Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/iEfMlTyHjVo6rGOssiO1ar6w264.roa
File: iEfMlTyHjVo6rGOssiO1ar6w264.roa (raw, json)
Hash identifier: GqoFn/fX2krnp98tWSIjJ7Aqx2TlFFofrSq0YITjHSM=
Subject key identifier: 88:47:CC:95:3C:87:8D:5A:3A:AC:63:AC:B2:23:B5:6A:BE:B0:DB:AE
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 117D
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/iEfMlTyHjVo6rGOssiO1ar6w264.roa
Signing time: Mon 10 Feb 2025 14:27:25 +0000
ROA not before: Mon 10 Feb 2025 14:27:25 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9674
IP address blocks: 27.240.0.0/13 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4477 (0x117d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:25 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8847CC953C878D5A3AAC63ACB223B56ABEB0DBAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:34:c1:dd:60:36:62:3d:e0:0e:44:36:b6:a3:
ef:63:1b:6d:ec:f4:b9:e8:33:03:0f:96:95:d4:7c:
cc:33:e6:ae:fe:08:e2:16:0c:97:5c:96:13:10:06:
4a:cb:1c:2d:55:ce:48:3a:f4:4d:80:23:8a:7e:40:
21:a0:60:2d:ac:d5:e8:88:7e:9c:79:f0:20:1f:43:
8e:a9:39:84:6e:2a:13:d8:d7:89:91:ab:2d:15:e4:
32:1c:91:b8:cf:00:15:94:fe:fe:f7:95:37:20:f2:
5a:85:1a:a8:7b:2c:fc:0d:44:2e:fc:c4:00:a3:b8:
8d:2c:aa:ab:d0:79:b8:16:bf:0c:30:88:b0:98:16:
43:d4:7f:c3:cc:5b:7a:c6:07:23:35:64:4c:19:58:
70:c0:68:d1:c0:7d:ed:ed:00:c0:87:56:84:dc:d3:
c6:30:86:d3:a2:b0:79:24:9e:c3:4c:41:43:b3:08:
09:bb:7c:82:8b:7e:86:ff:65:4e:07:4b:22:ce:11:
ea:79:2d:fd:47:c6:5a:9a:b9:17:2d:32:09:f5:eb:
e9:d3:d0:dc:ef:88:d3:6e:6a:c0:5e:9a:ab:16:b1:
e0:64:25:e5:a3:0d:f6:33:eb:55:a7:88:7e:1f:4d:
65:38:83:9c:16:78:63:07:44:0b:3e:db:46:89:6b:
07:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:47:CC:95:3C:87:8D:5A:3A:AC:63:AC:B2:23:B5:6A:BE:B0:DB:AE
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/iEfMlTyHjVo6rGOssiO1ar6w264.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.240.0.0/13
Signature Algorithm: sha256WithRSAEncryption
1b:bc:b8:a6:80:25:05:6f:64:46:15:6e:81:fe:3b:a1:1a:60:
ce:82:c9:33:40:4c:66:5e:74:ef:0c:50:be:a1:72:53:21:0e:
e1:5a:05:36:ad:a3:c5:a0:bf:d1:c1:94:4e:7b:04:c0:23:18:
9b:cd:06:a4:52:4d:75:d6:55:28:fe:c9:a1:4e:cb:00:49:7c:
ec:46:9e:e1:a9:a1:a6:02:75:4c:e0:f6:82:35:2f:6d:4a:38:
e8:92:19:fa:3d:a9:f6:63:12:51:dc:6c:5c:89:80:ba:27:9d:
31:93:e9:3c:22:9a:26:14:7b:51:5f:ce:da:7f:af:68:3c:2c:
b3:aa:8b:ab:a1:93:be:42:e8:52:00:a6:ce:d6:0d:b5:fe:e3:
68:d4:67:72:27:d6:61:86:ff:4e:15:8f:aa:7b:07:80:cf:f0:
74:de:2d:ab:85:72:ce:93:b0:c4:cb:ee:0c:aa:20:e4:41:a5:
28:10:21:a7:db:69:bf:c2:ac:34:57:22:c2:89:7a:73:e8:41:
79:c0:76:40:8d:18:06:db:bb:1e:23:57:37:93:99:a0:7a:44:
b6:5b:5a:2e:e9:08:cd:7d:eb:8a:98:84:49:8a:b8:ff:18:eb:
7a:33:14:9c:80:df:fe:48:06:4c:5d:71:5b:40:06:a3:a9:6f:
03:df:6c:e9
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICEX0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3MjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg4NDdDQzk1M0M4NzhE
NUEzQUFDNjNBQ0IyMjNCNTZBQkVCMERCQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdNMHdYDZiPeAORDa2o+9jG23s9LnoMwMPlpXUfMwz5q7+COIW
DJdclhMQBkrLHC1Vzkg69E2AI4p+QCGgYC2s1eiIfpx58CAfQ46pOYRuKhPY14mR
qy0V5DIckbjPABWU/v73lTcg8lqFGqh7LPwNRC78xACjuI0sqqvQebgWvwwwiLCY
FkPUf8PMW3rGByM1ZEwZWHDAaNHAfe3tAMCHVoTc08YwhtOisHkknsNMQUOzCAm7
fIKLfob/ZU4HSyLOEep5Lf1HxlqauRctMgn16+nT0NzviNNuasBemqsWseBkJeWj
DfYz61WniH4fTWU4g5wWeGMHRAs+20aJawfvAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUiEfMlTyHjVo6rGOssiO1ar6w264wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2lFZk1sVHlIalZvNnJHT3NzaU8xYXI2
dzI2NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwMb8DANBgkq
hkiG9w0BAQsFAAOCAQEAG7y4poAlBW9kRhVugf47oRpgzoLJM0BMZl507wxQvqFy
UyEO4VoFNq2jxaC/0cGUTnsEwCMYm80GpFJNddZVKP7JoU7LAEl87Eae4amhpgJ1
TOD2gjUvbUo46JIZ+j2p9mMSUdxsXImAuiedMZPpPCKaJhR7UV/O2n+vaDwss6qL
q6GTvkLoUgCmztYNtf7jaNRncifWYYb/ThWPqnsHgM/wdN4tq4VyzpOwxMvuDKog
5EGlKBAhp9tpv8KsNFciwol6c+hBecB2QI0YBtu7HiNXN5OZoHpEtltaLukIzX3r
ipiESYq4/xjrejMUnIDf/kgGTF1xW0AGo6lvA99s6Q==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:56:31 2025 by rpki-client