Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/P-emNOowxVF1EanxvWUUJcP7M6I.roa
File: P-emNOowxVF1EanxvWUUJcP7M6I.roa (raw, json)
Hash identifier: e9GrA2kYFNca4C6oUi7lKbfr2NsOaR0ODGgLvmLoQ7Q=
Subject key identifier: 3F:E7:A6:34:EA:30:C5:51:75:11:A9:F1:BD:65:14:25:C3:FB:33:A2
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0D2A
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/P-emNOowxVF1EanxvWUUJcP7M6I.roa
Signing time: Mon 10 Feb 2025 13:51:19 +0000
ROA not before: Mon 10 Feb 2025 13:51:19 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18042
IP address blocks: 61.63.0.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3370 (0xd2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Feb 10 13:51:19 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3FE7A634EA30C5517511A9F1BD651425C3FB33A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:39:7e:37:2c:a0:35:9b:a3:fa:6a:28:69:63:
7e:5a:62:b8:15:dd:2b:dc:06:e6:1c:42:45:87:24:
1d:a3:a0:8c:dd:49:58:3d:df:14:5e:88:17:c7:9a:
98:f4:ea:c9:1e:98:be:a3:05:0b:29:b3:b2:61:f6:
19:96:eb:c9:32:4f:64:f0:bd:8d:be:30:8b:0e:45:
01:a6:2a:86:65:69:9a:55:9d:76:26:41:04:35:80:
fc:a0:7a:67:73:54:11:e4:02:87:52:a0:ec:56:2f:
0d:9c:2b:b7:d4:b4:db:d8:ef:68:db:70:3d:91:c8:
63:01:35:c4:c2:cc:6e:1f:6e:55:7d:60:9b:e5:09:
48:61:2c:d4:9c:35:0a:f3:39:ca:a7:06:43:af:01:
5b:74:10:c3:61:2e:f8:94:39:08:6d:47:5d:01:78:
06:64:57:e0:77:59:c0:3c:59:14:09:63:15:cf:18:
e9:5a:df:1c:0d:6b:de:6e:06:55:01:fe:44:25:f0:
13:24:c3:5a:ea:fe:82:e2:d2:9f:3c:fe:bb:f0:84:
b1:bc:b5:f6:ba:89:c7:c5:86:de:8b:79:59:5b:f2:
ed:e3:a2:22:ea:26:f1:7d:bd:3b:89:a6:f9:18:9c:
af:d7:4d:d3:94:d1:9d:67:b4:6e:5d:f2:21:fd:e3:
12:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E7:A6:34:EA:30:C5:51:75:11:A9:F1:BD:65:14:25:C3:FB:33:A2
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/P-emNOowxVF1EanxvWUUJcP7M6I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.63.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4f:ec:d8:5e:62:45:2b:aa:2a:88:1c:eb:d5:e8:96:d7:b0:f6:
53:08:89:41:2f:19:f5:c1:b5:4c:ed:43:e8:f3:01:2b:21:0a:
bf:12:38:41:0a:b6:e2:57:08:c6:dc:ca:91:1f:33:4d:fd:00:
11:33:37:08:5c:dc:94:92:9b:b7:1b:4e:2b:30:90:06:82:61:
44:53:f7:d2:1e:a9:93:7e:2f:64:0e:7c:49:fe:06:51:b0:39:
ec:a2:94:00:fd:c8:e5:21:46:14:8b:df:dc:a8:2c:da:90:24:
c9:5a:94:d6:31:77:05:2a:cd:dc:1b:39:dc:8c:88:fd:63:27:
58:f9:3a:96:0a:3a:ce:13:b8:c3:c2:b2:ff:06:08:ab:30:c0:
a3:da:6d:93:09:06:1b:c8:ae:6f:5c:09:92:38:7f:73:3e:c4:
56:54:c6:35:26:2c:72:a4:00:d3:b4:d3:25:e1:d2:3b:29:d6:
7a:0f:1a:9f:1f:0b:bf:4b:89:c4:53:ef:db:75:8f:f2:c4:b8:
72:8b:dc:f1:1a:f3:75:04:57:0e:91:f5:ee:57:ca:96:a0:0c:
97:ca:f5:36:b8:46:74:82:07:8f:1b:b5:f4:df:c9:19:cf:f7:
6e:c2:fe:49:9d:fc:a5:df:8f:59:80:7e:4f:40:dc:95:b5:4d:
41:da:a6:35
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDSowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yNTAyMTAx
MzUxMTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNGRTdBNjM0RUEzMEM1
NTE3NTExQTlGMUJENjUxNDI1QzNGQjMzQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHOX43LKA1m6P6aihpY35aYrgV3SvcBuYcQkWHJB2joIzdSVg9
3xReiBfHmpj06skemL6jBQsps7Jh9hmW68kyT2TwvY2+MIsORQGmKoZlaZpVnXYm
QQQ1gPygemdzVBHkAodSoOxWLw2cK7fUtNvY72jbcD2RyGMBNcTCzG4fblV9YJvl
CUhhLNScNQrzOcqnBkOvAVt0EMNhLviUOQhtR10BeAZkV+B3WcA8WRQJYxXPGOla
3xwNa95uBlUB/kQl8BMkw1rq/oLi0p88/rvwhLG8tfa6icfFht6LeVlb8u3joiLq
JvF9vTuJpvkYnK/XTdOU0Z1ntG5d8iH94xL1AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUP+emNOowxVF1EanxvWUUJcP7M6IwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL1AtZW1OT293eFZGMUVhbnh2V1VVSmNQ
N002SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAU9PwAwDQYJ
KoZIhvcNAQELBQADggEBAE/s2F5iRSuqKogc69Xoltew9lMIiUEvGfXBtUztQ+jz
ASshCr8SOEEKtuJXCMbcypEfM039ABEzNwhc3JSSm7cbTiswkAaCYURT99IeqZN+
L2QOfEn+BlGwOeyilAD9yOUhRhSL39yoLNqQJMlalNYxdwUqzdwbOdyMiP1jJ1j5
OpYKOs4TuMPCsv8GCKswwKPabZMJBhvIrm9cCZI4f3M+xFZUxjUmLHKkANO00yXh
0jsp1noPGp8fC79LicRT79t1j/LEuHKL3PEa83UEVw6R9e5XypagDJfK9Ta4RnSC
B48btfTfyRnP927C/kmd/KXfj1mAfk9A3JW1TUHapjU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:47:41 2025 by rpki-client