Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/kC9aJn43dOmZYqOcOs6eVNwrYXA.roa
File: kC9aJn43dOmZYqOcOs6eVNwrYXA.roa (raw, json)
Hash identifier: tj70/HBIFmXOnVlDNgVKqlBFMfw1PK8/2YnQbGOmA7k=
Subject key identifier: 90:2F:5A:26:7E:37:74:E9:99:62:A3:9C:3A:CE:9E:54:DC:2B:61:70
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1189
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/kC9aJn43dOmZYqOcOs6eVNwrYXA.roa
Signing time: Mon 10 Feb 2025 14:27:28 +0000
ROA not before: Mon 10 Feb 2025 14:27:28 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131597
IP address blocks: 218.35.64.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4489 (0x1189)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:28 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=902F5A267E3774E99962A39C3ACE9E54DC2B6170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b6:13:31:f3:2a:bc:ff:29:8e:31:b7:91:35:
4f:17:a4:f1:f6:e0:ee:91:97:bf:73:b6:9a:81:10:
b3:33:af:b1:19:5b:26:a1:c7:9a:54:60:5c:d3:f3:
db:42:97:85:13:64:ed:8e:89:f5:d6:9f:c8:c0:45:
c4:aa:66:90:7a:76:c2:68:13:f5:66:ac:c6:c7:0a:
81:28:1e:fa:1d:66:1b:3d:8c:cf:32:06:70:dc:55:
45:17:53:06:aa:24:b3:d1:05:c3:40:47:1b:1e:98:
4e:7a:63:39:f5:cc:cb:9d:98:3a:98:ec:a1:09:1c:
73:76:4c:03:f5:86:38:d5:ec:9e:46:06:06:4f:da:
c8:59:56:3a:3b:28:23:3a:0f:70:41:5e:95:14:f6:
d5:86:ed:03:4d:cd:18:41:5d:94:74:17:ab:c9:bd:
2a:44:73:55:93:fc:88:24:58:79:0a:d8:b5:90:c3:
4c:b2:d6:ff:52:9e:b6:1b:0b:8f:8d:58:1f:a9:43:
93:c0:c1:7b:0a:1c:d9:02:97:04:9d:4b:d0:29:f3:
2f:a3:04:42:29:1e:2f:ed:37:54:52:7b:20:c4:5e:
af:31:e0:92:0c:ae:b9:d3:6d:60:ab:69:b3:c2:8c:
21:3c:17:12:24:94:e7:94:d8:16:6b:10:89:0a:6e:
d3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:2F:5A:26:7E:37:74:E9:99:62:A3:9C:3A:CE:9E:54:DC:2B:61:70
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/kC9aJn43dOmZYqOcOs6eVNwrYXA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.64.0/19
Signature Algorithm: sha256WithRSAEncryption
b3:28:05:04:30:0d:cd:4e:52:96:57:2c:1e:04:9e:a7:e6:31:
11:83:9e:1f:49:b9:23:60:b8:6f:48:da:46:f5:be:00:c4:1f:
65:00:b1:d2:51:fc:11:63:06:64:b2:fa:67:e8:b7:10:b7:3c:
a9:4b:ab:13:23:52:8b:79:28:38:c9:d0:71:ee:24:e9:b5:e7:
13:ae:2d:e5:1d:a3:58:72:a8:ea:54:fe:0e:35:57:f6:95:ef:
7a:ed:eb:77:9c:ec:5d:1f:ce:3d:a8:0d:3f:27:94:d2:4e:c3:
4a:f4:df:60:66:62:33:71:ec:75:a2:1a:46:bd:5e:cc:07:94:
c2:cf:9b:db:38:5b:17:99:da:db:38:b4:ea:d4:31:42:91:4e:
fd:af:d4:93:ef:5b:c2:30:c4:37:c1:a5:8c:58:77:70:89:52:
f4:99:c7:5c:33:c4:94:63:0e:6f:1b:65:aa:af:65:b5:42:d4:
94:dc:3f:8a:9b:12:3b:48:07:85:34:bf:2a:7b:cf:8b:c5:72:
ae:f3:4b:be:8c:55:6d:c2:0c:e8:f0:08:ff:0e:fd:0d:4f:86:
79:b2:d2:26:09:e6:e7:c1:12:8f:a3:7b:e7:77:4b:9e:6c:0f:
a1:23:56:57:7a:59:1c:3c:3c:07:df:4a:08:59:ff:c1:30:19:
99:8e:ec:9b
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEYkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3MjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDkwMkY1QTI2N0UzNzc0
RTk5OTYyQTM5QzNBQ0U5RTU0REMyQjYxNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9thMx8yq8/ymOMbeRNU8XpPH24O6Rl79ztpqBELMzr7EZWyah
x5pUYFzT89tCl4UTZO2OifXWn8jARcSqZpB6dsJoE/VmrMbHCoEoHvodZhs9jM8y
BnDcVUUXUwaqJLPRBcNARxsemE56Yzn1zMudmDqY7KEJHHN2TAP1hjjV7J5GBgZP
2shZVjo7KCM6D3BBXpUU9tWG7QNNzRhBXZR0F6vJvSpEc1WT/IgkWHkK2LWQw0yy
1v9SnrYbC4+NWB+pQ5PAwXsKHNkClwSdS9Ap8y+jBEIpHi/tN1RSeyDEXq8x4JIM
rrnTbWCrabPCjCE8FxIklOeU2BZrEIkKbtOxAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUkC9aJn43dOmZYqOcOs6eVNwrYXAwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2tDOWFKbjQzZE9tWllxT2NPczZlVk53
cllYQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXaI0AwDQYJ
KoZIhvcNAQELBQADggEBALMoBQQwDc1OUpZXLB4EnqfmMRGDnh9JuSNguG9I2kb1
vgDEH2UAsdJR/BFjBmSy+mfotxC3PKlLqxMjUot5KDjJ0HHuJOm15xOuLeUdo1hy
qOpU/g41V/aV73rt63ec7F0fzj2oDT8nlNJOw0r032BmYjNx7HWiGka9XswHlMLP
m9s4WxeZ2ts4tOrUMUKRTv2v1JPvW8IwxDfBpYxYd3CJUvSZx1wzxJRjDm8bZaqv
ZbVC1JTcP4qbEjtIB4U0vyp7z4vFcq7zS76MVW3CDOjwCP8O/Q1Phnmy0iYJ5ufB
Eo+je+d3S55sD6EjVld6WRw8PAffSghZ/8EwGZmO7Js=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:43:26 2025 by rpki-client