Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Qg86islRFHPswjpg5aAqZ0B67F4.roa
File: Qg86islRFHPswjpg5aAqZ0B67F4.roa (raw, json)
Hash identifier: FijTCr+7rekehdQeTGhiNAgjguL4IrRfhCkZGIzY6fU=
Subject key identifier: 42:0F:3A:8A:C9:51:14:73:EC:C2:3A:60:E5:A0:2A:67:40:7A:EC:5E
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 1275
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Qg86islRFHPswjpg5aAqZ0B67F4.roa
Signing time: Mon 10 Feb 2025 14:14:52 +0000
ROA not before: Mon 10 Feb 2025 14:14:52 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38851
IP address blocks: 150.116.120.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4725 (0x1275)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 10 14:14:52 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=420F3A8AC9511473ECC23A60E5A02A67407AEC5E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a3:ab:db:b4:6b:45:70:e1:d2:c2:ca:a6:0b:
61:cf:8a:26:ec:f1:b2:06:18:f4:84:d7:d6:44:0f:
60:74:87:fe:05:12:f7:a2:46:de:4c:1b:3f:9f:aa:
59:a7:1e:af:26:34:71:8e:3b:d4:ef:d7:50:91:b7:
a0:0c:b7:b7:f7:67:09:41:c4:d4:9c:11:cb:7e:ca:
f9:47:1a:01:6f:92:86:e7:44:af:47:c2:0b:fd:b3:
e9:32:d5:27:74:ae:a4:89:1e:6f:83:29:84:58:b7:
f7:83:f9:96:ce:05:f5:05:84:a5:86:32:a1:2c:a0:
34:74:16:ee:3c:7b:34:09:1a:3c:a9:8b:f4:4f:73:
4b:5d:f5:c6:0e:44:43:21:6b:87:f1:d8:50:b5:7c:
af:c2:40:7c:73:b8:1e:45:22:f8:b7:df:01:c5:02:
a2:e0:a3:92:ea:09:49:e0:91:f2:c7:26:9a:12:0f:
03:bd:75:bd:19:ea:74:62:f3:19:3d:fd:15:84:f3:
07:e6:56:24:fe:26:ec:ef:35:d6:67:a8:b3:2c:85:
ac:55:04:85:8f:22:31:be:29:40:7d:41:8d:a4:fd:
c5:8d:f6:35:42:7a:d5:1e:bc:e6:ee:9c:ba:69:61:
7f:20:48:26:7b:e9:2a:83:f2:5a:72:ae:5e:50:a9:
cb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:0F:3A:8A:C9:51:14:73:EC:C2:3A:60:E5:A0:2A:67:40:7A:EC:5E
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Qg86islRFHPswjpg5aAqZ0B67F4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.120.0/21
Signature Algorithm: sha256WithRSAEncryption
ac:2c:dc:87:e7:55:a4:43:18:b2:9e:11:68:fb:99:1b:cb:af:
bd:21:9a:4d:56:24:6f:ea:82:5c:b7:5e:6e:46:58:df:5e:c1:
41:33:cb:fc:8f:cf:7b:4c:62:71:0d:e3:f1:a0:aa:69:2c:e5:
5e:6b:6f:9b:12:99:b5:74:23:1e:3d:b9:55:d1:2a:76:2f:99:
0a:44:77:45:81:ec:7f:92:27:4e:01:cc:74:e7:4e:6f:f5:ff:
12:46:4d:c8:5c:fa:3d:57:de:e4:f2:42:44:72:bb:05:e7:89:
da:e2:08:d4:90:61:78:cc:c2:67:b3:55:3f:53:48:c6:2a:fe:
4e:d8:10:9c:8e:20:24:15:31:24:a2:e3:4f:d0:51:ed:39:e2:
46:a2:65:64:06:12:e2:76:c7:4c:5e:8b:38:8b:85:5b:0b:0f:
24:fa:7d:96:d3:30:ba:1d:94:d5:a5:e8:cf:b0:96:4f:30:7c:
b0:70:09:a4:93:a0:48:18:fe:4b:36:7f:ea:e0:ef:dd:5a:64:
08:4a:f3:e0:38:a1:43:a0:3f:56:3b:9b:6b:8d:bf:6c:38:d8:
f1:9a:a0:f4:04:1d:ec:5f:0a:2d:47:bc:59:b2:38:cb:af:62:
e8:15:1a:0a:18:00:2b:bb:3c:44:96:60:d4:ea:5d:6a:7e:e8:
96:ba:3b:4a
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEnUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx
NDE0NTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQyMEYzQThBQzk1MTE0
NzNFQ0MyM0E2MEU1QTAyQTY3NDA3QUVDNUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBo6vbtGtFcOHSwsqmC2HPiibs8bIGGPSE19ZED2B0h/4FEvei
Rt5MGz+fqlmnHq8mNHGOO9Tv11CRt6AMt7f3ZwlBxNScEct+yvlHGgFvkobnRK9H
wgv9s+ky1Sd0rqSJHm+DKYRYt/eD+ZbOBfUFhKWGMqEsoDR0Fu48ezQJGjypi/RP
c0td9cYOREMha4fx2FC1fK/CQHxzuB5FIvi33wHFAqLgo5LqCUngkfLHJpoSDwO9
db0Z6nRi8xk9/RWE8wfmViT+JuzvNdZnqLMshaxVBIWPIjG+KUB9QY2k/cWN9jVC
etUevObunLppYX8gSCZ76SqD8lpyrl5QqcurAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUQg86islRFHPswjpg5aAqZ0B67F4wHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9RZzg2aXNsUkZIUHN3
anBnNWFBcVowQjY3RjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnR4MA0GCSqGSIb3DQEBCwUAA4IBAQCsLNyH51WkQxiynhFo+5kby6+9IZpN
ViRv6oJct15uRljfXsFBM8v8j897TGJxDePxoKppLOVea2+bEpm1dCMePblV0Sp2
L5kKRHdFgex/kidOAcx0505v9f8SRk3IXPo9V97k8kJEcrsF54na4gjUkGF4zMJn
s1U/U0jGKv5O2BCcjiAkFTEkouNP0FHtOeJGomVkBhLidsdMXos4i4VbCw8k+n2W
0zC6HZTVpejPsJZPMHywcAmkk6BIGP5LNn/q4O/dWmQISvPgOKFDoD9WO5trjb9s
ONjxmqD0BB3sXwotR7xZsjjLr2LoFRoKGAAruzxElmDU6l1qfuiWujtK
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:23:27 2025 by rpki-client