Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/U09usVWMRrKvBthxSsj8NKBa4oY.roa
File: U09usVWMRrKvBthxSsj8NKBa4oY.roa (raw, json)
Hash identifier: FYpIhhGy+aL8NTuqSJcNyqa7BnPd+LGdMA+8FbBDVlU=
Subject key identifier: 53:4F:6E:B1:55:8C:46:B2:AF:06:D8:71:4A:C8:FC:34:A0:5A:E2:86
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 117B
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/U09usVWMRrKvBthxSsj8NKBa4oY.roa
Signing time: Mon 10 Feb 2025 14:27:24 +0000
ROA not before: Mon 10 Feb 2025 14:27:24 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 101.136.0.0/14 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4475 (0x117b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:24 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=534F6EB1558C46B2AF06D8714AC8FC34A05AE286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:73:80:29:90:38:cf:5e:ca:de:f1:15:d3:9a:
e0:33:24:29:23:f6:fe:d0:08:67:bd:b3:02:98:a4:
d9:b1:66:d1:43:37:2b:8b:7a:04:b7:0e:b1:80:31:
9a:9a:db:a5:ab:de:a7:c8:cc:bf:77:8b:f0:14:8f:
e1:d4:b4:93:7a:88:49:d3:cc:3c:36:8b:f3:9d:44:
c3:77:cb:e1:08:36:36:8e:aa:a4:84:cd:91:86:74:
9c:bd:66:c7:6c:0a:33:70:96:9d:ba:66:46:ad:d0:
bf:af:fa:25:06:89:93:a2:0f:e8:87:6f:1d:b4:86:
8b:99:e7:f8:fa:ce:9f:8c:b0:9f:a7:72:68:18:99:
e5:37:0a:bd:58:78:3c:89:f9:8e:96:f0:56:6a:0b:
9c:4b:e1:d8:17:49:04:93:d8:69:cc:3d:37:ee:36:
1c:88:bb:35:c2:a6:d3:ff:a0:43:71:ca:85:68:92:
63:5f:a5:76:a6:c9:a2:8d:66:55:d8:93:84:72:cf:
03:ea:ec:4c:30:16:93:6e:2c:d5:8d:cd:f8:f5:d6:
e7:8e:a2:b0:24:d4:69:03:bb:75:f7:f0:11:f6:ef:
0c:32:d9:7b:22:c5:8e:53:a4:73:df:1b:95:56:42:
74:3b:36:f1:52:91:10:14:f0:19:db:d1:89:73:24:
fe:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:4F:6E:B1:55:8C:46:B2:AF:06:D8:71:4A:C8:FC:34:A0:5A:E2:86
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/U09usVWMRrKvBthxSsj8NKBa4oY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.136.0.0/14
Signature Algorithm: sha256WithRSAEncryption
c5:0e:d9:88:36:c2:4e:c5:0c:6d:ff:41:45:34:4f:95:5d:56:
ec:a0:41:08:69:8e:73:f1:3a:0c:67:9a:e7:2d:ab:24:65:bf:
c3:01:73:3f:4d:97:d3:d0:f3:1a:4a:cb:3a:51:f4:b4:6c:b8:
a7:b9:50:5d:cd:15:6f:51:7f:ab:b1:fc:fa:15:37:a0:80:c1:
55:3f:ea:c5:95:f0:df:5a:4d:7d:30:63:b6:8c:2c:09:5c:f3:
65:05:56:cb:4a:49:98:b7:94:bf:3e:fd:eb:09:b3:f8:b3:b7:
28:c9:41:d7:21:3f:aa:0e:b9:2c:34:37:63:05:9e:43:57:7e:
93:0a:b9:c2:53:b2:26:86:8e:03:6a:2c:52:ad:ed:be:37:04:
f7:3a:6d:24:08:41:49:75:c5:a2:a4:0c:25:3f:a6:cb:1d:1c:
c5:16:e8:62:26:35:57:76:bf:63:a2:af:6c:7b:11:c9:b1:d9:
58:1d:86:e8:3e:65:a4:0b:8b:7c:d2:d7:27:46:a5:29:1e:14:
96:9e:25:ec:45:30:b8:de:81:21:fc:c2:6a:0f:10:22:a3:f5:
b9:6b:92:b1:4b:ed:cf:39:85:65:8b:5c:2b:df:85:b7:2a:87:
65:31:3a:f5:a9:47:bf:7b:25:ba:f8:e0:de:b8:75:cc:7d:b4:
1d:c9:ed:5f
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICEXswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3MjRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDUzNEY2RUIxNTU4QzQ2
QjJBRjA2RDg3MTRBQzhGQzM0QTA1QUUyODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6c4ApkDjPXsre8RXTmuAzJCkj9v7QCGe9swKYpNmxZtFDNyuL
egS3DrGAMZqa26Wr3qfIzL93i/AUj+HUtJN6iEnTzDw2i/OdRMN3y+EINjaOqqSE
zZGGdJy9ZsdsCjNwlp26Zkat0L+v+iUGiZOiD+iHbx20houZ5/j6zp+MsJ+ncmgY
meU3Cr1YeDyJ+Y6W8FZqC5xL4dgXSQST2GnMPTfuNhyIuzXCptP/oENxyoVokmNf
pXamyaKNZlXYk4RyzwPq7EwwFpNuLNWNzfj11ueOorAk1GkDu3X38BH27wwy2Xsi
xY5TpHPfG5VWQnQ7NvFSkRAU8Bnb0YlzJP6PAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUU09usVWMRrKvBthxSsj8NKBa4oYwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1UwOXVzVldNUnJLdkJ0aHhTc2o4TktC
YTRvWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwJliDANBgkq
hkiG9w0BAQsFAAOCAQEAxQ7ZiDbCTsUMbf9BRTRPlV1W7KBBCGmOc/E6DGea5y2r
JGW/wwFzP02X09DzGkrLOlH0tGy4p7lQXc0Vb1F/q7H8+hU3oIDBVT/qxZXw31pN
fTBjtowsCVzzZQVWy0pJmLeUvz796wmz+LO3KMlB1yE/qg65LDQ3YwWeQ1d+kwq5
wlOyJoaOA2osUq3tvjcE9zptJAhBSXXFoqQMJT+myx0cxRboYiY1V3a/Y6KvbHsR
ybHZWB2G6D5lpAuLfNLXJ0alKR4Ulp4l7EUwuN6BIfzCag8QIqP1uWuSsUvtzzmF
ZYtcK9+FtyqHZTE69alHv3sluvjg3rh1zH20HcntXw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:56:42 2025 by rpki-client