Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/pRqRuhCVJu16thI8om8p-wNaGN4.roa
File: pRqRuhCVJu16thI8om8p-wNaGN4.roa (raw, json)
Hash identifier: RZF6nY9/XA4SUtjRP87upZcrYN8is8tOAj+zacxwxzU=
Subject key identifier: A5:1A:91:BA:10:95:26:ED:7A:B6:12:3C:A2:6F:29:FB:03:5A:18:DE
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11C8
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/pRqRuhCVJu16thI8om8p-wNaGN4.roa
Signing time: Mon 10 Feb 2025 14:27:43 +0000
ROA not before: Mon 10 Feb 2025 14:27:43 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9311
IP address blocks: 222.156.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4552 (0x11c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:43 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A51A91BA109526ED7AB6123CA26F29FB035A18DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ad:2c:fc:be:fb:4b:f5:f7:72:60:71:24:b2:
dc:8c:0d:4a:e6:fc:76:06:5c:6f:eb:98:0b:6e:c7:
46:9a:4d:d1:95:6d:4a:37:c5:44:e7:43:56:1c:26:
73:6a:c7:97:59:5c:b6:7c:66:00:22:18:dc:7f:52:
5b:35:7a:64:b3:31:ff:14:4d:a9:38:8c:29:71:ea:
9e:38:cc:a6:cc:a7:97:79:2c:26:a8:ad:77:3b:8e:
35:5b:76:3f:a8:b4:bf:1e:71:7a:55:0a:e3:5b:6b:
fa:19:8b:28:68:0e:a3:9a:65:c4:41:11:c4:6a:8a:
a2:ef:c2:07:2c:b0:31:0d:45:65:34:f8:7f:fc:af:
17:c4:f0:e2:5e:35:7e:d0:15:bb:2d:41:46:0b:5f:
8a:8e:68:98:23:bf:a2:b8:2e:52:d7:02:17:a9:e1:
71:38:bf:59:f2:62:b4:a3:c3:ba:77:2f:5e:6e:12:
9e:07:d5:39:16:6d:cb:42:2b:c4:11:d5:a5:6e:ae:
f1:8e:00:c8:f2:96:1f:8c:7a:c4:35:08:5c:f0:58:
3b:2a:51:28:14:82:21:ca:21:9f:79:70:41:79:11:
f5:ed:da:fb:c8:69:0a:d3:5c:2f:dc:72:3c:dd:52:
f9:e0:77:b1:b9:a2:31:b3:4a:42:0f:69:75:d9:9d:
74:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:1A:91:BA:10:95:26:ED:7A:B6:12:3C:A2:6F:29:FB:03:5A:18:DE
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/pRqRuhCVJu16thI8om8p-wNaGN4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.156.247.0/24
Signature Algorithm: sha256WithRSAEncryption
63:16:f8:5a:c0:f0:1b:b4:8e:ab:ab:29:fc:d0:86:3d:85:3b:
17:92:97:57:54:69:a4:62:26:e2:d9:f6:45:89:cd:27:94:ad:
67:96:bc:42:ba:29:11:8f:96:c3:4c:26:f6:97:bd:77:b6:c3:
2e:21:8e:e8:0e:14:e9:10:2c:b7:6e:ea:f0:b9:33:93:c3:6f:
bf:8e:cc:5a:7f:c9:c2:a0:1a:f4:bd:0a:3a:3c:51:d8:17:bb:
c0:96:68:5b:15:b1:3f:7c:e5:46:2c:44:f3:74:3c:9a:ef:08:
79:45:3e:8c:66:24:44:0b:c9:4f:23:28:8d:cb:49:6c:a8:85:
df:95:5e:fb:24:ac:60:05:89:18:4b:a1:08:e3:9d:23:dd:29:
48:6c:45:03:a4:a9:bd:16:99:c4:fa:30:4d:af:bc:42:ae:ab:
37:29:b3:0e:63:38:d0:70:6c:c7:bb:d6:75:fe:0c:09:1e:b8:
d9:65:d2:7e:6e:e1:ae:2a:2a:56:d1:02:73:b9:ba:95:47:7c:
74:57:69:24:7d:d5:49:1e:5d:aa:35:87:89:67:19:4a:9e:30:
b7:95:16:ec:64:b8:bb:7e:e1:de:a7:4c:49:19:78:78:5d:84:
cc:72:5c:f0:f8:fb:97:fe:58:0c:b4:8d:10:60:ba:99:53:fe:
f3:8c:9f:b7
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEcgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3NDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE1MUE5MUJBMTA5NTI2
RUQ3QUI2MTIzQ0EyNkYyOUZCMDM1QTE4REUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBrSz8vvtL9fdyYHEkstyMDUrm/HYGXG/rmAtux0aaTdGVbUo3
xUTnQ1YcJnNqx5dZXLZ8ZgAiGNx/Uls1emSzMf8UTak4jClx6p44zKbMp5d5LCao
rXc7jjVbdj+otL8ecXpVCuNba/oZiyhoDqOaZcRBEcRqiqLvwgcssDENRWU0+H/8
rxfE8OJeNX7QFbstQUYLX4qOaJgjv6K4LlLXAhep4XE4v1nyYrSjw7p3L15uEp4H
1TkWbctCK8QR1aVurvGOAMjylh+MesQ1CFzwWDsqUSgUgiHKIZ95cEF5EfXt2vvI
aQrTXC/ccjzdUvngd7G5ojGzSkIPaXXZnXR/AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUpRqRuhCVJu16thI8om8p+wNaGN4wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3BScVJ1aENWSnUxNnRoSThvbThwLXdO
YUdONC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADenPcwDQYJ
KoZIhvcNAQELBQADggEBAGMW+FrA8Bu0jqurKfzQhj2FOxeSl1dUaaRiJuLZ9kWJ
zSeUrWeWvEK6KRGPlsNMJvaXvXe2wy4hjugOFOkQLLdu6vC5M5PDb7+OzFp/ycKg
GvS9Cjo8UdgXu8CWaFsVsT985UYsRPN0PJrvCHlFPoxmJEQLyU8jKI3LSWyohd+V
XvskrGAFiRhLoQjjnSPdKUhsRQOkqb0WmcT6ME2vvEKuqzcpsw5jONBwbMe71nX+
DAkeuNll0n5u4a4qKlbRAnO5upVHfHRXaSR91UkeXao1h4lnGUqeMLeVFuxkuLt+
4d6nTEkZeHhdhMxyXPD4+5f+WAy0jRBguplT/vOMn7c=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:51:58 2025 by rpki-client