Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/04qr8Orv761opX5cDcwVe5JCsy0.roa
File: 04qr8Orv761opX5cDcwVe5JCsy0.roa (raw, json)
Hash identifier: yqKOfuhKYmSyhij8qPrOGdYEh2dbRYXhz/jACSJICWA=
Subject key identifier: D3:8A:AB:F0:EA:EF:EF:AD:68:A5:7E:5C:0D:CC:15:7B:92:42:B3:2D
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11B0
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/04qr8Orv761opX5cDcwVe5JCsy0.roa
Signing time: Mon 10 Feb 2025 14:27:37 +0000
ROA not before: Mon 10 Feb 2025 14:27:37 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131627
IP address blocks: 210.58.128.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4528 (0x11b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:37 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D38AABF0EAEFEFAD68A57E5C0DCC157B9242B32D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a2:c6:d5:6d:df:bf:c6:70:0f:19:9b:22:18:
c3:68:19:ad:c1:a8:ae:1c:4c:a3:0c:fe:ef:77:09:
f1:13:a8:86:15:0e:1f:8d:8b:24:cd:96:ec:ae:32:
f9:5f:e0:cb:dd:12:de:11:1f:92:e4:35:60:66:76:
bd:e3:18:7a:da:57:71:04:c5:7d:cc:f4:67:0b:62:
9b:8c:0a:3f:64:07:f9:33:02:5f:db:0f:e8:15:ba:
a2:d1:87:0e:1d:b8:35:f6:50:83:4c:57:16:c8:68:
6a:46:ba:78:8c:e0:d7:15:3c:87:68:90:a1:cd:f1:
00:65:7f:7b:69:f1:47:07:b7:b8:16:cd:51:ff:99:
82:81:76:87:77:ff:ee:ce:4b:1d:3e:56:1a:01:4b:
be:c1:6f:2d:28:9e:18:06:c6:64:04:3b:19:62:89:
8a:20:24:b0:0c:85:8a:89:6a:88:1e:cf:4c:ad:04:
18:db:de:4a:a4:66:72:aa:c8:d8:82:68:de:7f:67:
25:b9:e4:ed:56:51:38:68:92:db:09:4f:06:1d:99:
f6:79:56:38:75:f6:52:84:ad:7f:c9:98:f3:c7:25:
1f:c0:12:43:74:78:2d:00:e4:b1:bf:78:d6:42:93:
c1:58:e2:6c:ad:f4:d2:cb:51:82:4e:cc:28:ae:2b:
55:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:8A:AB:F0:EA:EF:EF:AD:68:A5:7E:5C:0D:CC:15:7B:92:42:B3:2D
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/04qr8Orv761opX5cDcwVe5JCsy0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.128.0/19
Signature Algorithm: sha256WithRSAEncryption
ae:25:a8:6e:25:cb:af:36:56:8b:4f:98:7f:16:10:33:e2:da:
8c:b4:6e:3c:82:fa:40:9c:36:4e:43:12:db:e9:8d:51:59:79:
8e:01:77:15:10:1c:cf:de:b2:ad:65:40:8b:0d:83:cd:f0:ff:
f7:a6:07:3e:57:b4:f9:e5:ce:a3:9b:17:3f:b8:0a:e1:c6:db:
8e:40:29:ae:1e:9c:64:a0:a9:2a:55:43:e3:4d:97:a7:da:6d:
cf:ca:c9:a7:70:3c:4c:f2:95:8b:e2:7d:cc:7a:50:72:41:cd:
33:e3:18:98:48:b4:91:b4:a8:7d:ff:8d:19:fe:02:04:73:e2:
bf:95:85:a1:09:c6:5e:de:78:81:1f:1d:a4:93:9e:8b:0b:ef:
fd:55:75:a3:c0:20:e2:85:f2:e6:3e:79:0d:aa:f8:ce:67:4a:
65:bf:54:fc:d9:11:6d:26:bc:28:9e:bb:20:45:16:fb:fb:98:
58:0b:41:bd:71:e3:b1:9f:04:f3:1f:70:d3:0c:b1:e0:1a:ae:
43:c3:f4:86:53:9b:56:28:f1:03:24:76:50:e2:b9:e0:fc:36:
ef:f7:04:5f:9e:96:cb:1f:ff:38:5f:6d:ba:79:d6:70:f6:19:
be:fc:fe:2e:0e:d7:71:4c:a4:fd:04:ad:e7:39:1c:8b:6b:51:
c6:6f:04:5a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEbAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3MzdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQzOEFBQkYwRUFFRkVG
QUQ2OEE1N0U1QzBEQ0MxNTdCOTI0MkIzMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiosbVbd+/xnAPGZsiGMNoGa3BqK4cTKMM/u93CfETqIYVDh+N
iyTNluyuMvlf4MvdEt4RH5LkNWBmdr3jGHraV3EExX3M9GcLYpuMCj9kB/kzAl/b
D+gVuqLRhw4duDX2UINMVxbIaGpGuniM4NcVPIdokKHN8QBlf3tp8UcHt7gWzVH/
mYKBdod3/+7OSx0+VhoBS77Bby0onhgGxmQEOxliiYogJLAMhYqJaogez0ytBBjb
3kqkZnKqyNiCaN5/ZyW55O1WUThoktsJTwYdmfZ5Vjh19lKErX/JmPPHJR/AEkN0
eC0A5LG/eNZCk8FY4myt9NLLUYJOzCiuK1W3AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU04qr8Orv761opX5cDcwVe5JCsy0wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzA0cXI4T3J2NzYxb3BYNWNEY3dWZTVK
Q3N5MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXSOoAwDQYJ
KoZIhvcNAQELBQADggEBAK4lqG4ly682VotPmH8WEDPi2oy0bjyC+kCcNk5DEtvp
jVFZeY4BdxUQHM/esq1lQIsNg83w//emBz5XtPnlzqObFz+4CuHG245AKa4enGSg
qSpVQ+NNl6fabc/KyadwPEzylYvifcx6UHJBzTPjGJhItJG0qH3/jRn+AgRz4r+V
haEJxl7eeIEfHaSTnosL7/1VdaPAIOKF8uY+eQ2q+M5nSmW/VPzZEW0mvCieuyBF
Fvv7mFgLQb1x47GfBPMfcNMMseAarkPD9IZTm1Yo8QMkdlDiueD8Nu/3BF+elssf
/zhfbbp51nD2Gb78/i4O13FMpP0Erec5HItrUcZvBFo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:36:21 2025 by rpki-client