Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/M2NIM/tgotXJFOeo_ezXmLjgc5hOeqaTI.roa
File: tgotXJFOeo_ezXmLjgc5hOeqaTI.roa (raw, json)
Hash identifier: hkl4WK1kG3aiFzIaoKEluEavcpoWwgZJ3M6RXoUPMVI=
Subject key identifier: B6:0A:2D:5C:91:4E:7A:8F:DE:CD:79:8B:8E:07:39:84:E7:AA:69:32
Certificate issuer: /CN=07D3E73EC5EB3D704863889E221845B7695D409C
Certificate serial: F2
Authority key identifier: 07:D3:E7:3E:C5:EB:3D:70:48:63:88:9E:22:18:45:B7:69:5D:40:9C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/tgotXJFOeo_ezXmLjgc5hOeqaTI.roa
Signing time: Mon 10 Feb 2025 13:45:55 +0000
ROA not before: Mon 10 Feb 2025 13:45:55 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 400618
IP address blocks: 157.20.134.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 242 (0xf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07D3E73EC5EB3D704863889E221845B7695D409C
Validity
Not Before: Feb 10 13:45:55 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B60A2D5C914E7A8FDECD798B8E073984E7AA6932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e3:3f:ee:1e:b4:0e:37:33:fb:6f:be:5e:10:
4c:9e:57:7d:e9:4b:2f:d7:ec:57:f1:ed:ac:65:1d:
2f:d5:25:33:23:ad:a0:87:2d:8f:0b:22:f0:e8:39:
a4:a4:97:a5:21:c6:df:ea:05:3b:e6:e6:7d:25:66:
47:a1:56:b4:86:7b:09:12:16:25:0d:dc:dc:43:5f:
f2:09:ce:41:b5:0d:18:e0:94:03:23:fa:a7:6c:20:
b7:0d:6b:f6:cf:91:79:f1:ee:ff:db:2b:9b:4e:c2:
05:4d:3b:25:98:4e:b5:50:3f:24:6b:4c:a9:96:fa:
6d:cc:b3:3a:ea:02:d8:93:70:e6:7e:e4:0b:00:c4:
7e:f9:f4:a6:ca:52:50:90:37:4e:df:d2:54:83:e8:
7a:72:1e:d0:c5:5a:0e:39:dc:b5:ae:7e:37:d7:ae:
a7:1f:a8:4c:e4:85:21:f0:73:60:4e:84:5c:3a:e5:
22:98:e7:97:50:de:e1:96:3f:72:6f:e5:d9:e4:39:
c4:6b:0c:b5:cd:1c:ef:76:d4:fc:e3:39:3c:07:03:
1f:79:25:c1:0a:6b:3f:d3:68:ea:c7:6d:77:56:5e:
3b:e2:5e:25:cd:fa:a9:b0:f6:fe:b5:8b:9b:5c:38:
2f:b6:d7:5f:05:4f:d4:99:9f:79:07:01:67:7d:a5:
6c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:0A:2D:5C:91:4E:7A:8F:DE:CD:79:8B:8E:07:39:84:E7:AA:69:32
X509v3 Authority Key Identifier:
keyid:07:D3:E7:3E:C5:EB:3D:70:48:63:88:9E:22:18:45:B7:69:5D:40:9C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/B9PnPsXrPXBIY4ieIhhFt2ldQJw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/tgotXJFOeo_ezXmLjgc5hOeqaTI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.134.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:60:e8:32:6e:ab:36:d1:c9:f2:75:db:bb:7f:9b:ab:34:07:
