
45:f5:4e:54:0f:9a:8d:1d:89:38:c8:fd:28:3b:dd:
95:7a:e2:05:eb:59:d7:48:a9:c9:35:2d:58:03:13:
2d:18:96:17:cb:c8:a8:df:4e:e7:06:cb:68:99:3c:
be:b0:9f:37:59:91:b5:8d:94:64:d3:ee:18:59:67:
db:80:22:dd:1e:e2:26:1b:f6:c9:01:ef:56:e9:5d:
23:18:37:36:e8:59:96:65:fc:e9:5c:49:d2:87:5e:
2f:2d:eb:05:d9:c1:a7:81:ae:82:4b:43:ad:ba:cb:
9c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:26:18:66:02:54:C0:EC:5C:37:A8:71:FA:D0:E7:E7:5E:85:95:9C
X509v3 Authority Key Identifier:
keyid:39:0A:04:12:F8:B5:EC:4F:3F:9F:DB:B3:A6:12:70:DB:D0:EA:9E:6B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UNIGATE/OQoEEvi17E8_n9uzphJw29Dqnms.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OQoEEvi17E8_n9uzphJw29Dqnms.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UNIGATE/CCYYZgJUwOxcN6hx-tDn516FlZw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.140.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:89:58:85:d9:0a:09:c7:17:91:42:f4:d1:fd:67:ea:40:9e:
dd:20:60:69:fe:18:45:3c:80:6f:f6:04:52:63:14:17:8a:40:
77:71:be:f4:f5:29:47:a4:5a:32:73:1e:a1:72:b3:78:d3:37:
25:c6:8c:92:a7:a1:30:fd:05:6f:4f:e2:dc:25:b3:24:c2:12:
89:da:8f:99:3d:3b:dc:df:74:2a:b6:06:0d:2e:e2:9b:4d:fc:
88:91:b7:3a:18:da:eb:78:27:1b:1d:f0:85:1a:fb:44:30:50:
06:fe:55:e3:ac:46:3a:72:37:b2:85:47:50:e9:29:84:f6:53:
11:dc:9d:bf:ba:40:ec:3d:0d:be:58:8d:18:be:b4:ee:56:65:
ec:8b:cf:f6:eb:78:60:c7:2d:37:99:e5:c8:83:fc:61:e1:cf:
69:04:5f:df:9b:55:3b:f4:a1:4d:78:86:26:aa:06:f9:b7:72:
7a:f6:24:57:32:21:f0:b1:ca:0d:09:39:7a:53:73:06:62:49:
ec:f3:52:04:6d:8b:20:bc:ce:c7:50:bb:1b:c0:cf:91:bb:fb:
e6:f2:8d:92:3b:cb:26:3c:df:9d:d2:82:02:f5:64:30:67:97:
e0:76:d6:31:6e:59:b0:bc:90:c0:73:a6:81:60:2c:22:fa:f9:
eb:16:b5:a5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDMswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzkw
QTA0MTJGOEI1RUM0RjNGOUZEQkIzQTYxMjcwREJEMEVBOUU2QjAeFw0yNTAyMTAx
NDE1MjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA4MjYxODY2MDI1NEMw
RUM1QzM3QTg3MUZBRDBFN0U3NUU4NTk1OUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDekXowkB3CAYAlWLPBR1CnnAq0xTFOD0iF7bymiLGTjaskhqHe
uDvYtAHNJDLkU+PRw3khvfMA+Ybh7BvlWkjdVNaDMqLPe23b/FTz5T4jhYWKDyLR
Ij1Fz+rxuYTiUIfditygK4Fv6skazQZPok8NmzQTTg8eAu8qLIdS+1f3YCwSgpGw
qhM4FUat54t1Je4/g+nNZUX1TlQPmo0diTjI/Sg73ZV64gXrWddIqck1LVgDEy0Y
lhfLyKjfTucGy2iZPL6wnzdZkbWNlGTT7hhZZ9uAIt0e4iYb9skB71bpXSMYNzbo
WZZl/OlcSdKHXi8t6wXZwaeBroJLQ626y5zzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCCYYZgJUwOxcN6hx+tDn516FlZwwHwYDVR0jBBgwFoAUOQoEEvi17E8/n9uz
phJw29DqnmswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVU5JR0FU
RS9PUW9FRXZpMTdFOF9uOXV6cGhKdzI5RHFubXMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL09Rb0VFdmkxN0U4X245dXpwaEp3MjlEcW5tcy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1VOSUdBVEUvQ0NZWVpnSlV3T3hjTjZo
eC10RG41MTZGbFp3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
Amd7jDANBgkqhkiG9w0BAQsFAAOCAQEAPolYhdkKCccXkUL00f1n6kCe3SBgaf4Y
RTyAb/YEUmMUF4pAd3G+9PUpR6RaMnMeoXKzeNM3JcaMkqehMP0Fb0/i3CWzJMIS
idqPmT073N90KrYGDS7im038iJG3Ohja63gnGx3whRr7RDBQBv5V46xGOnI3soVH
UOkphPZTEdydv7pA7D0NvliNGL607lZl7IvP9ut4YMctN5nlyIP8YeHPaQRf35tV
O/ShTXiGJqoG+bdyevYkVzIh8LHKDQk5elNzBmJJ7PNSBG2LILzOx1C7G8DPkbv7
5vKNkjvLJjzfndKCAvVkMGeX4HbWMW5ZsLyQwHOmgWAsIvr56xa1pQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 17:36:01 2025 by rpki-client