Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/s2aEWOxFTbqmXbQRVFC_4D0uhb4.roa
File: s2aEWOxFTbqmXbQRVFC_4D0uhb4.roa (raw, json)
Hash identifier: 8TkQbQpqq0MecFdvcpvcO0Z3Lx1olJ0qmDTRPTxc8rg=
Subject key identifier: B3:66:84:58:EC:45:4D:BA:A6:5D:B4:11:54:50:BF:E0:3D:2E:85:BE
Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial: 0D74
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/s2aEWOxFTbqmXbQRVFC_4D0uhb4.roa
Signing time: Mon 10 Feb 2025 13:50:02 +0000
ROA not before: Mon 10 Feb 2025 13:50:02 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9244
IP address blocks: 61.56.72.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3444 (0xd74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Validity
Not Before: Feb 10 13:50:02 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B3668458EC454DBAA65DB4115450BFE03D2E85BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c3:01:10:14:b9:21:67:00:af:ad:af:de:f4:
e1:70:ba:22:cf:05:58:86:4a:c0:27:89:21:9b:05:
a1:f2:b7:df:bc:68:30:b9:16:8a:48:09:c5:42:eb:
a6:34:2e:eb:72:b4:9d:9a:cb:b6:c7:ce:26:be:9b:
fd:a4:20:a4:d9:cf:d5:ee:c2:be:04:71:45:0e:72:
8d:11:d9:f1:7b:40:87:6b:1b:11:6e:aa:a8:39:af:
db:50:dd:51:00:76:56:d7:b8:67:21:7f:ce:09:2b:
5d:2f:1a:18:62:82:c2:5a:f0:b1:38:12:1e:cd:21:
fe:60:51:43:81:15:e9:bc:0b:af:93:ce:90:57:30:
3b:44:3e:94:62:3e:f5:f3:66:64:da:f8:14:ee:34:
b6:bd:4a:96:ad:3f:d0:18:58:98:2c:8e:c0:e9:89:
47:1f:07:60:6e:9a:e8:48:91:f4:03:d1:72:17:b4:
1f:13:46:f1:94:84:66:5b:6b:47:6a:3b:c6:46:99:
c1:a3:2f:68:fa:a5:c0:f0:48:4a:92:94:8d:36:66:
34:19:62:fe:5d:b2:d7:f2:93:86:f2:36:90:6b:fe:
4a:c8:ad:6b:91:2d:c0:b6:47:ed:76:e1:84:55:f4:
66:fd:14:9a:bb:fd:89:a7:c6:dc:03:48:50:a8:7a:
6a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:66:84:58:EC:45:4D:BA:A6:5D:B4:11:54:50:BF:E0:3D:2E:85:BE
X509v3 Authority Key Identifier:
keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/s2aEWOxFTbqmXbQRVFC_4D0uhb4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.56.72.0/21
Signature Algorithm: sha256WithRSAEncryption
97:be:3a:e3:39:15:f0:f7:dc:7b:18:01:04:c9:4d:e9:1f:ae:
a4:43:ca:93:ca:95:a9:3c:a1:06:77:94:24:7b:4e:ac:ca:bb:
50:51:51:f3:a2:d7:30:c8:b6:2f:1f:a4:a8:25:31:db:8e:97:
79:fc:cc:4a:e4:f3:82:91:1e:24:51:06:e4:9f:28:7e:6d:90:
6c:57:e8:13:4b:0a:83:53:e3:bc:81:24:b3:b7:9e:79:ec:41:
93:66:55:67:29:f7:fd:49:db:0e:89:c5:70:71:db:d1:4f:93:
ec:a3:5e:cd:e5:31:d5:93:1a:e8:16:53:41:c5:a2:43:6f:eb:
3f:05:e7:ec:6c:21:6e:cb:00:c3:72:11:a1:a5:ec:6f:ea:ed:
5b:c1:d4:ba:a0:4c:ce:6d:7d:3d:32:03:a4:5f:ef:85:5c:bf:
61:94:7b:2c:86:67:36:8c:ca:9c:80:55:ec:4d:e9:4c:f0:00:
20:34:60:dc:03:80:a3:0b:e5:bf:82:bb:4b:6e:a6:c6:d4:4c:
2c:2f:5f:a4:e7:9e:77:ec:97:f0:f1:b8:5a:6a:65:e1:3e:69:
ed:c5:39:7d:77:12:34:33:92:be:06:0a:4f:c0:24:98:56:7a:
d0:72:36:fb:24:4d:ea:ac:2e:b0:b6:6f:ae:67:a8:b5:37:98:
12:f2:7e:29
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDXQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yNTAyMTAx
MzUwMDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIzNjY4NDU4RUM0NTRE
QkFBNjVEQjQxMTU0NTBCRkUwM0QyRTg1QkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCowwEQFLkhZwCvra/e9OFwuiLPBViGSsAniSGbBaHyt9+8aDC5
FopICcVC66Y0LutytJ2ay7bHzia+m/2kIKTZz9Xuwr4EcUUOco0R2fF7QIdrGxFu
qqg5r9tQ3VEAdlbXuGchf84JK10vGhhigsJa8LE4Eh7NIf5gUUOBFem8C6+TzpBX
MDtEPpRiPvXzZmTa+BTuNLa9SpatP9AYWJgsjsDpiUcfB2BumuhIkfQD0XIXtB8T
RvGUhGZba0dqO8ZGmcGjL2j6pcDwSEqSlI02ZjQZYv5dstfyk4byNpBr/krIrWuR
LcC2R+124YRV9Gb9FJq7/YmnxtwDSFCoemp3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUs2aEWOxFTbqmXbQRVFC/4D0uhb4wHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL3MyYUVXT3hGVGJxbVhiUVJW
RkNfNEQwdWhiNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9
OEgwDQYJKoZIhvcNAQELBQADggEBAJe+OuM5FfD33HsYAQTJTekfrqRDypPKlak8
oQZ3lCR7TqzKu1BRUfOi1zDIti8fpKglMduOl3n8zErk84KRHiRRBuSfKH5tkGxX
6BNLCoNT47yBJLO3nnnsQZNmVWcp9/1J2w6JxXBx29FPk+yjXs3lMdWTGugWU0HF
okNv6z8F5+xsIW7LAMNyEaGl7G/q7VvB1LqgTM5tfT0yA6Rf74Vcv2GUeyyGZzaM
ypyAVexN6UzwACA0YNwDgKML5b+Cu0tupsbUTCwvX6Tnnnfsl/DxuFpqZeE+ae3F
OX13EjQzkr4GCk/AJJhWetByNvskTeqsLrC2b65nqLU3mBLyfik=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:29:01 2025 by rpki-client