Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/INdnZBbeVTzYOj6v9MdRVlFXw24.roa
File: INdnZBbeVTzYOj6v9MdRVlFXw24.roa (raw, json)
Hash identifier: O1MiS0tkLXGSm6U51JVJp2lJgBnxkxV9tPrOLNQYaSI=
Subject key identifier: 20:D7:67:64:16:DE:55:3C:D8:3A:3E:AF:F4:C7:51:56:51:57:C3:6E
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 121B
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/INdnZBbeVTzYOj6v9MdRVlFXw24.roa
Signing time: Mon 10 Feb 2025 14:28:04 +0000
ROA not before: Mon 10 Feb 2025 14:28:04 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9674
IP address blocks: 39.8.0.0/14 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4635 (0x121b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:04 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=20D7676416DE553CD83A3EAFF4C751565157C36E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e9:34:18:f5:92:ac:71:38:03:b2:b1:00:3c:
e7:4a:7a:91:60:5c:7a:ba:d6:e5:bf:bd:cb:9d:69:
f0:ee:aa:fd:88:7b:58:e9:f7:61:cc:c7:4f:90:7b:
b1:4e:15:a3:ad:92:24:f1:eb:72:f1:45:b6:48:46:
64:cd:1d:c9:f5:8a:ba:7b:88:b3:c7:91:f7:ef:43:
d0:85:a3:e9:28:cd:59:79:29:3b:d5:25:b0:4f:5d:
78:b3:52:71:0a:d2:d8:6c:bc:e1:24:2a:4c:6d:02:
25:43:48:2f:76:1f:08:71:ef:ed:1d:be:86:01:2b:
8a:3e:90:09:99:9d:91:e6:42:5c:e3:3d:91:4c:9f:
0c:b6:74:68:58:46:a8:97:fb:c9:7f:fa:8a:93:a9:
9a:86:f1:2e:9a:06:39:50:28:1d:1b:8b:ec:6d:d5:
13:3c:1c:9c:9b:25:bd:2a:0b:40:e6:71:6c:e9:54:
73:b1:6c:ea:bd:48:18:6d:48:c3:a7:3d:6d:b0:1a:
fb:60:5e:b5:6f:6c:3e:53:9d:f6:e9:94:36:93:da:
93:18:df:70:ff:0d:fd:50:52:b8:ce:8f:6d:75:a3:
e8:99:c9:2c:b0:f2:26:08:89:9d:1e:07:bc:74:f0:
c9:48:a5:53:1c:90:f1:c8:8a:60:58:1c:1b:6b:60:
de:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:D7:67:64:16:DE:55:3C:D8:3A:3E:AF:F4:C7:51:56:51:57:C3:6E
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/INdnZBbeVTzYOj6v9MdRVlFXw24.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
39.8.0.0/14
Signature Algorithm: sha256WithRSAEncryption
b4:b5:a0:00:19:b7:eb:a0:8f:27:89:5e:4f:72:6a:7a:6c:e6:
25:c2:4f:c6:13:17:fe:05:85:ed:17:7f:ea:a2:2a:53:97:64:
8e:1a:72:30:97:d8:b7:2b:d1:10:ef:fd:f2:99:09:23:a8:83:
f0:ee:34:19:a6:c0:93:7e:b2:ee:2c:31:9d:5a:2c:f8:e5:d8:
c3:1c:ab:6f:81:20:03:51:3f:92:13:0b:29:04:89:2c:dd:8f:
46:10:95:bf:19:e8:e2:44:48:cf:f0:94:30:d5:84:4a:8a:b5:
60:fc:97:44:26:bd:d6:2f:6e:f1:8a:24:1f:55:01:fb:b6:9b:
91:a2:11:c5:23:6c:cf:2c:5a:13:2a:ff:5b:25:2b:fe:e0:10:
b8:8b:20:72:dd:56:cb:31:00:41:90:be:19:45:85:81:d1:c7:
9f:8e:c1:a2:16:5e:28:ee:d4:78:34:e1:3d:60:d7:bf:1e:0e:
b7:f2:94:ea:da:05:bb:09:c8:29:bd:f3:9b:da:2b:12:8b:b3:
a5:45:0d:72:a8:e8:c0:1a:07:1c:52:ce:72:fe:9c:a8:33:af:
90:2c:63:7f:aa:5d:e4:95:f4:be:29:76:b0:0d:5e:26:42:ed:
ff:9a:55:b8:2f:f9:6d:72:87:61:19:4b:b4:78:af:32:ff:d1:
39:bf:5b:05
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICEhswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIwRDc2NzY0MTZERTU1
M0NEODNBM0VBRkY0Qzc1MTU2NTE1N0MzNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt6TQY9ZKscTgDsrEAPOdKepFgXHq61uW/vcudafDuqv2Ie1jp
92HMx0+Qe7FOFaOtkiTx63LxRbZIRmTNHcn1irp7iLPHkffvQ9CFo+kozVl5KTvV
JbBPXXizUnEK0thsvOEkKkxtAiVDSC92Hwhx7+0dvoYBK4o+kAmZnZHmQlzjPZFM
nwy2dGhYRqiX+8l/+oqTqZqG8S6aBjlQKB0bi+xt1RM8HJybJb0qC0DmcWzpVHOx
bOq9SBhtSMOnPW2wGvtgXrVvbD5TnfbplDaT2pMY33D/Df1QUrjOj211o+iZySyw
8iYIiZ0eB7x08MlIpVMckPHIimBYHBtrYN6BAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUINdnZBbeVTzYOj6v9MdRVlFXw24wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0lOZG5aQmJlVlR6WU9qNnY5TWRSVmxG
WHcyNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwInCDANBgkq
hkiG9w0BAQsFAAOCAQEAtLWgABm366CPJ4leT3JqemzmJcJPxhMX/gWF7Rd/6qIq
U5dkjhpyMJfYtyvREO/98pkJI6iD8O40GabAk36y7iwxnVos+OXYwxyrb4EgA1E/
khMLKQSJLN2PRhCVvxno4kRIz/CUMNWESoq1YPyXRCa91i9u8YokH1UB+7abkaIR
xSNszyxaEyr/WyUr/uAQuIsgct1WyzEAQZC+GUWFgdHHn47BohZeKO7UeDThPWDX
vx4Ot/KU6toFuwnIKb3zm9orEouzpUUNcqjowBoHHFLOcv6cqDOvkCxjf6pd5JX0
vil2sA1eJkLt/5pVuC/5bXKHYRlLtHivMv/ROb9bBQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:51:53 2025 by rpki-client