Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/zTDPnmd1r8amXV4yG-LeBS9OC-4.roa
File: zTDPnmd1r8amXV4yG-LeBS9OC-4.roa (raw, json)
Hash identifier: vaEraO54Y3ak73HQj2xxTSgBWyvXtlOk+e8aIM5qJEc=
Subject key identifier: CD:30:CF:9E:67:75:AF:C6:A6:5D:5E:32:1B:E2:DE:05:2F:4E:0B:EE
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 128C
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/zTDPnmd1r8amXV4yG-LeBS9OC-4.roa
Signing time: Mon 10 Feb 2025 14:14:59 +0000
ROA not before: Mon 10 Feb 2025 14:14:59 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131627
IP address blocks: 150.116.84.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4748 (0x128c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 10 14:14:59 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CD30CF9E6775AFC6A65D5E321BE2DE052F4E0BEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cf:49:1d:22:b7:a8:85:6f:ab:ab:9e:ed:d5:
91:66:41:59:71:3e:8f:59:f4:a2:f7:9a:3e:8e:78:
67:2d:8c:59:41:53:ca:05:6d:08:71:7a:df:d4:d1:
b8:25:9b:cf:19:c1:1c:26:c3:7a:11:60:46:8b:7a:
e8:6f:9c:a1:41:d4:30:ed:04:fa:9a:e9:0f:de:2e:
b3:1b:d3:d7:87:2c:f1:42:5c:21:35:3d:82:6e:86:
30:72:16:50:31:18:79:f1:18:19:be:20:64:b7:0b:
c8:1c:85:db:09:b5:88:94:a7:d2:91:70:73:b9:62:
3e:11:b9:48:8a:f9:51:ee:d7:a5:73:50:c0:dd:5f:
7d:81:5a:e8:32:97:5d:84:b2:64:eb:79:45:1c:d2:
d1:01:4c:cb:10:6e:40:e8:9c:f6:d4:af:37:c4:58:
e0:76:2e:c8:ef:5e:47:40:07:b1:a8:17:16:0b:ec:
1e:a3:10:0f:3f:e9:b5:8e:fc:8b:7a:0b:4e:3b:93:
8c:c9:f2:f8:8e:c8:b1:3b:89:2e:a8:e4:3c:50:63:
3a:f0:a0:65:80:63:0b:50:b2:fb:13:91:71:5b:d8:
93:d7:a7:ac:30:6f:50:a3:cf:b8:08:14:cb:12:a5:
3a:57:d3:db:d9:ba:56:0a:32:5c:a0:f1:33:18:fe:
be:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:30:CF:9E:67:75:AF:C6:A6:5D:5E:32:1B:E2:DE:05:2F:4E:0B:EE
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/zTDPnmd1r8amXV4yG-LeBS9OC-4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.84.0/22
Signature Algorithm: sha256WithRSAEncryption
28:56:9e:d9:1f:28:15:71:9f:4c:70:4e:e1:9f:e7:59:cd:19:
8d:79:6d:6a:99:84:52:f7:d0:26:79:d8:f4:0a:c9:c6:d1:67:
47:2a:a1:cc:03:36:c4:e0:8d:83:fd:9d:80:78:e2:29:3d:c0:
31:00:e5:32:ea:31:f4:77:72:bf:36:46:19:85:78:bd:7b:88:
e4:c1:58:4b:ab:b6:f7:f5:71:bc:cd:f3:a2:9b:02:c4:07:c1:
58:7b:da:e6:9c:c3:0c:85:fc:ea:b5:5c:79:da:47:88:11:80:
b8:37:86:e4:e2:c9:67:ff:00:b8:50:21:ec:cc:40:31:af:2a:
cc:0e:09:10:f2:e3:12:07:66:3f:94:9f:48:5e:9b:26:4b:2a:
10:56:0e:44:42:b3:c3:e5:c7:fb:d5:72:bb:d0:f3:b4:a6:ba:
d8:81:18:99:cf:4f:64:7a:25:6b:fd:9d:cc:c9:f2:5b:28:a1:
e5:36:e8:39:55:77:02:32:7b:75:a3:d5:ad:54:f6:b0:62:b1:
f7:39:23:14:18:ab:45:fa:34:8e:a0:0b:47:85:60:f6:51:e9:
c4:64:b4:e5:a4:80:eb:57:bf:63:b9:9e:2e:d5:c8:bb:c4:3e:
73:d3:0b:fd:b8:60:88:83:40:ef:b8:0c:6f:ee:97:cc:6c:aa:
54:d4:87:0b
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEowwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx
NDE0NTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENEMzBDRjlFNjc3NUFG
QzZBNjVENUUzMjFCRTJERTA1MkY0RTBCRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0z0kdIreohW+rq57t1ZFmQVlxPo9Z9KL3mj6OeGctjFlBU8oF
bQhxet/U0bglm88ZwRwmw3oRYEaLeuhvnKFB1DDtBPqa6Q/eLrMb09eHLPFCXCE1
PYJuhjByFlAxGHnxGBm+IGS3C8gchdsJtYiUp9KRcHO5Yj4RuUiK+VHu16VzUMDd
X32BWugyl12EsmTreUUc0tEBTMsQbkDonPbUrzfEWOB2LsjvXkdAB7GoFxYL7B6j
EA8/6bWO/It6C047k4zJ8viOyLE7iS6o5DxQYzrwoGWAYwtQsvsTkXFb2JPXp6ww
b1Cjz7gIFMsSpTpX09vZulYKMlyg8TMY/r5dAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUzTDPnmd1r8amXV4yG+LeBS9OC+4wHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy96VERQbm1kMXI4YW1Y
VjR5Ry1MZUJTOU9DLTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQClnRUMA0GCSqGSIb3DQEBCwUAA4IBAQAoVp7ZHygVcZ9McE7hn+dZzRmNeW1q
mYRS99Amedj0CsnG0WdHKqHMAzbE4I2D/Z2AeOIpPcAxAOUy6jH0d3K/NkYZhXi9
e4jkwVhLq7b39XG8zfOimwLEB8FYe9rmnMMMhfzqtVx52keIEYC4N4bk4sln/wC4
UCHszEAxryrMDgkQ8uMSB2Y/lJ9IXpsmSyoQVg5EQrPD5cf71XK70PO0prrYgRiZ
z09keiVr/Z3MyfJbKKHlNug5VXcCMnt1o9WtVPawYrH3OSMUGKtF+jSOoAtHhWD2
UenEZLTlpIDrV79juZ4u1ci7xD5z0wv9uGCIg0DvuAxv7pfMbKpU1IcL
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:26:28 2025 by rpki-client