Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/L9FBS4Epo_gc_Sh2PNXT8JbiNOI.roa
File: L9FBS4Epo_gc_Sh2PNXT8JbiNOI.roa (raw, json)
Hash identifier: nW+IwteUcA/fWV/x0Nz87fbWr5zPx2pYLD2GNPHREFw=
Subject key identifier: 2F:D1:41:4B:81:29:A3:F8:1C:FD:28:76:3C:D5:D3:F0:96:E2:34:E2
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11F6
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/L9FBS4Epo_gc_Sh2PNXT8JbiNOI.roa
Signing time: Mon 10 Feb 2025 14:27:54 +0000
ROA not before: Mon 10 Feb 2025 14:27:54 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 222.250.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4598 (0x11f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:54 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2FD1414B8129A3F81CFD28763CD5D3F096E234E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3c:c4:35:d3:0c:90:f3:a9:a9:b2:01:1c:13:
99:29:77:51:8f:24:ac:74:e4:02:ac:25:cc:c9:c8:
6f:6f:17:45:cc:f4:44:4d:b8:6d:6c:0f:3e:46:a5:
69:ba:e2:ce:4f:79:34:55:a0:f2:d5:03:4c:6e:76:
8c:41:3b:ff:65:a6:9d:56:3e:cc:e7:f3:7e:00:5a:
b2:91:8b:ab:c6:83:ec:38:cd:b1:b4:db:31:40:9f:
76:71:12:4f:9c:fd:46:e8:f7:67:51:3b:75:30:66:
43:33:33:15:2c:91:5d:0d:ac:2a:8b:83:08:83:b5:
dc:96:e2:6c:93:64:b7:d8:4e:a1:86:b9:66:e2:26:
d8:47:b0:5b:44:38:c1:2b:fb:e3:f9:48:fb:a9:5e:
4c:55:41:2d:8f:8b:8a:64:34:b8:27:58:56:9e:b9:
62:cf:5b:16:27:18:e7:14:40:c1:5c:96:1b:07:75:
6e:b8:2b:78:76:e3:a5:6b:18:4d:b9:a6:d6:91:4f:
66:94:f8:c9:55:83:be:fc:e1:e2:b4:ab:83:8d:e7:
a0:13:ab:84:6b:43:08:09:c4:67:33:09:28:d7:e1:
e2:1a:34:b5:30:c4:b4:8a:a7:2a:5c:8a:6f:f2:21:
0b:76:82:36:a3:d6:b2:5e:a0:5e:c3:b8:bf:ef:a6:
a6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D1:41:4B:81:29:A3:F8:1C:FD:28:76:3C:D5:D3:F0:96:E2:34:E2
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/L9FBS4Epo_gc_Sh2PNXT8JbiNOI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.250.128.0/18
Signature Algorithm: sha256WithRSAEncryption
56:83:5e:7b:94:d1:60:2a:24:02:c6:26:5e:65:47:a5:a5:d4:
5a:80:b7:94:d4:48:d7:6e:44:91:2b:d5:0f:dd:51:89:62:a3:
cd:1b:5b:7e:fe:ee:a4:58:71:47:d1:4a:1d:10:56:40:12:9b:
61:c6:a4:9c:50:20:3f:e8:56:43:55:11:35:5a:70:88:11:90:
f6:d0:bf:09:76:9a:7d:66:92:e9:1b:92:b6:5c:06:b3:c5:f9:
3b:9a:ec:36:37:1e:f1:0e:a7:69:d7:11:c9:1e:75:65:7b:54:
5c:c8:38:d2:85:92:13:f9:91:96:37:d1:57:2d:34:91:a3:62:
dc:15:79:2a:3a:21:8c:8e:ba:53:44:45:8a:5f:ed:0e:2b:a7:
ed:2a:1a:f2:59:96:6a:5c:16:44:f3:15:0a:1d:45:39:ef:d6:
85:1f:a3:63:44:cc:97:a2:be:26:52:4a:a6:6e:c6:da:02:63:
95:cc:d9:61:80:5d:17:f9:7e:2f:f3:34:2a:9a:57:43:bb:87:
58:8d:0b:09:02:d2:41:25:8a:fc:fa:b7:13:11:09:27:a3:cc:
78:a8:6b:af:ab:1c:37:e8:67:d3:96:4a:79:e1:7f:2e:09:eb:
3e:4e:7b:69:61:80:4e:81:6f:d9:91:c3:28:df:f1:04:78:7e:
ef:ab:f8:ab
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEfYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3NTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJGRDE0MTRCODEyOUEz
RjgxQ0ZEMjg3NjNDRDVEM0YwOTZFMjM0RTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEPMQ10wyQ86mpsgEcE5kpd1GPJKx05AKsJczJyG9vF0XM9ERN
uG1sDz5GpWm64s5PeTRVoPLVA0xudoxBO/9lpp1WPszn834AWrKRi6vGg+w4zbG0
2zFAn3ZxEk+c/Ubo92dRO3UwZkMzMxUskV0NrCqLgwiDtdyW4myTZLfYTqGGuWbi
JthHsFtEOMEr++P5SPupXkxVQS2Pi4pkNLgnWFaeuWLPWxYnGOcUQMFclhsHdW64
K3h246VrGE25ptaRT2aU+MlVg7784eK0q4ON56ATq4RrQwgJxGczCSjX4eIaNLUw
xLSKpypcim/yIQt2gjaj1rJeoF7DuL/vpqbXAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUL9FBS4Epo/gc/Sh2PNXT8JbiNOIwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0w5RkJTNEVwb19nY19TaDJQTlhUOEpi
aU5PSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbe+oAwDQYJ
KoZIhvcNAQELBQADggEBAFaDXnuU0WAqJALGJl5lR6Wl1FqAt5TUSNduRJEr1Q/d
UYlio80bW37+7qRYcUfRSh0QVkASm2HGpJxQID/oVkNVETVacIgRkPbQvwl2mn1m
kukbkrZcBrPF+Tua7DY3HvEOp2nXEckedWV7VFzIONKFkhP5kZY30VctNJGjYtwV
eSo6IYyOulNERYpf7Q4rp+0qGvJZlmpcFkTzFQodRTnv1oUfo2NEzJeiviZSSqZu
xtoCY5XM2WGAXRf5fi/zNCqaV0O7h1iNCwkC0kElivz6txMRCSejzHioa6+rHDfo
Z9OWSnnhfy4J6z5Oe2lhgE6Bb9mRwyjf8QR4fu+r+Ks=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:51:44 2025 by rpki-client