60:bf:2e:1d:62:2f:51:91:b5:ce:77:ef:35:85:4d:e8:8a:40:
7b:8c:9a:d3:ea:88:48:a0:85:0c:01:86:fb:4e:2f:02:2d:9c:
eb:eb:29:6f:c0:7d:cf:23:48:fe:b8:31:4a:c0:0b:83:a1:ea:
f3:b4:28:d8:d5:c2:dc:f0:23:01:c5:e6:87:4b:01:4c:72:5b:
95:dd:6d:00:c8:7f:c0:b8:c8:da:cc:a6:fe:e7:86:a5:bc:c2:
58:9b:64:ea:9d:42:96:94:fa:ae:ad:da:a2:cf:64:90:97:85:
35:cd:80:8e:7e:27:8b:1b:64:0b:b8:9b:a1:ad:ca:41:0d:ff:
47:e1:3e:5b:1a:2d:06:b4:6d:3b:85:29:ab:55:a2:1d:89:a6:
0b:c8:d2:b0:93:68:e9:48:f1:8d:73:85:58:c6:8a:15:57:3c:
0a:fc:82:fe:5d:80:fe:bb:81:de:7e:4b:78:72:0b:b7:af:6c:
e2:b1:29:17:83:b5:5e:85:37:35:e5:2d:a4:f3:96:c1:48:06:
62:2d:fa:60:9c:96:62:9b:1f:f3:4f:ca:38:ce:01:68:ad:fa:
91:8d:0e:ea:7a:37:b0:40:69:5f:6d:43:ab:39:9e:d9:da:77:
fb:2d:1c:fb
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICAPIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdE
M0U3M0VDNUVCM0Q3MDQ4NjM4ODlFMjIxODQ1Qjc2OTVENDA5QzAeFw0yNTAyMTAx
MzQ1NTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEI2MEEyRDVDOTE0RTdB
OEZERUNENzk4QjhFMDczOTg0RTdBQTY5MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+4z/uHrQONzP7b75eEEyeV33pSy/X7Ffx7axlHS/VJTMjraCH
LY8LIvDoOaSkl6Uhxt/qBTvm5n0lZkehVrSGewkSFiUN3NxDX/IJzkG1DRjglAMj
+qdsILcNa/bPkXnx7v/bK5tOwgVNOyWYTrVQPyRrTKmW+m3MszrqAtiTcOZ+5AsA
xH759KbKUlCQN07f0lSD6HpyHtDFWg453LWufjfXrqcfqEzkhSHwc2BOhFw65SKY
55dQ3uGWP3Jv5dnkOcRrDLXNHO921PzjOTwHAx95JcEKaz/TaOrHbXdWXjviXiXN
+qmw9v61i5tcOC+2118FT9SZn3kHAWd9pWzLAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUtgotXJFOeo/ezXmLjgc5hOeqaTIwHwYDVR0jBBgwFoAUB9PnPsXrPXBIY4ie
IhhFt2ldQJwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTTJOSU0v
QjlQblBzWHJQWEJJWTRpZUloaEZ0MmxkUUp3LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9COVBuUHNYclBYQklZNGllSWhoRnQybGRRSncuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NMk5JTS90Z290WEpGT2VvX2V6WG1Mamdj
NWhPZXFhVEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRSG
MA0GCSqGSIb3DQEBCwUAA4IBAQCdYOgybqs20cnyddu7f5urNAdgvy4dYi9RkbXO
d+81hU3oikB7jJrT6ohIoIUMAYb7Ti8CLZzr6ylvwH3PI0j+uDFKwAuDoerztCjY
1cLc8CMBxeaHSwFMcluV3W0AyH/AuMjazKb+54alvMJYm2TqnUKWlPqurdqiz2SQ
l4U1zYCOfieLG2QLuJuhrcpBDf9H4T5bGi0GtG07hSmrVaIdiaYLyNKwk2jpSPGN
c4VYxooVVzwK/IL+XYD+u4Hefkt4cgu3r2zisSkXg7VehTc15S2k85bBSAZiLfpg
nJZimx/zT8o4zgForfqRjQ7qejewQGlfbUOrOZ7Z2nf7LRz7
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:58:01 2025 by rpki-client