Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/dcbFdZvnjRu5PnuPYf3XwijDNrs.roa
File: dcbFdZvnjRu5PnuPYf3XwijDNrs.roa (raw, json)
Hash identifier: atwWiD5NV9pAU6zoIk+js+7pcf/WqT2WpNROmX6wDGY=
Subject key identifier: 75:C6:C5:75:9B:E7:8D:1B:B9:3E:7B:8F:61:FD:D7:C2:28:C3:36:BB
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11A0
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/dcbFdZvnjRu5PnuPYf3XwijDNrs.roa
Signing time: Mon 10 Feb 2025 14:27:33 +0000
ROA not before: Mon 10 Feb 2025 14:27:33 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9922
IP address blocks: 124.218.168.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4512 (0x11a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:33 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=75C6C5759BE78D1BB93E7B8F61FDD7C228C336BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:84:a2:41:72:4c:d2:63:16:29:11:0a:f4:50:
17:22:a6:c7:ba:f8:83:15:bd:68:e2:d9:ca:fa:3b:
8d:00:d9:0c:78:dd:e9:27:5d:f4:be:0c:0b:31:3f:
4d:33:68:55:3b:e3:95:35:b9:48:25:d0:31:22:11:
25:35:79:70:b0:9e:3c:3d:b5:19:83:27:09:8d:39:
1e:39:14:91:36:e0:2b:aa:c2:4c:36:4d:1e:9d:26:
0a:b3:94:4c:b9:b8:75:c5:91:95:c4:4b:fe:df:e8:
66:32:77:c1:e8:49:6a:0e:d7:09:99:c7:02:98:18:
b7:26:ce:92:4f:1f:c7:12:ab:8c:bc:a8:a0:4d:25:
64:6c:53:cc:f8:1d:c1:b2:cf:98:47:54:02:5b:aa:
de:70:9c:cb:e4:4d:3c:bc:c7:8d:a1:00:46:d9:c5:
16:01:1f:24:c7:e6:50:f4:0e:87:6f:88:29:8f:3f:
c2:a8:8b:da:e8:02:30:88:f3:ab:f1:22:ac:47:8b:
46:c2:db:f5:62:d8:ef:0f:8e:29:5d:55:2a:11:d7:
71:78:5d:10:d0:dc:83:a3:23:d1:f6:b6:b1:1e:07:
48:19:8c:2b:19:23:5b:30:40:e6:23:df:45:37:17:
dc:44:cc:68:93:d4:e9:fa:bf:14:f6:5b:36:a9:d5:
19:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:C6:C5:75:9B:E7:8D:1B:B9:3E:7B:8F:61:FD:D7:C2:28:C3:36:BB
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/dcbFdZvnjRu5PnuPYf3XwijDNrs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.168.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:d6:5b:6a:e4:f1:56:58:16:c2:78:82:a2:b3:8a:8b:25:77:
bb:26:27:64:9b:a6:b8:5d:17:46:bc:e5:3f:57:ea:c3:a2:ac:
0c:3c:18:13:a8:25:d6:a2:29:a8:40:72:81:d7:20:8c:b2:ae:
79:e1:52:ab:37:9a:31:9d:15:11:4f:5e:43:d7:6b:5d:74:4e:
a3:b3:e1:87:f4:e7:12:52:86:b3:77:3b:09:9e:a8:39:8f:6c:
96:c9:6a:be:36:8d:6b:fc:b4:d6:ca:91:76:37:97:8b:2b:e9:
b4:d1:0f:8d:c6:cc:6a:9a:a0:75:5f:ce:79:ab:bf:d6:35:53:
de:f8:c8:0d:85:ee:5b:21:35:c9:f9:c4:1e:96:fb:33:1f:59:
98:bb:2c:e1:88:0a:14:d8:37:44:7c:fc:09:7d:07:20:5e:b2:
80:fe:b7:6f:a2:e3:50:7d:63:d8:27:7f:19:8c:8d:df:e6:9c:
14:88:78:e8:0e:a3:91:3d:f8:e8:1c:f5:46:6a:27:a7:30:f8:
0c:74:15:ac:54:a0:73:c5:7e:7a:2d:86:72:63:78:dd:a4:20:
57:af:07:2b:69:ad:ec:0c:37:27:18:18:aa:ea:9d:42:cf:d8:
01:97:06:d7:4f:77:b7:54:8d:8d:c8:f3:f9:0c:f5:67:2d:9e:
25:fb:67:e0
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEaAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3MzNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc1QzZDNTc1OUJFNzhE
MUJCOTNFN0I4RjYxRkREN0MyMjhDMzM2QkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCahKJBckzSYxYpEQr0UBcipse6+IMVvWji2cr6O40A2Qx43ekn
XfS+DAsxP00zaFU745U1uUgl0DEiESU1eXCwnjw9tRmDJwmNOR45FJE24Cuqwkw2
TR6dJgqzlEy5uHXFkZXES/7f6GYyd8HoSWoO1wmZxwKYGLcmzpJPH8cSq4y8qKBN
JWRsU8z4HcGyz5hHVAJbqt5wnMvkTTy8x42hAEbZxRYBHyTH5lD0DodviCmPP8Ko
i9roAjCI86vxIqxHi0bC2/Vi2O8PjildVSoR13F4XRDQ3IOjI9H2trEeB0gZjCsZ
I1swQOYj30U3F9xEzGiT1On6vxT2Wzap1RlfAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUdcbFdZvnjRu5PnuPYf3XwijDNrswHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2RjYkZkWnZualJ1NVBudVBZZjNYd2lq
RE5ycy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ82qgwDQYJ
KoZIhvcNAQELBQADggEBAE3WW2rk8VZYFsJ4gqKziosld7smJ2SbprhdF0a85T9X
6sOirAw8GBOoJdaiKahAcoHXIIyyrnnhUqs3mjGdFRFPXkPXa110TqOz4Yf05xJS
hrN3OwmeqDmPbJbJar42jWv8tNbKkXY3l4sr6bTRD43GzGqaoHVfznmrv9Y1U974
yA2F7lshNcn5xB6W+zMfWZi7LOGIChTYN0R8/Al9ByBesoD+t2+i41B9Y9gnfxmM
jd/mnBSIeOgOo5E9+Ogc9UZqJ6cw+Ax0FaxUoHPFfnothnJjeN2kIFevBytprewM
NycYGKrqnULP2AGXBtdPd7dUjY3I8/kM9WctniX7Z+A=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:42:31 2025 by rpki-client