Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/zbTvgFQaE4zTwWh07PHXgjRTs6g.roa
File: zbTvgFQaE4zTwWh07PHXgjRTs6g.roa (raw, json)
Hash identifier: E0sGg4yde7+HVnVN5FzBI2sLd0yHnpzTKYUFceZTvRA=
Subject key identifier: CD:B4:EF:80:54:1A:13:8C:D3:C1:68:74:EC:F1:D7:82:34:53:B3:A8
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1219
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/zbTvgFQaE4zTwWh07PHXgjRTs6g.roa
Signing time: Mon 10 Feb 2025 14:28:04 +0000
ROA not before: Mon 10 Feb 2025 14:28:04 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 43.240.104.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4633 (0x1219)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:04 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CDB4EF80541A138CD3C16874ECF1D7823453B3A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4c:53:0b:75:55:61:02:1f:99:b0:6a:39:f0:
17:1d:7a:c1:0f:0c:9d:0f:d8:16:16:21:d2:7b:7f:
f9:b7:0b:24:c8:9f:97:8a:07:65:5e:60:29:34:86:
0d:f0:c0:f1:de:f9:05:e0:2f:9c:00:30:29:1f:7c:
a0:87:71:2b:41:e6:6c:4a:18:75:18:f5:05:fb:03:
80:bc:06:b5:23:1f:37:4c:08:38:f3:a1:70:31:d9:
2a:29:5d:8a:34:3a:3a:45:17:30:42:3d:c8:4a:6a:
6f:55:9d:77:78:58:34:5c:16:2e:c7:4c:13:36:fd:
50:ce:4e:2f:e0:3e:ac:0d:c7:42:2f:70:30:04:3d:
10:c9:1e:55:2d:79:ec:8e:28:33:14:a2:21:66:1b:
60:1e:8e:c2:50:01:ee:f6:ef:20:51:86:d1:0e:65:
e9:a3:db:68:4f:c6:c0:5a:13:3d:7a:04:6c:7a:a4:
57:5c:6d:31:da:ff:38:ba:24:5b:7b:fc:27:c4:51:
0d:27:1d:08:09:c9:db:9e:45:7f:15:94:f8:d3:96:
20:55:44:04:97:c6:43:e4:7c:31:a4:ed:9b:24:58:
bc:3c:27:c3:2e:26:56:22:2f:11:6a:d8:09:f8:5b:
2c:43:70:89:ca:f3:84:fa:b2:93:50:83:51:56:ac:
ec:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B4:EF:80:54:1A:13:8C:D3:C1:68:74:EC:F1:D7:82:34:53:B3:A8
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/zbTvgFQaE4zTwWh07PHXgjRTs6g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.104.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:ba:06:87:da:d1:af:95:00:3f:75:02:ae:09:db:da:b4:9a:
e0:c7:1f:39:76:b1:6e:1d:3e:6f:a0:0c:ce:eb:07:c9:9b:47:
e8:56:36:3f:72:8b:8f:cd:90:c6:ee:4e:5c:ad:50:5f:30:4f:
1e:2f:c1:51:76:7a:76:d4:86:00:f2:c9:85:e2:53:6c:5f:4f:
0f:42:9a:6a:9f:b7:4a:33:1c:dd:80:c6:23:83:9b:44:89:fa:
1b:9f:dd:07:01:a6:6a:ae:10:60:d4:ec:c0:34:f8:ae:1a:20:
4b:5a:b4:d6:2a:99:2b:2b:1b:76:0d:f9:53:a6:84:83:25:f9:
a1:44:db:8f:3b:ab:75:e5:b8:fc:0d:f7:fc:6d:0d:93:c6:68:
b8:93:1c:7b:54:09:52:2e:52:a0:87:ab:a6:66:94:2c:ba:9a:
d2:90:ec:a1:3f:c3:53:01:d4:db:aa:bf:1f:f8:b4:e1:6b:b2:
0c:13:21:e9:f1:03:3f:49:f9:d5:a9:90:b5:3f:30:8a:51:25:
c0:0d:ee:51:f1:67:df:a7:0e:c2:4f:87:ce:53:ba:2d:24:db:
1e:10:25:2d:0a:69:64:0e:bf:80:e5:c2:20:04:5e:3d:d2:6e:
b4:8e:4f:ac:df:bf:0d:33:d3:20:7c:0c:5e:30:b1:1a:ff:2c:
6f:ab:dd:7d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEhkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENEQjRFRjgwNTQxQTEz
OENEM0MxNjg3NEVDRjFENzgyMzQ1M0IzQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeTFMLdVVhAh+ZsGo58BcdesEPDJ0P2BYWIdJ7f/m3CyTIn5eK
B2VeYCk0hg3wwPHe+QXgL5wAMCkffKCHcStB5mxKGHUY9QX7A4C8BrUjHzdMCDjz
oXAx2SopXYo0OjpFFzBCPchKam9VnXd4WDRcFi7HTBM2/VDOTi/gPqwNx0IvcDAE
PRDJHlUteeyOKDMUoiFmG2AejsJQAe727yBRhtEOZemj22hPxsBaEz16BGx6pFdc
bTHa/zi6JFt7/CfEUQ0nHQgJydueRX8VlPjTliBVRASXxkPkfDGk7ZskWLw8J8Mu
JlYiLxFq2An4WyxDcInK84T6spNQg1FWrOxXAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUzbTvgFQaE4zTwWh07PHXgjRTs6gwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3piVHZnRlFhRTR6VHdXaDA3UEhYZ2pS
VHM2Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIr8GgwDQYJ
KoZIhvcNAQELBQADggEBAD26Bofa0a+VAD91Aq4J29q0muDHHzl2sW4dPm+gDM7r
B8mbR+hWNj9yi4/NkMbuTlytUF8wTx4vwVF2enbUhgDyyYXiU2xfTw9Cmmqft0oz
HN2AxiODm0SJ+huf3QcBpmquEGDU7MA0+K4aIEtatNYqmSsrG3YN+VOmhIMl+aFE
2487q3XluPwN9/xtDZPGaLiTHHtUCVIuUqCHq6ZmlCy6mtKQ7KE/w1MB1Nuqvx/4
tOFrsgwTIenxAz9J+dWpkLU/MIpRJcAN7lHxZ9+nDsJPh85Tui0k2x4QJS0KaWQO
v4DlwiAEXj3SbrSOT6zfvw0z0yB8DF4wsRr/LG+r3X0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:42:55 2025 by rpki-client