Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/Ur2yHnGmPnGrJlDYZbG94zLGW6k.roa
File: Ur2yHnGmPnGrJlDYZbG94zLGW6k.roa (raw, json)
Hash identifier: GQH5w5/oX0k0A7SsljV8/kCpzOluLj/Vr/lVAQ+dGFE=
Subject key identifier: 52:BD:B2:1E:71:A6:3E:71:AB:26:50:D8:65:B1:BD:E3:32:C6:5B:A9
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11B9
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Ur2yHnGmPnGrJlDYZbG94zLGW6k.roa
Signing time: Mon 10 Feb 2025 14:27:39 +0000
ROA not before: Mon 10 Feb 2025 14:27:39 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 7482
IP address blocks: 203.79.216.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4537 (0x11b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:39 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=52BDB21E71A63E71AB2650D865B1BDE332C65BA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:30:09:1f:d5:43:4a:20:e2:7d:9c:42:74:db:
64:66:f7:9d:90:e2:2e:99:0e:5e:68:12:83:e7:c5:
23:95:03:2c:65:3e:ed:bb:fc:66:a5:8e:e2:72:0d:
b4:be:3a:7f:0c:18:db:b2:2a:82:6a:c3:fa:85:7c:
08:ea:a8:6e:6e:e2:e1:c6:80:20:e5:21:db:26:bb:
1e:39:83:b1:b8:ed:db:d9:b7:d3:91:cf:c7:9c:d0:
5a:49:fa:4d:24:af:d5:14:fd:ad:8f:9c:76:6b:4d:
1a:d1:22:64:b8:28:ad:3d:7e:bc:57:1b:a6:ae:01:
3a:93:ef:bb:ec:4b:7a:f5:c4:17:0f:fd:a2:f3:02:
83:05:93:b1:94:c0:71:1f:99:ad:27:fc:16:7c:96:
48:bf:1b:38:a7:a8:e2:c0:7d:99:df:a4:4c:2c:8c:
2c:01:d3:27:1d:e9:df:39:86:84:16:8f:01:80:df:
54:db:f0:0c:48:ab:f8:9e:05:08:17:aa:8f:65:57:
9b:1e:69:55:b6:b6:42:ba:02:6b:97:c0:b3:81:8d:
11:9a:8c:5e:e0:ec:a1:dc:dc:f8:4d:2e:70:bc:a9:
b1:ab:9d:34:f6:08:61:49:ec:7d:ad:27:f8:96:61:
c7:51:eb:3a:1f:2e:3f:8b:29:d4:a9:fb:d0:08:a0:
1b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:BD:B2:1E:71:A6:3E:71:AB:26:50:D8:65:B1:BD:E3:32:C6:5B:A9
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Ur2yHnGmPnGrJlDYZbG94zLGW6k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.216.0/22
Signature Algorithm: sha256WithRSAEncryption
23:21:78:e6:1d:56:84:52:84:0a:d5:9c:66:b8:a7:91:ba:f6:
e8:fe:a8:15:8a:2d:6f:64:f1:74:19:dd:12:0d:d7:bb:ed:78:
c5:04:5e:e2:48:33:f8:ee:2c:65:06:37:79:ab:73:a3:9d:7a:
9c:c8:37:d3:50:9b:ee:36:75:4a:25:0d:ff:74:19:c5:d3:d3:
2b:df:44:8c:66:6d:ef:ec:9b:cf:17:75:b0:f3:e6:b4:5a:2b:
21:0a:e5:6f:f6:6c:3b:d3:a2:3f:cb:39:21:c8:9a:58:e1:7d:
03:c0:a9:77:95:f9:85:81:43:d6:5b:33:86:70:36:7b:7d:8c:
d0:bd:ff:5f:dc:04:06:9f:e3:a3:25:32:8c:27:6d:bc:49:31:
35:c1:56:e4:8b:7b:a0:e1:43:80:b2:5e:01:8f:eb:76:cb:e2:
4b:f6:19:b1:9d:0a:ba:ab:b0:4c:0f:2b:52:88:f8:5f:0d:cf:
3d:16:56:1b:52:76:0f:96:71:70:c8:0b:a8:f6:0d:5c:49:f8:
38:82:60:bc:98:cd:86:58:06:63:fa:72:a1:08:3c:4f:7d:58:
c4:f2:43:5d:b8:1d:0f:b2:a9:7c:f8:e7:18:5d:91:76:ea:9d:
59:28:05:8f:bf:f1:c3:16:dc:e4:d6:dd:85:3f:c8:43:c2:ac:
78:4b:43:7b
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEbkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3MzlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDUyQkRCMjFFNzFBNjNF
NzFBQjI2NTBEODY1QjFCREUzMzJDNjVCQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxMAkf1UNKIOJ9nEJ022Rm952Q4i6ZDl5oEoPnxSOVAyxlPu27
/GaljuJyDbS+On8MGNuyKoJqw/qFfAjqqG5u4uHGgCDlIdsmux45g7G47dvZt9OR
z8ec0FpJ+k0kr9UU/a2PnHZrTRrRImS4KK09frxXG6auATqT77vsS3r1xBcP/aLz
AoMFk7GUwHEfma0n/BZ8lki/GzinqOLAfZnfpEwsjCwB0ycd6d85hoQWjwGA31Tb
8AxIq/ieBQgXqo9lV5seaVW2tkK6AmuXwLOBjRGajF7g7KHc3PhNLnC8qbGrnTT2
CGFJ7H2tJ/iWYcdR6zofLj+LKdSp+9AIoBtfAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUUr2yHnGmPnGrJlDYZbG94zLGW6kwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1VyMnlIbkdtUG5HckpsRFlaYkc5NHpM
R1c2ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALLT9gwDQYJ
KoZIhvcNAQELBQADggEBACMheOYdVoRShArVnGa4p5G69uj+qBWKLW9k8XQZ3RIN
17vteMUEXuJIM/juLGUGN3mrc6OdepzIN9NQm+42dUolDf90GcXT0yvfRIxmbe/s
m88XdbDz5rRaKyEK5W/2bDvToj/LOSHImljhfQPAqXeV+YWBQ9ZbM4ZwNnt9jNC9
/1/cBAaf46MlMownbbxJMTXBVuSLe6DhQ4CyXgGP63bL4kv2GbGdCrqrsEwPK1KI
+F8Nzz0WVhtSdg+WcXDIC6j2DVxJ+DiCYLyYzYZYBmP6cqEIPE99WMTyQ124HQ+y
qXz45xhdkXbqnVkoBY+/8cMW3OTW3YU/yEPCrHhLQ3s=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:56:33 2025 by rpki-client