Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/jKPUigvX9Y-3UesG6MytcaCCOsQ.roa
File: jKPUigvX9Y-3UesG6MytcaCCOsQ.roa (raw, json)
Hash identifier: 1RJpsM12t3qtBwVQeIlrJRumsBDmj3AP7g304+ZqbGk=
Subject key identifier: 8C:A3:D4:8A:0B:D7:F5:8F:B7:51:EB:06:E8:CC:AD:71:A0:82:3A:C4
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 125F
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/jKPUigvX9Y-3UesG6MytcaCCOsQ.roa
Signing time: Mon 10 Feb 2025 14:14:45 +0000
ROA not before: Mon 10 Feb 2025 14:14:45 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131627
IP address blocks: 150.116.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4703 (0x125f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 10 14:14:45 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8CA3D48A0BD7F58FB751EB06E8CCAD71A0823AC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d6:10:be:4c:43:40:87:03:e6:ba:67:c4:b2:
cf:80:11:12:2e:f5:09:66:c8:9d:c2:34:84:55:42:
00:d9:76:a0:cf:d6:03:0f:ad:a1:e0:e1:39:35:e4:
70:0a:1a:08:28:bc:68:ed:fe:1c:1f:d8:05:10:e5:
2a:ab:af:e0:5a:9c:e7:1f:78:0d:8f:d6:4d:46:fa:
5f:6e:70:bc:4f:fe:29:15:33:87:8b:58:55:87:28:
c0:20:58:53:c2:12:43:8e:4d:db:6c:0c:da:8d:71:
2e:72:7e:35:53:aa:d7:77:a8:a3:53:0a:97:4a:10:
81:dc:81:be:bc:29:31:25:1f:98:13:5b:6e:84:30:
9c:7f:29:2b:05:7a:b5:6e:df:4b:a8:52:a4:35:f1:
58:cc:ac:4c:3c:34:84:95:b8:85:18:9a:72:88:99:
b3:1f:cb:20:89:0e:c1:09:0a:9d:86:43:a0:eb:d3:
0d:cd:dd:3c:32:bc:c9:fb:d0:2c:0c:61:8c:14:77:
0b:3e:6a:a7:57:29:11:eb:eb:9f:41:68:9b:a3:2f:
8e:9f:3d:2d:07:2f:89:50:de:e3:82:83:21:91:af:
3d:60:90:a9:1c:fd:e6:7c:b8:ae:ad:85:4c:d6:9f:
d5:90:4d:85:d3:25:e2:99:b3:e6:e7:17:47:03:06:
46:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:A3:D4:8A:0B:D7:F5:8F:B7:51:EB:06:E8:CC:AD:71:A0:82:3A:C4
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/jKPUigvX9Y-3UesG6MytcaCCOsQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.239.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:26:63:5c:c3:e0:8d:f1:47:08:9f:96:49:0e:08:a7:5f:8b:
86:55:16:56:90:36:2f:5f:22:07:92:11:57:e3:e4:d4:08:7e:
6f:83:ca:4a:09:cc:95:e7:ea:5e:35:e8:12:72:01:e5:5d:3b:
c1:f3:97:df:fd:42:f5:1d:6c:c3:15:68:c1:01:dd:03:03:cd:
c0:71:e2:db:1e:66:4a:fd:cf:b5:53:c5:96:3b:a1:b5:e6:1b:
92:55:0b:75:bb:15:d5:b6:32:33:1f:15:78:6c:6e:a9:97:10:
89:34:2a:b4:d9:8a:26:7f:8a:66:b1:49:b4:1e:39:f5:a2:29:
f0:10:74:f5:ab:fb:47:47:d3:a5:b0:c8:8e:c7:bb:37:5c:03:
05:3c:24:56:ee:d5:ea:bb:20:44:37:0a:d9:76:c6:fc:73:bc:
f1:c4:83:4b:96:92:3a:62:3c:0c:b4:87:10:47:a2:b8:e7:67:
97:18:f7:fb:6a:7c:3d:1b:ef:de:2d:c4:f2:52:e3:d1:b6:c0:
31:17:99:56:6e:e8:ab:ff:79:01:24:61:eb:db:a6:ef:9a:03:
85:3e:90:4c:5c:e9:79:de:c0:c6:02:2c:1d:36:8d:83:2e:85:
30:c7:a0:08:3e:07:8b:04:6c:43:f5:48:5c:73:68:23:0d:22:
08:81:0e:0f
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEl8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx
NDE0NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhDQTNENDhBMEJEN0Y1
OEZCNzUxRUIwNkU4Q0NBRDcxQTA4MjNBQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCi1hC+TENAhwPmumfEss+AERIu9QlmyJ3CNIRVQgDZdqDP1gMP
raHg4Tk15HAKGggovGjt/hwf2AUQ5Sqrr+BanOcfeA2P1k1G+l9ucLxP/ikVM4eL
WFWHKMAgWFPCEkOOTdtsDNqNcS5yfjVTqtd3qKNTCpdKEIHcgb68KTElH5gTW26E
MJx/KSsFerVu30uoUqQ18VjMrEw8NISVuIUYmnKImbMfyyCJDsEJCp2GQ6Dr0w3N
3TwyvMn70CwMYYwUdws+aqdXKRHr659BaJujL46fPS0HL4lQ3uOCgyGRrz1gkKkc
/eZ8uK6thUzWn9WQTYXTJeKZs+bnF0cDBkaXAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUjKPUigvX9Y+3UesG6MytcaCCOsQwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9qS1BVaWd2WDlZLTNV
ZXNHNk15dGNhQ0NPc1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAlnTvMA0GCSqGSIb3DQEBCwUAA4IBAQCtJmNcw+CN8UcIn5ZJDginX4uGVRZW
kDYvXyIHkhFX4+TUCH5vg8pKCcyV5+peNegScgHlXTvB85ff/UL1HWzDFWjBAd0D
A83AceLbHmZK/c+1U8WWO6G15huSVQt1uxXVtjIzHxV4bG6plxCJNCq02Yomf4pm
sUm0Hjn1oinwEHT1q/tHR9OlsMiOx7s3XAMFPCRW7tXquyBENwrZdsb8c7zxxINL
lpI6YjwMtIcQR6K452eXGPf7anw9G+/eLcTyUuPRtsAxF5lWbuir/3kBJGHr26bv
mgOFPpBMXOl53sDGAiwdNo2DLoUwx6AIPgeLBGxD9Uhcc2gjDSIIgQ4P
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:56:58 2025 by rpki-client