Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCHC/fIRQB0jz5CJoMmThuTNaDUoUTk8.roa
File: fIRQB0jz5CJoMmThuTNaDUoUTk8.roa (raw, json)
Hash identifier: EiFzmQ8Im+/WxOzYDNCa2mnbaV1DD5ArdtaGDGDHPsk=
Subject key identifier: 7C:84:50:07:48:F3:E4:22:68:32:64:E1:B9:33:5A:0D:4A:14:4E:4F
Certificate issuer: /CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891
Certificate serial: 0CB2
Authority key identifier: ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/fIRQB0jz5CJoMmThuTNaDUoUTk8.roa
Signing time: Mon 10 Feb 2025 14:08:26 +0000
ROA not before: Mon 10 Feb 2025 14:08:26 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 7539
IP address blocks: 211.79.48.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3250 (0xcb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891
Validity
Not Before: Feb 10 14:08:26 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=7C84500748F3E422683264E1B9335A0D4A144E4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:50:16:1b:56:61:b4:40:fd:7c:e2:c2:6c:64:
a5:eb:e1:fe:03:92:c5:24:34:6d:19:86:9b:eb:85:
f4:a6:65:76:e2:e9:2e:34:83:cf:a7:cb:bc:ad:a3:
25:2e:c0:b4:51:d6:0a:85:d1:08:bd:6f:d1:28:8c:
a7:dc:e0:53:0e:e1:3d:93:56:3f:7a:d8:7f:c6:43:
15:d7:91:a0:ac:0a:1e:ad:58:89:9b:68:02:f9:4c:
41:06:f4:86:90:69:91:60:68:5e:a3:3a:7c:c4:77:
ae:cb:53:bd:49:65:57:1e:a0:49:89:24:26:0c:0a:
44:9d:cf:ca:90:48:27:a6:cf:cc:94:7b:e1:f1:b1:
da:e6:7d:6a:4a:b7:c6:02:0b:3b:f7:5a:9b:d4:4a:
f6:7d:4a:75:8c:4a:8a:e2:2e:a7:20:32:e6:0a:89:
e9:56:5a:36:2c:97:75:19:dc:a7:18:b8:57:ea:44:
c8:75:21:f3:b8:2d:f7:8e:f7:8f:63:ae:17:dc:49:
cd:47:98:5d:8b:1b:b7:aa:94:ee:12:72:03:8e:28:
45:cf:80:97:f0:01:86:d6:fb:38:f2:2c:48:17:15:
7c:37:16:e0:89:20:fe:f4:95:f7:d6:14:a7:bc:1f:
30:6c:5d:22:6a:11:85:34:60:fc:bb:a4:71:bb:8b:
3d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:84:50:07:48:F3:E4:22:68:32:64:E1:B9:33:5A:0D:4A:14:4E:4F
X509v3 Authority Key Identifier:
keyid:ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/fIRQB0jz5CJoMmThuTNaDUoUTk8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.79.48.0/20
Signature Algorithm: sha256WithRSAEncryption
af:4d:33:d6:02:0b:db:14:cb:c6:95:31:dc:5b:59:49:ec:54:
27:6a:54:5a:11:9e:2a:82:7f:ac:a3:0e:b1:c2:32:43:bd:43:
30:d8:66:6f:42:a1:3e:4b:4e:f0:4a:95:12:73:52:df:7d:3c:
b8:77:9a:5c:28:cb:8e:5e:db:d0:60:87:a7:f0:69:8d:0d:c8:
61:99:10:03:2c:f9:46:90:e3:38:03:d8:f1:91:4b:e5:c7:5d:
53:05:9b:b0:99:93:23:0c:79:ca:eb:c5:6d:53:e0:4d:49:8d:
e7:9a:a4:c2:d0:ec:ca:bd:1c:66:99:a5:4d:a0:80:3f:bd:c2:
d7:99:98:24:70:78:c4:5b:1b:20:98:ed:bf:a2:a7:a0:58:44:
5c:dc:24:2e:be:56:cb:02:01:cd:f0:20:67:7d:22:df:ad:58:
77:51:d1:9b:06:cf:fb:06:f4:eb:1a:b9:7c:a2:c7:e1:68:d7:
d3:50:89:7e:8d:3a:8d:89:7e:92:ac:57:08:fc:98:01:93:b1:
14:d5:a7:a5:96:e9:54:14:10:29:35:a1:de:a5:a2:d0:ba:a2:
9c:fc:2b:69:40:b1:a9:1d:c0:a7:25:54:f3:9c:91:40:f8:ce:
a0:21:bf:ab:e9:6b:a0:9a:bf:ca:2c:a3:f1:4e:f3:d8:7b:1b:
47:f1:11:8c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDLIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUQz
ODY4NUZGM0VBMUY0NjY4NURFNUY1N0M2QTRCODEwNDQ4MTg5MTAeFw0yNTAyMTAx
NDA4MjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDdDODQ1MDA3NDhGM0U0
MjI2ODMyNjRFMUI5MzM1QTBENEExNDRFNEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNUBYbVmG0QP184sJsZKXr4f4DksUkNG0ZhpvrhfSmZXbi6S40
g8+ny7ytoyUuwLRR1gqF0Qi9b9EojKfc4FMO4T2TVj962H/GQxXXkaCsCh6tWImb
aAL5TEEG9IaQaZFgaF6jOnzEd67LU71JZVceoEmJJCYMCkSdz8qQSCemz8yUe+Hx
sdrmfWpKt8YCCzv3WpvUSvZ9SnWMSoriLqcgMuYKielWWjYsl3UZ3KcYuFfqRMh1
IfO4LfeO949jrhfcSc1HmF2LG7eqlO4ScgOOKEXPgJfwAYbW+zjyLEgXFXw3FuCJ
IP70lffWFKe8HzBsXSJqEYU0YPy7pHG7iz3NAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUfIRQB0jz5CJoMmThuTNaDUoUTk8wHwYDVR0jBBgwFoAU7ThoX/PqH0ZoXeX1
fGpLgQRIGJEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNIQy83
VGhvWF9QcUgwWm9YZVgxZkdwTGdRUklHSkUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
LzdUaG9YX1BxSDBab1hlWDFmR3BMZ1FSSUdKRS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSEMvZklSUUIwano1Q0pvTW1UaHVUTmFE
VW9VVGs4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNNPMDAN
BgkqhkiG9w0BAQsFAAOCAQEAr00z1gIL2xTLxpUx3FtZSexUJ2pUWhGeKoJ/rKMO
scIyQ71DMNhmb0KhPktO8EqVEnNS3308uHeaXCjLjl7b0GCHp/BpjQ3IYZkQAyz5
RpDjOAPY8ZFL5cddUwWbsJmTIwx5yuvFbVPgTUmN55qkwtDsyr0cZpmlTaCAP73C
15mYJHB4xFsbIJjtv6KnoFhEXNwkLr5WywIBzfAgZ30i361Yd1HRmwbP+wb06xq5
fKLH4WjX01CJfo06jYl+kqxXCPyYAZOxFNWnpZbpVBQQKTWh3qWi0LqinPwraUCx
qR3ApyVU85yRQPjOoCG/q+lroJq/yiyj8U7z2HsbR/ERjA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:25:30 2025 by rpki-client