Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/I4xjt96YDI9xY59HZTuWjKxvnXM.roa
File: I4xjt96YDI9xY59HZTuWjKxvnXM.roa (raw, json)
Hash identifier: oAYwpixmD+R9qiJ8vab/SoCxm4XTMAZjzL3TUMXs39k=
Subject key identifier: 23:8C:63:B7:DE:98:0C:8F:71:63:9F:47:65:3B:96:8C:AC:6F:9D:73
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1257
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/I4xjt96YDI9xY59HZTuWjKxvnXM.roa
Signing time: Mon 10 Feb 2025 14:28:18 +0000
ROA not before: Mon 10 Feb 2025 14:28:18 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 24154
IP address blocks: 222.156.246.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4695 (0x1257)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:18 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=238C63B7DE980C8F71639F47653B968CAC6F9D73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6f:38:bf:88:96:80:6f:23:82:f5:ed:75:95:
25:1b:25:5d:74:b1:20:c6:05:75:3c:5d:fa:52:ee:
95:d2:72:63:83:e1:5a:1f:9b:58:99:09:a8:b8:83:
41:7e:b2:61:28:da:c4:0a:58:3d:94:ae:83:c8:82:
06:ea:f6:b4:ab:51:93:ed:63:f2:9e:2f:15:cb:e3:
1e:82:ad:9e:94:37:66:a5:93:45:e5:33:0f:77:a0:
c7:96:78:8f:35:43:7d:76:bf:85:94:97:f1:32:32:
8d:8b:b3:a3:d4:bd:2b:21:90:85:fe:ec:90:50:ab:
af:3c:0f:86:7f:30:15:84:36:67:c5:d9:ca:ff:c4:
a2:ce:8b:04:8e:a6:46:06:6c:ae:ef:dd:b4:b3:65:
2b:43:60:6e:d4:8e:11:04:78:ec:e7:32:04:2c:e6:
ad:ca:33:ef:39:d0:a5:dd:a8:82:d9:e7:6c:9c:6d:
7f:28:22:69:66:b4:c8:74:ba:41:a8:38:9d:41:4e:
5d:50:f1:73:1a:07:84:67:02:86:18:81:67:be:79:
5a:73:42:e7:a4:43:a9:f7:f2:e2:34:cb:43:a5:4d:
0c:13:77:a8:bc:67:86:c7:11:ea:a6:7a:7e:5e:06:
76:2c:bc:12:e2:21:f2:c3:35:de:b1:98:43:c8:0f:
15:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:8C:63:B7:DE:98:0C:8F:71:63:9F:47:65:3B:96:8C:AC:6F:9D:73
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/I4xjt96YDI9xY59HZTuWjKxvnXM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.156.246.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:51:55:ed:fa:13:da:85:f8:86:d8:5d:4d:51:88:95:85:48:
ca:24:6c:7b:4b:8b:ad:16:7a:3e:2c:35:1b:ec:6a:dd:a6:62:
17:5f:52:5e:d2:cf:0c:61:01:8c:ba:3e:1c:d2:76:25:c9:b8:
43:ff:f2:6c:5f:5e:97:dd:c2:77:41:07:4f:fe:69:b4:97:2e:
86:72:43:d1:a7:7f:51:c8:f2:3b:20:51:63:06:03:54:43:d9:
a3:de:53:16:cc:d2:38:e9:b7:39:1a:fc:c1:d5:79:08:16:37:
71:17:4a:4b:53:82:ab:dc:48:10:15:3f:24:7b:fc:b1:c7:33:
5b:35:20:0b:24:36:ef:db:4d:23:fb:80:03:c2:f1:f8:9f:21:
09:88:2b:a6:24:76:65:2a:74:91:a6:16:89:69:7f:c1:dc:cf:
fc:47:81:c9:37:32:17:a6:3e:cc:d6:3f:4d:f1:21:c5:85:33:
c4:0c:74:c1:93:86:9e:f8:44:3a:c2:0f:e1:92:aa:67:af:63:
90:ce:c0:4f:28:f9:1b:54:63:1a:98:b4:53:34:fe:dd:81:36:
27:7b:65:98:af:e6:41:de:df:b3:6f:b6:8a:d7:15:9a:8f:e1:
b1:b4:58:aa:61:59:ed:50:c8:ee:e6:c0:81:e0:99:de:aa:79:
e7:9d:86:c1
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICElcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIzOEM2M0I3REU5ODBD
OEY3MTYzOUY0NzY1M0I5NjhDQUM2RjlENzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRbzi/iJaAbyOC9e11lSUbJV10sSDGBXU8XfpS7pXScmOD4Vof
m1iZCai4g0F+smEo2sQKWD2UroPIggbq9rSrUZPtY/KeLxXL4x6CrZ6UN2alk0Xl
Mw93oMeWeI81Q312v4WUl/EyMo2Ls6PUvSshkIX+7JBQq688D4Z/MBWENmfF2cr/
xKLOiwSOpkYGbK7v3bSzZStDYG7UjhEEeOznMgQs5q3KM+850KXdqILZ52ycbX8o
ImlmtMh0ukGoOJ1BTl1Q8XMaB4RnAoYYgWe+eVpzQuekQ6n38uI0y0OlTQwTd6i8
Z4bHEeqmen5eBnYsvBLiIfLDNd6xmEPIDxWfAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUI4xjt96YDI9xY59HZTuWjKxvnXMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0k0eGp0OTZZREk5eFk1OUhaVHVXakt4
dm5YTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADenPYwDQYJ
KoZIhvcNAQELBQADggEBAM5RVe36E9qF+IbYXU1RiJWFSMokbHtLi60Wej4sNRvs
at2mYhdfUl7SzwxhAYy6PhzSdiXJuEP/8mxfXpfdwndBB0/+abSXLoZyQ9Gnf1HI
8jsgUWMGA1RD2aPeUxbM0jjptzka/MHVeQgWN3EXSktTgqvcSBAVPyR7/LHHM1s1
IAskNu/bTSP7gAPC8fifIQmIK6YkdmUqdJGmFolpf8Hcz/xHgck3MhemPszWP03x
IcWFM8QMdMGThp74RDrCD+GSqmevY5DOwE8o+RtUYxqYtFM0/t2BNid7ZZiv5kHe
37NvtorXFZqP4bG0WKphWe1QyO7mwIHgmd6qeeedhsE=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:56:42 2025 by rpki-client