Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/CXb_mWdfYG3vD02NzrvbfYQqTBY.roa
File: CXb_mWdfYG3vD02NzrvbfYQqTBY.roa (raw, json)
Hash identifier: ZD8/RFGj4jTY/fg6854ZgE0ThzrbCTn5Kvj1uEnQFUY=
Subject key identifier: 09:76:FF:99:67:5F:60:6D:EF:0F:4D:8D:CE:BB:DB:7D:84:2A:4C:16
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 125E
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/CXb_mWdfYG3vD02NzrvbfYQqTBY.roa
Signing time: Mon 10 Feb 2025 14:14:45 +0000
ROA not before: Mon 10 Feb 2025 14:14:45 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131627
IP address blocks: 150.116.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4702 (0x125e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 10 14:14:45 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=0976FF99675F606DEF0F4D8DCEBBDB7D842A4C16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d8:fb:0e:20:2d:bd:93:df:e0:c2:7e:11:96:
73:21:9c:22:cf:a3:44:29:db:8f:ad:3c:36:5e:39:
94:8f:04:a1:08:30:60:19:48:ea:b6:28:cb:ff:38:
3f:c2:c2:35:0a:a4:6e:07:04:10:ec:bd:f7:ac:d4:
30:c5:f5:c5:60:6a:ac:ac:0c:8d:89:3d:2d:96:f1:
28:58:8b:cd:27:7f:e0:9b:b7:e9:eb:4d:8d:f2:88:
39:f2:fd:43:c6:50:06:e1:17:76:14:ef:a9:d6:9e:
b5:30:1b:11:05:f6:a6:54:64:fb:23:83:51:1c:8d:
ab:07:a9:c0:48:dc:6c:43:5b:8b:31:7d:d7:94:7b:
d8:55:ca:b4:1b:e9:d3:21:70:d8:5a:74:ca:ab:71:
6b:33:0a:19:da:a8:5b:99:64:26:b7:e1:30:76:db:
f1:bc:40:86:46:74:a2:b5:a5:8b:65:34:78:ca:16:
49:42:b4:14:97:93:c2:e1:19:27:c3:20:e8:d5:b5:
a6:78:f3:9c:3c:f5:79:80:79:36:61:4f:f9:1b:cd:
ee:f9:1b:69:66:e3:c1:99:8b:72:f1:ee:b7:e4:37:
60:c1:63:b4:b6:9c:e1:26:13:e4:a8:11:81:86:cc:
f5:21:b7:d2:aa:ad:8e:0e:37:d9:fa:92:4c:75:f4:
d0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:76:FF:99:67:5F:60:6D:EF:0F:4D:8D:CE:BB:DB:7D:84:2A:4C:16
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/CXb_mWdfYG3vD02NzrvbfYQqTBY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.238.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:92:2d:8f:96:65:79:3b:ce:a3:67:f1:9a:36:c8:2b:ce:96:
95:ea:b2:a1:db:ab:33:cc:e7:ef:16:0b:f6:d1:6a:f1:2d:d8:
1a:27:28:48:16:dd:15:4d:c6:96:cb:59:de:c8:c5:24:c9:da:
9c:66:7f:e9:cb:18:60:f6:6d:5d:34:6d:3e:12:f5:ab:5e:7d:
5f:c4:73:ed:d6:2b:e4:a4:ca:e1:c9:36:0d:af:79:58:c5:2d:
1e:26:1a:ab:d0:71:7f:6e:7a:5a:21:17:c2:9a:42:98:77:ff:
e5:31:04:1f:61:3a:e5:56:61:f7:06:b6:f7:a8:e2:56:11:7a:
b2:26:91:1c:b9:f0:1f:64:d9:f6:b2:3c:c5:dc:4b:33:76:68:
73:84:94:ec:31:76:c7:6d:28:73:b8:e7:6b:74:8a:27:cf:52:
08:44:5c:bf:3e:fa:d8:20:03:72:b1:17:0c:ea:80:7a:8b:77:
a3:9c:66:83:e3:66:51:b0:37:75:0f:43:81:3a:40:6d:f4:2a:
38:b3:4b:4b:af:9a:de:d5:32:08:e5:f3:02:9c:88:29:44:e9:
e5:85:3d:8a:55:50:69:05:dc:e7:a4:2f:19:ac:a7:1a:8d:af:
d0:12:10:68:be:15:62:4c:0c:f3:06:fd:87:de:df:c6:b0:b6:
a4:74:6c:4c
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEl4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx
NDE0NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA5NzZGRjk5Njc1RjYw
NkRFRjBGNEQ4RENFQkJEQjdEODQyQTRDMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJ2PsOIC29k9/gwn4RlnMhnCLPo0Qp24+tPDZeOZSPBKEIMGAZ
SOq2KMv/OD/CwjUKpG4HBBDsvfes1DDF9cVgaqysDI2JPS2W8ShYi80nf+Cbt+nr
TY3yiDny/UPGUAbhF3YU76nWnrUwGxEF9qZUZPsjg1EcjasHqcBI3GxDW4sxfdeU
e9hVyrQb6dMhcNhadMqrcWszChnaqFuZZCa34TB22/G8QIZGdKK1pYtlNHjKFklC
tBSXk8LhGSfDIOjVtaZ485w89XmAeTZhT/kbze75G2lm48GZi3Lx7rfkN2DBY7S2
nOEmE+SoEYGGzPUht9KqrY4ON9n6kkx19NDHAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUCXb/mWdfYG3vD02NzrvbfYQqTBYwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9DWGJfbVdkZllHM3ZE
MDJOenJ2YmZZUXFUQlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAlnTuMA0GCSqGSIb3DQEBCwUAA4IBAQA6ki2PlmV5O86jZ/GaNsgrzpaV6rKh
26szzOfvFgv20WrxLdgaJyhIFt0VTcaWy1neyMUkydqcZn/pyxhg9m1dNG0+EvWr
Xn1fxHPt1ivkpMrhyTYNr3lYxS0eJhqr0HF/bnpaIRfCmkKYd//lMQQfYTrlVmH3
Brb3qOJWEXqyJpEcufAfZNn2sjzF3EszdmhzhJTsMXbHbShzuOdrdIonz1IIRFy/
PvrYIANysRcM6oB6i3ejnGaD42ZRsDd1D0OBOkBt9Co4s0tLr5re1TII5fMCnIgp
ROnlhT2KVVBpBdznpC8ZrKcaja/QEhBovhViTAzzBv2H3t/GsLakdGxM
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:22:08 2025 by rpki-client