Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/nz2fbQeeIdVzqOPgIzLkk6MePu8.roa
File: nz2fbQeeIdVzqOPgIzLkk6MePu8.roa (raw, json)
Hash identifier: UlQnEhwyaezD1bLteRcGxOe9TW27N5Tf5IUSWgqCHfU=
Subject key identifier: 9F:3D:9F:6D:07:9E:21:D5:73:A8:E3:E0:23:32:E4:93:A3:1E:3E:EF
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0DF4
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/nz2fbQeeIdVzqOPgIzLkk6MePu8.roa
Signing time: Mon 10 Feb 2025 13:59:16 +0000
ROA not before: Mon 10 Feb 2025 13:59:16 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131627
IP address blocks: 61.61.168.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3572 (0xdf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Feb 10 13:59:16 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9F3D9F6D079E21D573A8E3E02332E493A31E3EEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d7:65:64:17:a9:28:a1:22:ae:bf:66:f6:5d:
ac:76:49:ba:0b:20:16:7a:28:c7:5d:c9:f3:58:43:
1e:27:5e:4c:92:23:8e:64:c9:e5:a3:a5:16:b0:d3:
9a:54:96:e4:30:e6:d7:8c:68:9a:8e:a9:8e:0f:0e:
52:ed:70:3f:ce:76:b6:b9:ab:84:ea:a2:9a:17:e7:
b6:54:e1:7b:1a:4a:44:f9:b1:db:cd:53:cd:e0:b8:
98:89:15:ce:5b:61:73:1e:25:cd:e3:99:49:95:d1:
80:df:64:d9:8d:4d:3c:06:3d:d7:97:6a:4e:fe:75:
dc:9d:e0:fe:0c:ad:9a:25:e5:d7:4a:bc:3e:44:ac:
a8:ab:75:52:66:d6:73:3e:21:89:d6:e1:66:17:bd:
e6:e0:9f:e2:d9:8f:5e:61:fb:ef:dc:f6:32:87:10:
9a:41:39:2b:a2:e1:37:53:c7:86:d4:a6:0c:bf:b5:
8f:33:af:83:12:53:bf:76:9b:e1:5e:1d:9c:28:f6:
2c:45:a2:cb:ff:1d:a5:66:40:db:bb:d6:fa:10:f1:
ac:2b:94:4d:d8:82:9f:3d:d0:11:ab:aa:b4:b1:bb:
02:38:13:2e:f5:ea:d0:79:ce:b5:4a:77:c7:47:c1:
a2:fa:55:a6:83:b9:ae:98:c2:57:31:ed:7d:58:eb:
44:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:3D:9F:6D:07:9E:21:D5:73:A8:E3:E0:23:32:E4:93:A3:1E:3E:EF
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/nz2fbQeeIdVzqOPgIzLkk6MePu8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.168.0/21
Signature Algorithm: sha256WithRSAEncryption
6b:ab:bd:43:10:81:6d:58:81:14:f8:eb:a1:e1:c3:43:34:8c:
b5:26:74:f5:f5:63:71:64:f4:ce:ba:f4:20:7d:4a:e4:04:2e:
f5:de:cb:c4:94:cc:07:61:08:d7:0c:e1:80:d0:c1:82:91:65:
e2:76:6d:15:04:6c:3f:ed:b2:f6:33:2c:1d:45:7d:8d:c3:df:
79:ae:f5:e9:e6:50:8d:d2:92:5c:0a:4f:ec:d7:ec:e4:38:b9:
7f:bb:a4:c7:7a:9a:d9:50:4b:00:fb:80:ed:90:af:fe:11:10:
be:4c:a5:de:06:ba:d6:32:33:56:0f:3e:99:18:c3:53:67:0c:
e4:ba:be:0a:0e:bb:55:c2:d1:2e:9f:e3:3d:26:5f:32:23:75:
e0:df:32:0e:e1:53:b9:29:56:41:6c:1c:ad:33:6c:16:58:80:
5e:0a:6d:0c:cb:c3:d9:f9:db:51:fd:8d:7c:de:65:1d:8e:d4:
d5:12:8e:3a:37:a4:01:35:42:f1:3f:b7:0a:12:07:62:62:6a:
ab:c2:47:1f:de:ac:d2:ec:3c:bd:4d:7c:cc:fc:5f:25:45:6f:
2a:7a:70:a5:6a:92:b0:6e:16:dd:3c:37:c1:fb:73:c9:eb:34:
42:11:45:a3:65:9c:cc:3c:30:8d:c2:ce:f3:73:2a:81:a4:12:
c1:86:cc:9c
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDfQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTAyMTAx
MzU5MTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlGM0Q5RjZEMDc5RTIx
RDU3M0E4RTNFMDIzMzJFNDkzQTMxRTNFRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT12VkF6kooSKuv2b2Xax2SboLIBZ6KMddyfNYQx4nXkySI45k
yeWjpRaw05pUluQw5teMaJqOqY4PDlLtcD/Odra5q4TqopoX57ZU4XsaSkT5sdvN
U83guJiJFc5bYXMeJc3jmUmV0YDfZNmNTTwGPdeXak7+ddyd4P4MrZol5ddKvD5E
rKirdVJm1nM+IYnW4WYXvebgn+LZj15h++/c9jKHEJpBOSui4TdTx4bUpgy/tY8z
r4MSU792m+FeHZwo9ixFosv/HaVmQNu71voQ8awrlE3Ygp890BGrqrSxuwI4Ey71
6tB5zrVKd8dHwaL6VaaDua6Ywlcx7X1Y60QXAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUnz2fbQeeIdVzqOPgIzLkk6MePu8wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL256MmZiUWVlSWRWenFPUGdJekxrazZN
ZVB1OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9PagwDQYJ
KoZIhvcNAQELBQADggEBAGurvUMQgW1YgRT466Hhw0M0jLUmdPX1Y3Fk9M669CB9
SuQELvXey8SUzAdhCNcM4YDQwYKRZeJ2bRUEbD/tsvYzLB1FfY3D33mu9enmUI3S
klwKT+zX7OQ4uX+7pMd6mtlQSwD7gO2Qr/4REL5Mpd4GutYyM1YPPpkYw1NnDOS6
vgoOu1XC0S6f4z0mXzIjdeDfMg7hU7kpVkFsHK0zbBZYgF4KbQzLw9n521H9jXze
ZR2O1NUSjjo3pAE1QvE/twoSB2JiaqvCRx/erNLsPL1NfMz8XyVFbyp6cKVqkrBu
Ft08N8H7c8nrNEIRRaNlnMw8MI3CzvNzKoGkEsGGzJw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:36:15 2025 by rpki-client