Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/PZdmh1PebQkCs4FWbWZFrPRl_SM.roa
File: PZdmh1PebQkCs4FWbWZFrPRl_SM.roa (raw, json)
Hash identifier: LyKik4UCCs3R8iem0tBwdAik0iHx8qYYQbxLBhSddxw=
Subject key identifier: 3D:97:66:87:53:DE:6D:09:02:B3:81:56:6D:66:45:AC:F4:65:FD:23
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1243
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PZdmh1PebQkCs4FWbWZFrPRl_SM.roa
Signing time: Mon 10 Feb 2025 14:28:14 +0000
ROA not before: Mon 10 Feb 2025 14:28:14 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 211.76.96.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4675 (0x1243)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:14 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3D97668753DE6D0902B381566D6645ACF465FD23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2f:fb:f2:5b:13:b2:a9:91:32:c9:b0:62:bf:
55:4c:39:dd:7b:96:fa:1b:03:aa:9b:e0:9a:72:16:
eb:c1:37:e5:3d:da:5e:26:0f:8b:d0:64:ee:c8:9c:
3c:2f:af:1e:ce:7b:3e:68:4b:1c:10:a6:96:7d:6f:
71:77:82:d4:d6:50:88:30:11:01:2d:1d:41:ed:0f:
fb:41:80:be:ea:14:e9:9e:87:3a:12:64:85:5f:a1:
37:c0:74:07:aa:11:4a:d7:bf:7a:c2:d9:de:a3:b3:
11:77:de:7c:55:f7:44:13:91:b8:00:da:8a:03:e9:
b7:eb:cc:8f:ff:40:51:ad:d9:4d:ed:e9:6f:45:a8:
2f:2f:1c:30:2c:40:02:66:5e:59:00:6c:c2:3e:5f:
8a:82:2e:c6:d2:fb:37:8b:35:f0:ee:50:4f:20:8b:
61:6d:99:e0:24:7a:4a:1a:7c:77:c8:89:c3:d3:70:
c0:c7:83:67:86:47:85:d4:26:4d:c0:50:17:39:78:
8b:93:e1:f5:a6:76:14:ea:4e:78:a9:bb:f0:10:66:
d5:c2:0a:76:b3:af:4b:b2:0d:49:c8:22:28:e2:5d:
bb:db:3d:08:b2:eb:4a:4f:56:dd:91:2d:cd:be:7e:
ae:54:4b:6a:68:70:b6:2d:17:c6:e6:6d:7f:45:e7:
00:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:97:66:87:53:DE:6D:09:02:B3:81:56:6D:66:45:AC:F4:65:FD:23
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PZdmh1PebQkCs4FWbWZFrPRl_SM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.76.96.0/20
Signature Algorithm: sha256WithRSAEncryption
2d:43:06:52:2b:4f:ea:ed:36:07:b1:5e:6b:04:87:1f:01:29:
82:64:70:a5:5f:a2:3f:21:01:04:1c:de:10:08:ce:c4:af:0c:
8a:68:34:fc:3d:2c:57:94:12:0f:56:62:12:ce:11:7f:26:d4:
fb:0d:50:04:4a:0e:42:09:42:82:50:e7:11:ec:08:9a:b4:8d:
bf:bf:89:af:bf:28:c8:30:9d:1e:39:4f:46:5e:01:1d:ca:b5:
1c:09:9f:a1:b9:eb:ff:5c:72:1c:4f:a5:42:e1:77:cf:69:6f:
5b:48:c8:58:b5:46:d2:dc:05:19:35:a5:ae:d4:b6:14:2d:6e:
3a:85:6b:84:bb:54:ab:2c:c8:e3:4f:71:f8:6d:c9:d4:d1:00:
d2:7e:7e:3a:9f:da:78:cc:c8:97:36:9a:c6:fd:81:5e:24:28:
65:46:0f:44:5b:c5:71:db:8c:92:11:d3:38:ea:ed:d1:b2:1a:
6e:43:a2:92:8e:f4:fb:9c:7c:e4:be:85:4a:29:db:85:c5:b0:
d1:cd:73:ed:62:bb:e4:71:94:cb:ea:3c:a0:0a:1d:30:c4:98:
b3:1c:88:21:ce:c9:08:e6:93:76:df:0c:31:85:a9:c0:ac:6b:
6f:c4:64:df:81:83:76:a9:c3:ce:4a:50:ba:cd:b7:34:32:46:
0e:bb:32:42
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEkMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNEOTc2Njg3NTNERTZE
MDkwMkIzODE1NjZENjY0NUFDRjQ2NUZEMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBL/vyWxOyqZEyybBiv1VMOd17lvobA6qb4JpyFuvBN+U92l4m
D4vQZO7InDwvrx7Oez5oSxwQppZ9b3F3gtTWUIgwEQEtHUHtD/tBgL7qFOmehzoS
ZIVfoTfAdAeqEUrXv3rC2d6jsxF33nxV90QTkbgA2ooD6bfrzI//QFGt2U3t6W9F
qC8vHDAsQAJmXlkAbMI+X4qCLsbS+zeLNfDuUE8gi2FtmeAkekoafHfIicPTcMDH
g2eGR4XUJk3AUBc5eIuT4fWmdhTqTnipu/AQZtXCCnazr0uyDUnIIijiXbvbPQiy
60pPVt2RLc2+fq5US2pocLYtF8bmbX9F5wApAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUPZdmh1PebQkCs4FWbWZFrPRl/SMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1BaZG1oMVBlYlFrQ3M0RldiV1pGclBS
bF9TTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATTTGAwDQYJ
KoZIhvcNAQELBQADggEBAC1DBlIrT+rtNgexXmsEhx8BKYJkcKVfoj8hAQQc3hAI
zsSvDIpoNPw9LFeUEg9WYhLOEX8m1PsNUARKDkIJQoJQ5xHsCJq0jb+/ia+/KMgw
nR45T0ZeAR3KtRwJn6G56/9cchxPpULhd89pb1tIyFi1RtLcBRk1pa7UthQtbjqF
a4S7VKssyONPcfhtydTRANJ+fjqf2njMyJc2msb9gV4kKGVGD0RbxXHbjJIR0zjq
7dGyGm5DopKO9PucfOS+hUop24XFsNHNc+1iu+RxlMvqPKAKHTDEmLMciCHOyQjm
k3bfDDGFqcCsa2/EZN+Bg3apw85KULrNtzQyRg67MkI=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:38:59 2025 by rpki-client