Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/UrECjoHGVyzW-uMW9XfIK3X30_E.roa
File: UrECjoHGVyzW-uMW9XfIK3X30_E.roa (raw, json)
Hash identifier: RBxU1184Brqjd9XgyvdGVllEDTSiWcOUwxw900kUYMc=
Subject key identifier: 52:B1:02:8E:81:C6:57:2C:D6:FA:E3:16:F5:77:C8:2B:75:F7:D3:F1
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1246
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/UrECjoHGVyzW-uMW9XfIK3X30_E.roa
Signing time: Mon 10 Feb 2025 14:28:14 +0000
ROA not before: Mon 10 Feb 2025 14:28:14 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9922
IP address blocks: 124.218.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4678 (0x1246)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:14 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=52B1028E81C6572CD6FAE316F577C82B75F7D3F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ff:bc:87:cf:1c:6b:43:4e:03:8c:3e:3f:dd:
a6:5c:55:76:bb:c5:b8:07:30:43:00:e8:81:26:96:
aa:3a:f9:ab:f3:b8:b4:a9:3c:8c:56:b2:37:28:87:
98:64:ee:1c:10:3f:40:9b:f2:42:95:32:de:77:7a:
cc:65:74:ea:15:f1:73:62:08:33:28:ea:56:25:43:
73:98:b1:2b:9b:05:24:bc:db:7b:4d:19:82:00:f6:
27:ff:52:be:9a:80:40:50:10:e4:78:55:c2:fe:d4:
09:43:04:64:39:de:c3:65:02:ba:7f:8b:42:1c:ef:
f5:90:84:3d:9c:e4:cc:95:1e:93:c7:dc:dc:b7:96:
d3:50:d5:35:ba:1a:ed:22:88:f8:9d:6c:36:f7:49:
ae:5f:1a:23:67:75:b1:1d:50:cd:0c:aa:62:88:3b:
a6:07:df:ce:c9:c2:d5:39:7b:28:7d:72:80:7c:b7:
24:38:ce:d2:69:0a:ea:7a:7e:2f:08:b7:24:e1:ea:
e3:2c:6e:92:97:b3:fb:0e:46:3d:c2:8c:19:03:71:
de:b0:73:23:86:2f:b1:de:64:b9:aa:25:e0:db:f2:
0e:4c:80:87:67:8f:9f:2c:98:68:2e:be:2b:e5:64:
40:a1:14:28:72:bc:06:65:bf:fe:41:bb:f8:8b:df:
f0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B1:02:8E:81:C6:57:2C:D6:FA:E3:16:F5:77:C8:2B:75:F7:D3:F1
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/UrECjoHGVyzW-uMW9XfIK3X30_E.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.177.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:3e:4d:0b:7b:5c:8c:e1:d1:ec:7d:77:2a:84:e0:16:24:c3:
98:e8:9e:b1:de:03:bd:26:61:55:64:30:64:c4:fa:ea:0d:f8:
c4:49:d3:48:ee:6d:07:75:aa:2b:0b:ee:fd:bb:04:2a:82:a9:
77:51:c7:03:fc:8f:34:63:85:5f:fb:06:e6:78:55:df:ab:cc:
bd:a3:71:cc:77:86:8a:f3:06:74:f8:38:ed:87:62:e1:3a:86:
e2:84:88:e9:07:c0:49:c4:0d:14:89:5e:1b:fc:5d:8e:4a:49:
03:79:1c:25:0c:13:5c:32:4d:17:d3:83:e2:d6:83:8e:a7:3a:
32:8a:83:d5:1a:dd:78:e0:a7:d0:5c:36:e7:78:fb:db:b1:e0:
0b:ef:e3:95:01:ed:7e:06:43:9b:8e:f3:8a:e3:18:fa:9b:d8:
90:01:a3:b9:78:82:73:aa:e3:e2:8e:64:87:fb:a7:aa:3f:da:
c8:9c:6d:53:44:8f:ca:87:4f:e5:3c:fb:2a:a7:37:ef:c2:a2:
5e:5f:b9:bf:c4:aa:92:31:ca:7c:9d:48:f5:00:28:86:8e:8a:
22:e9:2c:72:fd:fe:fa:4a:c5:d0:b7:30:98:a2:c8:dc:61:6f:
90:24:0f:f2:31:43:25:95:ad:ff:a9:43:06:68:88:9d:88:48:
7e:e3:47:6a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEkYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDUyQjEwMjhFODFDNjU3
MkNENkZBRTMxNkY1NzdDODJCNzVGN0QzRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz/7yHzxxrQ04DjD4/3aZcVXa7xbgHMEMA6IEmlqo6+avzuLSp
PIxWsjcoh5hk7hwQP0Cb8kKVMt53esxldOoV8XNiCDMo6lYlQ3OYsSubBSS823tN
GYIA9if/Ur6agEBQEOR4VcL+1AlDBGQ53sNlArp/i0Ic7/WQhD2c5MyVHpPH3Ny3
ltNQ1TW6Gu0iiPidbDb3Sa5fGiNndbEdUM0MqmKIO6YH387JwtU5eyh9coB8tyQ4
ztJpCup6fi8ItyTh6uMsbpKXs/sORj3CjBkDcd6wcyOGL7HeZLmqJeDb8g5MgIdn
j58smGguvivlZEChFChyvAZlv/5Bu/iL3/DfAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUUrECjoHGVyzW+uMW9XfIK3X30/EwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1VyRUNqb0hHVnl6Vy11TVc5WGZJSzNY
MzBfRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB82rEwDQYJ
KoZIhvcNAQELBQADggEBAFo+TQt7XIzh0ex9dyqE4BYkw5jonrHeA70mYVVkMGTE
+uoN+MRJ00jubQd1qisL7v27BCqCqXdRxwP8jzRjhV/7BuZ4Vd+rzL2jccx3horz
BnT4OO2HYuE6huKEiOkHwEnEDRSJXhv8XY5KSQN5HCUME1wyTRfTg+LWg46nOjKK
g9Ua3Xjgp9BcNud4+9ux4Avv45UB7X4GQ5uO84rjGPqb2JABo7l4gnOq4+KOZIf7
p6o/2sicbVNEj8qHT+U8+yqnN+/Col5fub/EqpIxynydSPUAKIaOiiLpLHL9/vpK
xdC3MJiiyNxhb5AkD/IxQyWVrf+pQwZoiJ2ISH7jR2o=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:56:37 2025 by rpki-client