Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/Mtc9DQtw5nS_2oibdW6LHHoTqvY.roa
File: Mtc9DQtw5nS_2oibdW6LHHoTqvY.roa (raw, json)
Hash identifier: fYYoDQ6GV3VoZE0S5vCDHiPWlA9gd+X8jiNiMyEIIII=
Subject key identifier: 32:D7:3D:0D:0B:70:E6:74:BF:DA:88:9B:75:6E:8B:1C:7A:13:AA:F6
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 10CD
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Mtc9DQtw5nS_2oibdW6LHHoTqvY.roa
Signing time: Mon 10 Feb 2025 13:56:30 +0000
ROA not before: Mon 10 Feb 2025 13:56:30 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 121.254.120.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4301 (0x10cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 10 13:56:30 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=32D73D0D0B70E674BFDA889B756E8B1C7A13AAF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ff:25:20:4e:ce:14:d4:04:5e:50:65:35:1d:
14:3a:c1:92:91:39:9e:3f:16:8e:0c:67:eb:8a:e8:
65:e1:17:b2:04:ad:3c:e1:f4:97:5b:45:94:7b:19:
79:bb:f0:1e:41:b0:68:3a:87:e4:e7:0d:04:a0:d7:
70:32:50:b5:e4:d6:f1:25:b9:a8:38:e3:7e:36:67:
f3:fe:1a:7c:8b:15:75:b9:f8:a2:7c:b5:51:7f:32:
33:ba:bb:1d:6e:3e:53:97:d7:45:2c:a3:a8:04:14:
db:4a:14:88:11:59:5c:bf:fb:e2:75:13:e5:55:aa:
38:83:69:78:99:2a:59:fe:f5:28:a7:c9:c2:e0:94:
e0:38:1e:88:41:f0:f7:50:df:0a:fe:97:66:5c:3d:
bb:99:81:a8:dc:e5:ef:a5:4c:8f:d8:2c:f6:a4:00:
52:86:f1:da:2c:9e:7d:44:13:6c:a8:2b:ef:ec:7c:
bb:07:49:c0:19:54:a6:63:05:c3:dc:61:db:9d:9e:
8c:79:0d:97:27:f2:b5:5c:fa:60:39:71:33:90:d4:
91:77:09:fb:99:9d:ed:52:07:58:8a:40:3a:3a:e4:
e0:63:3f:37:9a:43:63:53:c3:40:13:5a:92:78:27:
ae:01:a1:d9:88:01:2d:a9:c9:7a:fd:b6:f0:38:58:
3a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D7:3D:0D:0B:70:E6:74:BF:DA:88:9B:75:6E:8B:1C:7A:13:AA:F6
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/Mtc9DQtw5nS_2oibdW6LHHoTqvY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.120.0/21
Signature Algorithm: sha256WithRSAEncryption
b6:b4:96:f3:18:5d:76:84:a6:8d:a2:57:d4:c4:60:6d:08:fa:
98:15:26:40:f0:1e:72:7b:1b:5c:ca:68:88:6c:7a:2d:ad:1f:
7f:07:a3:69:27:2b:a9:7b:a9:e8:af:db:e5:d5:84:e0:73:ec:
45:f1:fc:fd:fb:bc:a0:e4:f2:73:77:c7:90:de:75:e4:aa:8c:
fa:11:05:16:39:48:7c:73:02:69:ea:af:0b:d2:a3:a9:b9:bd:
86:3b:9f:fa:e4:79:3b:2b:87:15:49:89:e9:bc:bc:93:ff:24:
b2:c4:32:38:2d:bb:92:ae:fb:cf:96:52:c1:fa:24:64:d3:e4:
4a:ee:65:09:3c:d7:bf:f0:ee:cf:65:b4:fe:d5:14:a5:e5:82:
fa:29:71:14:a3:38:bd:7c:f0:f3:d4:03:02:5e:5e:3c:7b:f7:
be:45:65:d5:e7:01:cf:03:a5:c9:ab:18:ff:77:cd:94:82:7b:
ba:e0:83:a6:7f:88:a9:54:c5:41:b3:95:78:a4:d9:fa:45:b1:
1f:e1:a4:63:7a:85:9e:42:2e:ac:e8:88:f1:e4:68:46:3e:ef:
8f:f1:7e:e2:bd:49:63:be:65:eb:9f:d0:43:b8:b5:6f:82:b6:
71:a7:67:88:79:97:6a:2d:13:2f:0a:da:15:b0:e7:74:f6:fa:
14:35:bc:40
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEM0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx
MzU2MzBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDMyRDczRDBEMEI3MEU2
NzRCRkRBODg5Qjc1NkU4QjFDN0ExM0FBRjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz/yUgTs4U1AReUGU1HRQ6wZKROZ4/Fo4MZ+uK6GXhF7IErTzh
9JdbRZR7GXm78B5BsGg6h+TnDQSg13AyULXk1vEluag44342Z/P+GnyLFXW5+KJ8
tVF/MjO6ux1uPlOX10Uso6gEFNtKFIgRWVy/++J1E+VVqjiDaXiZKln+9SinycLg
lOA4HohB8PdQ3wr+l2ZcPbuZgajc5e+lTI/YLPakAFKG8dosnn1EE2yoK+/sfLsH
ScAZVKZjBcPcYdudnox5DZcn8rVc+mA5cTOQ1JF3CfuZne1SB1iKQDo65OBjPzea
Q2NTw0ATWpJ4J64BodmIAS2pyXr9tvA4WDrZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUMtc9DQtw5nS/2oibdW6LHHoTqvYwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvTXRjOURRdHc1blNfMm9pYmRXNkxI
SG9UcXZZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+eDAN
BgkqhkiG9w0BAQsFAAOCAQEAtrSW8xhddoSmjaJX1MRgbQj6mBUmQPAecnsbXMpo
iGx6La0ffwejaScrqXup6K/b5dWE4HPsRfH8/fu8oOTyc3fHkN515KqM+hEFFjlI
fHMCaeqvC9Kjqbm9hjuf+uR5OyuHFUmJ6by8k/8kssQyOC27kq77z5ZSwfokZNPk
Su5lCTzXv/Duz2W0/tUUpeWC+ilxFKM4vXzw89QDAl5ePHv3vkVl1ecBzwOlyasY
/3fNlIJ7uuCDpn+IqVTFQbOVeKTZ+kWxH+GkY3qFnkIurOiI8eRoRj7vj/F+4r1J
Y75l65/QQ7i1b4K2cadniHmXai0TLwraFbDndPb6FDW8QA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:10:43 2025 by rpki-client