Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/ngveUqmEiGFVouRvm99HDTSX0iw.roa
File: ngveUqmEiGFVouRvm99HDTSX0iw.roa (raw, json)
Hash identifier: xJOs1VzhbIiofYNi2cMthYzzaoI/OG6P84vEY6QDixg=
Subject key identifier: 9E:0B:DE:52:A9:84:88:61:55:A2:E4:6F:9B:DF:47:0D:34:97:D2:2C
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 10F7
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ngveUqmEiGFVouRvm99HDTSX0iw.roa
Signing time: Mon 10 Feb 2025 13:56:39 +0000
ROA not before: Mon 10 Feb 2025 13:56:39 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 113.61.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4343 (0x10f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 10 13:56:39 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9E0BDE52A984886155A2E46F9BDF470D3497D22C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c5:a8:7b:ff:2b:80:8d:9f:f0:a6:db:7e:7b:
69:18:c4:bf:00:9d:a2:a7:fd:5f:6a:4f:09:dd:e0:
58:9f:1e:73:0a:e5:b1:71:8d:42:ae:07:43:ac:a2:
ae:dd:6d:1d:a2:a2:08:d3:a9:f0:7d:d6:26:cc:72:
20:ee:53:c5:5d:95:a4:d3:33:35:6c:8d:c6:57:6d:
f5:c6:39:5a:ec:0f:41:83:b0:d7:72:06:9f:dd:bd:
dc:83:ff:9c:e5:eb:02:45:85:e1:b8:f4:6b:8d:64:
5f:44:e8:85:2d:0c:24:0b:5d:a7:dd:fe:26:c1:94:
07:0f:20:42:13:01:9e:94:61:41:d0:db:c9:d1:cc:
c1:60:24:ab:79:9c:6a:42:64:8f:70:5b:42:34:54:
b9:63:1a:6a:d7:b7:a5:5a:7a:64:71:31:99:fd:aa:
a7:9b:1b:9b:7c:53:f1:47:af:92:ad:29:14:3c:d1:
36:7e:a1:fd:2e:7b:40:3a:24:fc:da:e6:8e:d0:ab:
fd:11:a5:20:ba:1a:35:ec:69:4b:be:c4:1f:a8:d8:
05:30:eb:34:e8:46:30:6b:d3:32:e6:65:6b:20:de:
50:87:f4:2a:a5:c0:ff:d9:bb:f5:7f:ae:98:4c:38:
62:4c:29:16:26:01:5f:11:e2:d6:ba:b8:cd:3e:d2:
07:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:0B:DE:52:A9:84:88:61:55:A2:E4:6F:9B:DF:47:0D:34:97:D2:2C
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ngveUqmEiGFVouRvm99HDTSX0iw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.61.173.0/24
Signature Algorithm: sha256WithRSAEncryption
76:42:fd:8d:28:5e:a8:44:cf:68:93:78:14:b1:00:7f:a5:9f:
88:01:53:08:2e:9b:fe:80:9d:00:be:2d:42:47:50:bb:c2:16:
66:2e:1d:bd:67:34:5d:79:33:a6:3b:bc:34:02:e3:e6:f4:8e:
1e:a3:93:fe:c4:b5:11:4e:fd:24:31:71:12:9e:41:b1:9c:5a:
68:e0:28:dd:19:61:a6:bf:d6:e1:ce:c0:a1:ba:d2:23:46:ed:
29:c4:1a:7a:c3:36:23:b4:12:06:8e:bc:98:81:91:19:16:bf:
ed:2b:be:7b:e4:de:15:d2:20:ab:bc:b9:7b:4e:1e:b4:ec:df:
8b:3d:b2:16:dc:ad:d4:6e:10:a3:f5:4f:16:65:9b:c5:7f:43:
ce:1f:5e:1b:68:31:05:21:11:c2:f3:a0:62:38:4b:24:82:bc:
4f:6b:f9:d2:f8:21:e6:49:4b:9c:8a:75:bf:b0:dd:07:c5:19:
58:99:55:87:d6:c2:0e:50:92:11:80:ee:54:5d:3c:d0:3a:14:
df:a0:0c:15:73:36:48:d8:aa:da:2c:c2:54:e1:da:d6:e0:f7:
3a:d5:41:00:a1:85:79:e9:ee:4e:b6:1e:f5:c8:b2:3e:63:9f:
9d:5d:d9:1e:25:6b:e7:ee:26:e4:93:37:be:34:fc:b4:27:f3:
3d:23:5b:89
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEPcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx
MzU2MzlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlFMEJERTUyQTk4NDg4
NjE1NUEyRTQ2RjlCREY0NzBEMzQ5N0QyMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDExah7/yuAjZ/wptt+e2kYxL8AnaKn/V9qTwnd4FifHnMK5bFx
jUKuB0Osoq7dbR2iogjTqfB91ibMciDuU8VdlaTTMzVsjcZXbfXGOVrsD0GDsNdy
Bp/dvdyD/5zl6wJFheG49GuNZF9E6IUtDCQLXafd/ibBlAcPIEITAZ6UYUHQ28nR
zMFgJKt5nGpCZI9wW0I0VLljGmrXt6VaemRxMZn9qqebG5t8U/FHr5KtKRQ80TZ+
of0ue0A6JPza5o7Qq/0RpSC6GjXsaUu+xB+o2AUw6zToRjBr0zLmZWsg3lCH9Cql
wP/Zu/V/rphMOGJMKRYmAV8R4ta6uM0+0gcvAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUngveUqmEiGFVouRvm99HDTSX0iwwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvbmd2ZVVxbUVpR0ZWb3VSdm05OUhE
VFNYMGl3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHE9rTAN
BgkqhkiG9w0BAQsFAAOCAQEAdkL9jSheqETPaJN4FLEAf6WfiAFTCC6b/oCdAL4t
QkdQu8IWZi4dvWc0XXkzpju8NALj5vSOHqOT/sS1EU79JDFxEp5BsZxaaOAo3Rlh
pr/W4c7AobrSI0btKcQaesM2I7QSBo68mIGRGRa/7Su+e+TeFdIgq7y5e04etOzf
iz2yFtyt1G4Qo/VPFmWbxX9Dzh9eG2gxBSERwvOgYjhLJIK8T2v50vgh5klLnIp1
v7DdB8UZWJlVh9bCDlCSEYDuVF080DoU36AMFXM2SNiq2izCVOHa1uD3OtVBAKGF
eenuTrYe9ciyPmOfnV3ZHiVr5+4m5JM3vjT8tCfzPSNbiQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:08:06 2025 by rpki-client