Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/LFi1rC0JLe1SL5tQBuMU-4sHGmc.roa
File: LFi1rC0JLe1SL5tQBuMU-4sHGmc.roa (raw, json)
Hash identifier: zq/ixhnugj0vdL5HmP8Sknh9FnReJnFadAdjtiO2Cog=
Subject key identifier: 2C:58:B5:AC:2D:09:2D:ED:52:2F:9B:50:06:E3:14:FB:8B:07:1A:67
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 125E
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/LFi1rC0JLe1SL5tQBuMU-4sHGmc.roa
Signing time: Mon 10 Feb 2025 14:28:20 +0000
ROA not before: Mon 10 Feb 2025 14:28:20 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 24154
IP address blocks: 210.200.4.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4702 (0x125e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:20 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2C58B5AC2D092DED522F9B5006E314FB8B071A67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a7:d4:54:0a:d0:8d:7f:9b:01:80:de:2a:73:
76:69:24:90:5e:e0:88:0f:e9:90:22:62:63:3c:de:
03:fd:e0:15:88:6f:6e:d0:91:2f:c3:b2:19:bd:90:
8a:71:e1:2d:67:46:a1:98:e1:7b:22:d2:5d:60:75:
47:a6:0b:54:02:a7:5d:5e:1a:0b:fc:82:86:80:12:
ce:c1:a1:c6:4d:66:86:fe:5a:c3:ed:f2:82:67:b3:
76:02:14:3a:c9:de:ef:32:9b:90:13:54:fb:e8:f3:
86:11:0c:9b:d0:d3:d4:f3:66:4c:e1:05:31:3f:29:
d1:a8:6b:01:59:0c:55:49:af:65:e7:31:9f:13:36:
1d:0e:22:f5:fa:a4:85:9f:c0:80:86:5f:38:05:ed:
91:ca:4c:50:e0:c0:63:d0:97:bb:93:7b:ca:d8:36:
aa:8b:3c:f9:0f:4e:40:33:62:a9:ac:9d:2f:cd:25:
81:4e:6b:b9:db:80:73:55:65:19:d0:78:65:af:46:
31:7b:13:6a:b5:98:a8:08:49:18:2f:1a:6e:cc:e1:
39:f0:68:68:4d:71:ab:af:be:92:0e:c8:6d:be:6d:
33:f2:55:3a:ab:0b:a6:43:fc:9f:7f:40:90:39:49:
00:93:47:5d:e6:fe:3e:92:2f:48:af:14:ae:9f:73:
db:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:58:B5:AC:2D:09:2D:ED:52:2F:9B:50:06:E3:14:FB:8B:07:1A:67
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/LFi1rC0JLe1SL5tQBuMU-4sHGmc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.4.0/22
Signature Algorithm: sha256WithRSAEncryption
79:93:7e:1a:12:85:2b:3f:91:0a:13:36:d4:5d:2e:11:f0:25:
e5:c2:f7:dd:7d:bc:01:db:e4:44:a4:7d:01:db:f6:ac:64:ab:
9e:09:01:49:0f:cb:43:42:6b:f6:30:f3:32:99:bc:a8:b7:8b:
bf:63:ce:e2:be:33:21:d1:9e:9c:23:61:45:60:48:57:10:f6:
22:11:8c:eb:9a:84:60:56:be:1c:8f:b4:8e:c7:66:ea:4f:b0:
dd:6a:a8:73:64:83:cb:27:b9:2d:79:f9:ec:9c:33:1c:93:ff:
81:03:cf:37:30:ec:8a:40:07:44:d0:ab:aa:16:b0:5e:ea:69:
07:1c:84:57:78:73:b3:b1:0e:53:36:de:4d:78:2b:b4:98:94:
6e:81:d6:21:47:30:62:f7:ba:2a:19:e3:ef:b6:ed:bd:f1:71:
97:87:0d:16:d0:1a:1e:a4:fa:8e:1a:aa:fd:d4:81:6e:32:52:
d4:79:91:69:d6:fb:54:f6:25:f0:5a:75:1d:c5:33:dd:60:9f:
1d:5d:95:3c:81:f9:fd:86:6b:b7:68:56:b3:8f:8c:69:f8:a5:
10:f6:02:43:51:d6:e9:92:85:60:16:5a:1e:eb:45:3e:0c:5b:
d4:5b:6c:a5:88:cc:58:ec:37:4c:b4:09:ad:01:46:90:df:eb:
0d:18:b0:d5
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEl4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MjBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJDNThCNUFDMkQwOTJE
RUQ1MjJGOUI1MDA2RTMxNEZCOEIwNzFBNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwp9RUCtCNf5sBgN4qc3ZpJJBe4IgP6ZAiYmM83gP94BWIb27Q
kS/Dshm9kIpx4S1nRqGY4Xsi0l1gdUemC1QCp11eGgv8goaAEs7BocZNZob+WsPt
8oJns3YCFDrJ3u8ym5ATVPvo84YRDJvQ09TzZkzhBTE/KdGoawFZDFVJr2XnMZ8T
Nh0OIvX6pIWfwICGXzgF7ZHKTFDgwGPQl7uTe8rYNqqLPPkPTkAzYqmsnS/NJYFO
a7nbgHNVZRnQeGWvRjF7E2q1mKgISRgvGm7M4TnwaGhNcauvvpIOyG2+bTPyVTqr
C6ZD/J9/QJA5SQCTR13m/j6SL0ivFK6fc9sPAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQULFi1rC0JLe1SL5tQBuMU+4sHGmcwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0xGaTFyQzBKTGUxU0w1dFFCdU1VLTRz
SEdtYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALSyAQwDQYJ
KoZIhvcNAQELBQADggEBAHmTfhoShSs/kQoTNtRdLhHwJeXC9919vAHb5ESkfQHb
9qxkq54JAUkPy0NCa/Yw8zKZvKi3i79jzuK+MyHRnpwjYUVgSFcQ9iIRjOuahGBW
vhyPtI7HZupPsN1qqHNkg8snuS15+eycMxyT/4EDzzcw7IpAB0TQq6oWsF7qaQcc
hFd4c7OxDlM23k14K7SYlG6B1iFHMGL3uioZ4++27b3xcZeHDRbQGh6k+o4aqv3U
gW4yUtR5kWnW+1T2JfBadR3FM91gnx1dlTyB+f2Ga7doVrOPjGn4pRD2AkNR1umS
hWAWWh7rRT4MW9RbbKWIzFjsN0y0Ca0BRpDf6w0YsNU=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:49:24 2025 by rpki-client