Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/z5WS6Rt7vCnMhCwQCndQg3Gpelw.roa
File: z5WS6Rt7vCnMhCwQCndQg3Gpelw.roa (raw, json)
Hash identifier: dNtCCNJ0XdviL5K2uqJ57uJ32CuwxKt4sOGPE7lhrwg=
Subject key identifier: CF:95:92:E9:1B:7B:BC:29:CC:84:2C:10:0A:77:50:83:71:A9:7A:5C
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 10CF
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/z5WS6Rt7vCnMhCwQCndQg3Gpelw.roa
Signing time: Mon 10 Feb 2025 13:56:30 +0000
ROA not before: Mon 10 Feb 2025 13:56:30 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 27.96.228.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4303 (0x10cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 10 13:56:30 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CF9592E91B7BBC29CC842C100A77508371A97A5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:06:4e:98:b6:ac:b6:ea:9d:de:c1:23:c6:17:
c4:db:84:1c:9a:e6:4e:72:01:fd:6f:d5:7e:e9:9d:
f5:7c:11:6c:ee:eb:b9:bf:70:66:25:4a:b3:0f:c5:
8b:a4:51:aa:aa:5e:a1:60:72:60:03:22:1a:b9:71:
f5:e5:0e:79:d3:7e:1d:2f:76:39:e5:c5:2b:88:26:
d8:ce:db:2c:ca:3b:a1:0e:92:d4:f6:6d:db:7e:cd:
69:be:d8:8c:f3:b2:ed:0f:16:09:8e:ed:b1:67:cb:
d7:99:65:43:10:e7:77:57:2c:a5:02:18:92:64:c1:
89:4b:c2:a7:7c:2f:06:06:bb:97:13:b7:ab:03:4a:
96:26:bf:53:6d:bc:5d:47:37:44:19:2e:88:5f:0d:
a0:6b:d3:34:0a:ff:e4:2e:16:c6:06:47:76:7d:9e:
f7:9c:43:19:49:7b:dd:25:ae:ee:27:b0:18:8d:3d:
85:1a:b1:a0:af:2c:46:d9:3f:84:11:99:a5:81:65:
82:d7:ab:de:d0:a1:14:fe:5d:99:d5:01:61:60:d0:
63:6c:4d:92:09:14:e1:bc:6f:18:e7:2f:67:2a:4d:
f3:00:5a:2f:a2:c6:37:37:09:d6:1f:48:ff:9e:0e:
5c:80:26:4b:85:e5:3d:d8:c1:14:22:fd:ea:6c:61:
13:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:95:92:E9:1B:7B:BC:29:CC:84:2C:10:0A:77:50:83:71:A9:7A:5C
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/z5WS6Rt7vCnMhCwQCndQg3Gpelw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.228.0/22
Signature Algorithm: sha256WithRSAEncryption
32:34:d3:1c:b9:65:9c:ac:72:88:e8:ae:64:22:63:25:7b:7c:
9c:b6:1b:3d:fd:1a:52:5c:e3:22:7d:f6:f0:4c:42:38:0f:fa:
03:31:31:fc:6c:77:29:7f:79:86:54:f5:bb:23:7c:40:4b:2b:
2f:6e:cf:80:76:ec:8c:b0:1a:2d:82:d5:76:94:13:3e:ee:a4:
33:58:60:66:e9:44:ce:8e:be:78:8b:7b:6e:70:ea:db:40:78:
a3:21:56:31:3c:34:47:3b:fa:1e:b5:0f:e4:1f:31:73:d1:71:
65:b9:8c:dc:10:0a:4f:0c:e7:38:a8:08:16:74:b7:f0:fb:56:
bc:ff:f3:8c:54:3a:a8:ba:c4:d3:61:cc:d5:86:b0:29:49:8f:
e3:82:c2:18:0d:f6:62:d9:59:4e:b6:13:47:c6:73:1c:55:22:
09:20:75:99:f6:7d:aa:7f:42:d0:20:30:14:7e:e5:f6:6c:18:
be:6c:52:31:ec:55:65:84:ae:95:e4:4d:95:e1:21:44:bc:26:
e0:39:4f:51:fe:60:28:65:ef:d6:25:b5:bb:04:0b:08:ed:0c:
0e:f5:35:70:f2:75:99:72:25:94:28:6b:65:b0:bb:8f:88:a1:
ab:53:4f:af:87:fe:5e:65:8f:01:aa:59:02:af:29:c6:fc:06:
82:77:c2:7f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx
MzU2MzBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENGOTU5MkU5MUI3QkJD
MjlDQzg0MkMxMDBBNzc1MDgzNzFBOTdBNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkBk6Ytqy26p3ewSPGF8TbhBya5k5yAf1v1X7pnfV8EWzu67m/
cGYlSrMPxYukUaqqXqFgcmADIhq5cfXlDnnTfh0vdjnlxSuIJtjO2yzKO6EOktT2
bdt+zWm+2Izzsu0PFgmO7bFny9eZZUMQ53dXLKUCGJJkwYlLwqd8LwYGu5cTt6sD
SpYmv1NtvF1HN0QZLohfDaBr0zQK/+QuFsYGR3Z9nvecQxlJe90lru4nsBiNPYUa
saCvLEbZP4QRmaWBZYLXq97QoRT+XZnVAWFg0GNsTZIJFOG8bxjnL2cqTfMAWi+i
xjc3CdYfSP+eDlyAJkuF5T3YwRQi/epsYRN3AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUz5WS6Rt7vCnMhCwQCndQg3GpelwwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvejVXUzZSdDd2Q25NaEN3UUNuZFFn
M0dwZWx3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAhtg5DAN
BgkqhkiG9w0BAQsFAAOCAQEAMjTTHLllnKxyiOiuZCJjJXt8nLYbPf0aUlzjIn32
8ExCOA/6AzEx/Gx3KX95hlT1uyN8QEsrL27PgHbsjLAaLYLVdpQTPu6kM1hgZulE
zo6+eIt7bnDq20B4oyFWMTw0Rzv6HrUP5B8xc9FxZbmM3BAKTwznOKgIFnS38PtW
vP/zjFQ6qLrE02HM1YawKUmP44LCGA32YtlZTrYTR8ZzHFUiCSB1mfZ9qn9C0CAw
FH7l9mwYvmxSMexVZYSuleRNleEhRLwm4DlPUf5gKGXv1iW1uwQLCO0MDvU1cPJ1
mXIllChrZbC7j4ihq1NPr4f+XmWPAapZAq8pxvwGgnfCfw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:06:14 2025 by rpki-client