Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/7BjE018sbPC9ItHxo83wUJXLxTw.roa
File: 7BjE018sbPC9ItHxo83wUJXLxTw.roa (raw, json)
Hash identifier: 7lbOFx31ZKIlAei3Lq/uLjYF9rtStvJBRucXBdxa684=
Subject key identifier: EC:18:C4:D3:5F:2C:6C:F0:BD:22:D1:F1:A3:CD:F0:50:95:CB:C5:3C
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0D29
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/7BjE018sbPC9ItHxo83wUJXLxTw.roa
Signing time: Mon 10 Feb 2025 13:51:18 +0000
ROA not before: Mon 10 Feb 2025 13:51:18 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18042
IP address blocks: 2400:df40::/32 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3369 (0xd29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Feb 10 13:51:18 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=EC18C4D35F2C6CF0BD22D1F1A3CDF05095CBC53C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a3:78:e7:b0:ce:09:0a:49:50:53:84:67:4c:
83:47:65:f5:19:5b:d5:3d:ed:fd:eb:a5:3c:c7:de:
2a:be:11:83:f9:3c:c0:75:2b:91:52:ce:70:49:38:
58:3a:a3:30:dc:c8:a9:45:04:8c:ca:43:e9:58:d7:
f5:57:e7:d9:7b:ac:42:ff:f4:6d:c1:14:1b:ed:44:
a8:61:90:69:11:4c:97:e0:c4:40:14:fd:c0:19:07:
84:11:6e:e9:88:e0:bd:21:02:1e:2c:d5:c8:ba:bb:
f4:74:5c:74:e8:fc:5b:b3:16:4d:b8:dc:c7:b9:ad:
40:6f:83:50:f1:42:07:49:61:ac:1b:65:c6:18:6d:
67:43:49:77:1d:e4:ac:42:26:53:d4:12:b2:a2:d4:
60:d6:ba:55:ea:58:f8:f7:de:a7:e1:4e:db:b8:61:
26:cd:69:98:66:67:a2:82:b5:3b:0c:a5:ac:14:45:
cb:ba:35:c1:66:81:cc:69:46:cd:4c:08:92:1b:f8:
46:6b:cf:78:11:77:97:c1:59:b1:a5:46:74:f0:66:
d2:e8:0c:11:17:9b:5b:b3:3b:9d:30:2a:0d:25:a2:
c5:7f:53:cb:b6:68:81:39:81:25:41:a1:1a:79:1b:
0e:66:7b:1c:27:07:d2:b5:9d:64:56:20:bf:ee:69:
c1:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:18:C4:D3:5F:2C:6C:F0:BD:22:D1:F1:A3:CD:F0:50:95:CB:C5:3C
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/7BjE018sbPC9ItHxo83wUJXLxTw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:df40::/32
Signature Algorithm: sha256WithRSAEncryption
76:16:67:b8:a5:b3:45:0e:13:31:6d:7f:d5:b4:ad:f1:bb:37:
4c:3e:22:c2:22:28:22:9b:7b:a1:8b:f0:67:21:d7:72:d9:d1:
5d:5b:36:1f:1f:f4:91:9b:d3:1b:dc:39:b9:14:23:cc:19:08:
7e:c6:da:b6:c8:88:59:0b:8d:3a:07:25:61:b3:e1:97:dc:73:
e5:4b:83:31:cb:2f:08:34:4e:98:39:dc:c7:1e:84:d8:b1:96:
46:06:7e:76:1c:4f:0c:29:5b:e4:36:d0:4c:43:ce:b9:bb:40:
88:f6:b8:6d:31:94:5f:57:fb:67:fa:b2:d5:e7:48:46:e7:a3:
da:81:df:64:6e:da:83:65:58:13:35:05:f1:5a:b7:fc:46:e0:
ac:8c:42:0e:7f:88:0b:75:3d:e1:7f:20:02:cb:72:4f:70:03:
14:a6:9e:0e:3c:27:44:2e:a8:52:20:82:b3:cb:64:7e:d8:67:
2a:95:63:32:86:dc:c9:a2:a7:11:3a:2f:12:8a:a1:d8:9f:31:
3e:fc:d7:79:5e:0c:d1:e2:d0:6e:c7:51:35:4e:bc:4b:0d:61:
23:99:67:97:7b:8f:ac:7e:28:f9:e7:34:5e:bb:07:f9:76:35:
7f:bf:9f:d0:e4:57:c0:d9:ea:bf:03:b5:9f:d7:a5:2d:ef:71:
73:d2:67:86
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDSkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yNTAyMTAx
MzUxMThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEVDMThDNEQzNUYyQzZD
RjBCRDIyRDFGMUEzQ0RGMDUwOTVDQkM1M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBo3jnsM4JCklQU4RnTINHZfUZW9U97f3rpTzH3iq+EYP5PMB1
K5FSznBJOFg6ozDcyKlFBIzKQ+lY1/VX59l7rEL/9G3BFBvtRKhhkGkRTJfgxEAU
/cAZB4QRbumI4L0hAh4s1ci6u/R0XHTo/FuzFk243Me5rUBvg1DxQgdJYawbZcYY
bWdDSXcd5KxCJlPUErKi1GDWulXqWPj33qfhTtu4YSbNaZhmZ6KCtTsMpawURcu6
NcFmgcxpRs1MCJIb+EZrz3gRd5fBWbGlRnTwZtLoDBEXm1uzO50wKg0losV/U8u2
aIE5gSVBoRp5Gw5mexwnB9K1nWRWIL/uacGJAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU7BjE018sbPC9ItHxo83wUJXLxTwwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JULzdCakUwMThzYlBDOUl0SHhvODN3VUpY
THhUdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAN9AMA0G
CSqGSIb3DQEBCwUAA4IBAQB2Fme4pbNFDhMxbX/VtK3xuzdMPiLCIigim3uhi/Bn
Iddy2dFdWzYfH/SRm9Mb3Dm5FCPMGQh+xtq2yIhZC406ByVhs+GX3HPlS4Mxyy8I
NE6YOdzHHoTYsZZGBn52HE8MKVvkNtBMQ865u0CI9rhtMZRfV/tn+rLV50hG56Pa
gd9kbtqDZVgTNQXxWrf8RuCsjEIOf4gLdT3hfyACy3JPcAMUpp4OPCdELqhSIIKz
y2R+2GcqlWMyhtzJoqcROi8SiqHYnzE+/Nd5XgzR4tBux1E1TrxLDWEjmWeXe4+s
fij55zReuwf5djV/v5/Q5FfA2eq/A7Wf16Ut73Fz0meG
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:38:05 2025 by rpki-client