Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/rwo6vXgUdRPsrvHieAh1wM7GY-Q.roa
File: rwo6vXgUdRPsrvHieAh1wM7GY-Q.roa (raw, json)
Hash identifier: OfYi8AcdgTWvwMSjksp1IwW8B83jlp1H/rfBt/O7JP8=
Subject key identifier: AF:0A:3A:BD:78:14:75:13:EC:AE:F1:E2:78:08:75:C0:CE:C6:63:E4
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0D2D
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/rwo6vXgUdRPsrvHieAh1wM7GY-Q.roa
Signing time: Mon 10 Feb 2025 13:51:19 +0000
ROA not before: Mon 10 Feb 2025 13:51:19 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18042
IP address blocks: 61.63.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3373 (0xd2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Feb 10 13:51:19 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=AF0A3ABD78147513ECAEF1E2780875C0CEC663E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:3a:7c:34:78:f0:f6:79:82:cb:e4:42:fa:08:
54:3f:d1:69:09:f8:86:6d:3c:3d:09:23:eb:ce:fa:
59:2d:0b:ad:d7:e5:41:25:2f:27:1a:34:72:4c:2f:
30:1d:bb:35:ed:2c:7b:ed:38:a0:5b:61:7a:63:9a:
df:47:f9:6d:c1:fd:b3:4d:76:ee:39:47:60:5f:b0:
59:90:7e:9c:b5:4f:7f:2e:61:59:df:4b:8a:38:fb:
3b:e3:38:37:81:63:cc:0a:01:50:a8:ee:98:a4:7d:
a3:aa:77:89:66:33:20:2f:e3:59:32:39:40:e3:73:
4d:43:05:5c:6d:23:90:b0:fa:40:2c:48:18:79:b4:
c4:c8:66:41:06:45:6a:02:f2:7a:9e:c0:bf:15:c8:
19:c8:32:c1:81:85:f5:23:87:6d:72:04:20:95:c9:
7e:00:f0:8f:da:b7:bd:89:85:20:c2:01:1e:27:dc:
3d:c1:b1:81:ff:78:31:84:13:8b:e0:8a:e5:f4:06:
85:76:e9:60:cc:b5:78:75:27:79:cd:f1:b1:9e:ff:
6c:1f:30:2f:d3:51:81:5c:5c:2b:8c:53:11:0a:9c:
78:26:69:04:e9:55:93:f4:d3:fb:77:f2:4a:2b:1e:
80:9a:36:79:bb:da:f2:08:d3:04:9b:e0:93:40:cb:
6e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:0A:3A:BD:78:14:75:13:EC:AE:F1:E2:78:08:75:C0:CE:C6:63:E4
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/rwo6vXgUdRPsrvHieAh1wM7GY-Q.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.63.63.0/24
Signature Algorithm: sha256WithRSAEncryption
27:ef:14:c2:dc:da:87:af:80:f5:50:4c:6a:62:7e:6d:5d:54:
40:4d:bc:bd:df:28:f7:e2:10:17:b3:18:ab:2b:62:28:92:20:
24:b1:0a:5d:8e:0a:92:20:78:8d:ea:ee:ab:44:c0:4a:8b:f4:
ae:47:1a:a2:b9:ea:e6:5f:8f:22:e4:01:14:73:f0:d7:1c:e2:
39:4b:fb:93:fa:53:b6:da:bf:d1:c7:23:fd:b2:2e:55:87:b1:
ee:e3:9b:27:4b:8e:56:56:85:2f:f8:49:d5:a3:d0:46:d0:29:
0f:62:c3:8f:5a:e0:97:3b:02:d2:50:da:0f:c4:dd:54:ab:f2:
d4:a3:72:9a:c0:60:0c:51:ec:fe:4b:8e:6e:b0:44:c0:fd:96:
fd:bf:64:74:fe:32:0b:26:af:b8:59:69:9a:74:af:fd:34:46:
52:87:b6:a8:e7:d5:d2:82:2e:0d:ea:0a:d4:c3:0e:ee:c0:2e:
03:87:e7:7f:96:27:9a:1d:a3:86:a9:cf:ec:bd:bd:45:be:8a:
d3:f5:28:3c:7a:87:d5:45:89:20:61:b7:90:cb:71:bc:e1:af:
81:61:cc:31:ab:3f:d0:9e:31:d6:2b:7a:9e:33:b8:63:e5:de:
8b:b8:c4:53:6b:ae:6f:f2:04:22:d1:fb:31:ca:c5:3a:6a:1d:
65:d0:b2:12
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDS0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yNTAyMTAx
MzUxMTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFGMEEzQUJENzgxNDc1
MTNFQ0FFRjFFMjc4MDg3NUMwQ0VDNjYzRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD4Onw0ePD2eYLL5EL6CFQ/0WkJ+IZtPD0JI+vO+lktC63X5UEl
LycaNHJMLzAduzXtLHvtOKBbYXpjmt9H+W3B/bNNdu45R2BfsFmQfpy1T38uYVnf
S4o4+zvjODeBY8wKAVCo7pikfaOqd4lmMyAv41kyOUDjc01DBVxtI5Cw+kAsSBh5
tMTIZkEGRWoC8nqewL8VyBnIMsGBhfUjh21yBCCVyX4A8I/at72JhSDCAR4n3D3B
sYH/eDGEE4vgiuX0BoV26WDMtXh1J3nN8bGe/2wfMC/TUYFcXCuMUxEKnHgmaQTp
VZP00/t38korHoCaNnm72vII0wSb4JNAy25RAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUrwo6vXgUdRPsrvHieAh1wM7GY+QwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL3J3bzZ2WGdVZFJQc3J2SGllQWgxd003
R1ktUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9Pz8wDQYJ
KoZIhvcNAQELBQADggEBACfvFMLc2oevgPVQTGpifm1dVEBNvL3fKPfiEBezGKsr
YiiSICSxCl2OCpIgeI3q7qtEwEqL9K5HGqK56uZfjyLkARRz8Ncc4jlL+5P6U7ba
v9HHI/2yLlWHse7jmydLjlZWhS/4SdWj0EbQKQ9iw49a4Jc7AtJQ2g/E3VSr8tSj
cprAYAxR7P5Ljm6wRMD9lv2/ZHT+Mgsmr7hZaZp0r/00RlKHtqjn1dKCLg3qCtTD
Du7ALgOH53+WJ5odo4apz+y9vUW+itP1KDx6h9VFiSBht5DLcbzhr4FhzDGrP9Ce
MdYrep4zuGPl3ou4xFNrrm/yBCLR+zHKxTpqHWXQshI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:44:00 2025 by rpki-client