Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/SCTMBtmx8EdptTS9uzrSxn8oMVk.roa
File: SCTMBtmx8EdptTS9uzrSxn8oMVk.roa (raw, json)
Hash identifier: XslrDYeRm2gvCLsVGdGbrD3rSKzrLPfVR/8Y/HWO3ik=
Subject key identifier: 48:24:CC:06:D9:B1:F0:47:69:B5:34:BD:BB:3A:D2:C6:7F:28:31:59
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0D2B
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/SCTMBtmx8EdptTS9uzrSxn8oMVk.roa
Signing time: Mon 10 Feb 2025 13:51:19 +0000
ROA not before: Mon 10 Feb 2025 13:51:19 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18042
IP address blocks: 61.67.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3371 (0xd2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Feb 10 13:51:19 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=4824CC06D9B1F04769B534BDBB3AD2C67F283159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4b:47:8e:df:0c:82:35:06:1a:b0:8f:95:62:
bf:1c:fa:fc:b6:f5:9e:1e:d1:a6:7a:0e:52:9b:68:
34:b3:ce:99:11:9a:6a:0a:3d:69:ba:6b:3d:a8:7f:
fd:b6:81:c0:1f:fa:98:8e:03:39:a6:8d:bb:d2:c3:
53:0d:fb:bb:79:08:d7:65:3d:7c:db:e2:af:1b:67:
09:79:8a:bb:5e:60:27:ce:0b:87:ec:6c:b0:76:26:
5f:3f:44:a5:1c:6e:04:8c:78:ed:b0:15:94:32:08:
5f:33:36:24:02:d8:1e:84:cb:14:5d:54:4a:aa:bb:
d0:25:7e:77:4d:fa:4e:46:8c:03:59:70:52:92:ab:
5f:23:f3:28:bf:70:b3:03:38:fe:a8:85:17:a8:48:
74:7b:fe:a4:ea:d6:b4:d1:56:ed:60:9a:cf:7c:ad:
dc:22:73:0a:38:8c:d0:b4:43:79:94:9e:08:3b:42:
01:e1:e6:6e:9d:8c:89:6f:36:77:dc:93:83:1f:45:
bf:b9:41:91:49:e2:89:44:4f:1b:58:43:f8:86:d0:
e0:8e:97:10:ec:bc:ae:a3:a3:95:65:90:6f:8d:81:
c5:9a:bf:3b:16:a8:2c:85:26:7b:68:5c:a3:ff:49:
55:b2:39:9e:11:27:af:8a:90:a0:fe:10:c7:dc:3c:
14:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:24:CC:06:D9:B1:F0:47:69:B5:34:BD:BB:3A:D2:C6:7F:28:31:59
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/SCTMBtmx8EdptTS9uzrSxn8oMVk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.67.128.0/17
Signature Algorithm: sha256WithRSAEncryption
70:b3:22:e8:8d:8f:32:fa:48:0a:2b:58:01:2e:2d:bb:ac:35:
d8:62:e1:c5:05:21:97:f9:e1:52:43:a2:76:dc:65:bf:9d:01:
f0:af:14:15:2b:f2:a8:2a:b1:9e:03:89:a1:0c:e7:35:46:4d:
e6:10:58:a9:18:ab:cf:24:b1:82:c3:e7:b5:ad:86:e3:2d:c3:
75:8c:51:22:12:7b:ef:77:c8:97:e8:4c:08:e3:97:ea:ce:5d:
66:eb:75:8b:73:d5:b8:3e:55:c8:f5:92:a6:4f:88:81:5d:8b:
10:1b:8f:5d:da:30:11:09:f1:0d:4e:e6:21:86:8f:5d:b1:fe:
fa:89:28:d5:7c:bd:1c:c4:6d:81:fd:8f:1d:35:bf:23:f9:eb:
8c:f4:ca:72:52:16:66:fc:3d:4b:dd:af:e4:ad:64:51:02:06:
1d:8a:db:9e:2c:c9:00:74:5c:4b:98:a2:f8:73:43:72:b1:f5:
72:8b:a8:9c:60:0f:e9:a7:66:44:18:12:28:bb:51:a1:ae:eb:
69:f2:66:f3:cc:99:c2:99:86:01:2a:f5:6b:75:3b:ba:a9:84:
8e:94:b5:16:94:86:52:91:dc:f2:8a:d4:89:a2:e7:a2:27:58:
08:c9:0a:08:2c:39:fe:41:7c:ad:ec:fb:1e:56:e1:83:f6:df:
d1:e8:1c:48
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDSswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yNTAyMTAx
MzUxMTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ4MjRDQzA2RDlCMUYw
NDc2OUI1MzRCREJCM0FEMkM2N0YyODMxNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWS0eO3wyCNQYasI+VYr8c+vy29Z4e0aZ6DlKbaDSzzpkRmmoK
PWm6az2of/22gcAf+piOAzmmjbvSw1MN+7t5CNdlPXzb4q8bZwl5irteYCfOC4fs
bLB2Jl8/RKUcbgSMeO2wFZQyCF8zNiQC2B6EyxRdVEqqu9AlfndN+k5GjANZcFKS
q18j8yi/cLMDOP6ohReoSHR7/qTq1rTRVu1gms98rdwicwo4jNC0Q3mUngg7QgHh
5m6djIlvNnfck4MfRb+5QZFJ4olETxtYQ/iG0OCOlxDsvK6jo5VlkG+NgcWavzsW
qCyFJntoXKP/SVWyOZ4RJ6+KkKD+EMfcPBR5AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUSCTMBtmx8EdptTS9uzrSxn8oMVkwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL1NDVE1CdG14OEVkcHRUUzl1enJTeG44
b01Way5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAc9Q4AwDQYJ
KoZIhvcNAQELBQADggEBAHCzIuiNjzL6SAorWAEuLbusNdhi4cUFIZf54VJDonbc
Zb+dAfCvFBUr8qgqsZ4DiaEM5zVGTeYQWKkYq88ksYLD57WthuMtw3WMUSISe+93
yJfoTAjjl+rOXWbrdYtz1bg+Vcj1kqZPiIFdixAbj13aMBEJ8Q1O5iGGj12x/vqJ
KNV8vRzEbYH9jx01vyP564z0ynJSFmb8PUvdr+StZFECBh2K254syQB0XEuYovhz
Q3Kx9XKLqJxgD+mnZkQYEii7UaGu62nyZvPMmcKZhgEq9Wt1O7qphI6UtRaUhlKR
3PKK1Imi56InWAjJCggsOf5BfK3s+x5W4YP239HoHEg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:30:42 2025 by rpki-client