Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/zP8YX1iqbFhLcnz978N65lY6_jc.roa
File: zP8YX1iqbFhLcnz978N65lY6_jc.roa (raw, json)
Hash identifier: rd5dlvSrewPHk5j97YdpbOB1iRMl+r/ifuH6Oyu6o5o=
Subject key identifier: CC:FF:18:5F:58:AA:6C:58:4B:72:7C:FD:EF:C3:7A:E6:56:3A:FE:37
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 10C4
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/zP8YX1iqbFhLcnz978N65lY6_jc.roa
Signing time: Mon 10 Feb 2025 13:56:29 +0000
ROA not before: Mon 10 Feb 2025 13:56:29 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 27.96.224.0/19 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4292 (0x10c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 10 13:56:29 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CCFF185F58AA6C584B727CFDEFC37AE6563AFE37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:7c:32:82:5c:60:a1:ff:09:44:0b:3f:bb:5a:
d9:77:2b:fb:5e:90:92:5e:70:6f:8d:71:a0:8a:81:
e8:40:ff:47:8a:99:67:be:41:c3:b0:db:e2:1e:e9:
f3:dd:db:5b:20:f3:d9:29:ce:5f:0e:1c:51:73:50:
3b:34:13:85:19:87:e4:74:ca:25:dd:9e:25:e9:22:
c2:b5:2c:09:48:ea:a4:38:43:06:61:7d:18:3b:c3:
41:ce:4d:28:97:5c:93:a5:a3:22:62:f5:4a:a9:86:
05:df:0c:d5:df:a7:c8:d9:ca:3f:64:b7:c1:19:fa:
d2:ae:85:89:ff:b0:77:ad:7c:b0:a1:47:a2:da:4b:
88:aa:1b:d9:5e:1c:ff:9d:a4:25:50:41:d6:73:66:
c8:f5:99:69:f8:b7:7c:83:42:72:29:fe:7d:b4:00:
e3:00:ba:3c:ff:6d:65:23:2a:60:08:24:e9:b7:c9:
c5:54:99:8a:45:eb:df:59:78:52:14:3f:7f:55:43:
e7:34:0a:63:ce:52:13:9d:02:19:44:ec:02:97:2f:
b5:42:0e:f9:c6:98:59:0b:09:5f:f9:86:66:3d:f5:
42:5a:8b:95:6a:d0:57:7e:bc:04:75:5e:ea:44:5f:
5a:1b:f9:2b:81:fe:18:a8:22:1c:b3:15:2e:40:79:
7a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:FF:18:5F:58:AA:6C:58:4B:72:7C:FD:EF:C3:7A:E6:56:3A:FE:37
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/zP8YX1iqbFhLcnz978N65lY6_jc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.224.0/19
Signature Algorithm: sha256WithRSAEncryption
ad:7a:43:62:a9:01:43:03:86:83:f5:23:76:a6:57:d7:8f:f4:
95:c4:4b:5f:be:f6:9d:65:47:e5:bf:fa:6d:fd:87:0b:df:d8:
ce:5d:2f:82:60:dd:f5:07:fa:ce:88:8e:ef:ff:ec:58:07:6e:
79:02:ce:16:14:61:30:26:51:2a:eb:09:47:97:87:2d:81:00:
23:d5:79:ea:59:69:67:e9:2d:b7:8a:46:84:84:be:bf:48:aa:
25:ec:73:e5:92:8b:16:ec:86:3f:01:d5:11:10:17:9d:72:dd:
5f:74:99:8a:ed:1d:75:30:72:a7:1e:21:cd:09:ca:31:36:79:
c4:f1:d2:9a:0f:15:93:b8:d1:a6:fb:a5:09:08:a9:6a:8f:41:
f2:b5:dd:45:e8:0a:ab:18:3e:64:18:a8:87:59:84:18:63:af:
b8:eb:b0:06:cc:4a:2c:e2:f9:51:65:fd:d1:10:fa:21:85:45:
57:a4:e4:63:d6:18:0e:1a:c5:7e:bc:64:cc:d8:30:45:9b:ff:
1c:c6:2d:5e:ef:67:44:4d:f0:a3:73:9b:f1:85:0c:b2:d0:d2:
13:c0:65:34:fd:d3:b3:1b:28:74:c7:22:52:04:c1:27:df:d4:
b1:c6:6b:7a:35:13:08:26:b3:a6:91:3a:56:f0:6e:00:03:a0:
39:0b:2e:39
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEMQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx
MzU2MjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENDRkYxODVGNThBQTZD
NTg0QjcyN0NGREVGQzM3QUU2NTYzQUZFMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdfDKCXGCh/wlECz+7Wtl3K/tekJJecG+NcaCKgehA/0eKmWe+
QcOw2+Ie6fPd21sg89kpzl8OHFFzUDs0E4UZh+R0yiXdniXpIsK1LAlI6qQ4QwZh
fRg7w0HOTSiXXJOloyJi9UqphgXfDNXfp8jZyj9kt8EZ+tKuhYn/sHetfLChR6La
S4iqG9leHP+dpCVQQdZzZsj1mWn4t3yDQnIp/n20AOMAujz/bWUjKmAIJOm3ycVU
mYpF699ZeFIUP39VQ+c0CmPOUhOdAhlE7AKXL7VCDvnGmFkLCV/5hmY99UJai5Vq
0Fd+vAR1XupEX1ob+SuB/hioIhyzFS5AeXqJAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUzP8YX1iqbFhLcnz978N65lY6/jcwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvelA4WVgxaXFiRmhMY256OTc4TjY1
bFk2X2pjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBRtg4DAN
BgkqhkiG9w0BAQsFAAOCAQEArXpDYqkBQwOGg/UjdqZX14/0lcRLX772nWVH5b/6
bf2HC9/Yzl0vgmDd9Qf6zoiO7//sWAdueQLOFhRhMCZRKusJR5eHLYEAI9V56llp
Z+ktt4pGhIS+v0iqJexz5ZKLFuyGPwHVERAXnXLdX3SZiu0ddTBypx4hzQnKMTZ5
xPHSmg8Vk7jRpvulCQipao9B8rXdRegKqxg+ZBioh1mEGGOvuOuwBsxKLOL5UWX9
0RD6IYVFV6TkY9YYDhrFfrxkzNgwRZv/HMYtXu9nRE3wo3Ob8YUMstDSE8BlNP3T
sxsodMciUgTBJ9/UscZrejUTCCazppE6VvBuAAOgOQsuOQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:32:43 2025 by rpki-client