Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/JDA/f0hEwnOQWt9EwfgFQj1V0EYD08w.roa
File: f0hEwnOQWt9EwfgFQj1V0EYD08w.roa (raw, json)
Hash identifier: hBioZu9O3dAKhssDpVXZ+GvGV7QyhCbI/i/DOJnAzb4=
Subject key identifier: 7F:48:44:C2:73:90:5A:DF:44:C1:F8:05:42:3D:55:D0:46:03:D3:CC
Certificate issuer: /CN=86F6D06B4049386A106E5ED22656A93D9F355274
Certificate serial: 0134
Authority key identifier: 86:F6:D0:6B:40:49:38:6A:10:6E:5E:D2:26:56:A9:3D:9F:35:52:74
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/hvbQa0BJOGoQbl7SJlapPZ81UnQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/JDA/f0hEwnOQWt9EwfgFQj1V0EYD08w.roa
Signing time: Mon 10 Feb 2025 13:45:01 +0000
ROA not before: Mon 10 Feb 2025 13:45:01 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38136
IP address blocks: 210.79.154.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 308 (0x134)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86F6D06B4049386A106E5ED22656A93D9F355274
Validity
Not Before: Feb 10 13:45:01 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=7F4844C273905ADF44C1F805423D55D04603D3CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:09:cd:2a:ea:c9:bb:19:e0:28:19:78:3a:a1:
7a:73:ea:e3:f3:0b:e0:2e:97:9e:e7:cd:94:b9:98:
40:08:b4:73:41:3e:ab:6c:4e:8c:8a:9a:6f:08:31:
df:e6:40:7a:9f:e4:5f:61:93:d0:a5:70:fd:26:f5:
42:f5:59:9a:99:43:9a:4b:b1:fc:23:00:3c:2e:f0:
50:32:97:48:ab:fd:a3:c2:d3:74:a3:23:d2:12:98:
dc:fc:7a:57:8a:5e:1b:71:c8:9b:55:dd:ed:8a:c0:
f0:ef:1a:a0:55:ac:6a:bc:40:0b:90:41:8e:39:8e:
c7:0e:4d:c0:a1:89:c9:76:06:3e:f4:f6:1c:c1:95:
20:66:be:ce:75:8d:9c:04:da:98:8b:56:9a:13:21:
55:5c:18:0a:b8:56:b5:39:a9:a6:78:7a:e7:91:6e:
eb:f1:bf:e5:8c:78:1e:93:7e:87:80:d8:f4:6f:18:
36:21:b3:55:d3:60:73:42:56:52:9a:07:2d:25:2d:
eb:bf:3b:ff:db:60:dd:21:bb:69:b2:fa:64:ae:82:
17:42:35:3d:58:9b:23:d7:86:cc:6b:a8:b6:71:d7:
4c:14:c8:76:68:13:a3:dd:66:1b:ce:56:4a:1e:67:
fb:44:e7:13:20:26:01:07:2a:a9:8a:98:6c:e8:bb:
28:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:48:44:C2:73:90:5A:DF:44:C1:F8:05:42:3D:55:D0:46:03:D3:CC
X509v3 Authority Key Identifier:
keyid:86:F6:D0:6B:40:49:38:6A:10:6E:5E:D2:26:56:A9:3D:9F:35:52:74
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JDA/hvbQa0BJOGoQbl7SJlapPZ81UnQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/hvbQa0BJOGoQbl7SJlapPZ81UnQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JDA/f0hEwnOQWt9EwfgFQj1V0EYD08w.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.79.154.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:dd:7b:af:47:9e:b3:66:46:cd:f5:df:14:a4:ed:e6:99:08:
