Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/Ol7zzBFBbXjdR6PppffHz7_iF3E.roa
File: Ol7zzBFBbXjdR6PppffHz7_iF3E.roa (raw, json)
Hash identifier: pKwZ8s+qZWVP9UHkUunJ4TwAzjsYjHByX2i/JROT6rc=
Subject key identifier: 3A:5E:F3:CC:11:41:6D:78:DD:47:A3:E9:A5:F7:C7:CF:BF:E2:17:71
Certificate issuer: /CN=57A994BD60555145CB6452DC6A980FC851136BDA
Certificate serial: 05D9
Authority key identifier: 57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/Ol7zzBFBbXjdR6PppffHz7_iF3E.roa
Signing time: Mon 10 Feb 2025 13:57:52 +0000
ROA not before: Mon 10 Feb 2025 13:57:52 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 983
IP address blocks: 103.156.184.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1497 (0x5d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A994BD60555145CB6452DC6A980FC851136BDA
Validity
Not Before: Feb 10 13:57:52 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3A5EF3CC11416D78DD47A3E9A5F7C7CFBFE21771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:52:d1:45:ce:9c:4c:98:07:cc:f8:43:35:1f:
6c:9d:97:45:85:56:94:fe:54:8d:26:f6:bc:1e:89:
02:4c:3a:3a:93:38:4f:3d:c1:05:f1:a1:16:5d:a9:
04:31:5a:8c:17:f8:40:e6:2a:7d:be:cb:0c:ac:b4:
68:93:a2:e7:6a:b1:ff:b1:64:fd:75:d8:23:4f:dc:
79:fd:51:9a:7a:81:fa:7f:38:c9:b4:1c:23:7d:99:
0f:f5:1f:47:0b:3c:66:49:ec:08:4e:fa:7a:be:f9:
89:55:8d:b5:e7:67:46:3f:ec:93:fe:8b:24:80:fa:
a1:ba:d4:6d:0d:16:c8:0d:38:e4:b7:a3:44:19:ae:
87:b7:6a:04:1b:2d:77:44:b5:d6:82:bf:9e:09:b7:
6e:8d:3f:1a:ce:ee:87:07:69:dc:dd:e1:46:87:65:
65:a4:68:0a:b7:7c:5e:86:ae:50:7f:93:ae:c6:c5:
c0:d3:08:02:70:58:b0:c0:9c:a3:c2:6a:21:3c:bb:
a1:76:28:82:13:18:0f:e4:f3:53:ff:fd:34:d3:e7:
39:ff:83:a4:21:52:66:8c:db:9a:58:58:77:67:b8:
de:36:86:96:da:7d:1e:30:24:da:dc:be:ed:f9:c7:
bf:3e:55:1b:0b:5d:21:72:d4:1d:a5:8a:cd:7c:57:
39:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5E:F3:CC:11:41:6D:78:DD:47:A3:E9:A5:F7:C7:CF:BF:E2:17:71
X509v3 Authority Key Identifier:
keyid:57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/V6mUvWBVUUXLZFLcapgPyFETa9o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/Ol7zzBFBbXjdR6PppffHz7_iF3E.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.156.184.0/24
Signature Algorithm: sha256WithRSAEncryption
df:1b:e0:6b:ac:c4:a5:e6:00:bf:fb:e8:f1:c7:8e:54:cf:c9:
a3:13:52:89:b9:73:05:f1:ad:41:2c:38:dc:23:bc:11:ee:8b:
2d:17:8b:36:28:3d:bc:c8:55:29:a0:8d:03:b9:5c:ef:69:ec:
86:76:0b:d4:c5:d7:76:58:5a:ab:d1:d1:e3:6d:36:16:5a:27:
62:3b:d8:f8:cc:d7:68:61:bc:ad:a2:be:24:90:64:dc:6e:ae:
25:2c:7b:dc:b5:a5:d1:02:00:e9:0a:0a:05:94:e6:7c:f4:39:
d7:91:62:5d:95:cf:be:5c:0f:54:13:15:fe:65:5a:de:63:70:
b2:7d:b0:0a:38:aa:21:a6:7e:51:57:4d:7a:d0:93:58:35:99:
7f:d7:3a:f5:4a:83:b6:33:f6:37:ca:32:5b:4f:6b:bf:9b:3f:
c2:e6:4d:a0:6d:6b:c6:89:da:52:dc:ec:8c:58:bf:a6:80:fc:
60:c2:5f:73:48:84:c5:8b:4c:87:26:f2:3a:7c:1f:0a:7d:d7:
c8:2b:fb:4e:30:1f:81:ab:3d:7e:a8:b0:41:c8:c1:9f:cb:b6:
98:2d:dd:5e:eb:06:11:30:47:8b:08:80:52:23:9a:6d:fc:1c:
38:26:9f:29:b1:69:92:05:1a:82:b3:37:65:a6:7d:97:05:b8:
97:28:c4:3d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICBdkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTdB
OTk0QkQ2MDU1NTE0NUNCNjQ1MkRDNkE5ODBGQzg1MTEzNkJEQTAeFw0yNTAyMTAx
MzU3NTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNBNUVGM0NDMTE0MTZE
NzhERDQ3QTNFOUE1RjdDN0NGQkZFMjE3NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmUtFFzpxMmAfM+EM1H2ydl0WFVpT+VI0m9rweiQJMOjqTOE89
wQXxoRZdqQQxWowX+EDmKn2+ywystGiToudqsf+xZP112CNP3Hn9UZp6gfp/OMm0
HCN9mQ/1H0cLPGZJ7AhO+nq++YlVjbXnZ0Y/7JP+iySA+qG61G0NFsgNOOS3o0QZ
roe3agQbLXdEtdaCv54Jt26NPxrO7ocHadzd4UaHZWWkaAq3fF6GrlB/k67GxcDT
CAJwWLDAnKPCaiE8u6F2KIITGA/k81P//TTT5zn/g6QhUmaM25pYWHdnuN42hpba
fR4wJNrcvu35x78+VRsLXSFy1B2lis18VzlPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUOl7zzBFBbXjdR6PppffHz7/iF3EwHwYDVR0jBBgwFoAUV6mUvWBVUUXLZFLc
apgPyFETa9owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUxMUEFT
Uy9WNm1VdldCVlVVWExaRkxjYXBnUHlGRVRhOW8uY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1Y2bVV2V0JWVVVYTFpGTGNhcGdQeUZFVGE5by5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0FMTFBBU1MvT2w3enpCRkJiWGpkUjZQ
cHBmZkh6N19pRjNFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGecuDANBgkqhkiG9w0BAQsFAAOCAQEA3xvga6zEpeYAv/vo8ceOVM/JoxNSiblz
BfGtQSw43CO8Ee6LLReLNig9vMhVKaCNA7lc72nshnYL1MXXdlhaq9HR4202Flon
YjvY+MzXaGG8raK+JJBk3G6uJSx73LWl0QIA6QoKBZTmfPQ515FiXZXPvlwPVBMV
/mVa3mNwsn2wCjiqIaZ+UVdNetCTWDWZf9c69UqDtjP2N8oyW09rv5s/wuZNoG1r
xonaUtzsjFi/poD8YMJfc0iExYtMhybyOnwfCn3XyCv7TjAfgas9fqiwQcjBn8u2
mC3dXusGETBHiwiAUiOabfwcOCafKbFpkgUagrM3ZaZ9lwW4lyjEPQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:49:47 2025 by rpki-client