Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/qKe-kyNx4OCPzkXHLmntctXXbXo.roa
File: qKe-kyNx4OCPzkXHLmntctXXbXo.roa (raw, json)
Hash identifier: 9UNWI7RGWf3WhGUUpiDhiaibp8Po/ef7sNkSjQacxmw=
Subject key identifier: A8:A7:BE:93:23:71:E0:E0:8F:CE:45:C7:2E:69:ED:72:D5:D7:6D:7A
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 10E3
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/qKe-kyNx4OCPzkXHLmntctXXbXo.roa
Signing time: Mon 10 Feb 2025 13:56:35 +0000
ROA not before: Mon 10 Feb 2025 13:56:35 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 27.96.224.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4323 (0x10e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 10 13:56:35 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A8A7BE932371E0E08FCE45C72E69ED72D5D76D7A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d2:e7:07:75:86:ec:58:0d:1c:d7:04:02:3d:
db:df:2c:b4:ad:e8:f1:bd:79:2d:c0:4e:47:65:2c:
4d:ee:7e:6d:88:b1:ea:77:0e:8f:38:a3:3d:4e:e7:
4a:ee:33:4d:eb:d9:2e:84:7a:62:64:10:fa:61:9d:
c2:f4:92:5a:44:14:cc:f3:84:b8:87:7a:1f:d2:db:
67:99:4d:2b:3d:43:9a:cf:ee:0c:31:40:a7:5c:4d:
6b:67:2e:6e:88:c7:1a:f2:fc:47:d7:ae:0b:1c:d2:
1e:51:30:f1:5b:16:39:62:0a:77:67:3f:b1:7b:30:
53:e1:c9:9f:73:71:25:eb:1f:5d:a9:32:f5:40:22:
79:3f:2c:97:06:df:3b:3a:86:fd:3c:47:bb:e7:6a:
1e:77:ea:28:fd:ae:99:7e:d3:9a:04:03:2e:b7:a8:
85:00:2f:9f:b9:a0:30:99:08:f9:e3:45:df:63:00:
31:69:5e:18:68:c0:52:41:40:4e:ab:93:bc:a1:3b:
48:df:bd:79:eb:d0:77:c6:5b:0c:42:ce:00:8a:de:
0d:1b:51:f1:7f:2b:08:4f:32:52:8b:8c:82:ff:1e:
98:14:b1:85:47:16:7a:f2:ef:b0:03:18:59:92:63:
59:0c:2b:6b:e5:4c:5a:37:73:1d:6f:b8:48:ee:02:
7d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A7:BE:93:23:71:E0:E0:8F:CE:45:C7:2E:69:ED:72:D5:D7:6D:7A
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/qKe-kyNx4OCPzkXHLmntctXXbXo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.224.0/21
Signature Algorithm: sha256WithRSAEncryption
25:43:a0:b0:30:1c:76:34:3d:eb:06:74:61:ed:29:00:a5:9e:
9c:1c:4f:e0:91:ff:c5:c2:f6:7a:18:96:b4:91:27:02:3b:bf:
53:6d:24:f8:29:64:74:e4:12:16:42:d3:3a:a0:31:e7:f5:a0:
5c:f2:d6:52:4f:b7:98:37:fd:0b:44:f7:9b:05:59:e6:2f:f4:
4d:21:a3:24:f9:90:77:65:02:78:1c:e9:32:f0:b6:6b:a9:d1:
20:65:2a:59:37:79:f4:2b:c7:2a:ce:d2:f8:50:60:a1:6d:6a:
e2:6b:cb:27:02:08:69:12:4d:79:97:b9:91:2d:21:7d:a2:29:
2a:a4:c8:af:5f:cf:8d:90:b0:13:3e:af:9f:3d:a4:09:6b:92:
d9:64:89:b4:b8:b8:11:13:0a:5f:b9:0e:23:45:0f:fa:0a:69:
17:2d:7a:db:0c:63:86:73:77:cf:9e:6d:9b:71:63:b2:e8:3e:
3a:22:a5:ee:27:0e:98:aa:9e:c1:82:9c:14:1e:e6:7e:56:e1:
ad:d6:46:82:5a:1d:9b:bd:58:f1:5c:3a:19:76:a6:0b:1e:df:
ea:4b:52:a2:6b:54:46:5b:7b:b9:25:e5:e8:b3:17:d5:7e:0b:
5f:1e:5d:42:5b:08:26:da:21:c6:c2:ed:49:25:c8:34:86:6a:
0b:03:61:3e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEOMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx
MzU2MzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE4QTdCRTkzMjM3MUUw
RTA4RkNFNDVDNzJFNjlFRDcyRDVENzZEN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDi0ucHdYbsWA0c1wQCPdvfLLSt6PG9eS3ATkdlLE3ufm2Isep3
Do84oz1O50ruM03r2S6EemJkEPphncL0klpEFMzzhLiHeh/S22eZTSs9Q5rP7gwx
QKdcTWtnLm6Ixxry/EfXrgsc0h5RMPFbFjliCndnP7F7MFPhyZ9zcSXrH12pMvVA
Ink/LJcG3zs6hv08R7vnah536ij9rpl+05oEAy63qIUAL5+5oDCZCPnjRd9jADFp
XhhowFJBQE6rk7yhO0jfvXnr0HfGWwxCzgCK3g0bUfF/KwhPMlKLjIL/HpgUsYVH
Fnry77ADGFmSY1kMK2vlTFo3cx1vuEjuAn1RAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUqKe+kyNx4OCPzkXHLmntctXXbXowHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvcUtlLWt5Tng0T0NQemtYSExtbnRj
dFhYYlhvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAxtg4DAN
BgkqhkiG9w0BAQsFAAOCAQEAJUOgsDAcdjQ96wZ0Ye0pAKWenBxP4JH/xcL2ehiW
tJEnAju/U20k+ClkdOQSFkLTOqAx5/WgXPLWUk+3mDf9C0T3mwVZ5i/0TSGjJPmQ
d2UCeBzpMvC2a6nRIGUqWTd59CvHKs7S+FBgoW1q4mvLJwIIaRJNeZe5kS0hfaIp
KqTIr1/PjZCwEz6vnz2kCWuS2WSJtLi4ERMKX7kOI0UP+gppFy162wxjhnN3z55t
m3Fjsug+OiKl7icOmKqewYKcFB7mflbhrdZGglodm71Y8Vw6GXamCx7f6ktSomtU
Rlt7uSXl6LMX1X4LXx5dQlsIJtohxsLtSSXINIZqCwNhPg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:10:10 2025 by rpki-client