Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/jG3HrzStm8cSNVtY7rqMcBaukJ4.roa
File: jG3HrzStm8cSNVtY7rqMcBaukJ4.roa (raw, json)
Hash identifier: ptp6uZcisLNljUQHRvXfKv1vAy63FuJzcyU2cZtRl0M=
Subject key identifier: 8C:6D:C7:AF:34:AD:9B:C7:12:35:5B:58:EE:BA:8C:70:16:AE:90:9E
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1286
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/jG3HrzStm8cSNVtY7rqMcBaukJ4.roa
Signing time: Mon 10 Feb 2025 14:28:30 +0000
ROA not before: Mon 10 Feb 2025 14:28:30 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18049
IP address blocks: 60.244.172.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4742 (0x1286)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:30 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8C6DC7AF34AD9BC712355B58EEBA8C7016AE909E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:49:38:ac:d1:bd:58:d9:45:cf:3e:1f:fa:eb:
b2:3f:2f:ce:55:5e:4c:4d:78:d4:90:83:62:8f:16:
8f:a2:ec:64:ba:67:88:a3:69:33:76:a2:3c:22:9d:
0a:0c:41:39:c4:9f:c9:ce:32:af:76:be:a5:7b:d8:
b1:7c:4d:2c:96:08:03:e7:b5:1a:a3:ee:a2:1e:f8:
a6:7d:ae:73:ff:e7:4a:ab:fa:8e:2d:3f:cf:47:d7:
ef:0c:64:8d:23:4d:72:43:8c:cc:bc:35:fd:37:c7:
1f:ba:dc:aa:c5:33:4a:d0:7e:3c:4e:44:32:db:79:
a9:a5:c3:d8:27:5f:4a:52:d3:45:5e:69:26:b0:af:
0b:d0:75:17:f9:f9:8e:69:7e:1a:98:c8:6d:4b:82:
b0:e9:1d:a9:38:5f:c2:60:58:a7:6b:4b:7d:2b:0f:
9b:b4:65:7b:77:3c:16:39:1a:c3:b6:77:e4:d3:e1:
3d:16:06:66:22:97:e3:fb:33:dc:ca:ba:40:27:12:
76:bc:18:5c:33:06:de:93:93:48:c8:8f:ef:8c:b0:
ae:97:87:ae:2d:aa:05:bd:7d:57:92:53:35:5a:b8:
e7:59:ab:ff:d4:46:8c:f3:e3:ef:91:2d:88:52:97:
37:4c:64:7d:27:33:81:dd:f6:23:0e:af:1a:1e:52:
37:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:6D:C7:AF:34:AD:9B:C7:12:35:5B:58:EE:BA:8C:70:16:AE:90:9E
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/jG3HrzStm8cSNVtY7rqMcBaukJ4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.244.172.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:95:7d:a9:3a:d8:6f:24:fc:9c:fa:f6:42:c3:66:37:3d:2f:
8a:59:0d:53:3a:58:86:04:3f:ed:a9:fd:d0:36:58:a8:37:a7:
58:e1:c6:93:6d:cf:a8:60:06:5f:b4:64:ff:be:92:f7:80:fb:
37:72:89:1f:d5:51:e3:90:5d:cc:b6:69:78:ca:fa:7c:4f:bd:
b3:12:70:3f:0f:59:b1:dc:92:95:5a:33:41:f8:3a:1b:10:f1:
a6:11:62:dc:c4:ca:d7:24:25:5b:23:7a:8e:be:50:16:a2:ec:
11:17:cc:ad:0a:1f:03:2d:f6:51:80:f9:09:86:d0:a9:55:41:
d2:ab:41:c4:91:05:50:fd:c4:10:4f:6d:9d:5d:b9:f1:51:fe:
cf:88:b5:17:88:3b:a8:4f:db:91:f7:61:7f:9d:c7:f2:47:38:
6e:11:3b:dd:eb:74:6f:24:56:9c:97:80:59:53:43:f6:bc:db:
79:34:24:c9:26:30:cc:f9:39:41:4a:9e:29:85:5c:1a:94:fb:
20:f5:ee:50:83:e1:41:15:63:31:d2:3d:26:54:05:6a:0b:75:
7c:cc:9d:4c:8c:c0:6d:75:fd:f1:f2:06:34:bb:41:1e:f5:d2:
62:ef:eb:1c:da:f7:73:f7:a2:11:ab:e4:fe:8c:74:74:b2:15:
c6:ee:a3:54
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEoYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MzBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhDNkRDN0FGMzRBRDlC
QzcxMjM1NUI1OEVFQkE4QzcwMTZBRTkwOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmSTis0b1Y2UXPPh/667I/L85VXkxNeNSQg2KPFo+i7GS6Z4ij
aTN2ojwinQoMQTnEn8nOMq92vqV72LF8TSyWCAPntRqj7qIe+KZ9rnP/50qr+o4t
P89H1+8MZI0jTXJDjMy8Nf03xx+63KrFM0rQfjxORDLbeamlw9gnX0pS00VeaSaw
rwvQdRf5+Y5pfhqYyG1LgrDpHak4X8JgWKdrS30rD5u0ZXt3PBY5GsO2d+TT4T0W
BmYil+P7M9zKukAnEna8GFwzBt6Tk0jIj++MsK6Xh64tqgW9fVeSUzVauOdZq//U
Rozz4++RLYhSlzdMZH0nM4Hd9iMOrxoeUjcfAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUjG3HrzStm8cSNVtY7rqMcBaukJ4wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2pHM0hyelN0bThjU05WdFk3cnFNY0Jh
dWtKNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI89KwwDQYJ
KoZIhvcNAQELBQADggEBAL+Vfak62G8k/Jz69kLDZjc9L4pZDVM6WIYEP+2p/dA2
WKg3p1jhxpNtz6hgBl+0ZP++kveA+zdyiR/VUeOQXcy2aXjK+nxPvbMScD8PWbHc
kpVaM0H4OhsQ8aYRYtzEytckJVsjeo6+UBai7BEXzK0KHwMt9lGA+QmG0KlVQdKr
QcSRBVD9xBBPbZ1dufFR/s+ItReIO6hP25H3YX+dx/JHOG4RO93rdG8kVpyXgFlT
Q/a823k0JMkmMMz5OUFKnimFXBqU+yD17lCD4UEVYzHSPSZUBWoLdXzMnUyMwG11
/fHyBjS7QR710mLv6xza93P3ohGr5P6MdHSyFcbuo1Q=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:54:20 2025 by rpki-client