Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/It-gPIOb2JtarR36UI3qdEWldLM.roa
File: It-gPIOb2JtarR36UI3qdEWldLM.roa (raw, json)
Hash identifier: fxzOw+RJxucqRYEZ7A/YeH6vB/qHN22F49S+GTj0ILM=
Subject key identifier: 22:DF:A0:3C:83:9B:D8:9B:5A:AD:1D:FA:50:8D:EA:74:45:A5:74:B3
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11DD
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/It-gPIOb2JtarR36UI3qdEWldLM.roa
Signing time: Mon 10 Feb 2025 14:27:49 +0000
ROA not before: Mon 10 Feb 2025 14:27:49 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 60.244.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4573 (0x11dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:49 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=22DFA03C839BD89B5AAD1DFA508DEA7445A574B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:99:e9:0f:ed:ec:58:a9:fa:df:de:bb:9d:d3:
26:5b:63:75:1b:30:9e:54:af:91:37:c7:d0:a1:b1:
5d:78:f2:14:0c:fb:bd:21:b5:30:43:f0:a6:0e:fb:
dc:85:44:a8:16:70:2c:d5:fd:aa:65:e0:f8:5b:0a:
40:f0:1d:38:71:94:e5:47:07:2f:0d:59:6a:3c:69:
c4:21:fe:d5:7f:80:48:f2:95:67:59:29:24:22:52:
1c:95:8e:2c:bf:76:a5:f5:61:32:3a:7f:5d:ec:f4:
a1:09:42:18:87:ff:11:28:65:11:46:75:79:07:93:
5d:39:93:39:ef:80:ab:d4:ec:58:c9:c7:4d:07:6a:
39:2a:38:73:d8:45:4a:60:d3:9f:6f:d2:61:fb:7e:
f0:09:a7:80:b7:21:ac:a0:44:72:6b:e7:33:3a:da:
30:21:7c:47:57:70:17:0f:a7:b6:ad:ac:c5:1c:2e:
6e:18:eb:29:b5:2d:56:85:8d:29:47:91:0f:92:21:
fb:e4:7a:5c:1e:3a:14:f8:9e:ea:00:9e:d4:66:80:
1c:05:cd:f1:eb:cc:1d:a6:69:ff:65:9b:bd:af:36:
61:07:bb:08:f1:22:3b:77:f8:1d:a7:a7:67:c7:9d:
d8:95:ee:d4:ce:d8:70:87:7d:20:59:33:3e:2b:4d:
6f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:DF:A0:3C:83:9B:D8:9B:5A:AD:1D:FA:50:8D:EA:74:45:A5:74:B3
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/It-gPIOb2JtarR36UI3qdEWldLM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.244.0.0/17
Signature Algorithm: sha256WithRSAEncryption
1d:ed:36:7c:4b:a7:6a:ea:6b:9c:c8:ae:0f:ee:f5:e7:94:96:
11:4e:b3:69:5a:d5:f9:af:f5:fa:80:70:c8:cb:cb:78:ed:cd:
82:8b:20:66:27:1e:ba:82:32:35:ca:21:0b:d8:31:af:2e:8b:
33:bf:0f:54:f1:8e:78:8c:86:74:46:a0:05:a5:bc:1e:35:b1:
1e:3b:d9:55:65:22:66:ac:3c:20:a2:3a:4e:66:a9:6a:d7:38:
a3:00:ed:ef:fc:55:8b:fc:10:91:ea:c1:78:cf:f3:90:fc:ed:
89:c1:5e:d8:06:02:c5:a9:dd:87:b3:d7:bf:c0:03:91:3d:ec:
75:51:79:3e:5d:05:b9:1f:d5:d0:ba:9f:c2:f8:1c:b9:9d:ba:
50:63:d5:1a:b2:9c:6f:b7:de:28:d7:62:11:80:5d:99:f3:f2:
1e:ab:d1:29:66:d8:e3:ab:62:6c:9f:84:24:e7:7d:14:cf:fd:
9c:dc:f8:9d:58:5d:f3:9a:3a:e1:b9:06:63:4b:b9:62:1c:ac:
59:35:83:02:5b:d0:aa:42:58:23:7d:00:f4:0d:d7:85:fe:78:
1d:7e:a5:4f:29:ae:92:ea:ac:0e:4b:13:b1:a3:72:6c:48:8e:
e8:53:d2:b0:39:5f:fb:62:be:25:03:a8:40:99:41:0d:4a:54:
fb:b9:88:ef
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEd0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3NDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIyREZBMDNDODM5QkQ4
OUI1QUFEMURGQTUwOERFQTc0NDVBNTc0QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcmekP7exYqfrf3rud0yZbY3UbMJ5Ur5E3x9ChsV148hQM+70h
tTBD8KYO+9yFRKgWcCzV/apl4PhbCkDwHThxlOVHBy8NWWo8acQh/tV/gEjylWdZ
KSQiUhyVjiy/dqX1YTI6f13s9KEJQhiH/xEoZRFGdXkHk105kznvgKvU7FjJx00H
ajkqOHPYRUpg059v0mH7fvAJp4C3IaygRHJr5zM62jAhfEdXcBcPp7atrMUcLm4Y
6ym1LVaFjSlHkQ+SIfvkelweOhT4nuoAntRmgBwFzfHrzB2maf9lm72vNmEHuwjx
Ijt3+B2np2fHndiV7tTO2HCHfSBZMz4rTW/VAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUIt+gPIOb2JtarR36UI3qdEWldLMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0l0LWdQSU9iMkp0YXJSMzZVSTNxZEVX
bGRMTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAc89AAwDQYJ
KoZIhvcNAQELBQADggEBAB3tNnxLp2rqa5zIrg/u9eeUlhFOs2la1fmv9fqAcMjL
y3jtzYKLIGYnHrqCMjXKIQvYMa8uizO/D1TxjniMhnRGoAWlvB41sR472VVlImas
PCCiOk5mqWrXOKMA7e/8VYv8EJHqwXjP85D87YnBXtgGAsWp3Yez17/AA5E97HVR
eT5dBbkf1dC6n8L4HLmdulBj1RqynG+33ijXYhGAXZnz8h6r0Slm2OOrYmyfhCTn
fRTP/Zzc+J1YXfOaOuG5BmNLuWIcrFk1gwJb0KpCWCN9APQN14X+eB1+pU8prpLq
rA5LE7GjcmxIjuhT0rA5X/tiviUDqECZQQ1KVPu5iO8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:45:05 2025 by rpki-client