29:b7:35:16:d5:bb:4a:4d:01:17:3d:ba:df:6b:33:fb:9f:38:
c4:af:3d:f4:2e:91:21:d5:7d:5d:54:a7:b3:83:a3:1d:28:5a:
b4:09:94:0d:f0:26:eb:21:bb:25:86:c8:fd:a7:bf:38:12:58:
af:c7:8c:a0:83:4f:10:22:77:10:b5:cd:ea:20:67:c0:f6:1d:
d5:12:f6:fa:f6:6f:00:2d:fa:ae:4e:04:c5:75:3e:db:9f:2d:
78:ab:88:3b:23:2b:00:e4:53:90:7b:3e:f4:af:bc:ca:41:b9:
5a:ec:38:c4:57:ef:06:18:33:e4:0f:cb:26:b3:f8:a6:d2:2e:
88:08:1d:fa:73:0e:22:ab:2a:8e:b6:df:ff:5f:07:17:6f:e6:
e5:b5:4e:d3:b0:87:ef:f8:c8:eb:1e:ea:67:69:2e:c2:7c:eb:
6b:ff:01:b1:a8:c9:e7:56:d5:42:68:87:d2:fa:51:95:13:92:
9d:74:31:e8:28:6b:96:20:50:15:f4:b8:0d:01:77:7f:ea:2f:
bf:7f:ca:94:88:46:8e:7e:47:9b:a2:9e:3b:e6:18:9f:00:03:
e9:51:90:65:51:cd:30:f1:d0:44:9f:e4:07:a5:fd:6a:5b:76:
e0:3f:68:31
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICATQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODZG
NkQwNkI0MDQ5Mzg2QTEwNkU1RUQyMjY1NkE5M0Q5RjM1NTI3NDAeFw0yNTAyMTAx
MzQ1MDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDdGNDg0NEMyNzM5MDVB
REY0NEMxRjgwNTQyM0Q1NUQwNDYwM0QzQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1Cc0q6sm7GeAoGXg6oXpz6uPzC+Aul57nzZS5mEAItHNBPqts
ToyKmm8IMd/mQHqf5F9hk9ClcP0m9UL1WZqZQ5pLsfwjADwu8FAyl0ir/aPC03Sj
I9ISmNz8eleKXhtxyJtV3e2KwPDvGqBVrGq8QAuQQY45jscOTcChicl2Bj709hzB
lSBmvs51jZwE2piLVpoTIVVcGAq4VrU5qaZ4eueRbuvxv+WMeB6TfoeA2PRvGDYh
s1XTYHNCVlKaBy0lLeu/O//bYN0hu2my+mSughdCNT1YmyPXhsxrqLZx10wUyHZo
E6PdZhvOVkoeZ/tE5xMgJgEHKqmKmGzouygZAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUf0hEwnOQWt9EwfgFQj1V0EYD08wwHwYDVR0jBBgwFoAUhvbQa0BJOGoQbl7S
JlapPZ81UnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSkRBL2h2
YlFhMEJKT0dvUWJsN1NKbGFwUFo4MVVuUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
aHZiUWEwQkpPR29RYmw3U0psYXBQWjgxVW5RLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSkRBL2YwaEV3bk9RV3Q5RXdmZ0ZRajFWMEVZ
RDA4dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHST5owDQYJ
KoZIhvcNAQELBQADggEBACzde69HnrNmRs313xSk7eaZCCm3NRbVu0pNARc9ut9r
M/ufOMSvPfQukSHVfV1Up7ODox0oWrQJlA3wJushuyWGyP2nvzgSWK/HjKCDTxAi
dxC1zeogZ8D2HdUS9vr2bwAt+q5OBMV1PtufLXiriDsjKwDkU5B7PvSvvMpBuVrs
OMRX7wYYM+QPyyaz+KbSLogIHfpzDiKrKo623/9fBxdv5uW1TtOwh+/4yOse6mdp
LsJ862v/AbGoyedW1UJoh9L6UZUTkp10Megoa5YgUBX0uA0Bd3/qL79/ypSIRo5+
R5uinjvmGJ8AA+lRkGVRzTDx0ESf5Ael/WpbduA/aDE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:36:16 2025 by rpki-client