Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/Dz08iZxr8OYNmpRlG6u_5QDNzW0.roa
File: Dz08iZxr8OYNmpRlG6u_5QDNzW0.roa (raw, json)
Hash identifier: InRgkPmojey2Rz/+XgtuXqJQK9+TQxiq9YFieKwTAf8=
Subject key identifier: 0F:3D:3C:89:9C:6B:F0:E6:0D:9A:94:65:1B:AB:BF:E5:00:CD:CD:6D
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0D34
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Dz08iZxr8OYNmpRlG6u_5QDNzW0.roa
Signing time: Mon 10 Feb 2025 13:51:21 +0000
ROA not before: Mon 10 Feb 2025 13:51:21 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18042
IP address blocks: 58.86.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3380 (0xd34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Feb 10 13:51:21 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=0F3D3C899C6BF0E60D9A94651BABBFE500CDCD6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8f:ba:b5:6e:62:dc:b2:3e:73:ca:ae:48:ae:
ec:ad:9a:ea:e8:15:15:fe:37:ad:49:cb:7f:2c:01:
5a:b3:39:7d:47:0d:31:54:d3:a3:8e:18:08:fa:f1:
6b:c0:c6:11:e2:22:8d:5b:d9:b8:86:6f:70:3c:7b:
05:6f:f9:29:19:4f:64:bf:79:f4:01:48:69:7c:43:
62:35:d4:31:72:8c:f1:36:51:e0:10:5f:08:8f:24:
26:75:d9:fa:88:ff:e2:41:f8:5a:7d:a2:c4:b0:52:
fa:ba:dd:e9:96:52:9d:de:6c:b8:0d:46:24:ff:d3:
5f:b2:d5:c6:6f:84:0e:64:0f:dd:71:7d:6e:bf:a7:
86:91:08:94:c4:26:06:8d:45:fe:81:e0:95:b2:ee:
22:4a:5e:a9:c6:c7:ee:c4:a5:8f:6a:74:0e:6f:a2:
99:ef:00:32:b9:27:85:11:c1:1e:c8:b1:ac:d3:69:
02:fd:47:d2:e1:9d:fb:37:a2:ee:ff:be:82:6e:23:
37:7d:75:f7:3c:9f:4f:6b:ff:1a:69:c7:e0:75:34:
e8:82:a6:b0:38:bf:c6:da:ac:0e:02:1b:2f:77:e1:
b0:13:ff:41:18:6d:ed:a2:6f:ef:e7:6e:57:b5:53:
e1:78:8f:c2:66:f1:7d:3b:83:d3:92:1c:82:07:a2:
41:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:3D:3C:89:9C:6B:F0:E6:0D:9A:94:65:1B:AB:BF:E5:00:CD:CD:6D
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Dz08iZxr8OYNmpRlG6u_5QDNzW0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
58.86.38.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:0a:25:c8:15:70:d4:1f:86:4c:b6:91:a4:22:9e:a0:3a:d5:
c0:a3:63:85:2d:02:5b:32:40:34:e8:37:0a:67:9f:b8:b9:b0:
50:c7:9e:ee:51:d3:6c:74:20:7c:c8:d8:9e:77:da:20:19:00:
52:b6:c9:54:66:8d:ef:84:f7:c2:7d:22:0b:f4:1e:47:48:0b:
2a:e0:24:a3:c1:ed:26:da:9e:d0:b3:20:2b:e0:3b:e5:ef:77:
5f:b3:6b:fe:5b:71:a6:05:f8:ae:26:ce:89:13:b0:1a:c3:1a:
65:40:91:98:0c:68:e6:47:e8:a2:2e:da:18:fd:c2:d6:45:03:
6a:f1:e6:c7:fd:cf:7f:a2:da:7c:39:44:4b:11:e9:28:dd:70:
10:a5:cb:83:5d:e5:09:99:22:4f:79:51:57:f6:ac:44:cb:89:
2d:29:4a:d1:8d:02:61:4f:cf:d6:1a:10:c5:de:80:da:5f:81:
87:f9:23:45:25:a0:58:1a:d9:b3:58:20:43:6d:a2:bc:05:c3:
20:d5:59:90:6c:52:c9:a9:5a:52:09:48:46:6c:51:69:7e:fb:
83:47:61:b3:2e:ae:da:19:18:fe:57:19:16:03:1e:2c:9e:31:
72:9d:a5:08:72:2a:8d:6c:8f:90:cb:1d:51:dc:a9:53:b8:0d:
8d:d3:86:3a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDTQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yNTAyMTAx
MzUxMjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBGM0QzQzg5OUM2QkYw
RTYwRDlBOTQ2NTFCQUJCRkU1MDBDRENENkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaj7q1bmLcsj5zyq5IruytmuroFRX+N61Jy38sAVqzOX1HDTFU
06OOGAj68WvAxhHiIo1b2biGb3A8ewVv+SkZT2S/efQBSGl8Q2I11DFyjPE2UeAQ
XwiPJCZ12fqI/+JB+Fp9osSwUvq63emWUp3ebLgNRiT/01+y1cZvhA5kD91xfW6/
p4aRCJTEJgaNRf6B4JWy7iJKXqnGx+7EpY9qdA5vopnvADK5J4URwR7IsazTaQL9
R9Lhnfs3ou7/voJuIzd9dfc8n09r/xppx+B1NOiCprA4v8barA4CGy934bAT/0EY
be2ib+/nble1U+F4j8Jm8X07g9OSHIIHokGlAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUDz08iZxr8OYNmpRlG6u/5QDNzW0wHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0R6MDhpWnhyOE9ZTm1wUmxHNnVfNVFE
TnpXMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA6ViYwDQYJ
KoZIhvcNAQELBQADggEBAJ4KJcgVcNQfhky2kaQinqA61cCjY4UtAlsyQDToNwpn
n7i5sFDHnu5R02x0IHzI2J532iAZAFK2yVRmje+E98J9Igv0HkdICyrgJKPB7Sba
ntCzICvgO+Xvd1+za/5bcaYF+K4mzokTsBrDGmVAkZgMaOZH6KIu2hj9wtZFA2rx
5sf9z3+i2nw5REsR6SjdcBCly4Nd5QmZIk95UVf2rETLiS0pStGNAmFPz9YaEMXe
gNpfgYf5I0UloFga2bNYIENtorwFwyDVWZBsUsmpWlIJSEZsUWl++4NHYbMurtoZ
GP5XGRYDHiyeMXKdpQhyKo1sj5DLHVHcqVO4DY3Thjo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:44:25 2025 by rpki-client