Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/yderg-QniTkdNX9VwOfzB7JjZFM.roa
File: yderg-QniTkdNX9VwOfzB7JjZFM.roa (raw, json)
Hash identifier: rqKpyyMHmt1OSy3nrvmU/kzbxQiwW/ELwWAa56/Jhc8=
Subject key identifier: C9:D7:AB:83:E4:27:89:39:1D:35:7F:55:C0:E7:F3:07:B2:63:64:53
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11AF
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/yderg-QniTkdNX9VwOfzB7JjZFM.roa
Signing time: Mon 10 Feb 2025 14:27:37 +0000
ROA not before: Mon 10 Feb 2025 14:27:37 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 210.58.120.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4527 (0x11af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:37 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C9D7AB83E42789391D357F55C0E7F307B2636453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:2e:4b:9e:5b:52:09:fb:7b:c3:94:20:d1:40:
5d:ab:45:b7:4a:38:fb:2c:e5:a1:16:1c:ef:70:13:
4e:f7:37:cb:ee:87:50:f0:a3:bd:3a:c5:19:e5:ca:
62:f5:cf:2a:a7:ba:21:69:cf:4c:3d:76:5f:c3:28:
6d:ad:0f:b2:bf:ea:85:3d:3b:13:5e:aa:18:59:06:
d0:40:80:7f:e6:14:16:17:36:c4:ce:39:78:18:fe:
9a:d4:ea:d5:8d:af:12:b2:e1:82:20:ed:f8:07:0c:
cb:7d:d0:43:43:79:9a:12:87:70:3c:8d:61:1e:c9:
c5:50:c8:da:91:bd:48:f3:92:10:1b:45:0e:cc:29:
2f:2b:f9:50:73:ef:f1:29:c7:5c:2d:0d:8e:0a:ff:
fb:ee:57:4c:9d:51:92:c2:ef:2f:27:29:72:54:c0:
28:49:bf:7e:82:35:dc:a3:2e:40:46:4a:6c:0c:7d:
c8:1e:63:88:f2:da:89:c9:9e:42:bb:d9:71:0a:2f:
0c:b6:18:d2:b0:b3:b6:3f:67:9c:f0:77:9a:ea:4f:
28:a4:b6:e1:d8:e0:d5:5a:c2:76:eb:00:c4:2e:3b:
e9:eb:46:9e:82:98:81:1c:d7:93:62:6d:1a:2a:97:
1b:01:23:42:60:9c:ab:20:5d:ce:20:2b:ae:f3:e3:
f0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D7:AB:83:E4:27:89:39:1D:35:7F:55:C0:E7:F3:07:B2:63:64:53
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/yderg-QniTkdNX9VwOfzB7JjZFM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.120.0/24
Signature Algorithm: sha256WithRSAEncryption
72:c6:46:d7:01:e3:38:8a:f7:2a:9c:ad:9f:5e:2c:0f:7f:58:
2c:7b:ab:24:6f:ba:b4:7d:8a:db:1c:2d:41:bb:af:79:1e:2b:
82:14:33:ea:d7:f1:d1:1a:04:c3:96:82:3d:c6:f3:83:a1:7c:
4f:e3:b4:9f:9b:19:05:41:d7:db:6c:6e:4d:33:97:66:23:c7:
60:f4:16:d3:49:ce:79:b3:ea:7e:4a:19:9e:9e:21:b6:e8:69:
99:9d:1b:46:13:99:73:b1:f2:51:5f:a2:a1:ab:67:27:64:d3:
10:e8:47:18:0d:e3:e4:7b:44:74:0b:3b:a7:28:f4:fc:26:54:
45:2c:26:6d:c5:e7:b9:c1:d6:cd:9f:20:d0:44:70:16:35:1f:
38:51:16:24:58:1b:0e:45:9c:ad:84:00:94:f6:51:06:29:d2:
98:67:a1:4e:bd:60:c7:ed:83:c8:1d:b9:a0:01:76:2c:99:a6:
4e:8c:fa:4c:bd:cd:21:87:cb:08:7d:ed:22:40:c5:07:2f:e4:
c7:c6:68:90:eb:20:6f:fb:c6:86:87:d9:47:89:94:23:65:ea:
43:0d:8a:13:1c:83:6e:a1:89:a9:1f:d2:12:97:97:a1:41:85:
f3:0a:1f:c1:9b:34:d3:4e:01:ab:d8:35:36:1e:82:7a:f6:dc:
85:fd:98:ba
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEa8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3MzdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM5RDdBQjgzRTQyNzg5
MzkxRDM1N0Y1NUMwRTdGMzA3QjI2MzY0NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQLkueW1IJ+3vDlCDRQF2rRbdKOPss5aEWHO9wE073N8vuh1Dw
o706xRnlymL1zyqnuiFpz0w9dl/DKG2tD7K/6oU9OxNeqhhZBtBAgH/mFBYXNsTO
OXgY/prU6tWNrxKy4YIg7fgHDMt90ENDeZoSh3A8jWEeycVQyNqRvUjzkhAbRQ7M
KS8r+VBz7/Epx1wtDY4K//vuV0ydUZLC7y8nKXJUwChJv36CNdyjLkBGSmwMfcge
Y4jy2onJnkK72XEKLwy2GNKws7Y/Z5zwd5rqTyiktuHY4NVawnbrAMQuO+nrRp6C
mIEc15NibRoqlxsBI0JgnKsgXc4gK67z4/A3AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUyderg+QniTkdNX9VwOfzB7JjZFMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3lkZXJnLVFuaVRrZE5YOVZ3T2Z6QjdK
alpGTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADSOngwDQYJ
KoZIhvcNAQELBQADggEBAHLGRtcB4ziK9yqcrZ9eLA9/WCx7qyRvurR9itscLUG7
r3keK4IUM+rX8dEaBMOWgj3G84OhfE/jtJ+bGQVB19tsbk0zl2Yjx2D0FtNJznmz
6n5KGZ6eIbboaZmdG0YTmXOx8lFfoqGrZydk0xDoRxgN4+R7RHQLO6co9PwmVEUs
Jm3F57nB1s2fINBEcBY1HzhRFiRYGw5FnK2EAJT2UQYp0phnoU69YMftg8gduaAB
diyZpk6M+ky9zSGHywh97SJAxQcv5MfGaJDrIG/7xoaH2UeJlCNl6kMNihMcg26h
iakf0hKXl6FBhfMKH8GbNNNOAavYNTYegnr23IX9mLo=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:19:50 2025 by rpki-client