Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/M_M3h2pe4jMwW3mRjYsbat8mH08.roa
File: M_M3h2pe4jMwW3mRjYsbat8mH08.roa (raw, json)
Hash identifier: RKDS+lUtYTAXogbtMwLcc4Uv2FaZPInJXe8jNTIL+p8=
Subject key identifier: 33:F3:37:87:6A:5E:E2:33:30:5B:79:91:8D:8B:1B:6A:DF:26:1F:4F
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 124E
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/M_M3h2pe4jMwW3mRjYsbat8mH08.roa
Signing time: Mon 10 Feb 2025 14:28:16 +0000
ROA not before: Mon 10 Feb 2025 14:28:16 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18412
IP address blocks: 39.12.0.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4686 (0x124e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:16 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=33F337876A5EE233305B79918D8B1B6ADF261F4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:78:2b:44:54:81:d3:f3:b6:bd:d9:d1:22:df:
46:fc:61:cd:6f:39:2e:5b:e5:86:22:e4:4a:45:83:
bb:de:d6:f0:16:00:a1:e7:c9:de:b1:5b:2a:7e:46:
ec:b9:41:ce:8b:a2:1c:63:3b:a0:7e:7f:23:7b:f6:
e4:90:76:81:37:22:14:7a:2c:35:39:b5:2e:0b:88:
ae:bc:78:b6:0f:5f:c3:9b:1e:c6:87:51:d1:68:e1:
24:ab:cf:dd:c6:bf:6f:e7:8b:68:9d:2e:13:fc:42:
17:f8:e3:1a:c2:c5:d6:c5:63:bc:89:0b:4b:1f:e5:
7a:fb:8a:af:99:23:62:29:cc:0c:ad:25:dd:7c:69:
26:fd:77:28:60:60:0e:2f:e0:be:ca:16:8e:e3:b2:
e0:94:0d:86:8e:ad:fc:46:4f:6f:86:25:a2:20:b0:
18:0a:19:5b:b0:7a:7e:36:fb:23:72:0f:e8:53:0e:
86:49:f3:e7:d9:e8:c4:59:47:f4:10:71:69:aa:41:
bb:80:19:1b:df:f9:38:dc:76:40:56:e7:48:a5:50:
1e:73:75:f3:45:de:3d:87:b3:41:92:9b:94:8a:fc:
6a:dc:e6:79:19:51:98:33:79:8a:e6:2f:c2:16:38:
10:de:e7:8f:2e:98:47:d9:88:49:c0:5a:ae:e1:a8:
fa:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F3:37:87:6A:5E:E2:33:30:5B:79:91:8D:8B:1B:6A:DF:26:1F:4F
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/M_M3h2pe4jMwW3mRjYsbat8mH08.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
39.12.0.0/18
Signature Algorithm: sha256WithRSAEncryption
4c:d2:36:2e:5c:6b:94:49:48:51:55:4d:88:55:de:54:00:f3:
ea:12:34:ce:41:a2:d3:53:de:84:34:f4:0f:ff:63:c0:ee:9e:
93:e2:81:80:06:87:11:d1:28:77:75:fa:e4:e0:83:38:35:62:
3c:54:01:f0:dc:b9:14:3b:7c:de:19:ef:4a:61:1d:7d:3e:ef:
f8:1b:f8:bb:3a:34:f2:e8:e4:c1:91:23:56:49:8b:dc:b9:92:
eb:1f:26:b2:f6:5d:d9:37:b6:25:ce:e7:15:00:9e:aa:2e:d0:
29:b3:02:f6:7f:16:5f:c1:55:3e:52:53:1e:de:dc:b3:b5:bd:
e9:51:47:b3:dd:0e:de:13:5f:c4:92:e2:71:ea:28:d6:a0:9f:
23:b4:15:c5:b1:59:7b:96:b9:5b:d1:3b:f2:53:db:79:ec:48:
48:3d:fa:d2:e3:94:d3:9d:b1:88:f2:46:88:01:e4:e1:04:bf:
bc:f2:d6:7a:6b:f9:f4:41:e8:f9:bc:6a:01:6e:30:f9:ad:df:
87:9c:40:da:34:58:ca:72:74:8b:73:7e:9b:32:db:f3:85:f7:
3d:66:6f:f0:fd:48:34:50:fa:ff:8d:b5:cc:02:e8:ed:9f:ba:
d0:ec:22:38:26:90:c3:61:24:a2:56:7f:81:0d:38:65:d9:02:
12:b5:c0:38
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEk4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDMzRjMzNzg3NkE1RUUy
MzMzMDVCNzk5MThEOEIxQjZBREYyNjFGNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgeCtEVIHT87a92dEi30b8Yc1vOS5b5YYi5EpFg7ve1vAWAKHn
yd6xWyp+Ruy5Qc6LohxjO6B+fyN79uSQdoE3IhR6LDU5tS4LiK68eLYPX8ObHsaH
UdFo4SSrz93Gv2/ni2idLhP8Qhf44xrCxdbFY7yJC0sf5Xr7iq+ZI2IpzAytJd18
aSb9dyhgYA4v4L7KFo7jsuCUDYaOrfxGT2+GJaIgsBgKGVuwen42+yNyD+hTDoZJ
8+fZ6MRZR/QQcWmqQbuAGRvf+TjcdkBW50ilUB5zdfNF3j2Hs0GSm5SK/Grc5nkZ
UZgzeYrmL8IWOBDe548umEfZiEnAWq7hqPqvAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUM/M3h2pe4jMwW3mRjYsbat8mH08wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL01fTTNoMnBlNGpNd1czbVJqWXNiYXQ4
bUgwOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAYnDAAwDQYJ
KoZIhvcNAQELBQADggEBAEzSNi5ca5RJSFFVTYhV3lQA8+oSNM5BotNT3oQ09A//
Y8DunpPigYAGhxHRKHd1+uTggzg1YjxUAfDcuRQ7fN4Z70phHX0+7/gb+Ls6NPLo
5MGRI1ZJi9y5kusfJrL2Xdk3tiXO5xUAnqou0CmzAvZ/Fl/BVT5SUx7e3LO1velR
R7PdDt4TX8SS4nHqKNagnyO0FcWxWXuWuVvRO/JT23nsSEg9+tLjlNOdsYjyRogB
5OEEv7zy1npr+fRB6Pm8agFuMPmt34ecQNo0WMpydItzfpsy2/OF9z1mb/D9SDRQ
+v+NtcwC6O2futDsIjgmkMNhJKJWf4ENOGXZAhK1wDg=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:41:53 2025 by rpki-client