Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/47xUfPzzEwiZxdcogq83Wwu8nas.roa
File: 47xUfPzzEwiZxdcogq83Wwu8nas.roa (raw, json)
Hash identifier: RMmQD/sW9RoXFtRYLkJjR07HXl+C8O1q8tk6cUrlXsU=
Subject key identifier: E3:BC:54:7C:FC:F3:13:08:99:C5:D7:28:82:AF:37:5B:0B:BC:9D:AB
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 122A
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/47xUfPzzEwiZxdcogq83Wwu8nas.roa
Signing time: Mon 10 Feb 2025 14:28:08 +0000
ROA not before: Mon 10 Feb 2025 14:28:08 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 124.218.0.0/16 maxlen: 17
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4650 (0x122a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:08 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=E3BC547CFCF3130899C5D72882AF375B0BBC9DAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:67:19:2a:af:47:20:2f:67:5b:eb:33:fc:9b:
e7:17:a7:90:02:63:ac:14:f6:cd:24:ca:90:05:7d:
f9:bf:7e:2b:79:fd:05:fa:f8:80:f7:75:28:32:3b:
d1:03:56:d9:f4:fe:36:98:27:a9:a2:80:f7:a2:d7:
07:00:0c:ec:b6:91:b0:39:a2:1b:a5:98:1e:b6:46:
e3:7f:97:7e:52:03:5a:f5:d7:1c:6f:1f:88:c5:0f:
3a:ef:9c:6c:c5:0a:fc:fd:b5:c7:6e:08:99:67:7b:
56:37:53:cc:bb:e9:f5:75:27:29:8b:44:ea:3a:20:
03:6f:2f:fa:87:85:da:22:92:f5:fe:d4:b7:33:d4:
4e:2a:e9:7d:ba:b2:fe:22:2a:13:db:fd:2a:fa:ba:
42:39:58:08:04:41:26:b0:a6:03:99:c4:d9:b4:a2:
78:17:34:50:23:16:8c:8d:d8:b5:30:94:d6:b4:28:
21:7f:3d:15:d7:bb:d7:07:03:c4:5d:2a:1b:ae:c3:
94:33:fc:6f:2c:0f:2a:24:2e:4e:d2:96:73:68:10:
6b:a6:22:e9:4d:e8:37:c3:3b:08:a5:fd:67:0d:93:
fc:1d:11:14:17:f1:bf:59:ec:02:5a:65:5e:93:55:
78:4e:1e:8e:82:7f:3b:4f:2e:2a:99:aa:25:53:28:
aa:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:BC:54:7C:FC:F3:13:08:99:C5:D7:28:82:AF:37:5B:0B:BC:9D:AB
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/47xUfPzzEwiZxdcogq83Wwu8nas.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:aa:6f:6c:eb:27:c4:d4:f8:f4:6a:7f:f1:60:cf:41:2c:f5:
19:c7:a6:e8:4a:a0:44:89:e6:1c:12:33:a5:ad:19:b9:24:fd:
25:14:c6:fc:83:25:91:13:3a:d6:d4:63:29:f5:98:2d:24:74:
c7:20:f8:f6:cf:be:2f:94:c3:14:72:d8:f7:e1:b2:d6:c4:60:
e9:57:0c:f8:9a:9c:b0:4a:28:7f:bf:9b:02:62:b3:eb:72:f8:
f6:15:b6:88:2e:bc:8d:67:4c:b2:09:33:da:63:6d:f8:45:69:
a4:87:2f:cc:62:09:70:d4:86:ae:82:b0:32:d4:01:f2:4c:42:
05:c6:a7:de:0e:ed:11:a6:7c:2e:d0:df:a4:10:d5:60:e7:78:
ba:f3:a3:cd:dd:a1:30:29:a4:f4:1c:99:fa:8c:63:85:94:cc:
b0:44:1f:84:48:14:36:d5:b1:f6:63:61:02:90:1b:23:42:b1:
88:a5:bf:e5:c0:37:6e:0d:34:c1:5b:53:8c:b1:53:b4:5c:85:
84:7d:bb:77:f3:a8:0f:e6:c9:f0:65:05:dd:ab:fe:70:e7:bb:
e6:ea:a0:6b:09:78:5a:7f:32:0e:90:45:8f:81:41:a6:4e:29:
ee:b4:a9:f8:9b:50:fc:0e:67:f0:01:54:7e:5f:26:0a:d3:29:
2c:3a:eb:2f
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICEiowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEUzQkM1NDdDRkNGMzEz
MDg5OUM1RDcyODgyQUYzNzVCMEJCQzlEQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXZxkqr0cgL2db6zP8m+cXp5ACY6wU9s0kypAFffm/fit5/QX6
+ID3dSgyO9EDVtn0/jaYJ6migPei1wcADOy2kbA5ohulmB62RuN/l35SA1r11xxv
H4jFDzrvnGzFCvz9tcduCJlne1Y3U8y76fV1JymLROo6IANvL/qHhdoikvX+1Lcz
1E4q6X26sv4iKhPb/Sr6ukI5WAgEQSawpgOZxNm0ongXNFAjFoyN2LUwlNa0KCF/
PRXXu9cHA8RdKhuuw5Qz/G8sDyokLk7SlnNoEGumIulN6DfDOwil/WcNk/wdERQX
8b9Z7AJaZV6TVXhOHo6CfztPLiqZqiVTKKr3AgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQU47xUfPzzEwiZxdcogq83Wwu8naswHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzQ3eFVmUHp6RXdpWnhkY29ncTgzV3d1
OG5hcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwB82jANBgkq
hkiG9w0BAQsFAAOCAQEAlapvbOsnxNT49Gp/8WDPQSz1Gcem6EqgRInmHBIzpa0Z
uST9JRTG/IMlkRM61tRjKfWYLSR0xyD49s++L5TDFHLY9+Gy1sRg6VcM+JqcsEoo
f7+bAmKz63L49hW2iC68jWdMsgkz2mNt+EVppIcvzGIJcNSGroKwMtQB8kxCBcan
3g7tEaZ8LtDfpBDVYOd4uvOjzd2hMCmk9ByZ+oxjhZTMsEQfhEgUNtWx9mNhApAb
I0KxiKW/5cA3bg00wVtTjLFTtFyFhH27d/OoD+bJ8GUF3av+cOe75uqgawl4Wn8y
DpBFj4FBpk4p7rSp+JtQ/A5n8AFUfl8mCtMpLDrrLw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:54:11 2025 by rpki-client