Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/BJqV2brDv0gnvkjm4GH1kPDr1Sc.roa
File: BJqV2brDv0gnvkjm4GH1kPDr1Sc.roa (raw, json)
Hash identifier: iqImQ3xh7modU+/Co43H2hARG1JcvDIY95jUGpRrloU=
Subject key identifier: 04:9A:95:D9:BA:C3:BF:48:27:BE:48:E6:E0:61:F5:90:F0:EB:D5:27
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11DB
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/BJqV2brDv0gnvkjm4GH1kPDr1Sc.roa
Signing time: Mon 10 Feb 2025 14:27:48 +0000
ROA not before: Mon 10 Feb 2025 14:27:48 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 203.79.128.0/17 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4571 (0x11db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:48 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=049A95D9BAC3BF4827BE48E6E061F590F0EBD527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c2:12:ee:fb:db:18:2f:08:d5:cd:c8:45:55:
6d:8b:da:98:23:b1:a4:38:a1:e4:7c:cd:66:12:2a:
82:b4:d7:be:6b:31:87:7a:10:aa:f6:69:6b:bc:e7:
f9:b0:13:23:54:12:a0:c7:90:53:34:5e:4c:16:40:
38:fd:5d:43:0d:07:1b:ee:e1:b7:e9:99:1b:c2:f6:
03:4c:d2:16:c9:fb:f6:40:b3:21:47:70:ad:1f:00:
c6:ae:7e:ee:d5:bb:47:a9:e5:32:72:a0:90:5d:bd:
52:dc:31:b4:c8:14:17:38:e3:ba:ab:c9:67:c9:44:
9a:75:3e:da:8f:39:36:89:4a:aa:48:51:62:21:61:
a3:de:9a:07:92:ae:38:77:9f:1d:6f:31:79:c2:ce:
c6:14:6f:89:ff:18:a7:c6:76:52:86:f9:0e:02:82:
15:36:c6:31:53:f4:6b:78:5a:c1:c1:92:9e:6f:1f:
42:41:05:1c:79:59:04:b2:7e:5c:ec:de:0d:96:71:
ba:78:48:c4:c2:9d:fc:f5:bd:6a:d5:32:31:8d:65:
5b:64:98:d9:f5:54:ab:25:9f:ba:0b:e9:01:53:d5:
4d:5d:d5:27:d0:d9:2b:b4:5a:fc:7e:c5:7a:89:9c:
55:5c:d4:94:2d:8b:79:39:27:4b:ef:d6:2c:2c:72:
c2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:9A:95:D9:BA:C3:BF:48:27:BE:48:E6:E0:61:F5:90:F0:EB:D5:27
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/BJqV2brDv0gnvkjm4GH1kPDr1Sc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.128.0/17
Signature Algorithm: sha256WithRSAEncryption
29:c9:b2:cd:0b:e8:f3:b4:b5:69:fd:87:15:bf:56:7f:ec:ca:
3d:ce:f4:fb:19:72:2c:0d:f9:f1:55:ff:19:3b:79:38:b0:cb:
c7:da:ff:3d:ac:d3:0a:6c:24:33:b4:6a:60:8c:83:2c:b2:b6:
c5:87:a8:b6:74:d5:b8:a7:12:b8:ea:62:8c:b9:59:b2:69:9a:
2d:fd:68:61:e8:33:ea:a2:86:2c:61:14:bb:8d:f1:c1:54:85:
66:2f:3e:8c:52:c3:1a:ba:eb:4e:27:43:1f:e4:7b:0f:90:86:
f4:68:65:3c:3f:be:0c:fe:3a:af:4b:fe:26:c4:f0:51:91:e1:
17:30:8c:10:52:11:cf:b7:87:7a:7d:e2:c1:a2:94:7b:7f:3c:
17:bd:9a:e5:66:d2:c4:31:fc:33:bd:29:6d:24:34:8e:9c:17:
b4:45:54:c3:ed:c0:8f:3d:fc:b0:06:43:90:45:37:47:31:c6:
e2:23:a1:b0:a1:4e:08:d0:d2:e5:24:0f:f8:15:4b:f0:d2:12:
1b:6e:c1:73:ad:fe:cc:8a:22:27:3c:a8:03:f6:5f:62:e8:39:
38:aa:6a:ae:7e:a1:51:7a:68:00:1b:27:2f:cb:9b:a6:e6:f6:
21:09:a5:87:4a:a6:00:21:2f:4d:30:23:d5:a1:07:dc:69:2b:
96:79:93:a9
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEdswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3NDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA0OUE5NUQ5QkFDM0JG
NDgyN0JFNDhFNkUwNjFGNTkwRjBFQkQ1MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZwhLu+9sYLwjVzchFVW2L2pgjsaQ4oeR8zWYSKoK0175rMYd6
EKr2aWu85/mwEyNUEqDHkFM0XkwWQDj9XUMNBxvu4bfpmRvC9gNM0hbJ+/ZAsyFH
cK0fAMaufu7Vu0ep5TJyoJBdvVLcMbTIFBc447qryWfJRJp1PtqPOTaJSqpIUWIh
YaPemgeSrjh3nx1vMXnCzsYUb4n/GKfGdlKG+Q4CghU2xjFT9Gt4WsHBkp5vH0JB
BRx5WQSyflzs3g2Wcbp4SMTCnfz1vWrVMjGNZVtkmNn1VKsln7oL6QFT1U1d1SfQ
2Su0Wvx+xXqJnFVc1JQti3k5J0vv1iwscsJrAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUBJqV2brDv0gnvkjm4GH1kPDr1ScwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0JKcVYyYnJEdjBnbnZram00R0gxa1BE
cjFTYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAfLT4AwDQYJ
KoZIhvcNAQELBQADggEBACnJss0L6PO0tWn9hxW/Vn/syj3O9PsZciwN+fFV/xk7
eTiwy8fa/z2s0wpsJDO0amCMgyyytsWHqLZ01binErjqYoy5WbJpmi39aGHoM+qi
hixhFLuN8cFUhWYvPoxSwxq6604nQx/kew+QhvRoZTw/vgz+Oq9L/ibE8FGR4Rcw
jBBSEc+3h3p94sGilHt/PBe9muVm0sQx/DO9KW0kNI6cF7RFVMPtwI89/LAGQ5BF
N0cxxuIjobChTgjQ0uUkD/gVS/DSEhtuwXOt/syKIic8qAP2X2LoOTiqaq5+oVF6
aAAbJy/Lm6bm9iEJpYdKpgAhL00wI9WhB9xpK5Z5k6k=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:19:49 2025 by rpki-client