Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/WES-PAw5HeWbqdowEci22qI2fX0.roa
File: WES-PAw5HeWbqdowEci22qI2fX0.roa (raw, json)
Hash identifier: QfTgdMsPaabnDoeOX0GoqNRlZDszxrRsWpErMn8YwAw=
Subject key identifier: 58:44:BE:3C:0C:39:1D:E5:9B:A9:DA:30:11:C8:B6:DA:A2:36:7D:7D
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11FA
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/WES-PAw5HeWbqdowEci22qI2fX0.roa
Signing time: Mon 10 Feb 2025 14:27:55 +0000
ROA not before: Mon 10 Feb 2025 14:27:55 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9922
IP address blocks: 124.218.160.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4602 (0x11fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:55 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5844BE3C0C391DE59BA9DA3011C8B6DAA2367D7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1f:a6:63:75:04:5a:33:a4:cd:4b:8e:e6:7c:
23:9a:7f:1c:da:86:cb:5e:d5:de:50:9f:e8:76:ec:
a5:b8:90:ab:b2:ef:ad:88:50:50:27:04:a4:dd:1f:
05:08:11:0a:8b:c1:64:d1:0a:71:7e:4f:fb:a5:57:
4a:12:c5:0a:82:a6:f3:15:48:c6:6a:48:18:ba:73:
7c:e8:ed:5b:d5:8c:14:f9:ef:87:e5:6c:4f:23:4d:
33:c6:60:8c:42:e2:3c:9a:d1:4e:b0:57:15:bf:c1:
50:14:ca:02:3b:92:f3:5d:64:70:aa:e1:99:65:b6:
3a:ff:1e:24:9c:97:81:45:08:1d:71:c1:5d:13:67:
f5:e8:44:e0:c7:02:4c:ca:cf:19:b6:7b:74:fd:00:
3a:cd:a0:fb:80:da:e2:b7:b2:81:99:cb:86:e0:b1:
b8:c9:28:27:a5:4f:71:e0:ef:f2:5f:37:eb:5b:73:
90:9d:db:c6:04:c9:61:a1:6d:a3:52:a6:91:75:ab:
5c:52:9c:87:ab:5e:e7:ae:03:f8:3a:ce:28:b9:ff:
1e:eb:0f:96:be:35:13:4f:bf:c6:e2:19:c2:77:64:
db:33:d4:0b:3a:2b:73:d2:eb:06:1e:27:bc:c7:6b:
ca:ad:58:ea:76:b7:e6:09:d8:e4:f2:ce:23:6b:ea:
bc:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:44:BE:3C:0C:39:1D:E5:9B:A9:DA:30:11:C8:B6:DA:A2:36:7D:7D
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/WES-PAw5HeWbqdowEci22qI2fX0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.160.0/21
Signature Algorithm: sha256WithRSAEncryption
45:c6:35:65:6d:21:d1:53:4d:03:e6:51:8a:6c:af:2b:38:48:
75:84:ab:f0:d2:3c:84:53:fc:c1:8d:1e:b4:f3:55:1b:9f:54:
50:1d:f6:cc:c5:c9:ad:66:4b:b5:24:a8:1e:6b:b7:76:78:b4:
3e:5a:f5:97:0b:88:9b:9d:37:78:d9:c6:df:7e:34:c3:7c:d0:
0c:71:3d:e6:14:37:51:e4:87:d8:86:f1:71:12:d5:31:41:56:
13:53:16:83:77:7d:74:0f:26:1d:ea:2f:ae:b8:af:5d:36:f1:
e3:33:ec:66:4a:09:dd:bf:bf:c8:a6:6e:00:5f:6a:ec:2a:fb:
c8:b6:41:e4:c8:d0:75:d3:7e:95:dd:85:2b:32:00:46:5a:2e:
5a:bb:4f:f5:a8:ad:e5:bf:d3:8e:91:64:fc:dc:97:02:70:ee:
8a:b9:1e:43:f5:de:55:d8:81:83:00:d5:78:03:70:4b:fb:04:
cd:96:8d:de:c0:ff:0a:3a:24:51:af:ae:98:9b:0e:b9:a6:02:
1c:40:8b:08:85:38:7d:0a:79:c0:f1:dc:d1:79:d6:df:6c:1e:
a6:f5:04:f5:94:ac:fa:80:ec:65:62:c5:95:98:0f:71:21:8d:
fe:01:74:52:54:05:bf:df:1d:bd:e3:f3:23:3c:14:c0:2e:1e:
bc:ce:37:8f
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEfowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3NTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDU4NDRCRTNDMEMzOTFE
RTU5QkE5REEzMDExQzhCNkRBQTIzNjdEN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBH6ZjdQRaM6TNS47mfCOafxzahste1d5Qn+h27KW4kKuy762I
UFAnBKTdHwUIEQqLwWTRCnF+T/ulV0oSxQqCpvMVSMZqSBi6c3zo7VvVjBT574fl
bE8jTTPGYIxC4jya0U6wVxW/wVAUygI7kvNdZHCq4Zlltjr/HiScl4FFCB1xwV0T
Z/XoRODHAkzKzxm2e3T9ADrNoPuA2uK3soGZy4bgsbjJKCelT3Hg7/JfN+tbc5Cd
28YEyWGhbaNSppF1q1xSnIerXueuA/g6zii5/x7rD5a+NRNPv8biGcJ3ZNsz1As6
K3PS6wYeJ7zHa8qtWOp2t+YJ2OTyziNr6ryPAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUWES+PAw5HeWbqdowEci22qI2fX0wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1dFUy1QQXc1SGVXYnFkb3dFY2kyMnFJ
MmZYMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN82qAwDQYJ
KoZIhvcNAQELBQADggEBAEXGNWVtIdFTTQPmUYpsrys4SHWEq/DSPIRT/MGNHrTz
VRufVFAd9szFya1mS7UkqB5rt3Z4tD5a9ZcLiJudN3jZxt9+NMN80AxxPeYUN1Hk
h9iG8XES1TFBVhNTFoN3fXQPJh3qL664r1028eMz7GZKCd2/v8imbgBfauwq+8i2
QeTI0HXTfpXdhSsyAEZaLlq7T/WoreW/046RZPzclwJw7oq5HkP13lXYgYMA1XgD
cEv7BM2Wjd7A/wo6JFGvrpibDrmmAhxAiwiFOH0KecDx3NF51t9sHqb1BPWUrPqA
7GVixZWYD3Ehjf4BdFJUBb/fHb3j8yM8FMAuHrzON48=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:54:16 2025 by rpki-client