Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/2skTAzR8K1u2sPZ7ZN-RDJ7iK0c.roa
File: 2skTAzR8K1u2sPZ7ZN-RDJ7iK0c.roa (raw, json)
Hash identifier: PNo3c2mzcf+g9QhjkiETluyxFqKZuSGGEU8BNSk2HA4=
Subject key identifier: DA:C9:13:03:34:7C:2B:5B:B6:B0:F6:7B:64:DF:91:0C:9E:E2:2B:47
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0E8D
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/2skTAzR8K1u2sPZ7ZN-RDJ7iK0c.roa
Signing time: Wed 29 Sep 2021 02:43:44 +0000
ROA not before: Wed 29 Sep 2021 02:43:44 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9919
IP address blocks: 218.210.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3725 (0xe8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Sep 29 02:43:44 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=DAC91303347C2B5BB6B0F67B64DF910C9EE22B47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:86:36:73:84:1b:16:50:42:06:cf:a6:4a:36:
ca:e0:e0:b6:94:80:e8:6f:5f:d8:73:ea:d7:61:80:
20:9f:de:af:22:f4:df:09:6e:d0:b4:42:76:f3:2a:
67:3b:b6:77:90:1a:78:80:9e:49:1e:ec:41:55:6a:
e7:63:49:c2:7e:22:d2:1c:aa:30:2f:9a:af:12:9f:
a2:0b:9e:30:46:ed:9c:10:f3:b3:4a:2f:74:34:69:
d5:25:26:59:2a:b5:a8:07:ce:77:fd:e9:e8:ff:b8:
a6:bf:84:98:2d:fe:fb:3a:ee:2b:6c:30:fa:ba:f1:
62:ec:d7:4c:f4:eb:9b:88:60:65:e3:cf:5f:b2:67:
96:df:67:8e:25:f3:a2:85:b1:6e:5c:36:1a:58:17:
93:a2:b5:89:64:ac:29:6b:11:54:d2:86:a9:20:84:
09:2e:98:c4:f4:f0:1a:72:57:7c:bf:80:73:3f:b1:
e9:28:49:a2:ed:2a:78:f6:ef:df:12:1d:03:2e:bf:
46:19:49:cf:55:3e:30:38:4c:0f:83:94:b0:56:74:
d7:1d:8a:d6:db:15:e5:e4:86:a4:fc:4e:b3:df:5f:
23:76:8a:d0:3c:e5:d1:8e:3f:4d:a5:b5:e1:d0:35:
61:2d:a8:77:72:dd:73:96:3d:5a:cb:3d:65:90:2f:
b9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C9:13:03:34:7C:2B:5B:B6:B0:F6:7B:64:DF:91:0C:9E:E2:2B:47
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/2skTAzR8K1u2sPZ7ZN-RDJ7iK0c.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.210.128.0/17
Signature Algorithm: sha256WithRSAEncryption
cb:6a:0f:5e:0f:ae:fd:a4:f0:70:d7:e4:58:ae:fb:0c:fb:01:
98:6c:57:d3:a3:8e:0d:6a:2d:96:a6:95:b4:f7:64:4e:23:0e:
22:bc:2b:55:54:2f:87:d1:16:26:4f:97:5a:93:5f:71:0b:1a:
bb:27:90:a2:db:2c:7c:7e:25:a8:c2:5f:cf:ee:b9:d6:48:6f:
55:0d:09:52:b4:91:73:e5:a2:c4:04:ea:22:05:34:08:73:cd:
8a:60:84:a2:be:84:3d:67:ac:c9:d1:65:88:26:f3:5e:16:6d:
43:1b:8a:ac:10:87:6a:7e:74:55:70:b8:a8:e6:c7:d0:91:7f:
b1:76:b3:63:8f:77:ae:ef:0d:f2:5e:8f:20:d8:26:8f:6d:5a:
da:f5:19:43:34:81:4d:35:0a:4d:1e:a0:c6:3a:19:3a:fc:5d:
80:38:c2:d8:b6:b3:45:87:d9:df:e4:d1:5d:ab:4a:fd:6e:83:
ed:91:f0:e5:88:91:f4:ce:0a:77:9a:92:9c:00:bc:db:dc:a6:
02:22:c0:45:31:25:40:75:cc:cf:1f:98:5c:e9:4d:98:59:e7:
8d:47:a1:3f:40:dd:c3:57:0d:13:0f:16:17:b2:f2:a9:62:c8:
cd:3b:5b:c8:80:98:eb:12:4b:bb:18:73:7c:d0:77:d1:fa:22:
21:59:78:4f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDo0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTA5Mjkw
MjQzNDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKERBQzkxMzAzMzQ3QzJC
NUJCNkIwRjY3QjY0REY5MTBDOUVFMjJCNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwhjZzhBsWUEIGz6ZKNsrg4LaUgOhvX9hz6tdhgCCf3q8i9N8J
btC0QnbzKmc7tneQGniAnkke7EFVaudjScJ+ItIcqjAvmq8Sn6ILnjBG7ZwQ87NK
L3Q0adUlJlkqtagHznf96ej/uKa/hJgt/vs67itsMPq68WLs10z065uIYGXjz1+y
Z5bfZ44l86KFsW5cNhpYF5OitYlkrClrEVTShqkghAkumMT08BpyV3y/gHM/seko
SaLtKnj2798SHQMuv0YZSc9VPjA4TA+DlLBWdNcditbbFeXkhqT8TrPfXyN2itA8
5dGOP02lteHQNWEtqHdy3XOWPVrLPWWQL7lfAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU2skTAzR8K1u2sPZ7ZN+RDJ7iK0cwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvMnNrVEF6UjhLMXUyc1BaN1pOLVJE
SjdpSzBjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9rSgDAN
BgkqhkiG9w0BAQsFAAOCAQEAy2oPXg+u/aTwcNfkWK77DPsBmGxX06OODWotlqaV
tPdkTiMOIrwrVVQvh9EWJk+XWpNfcQsauyeQotssfH4lqMJfz+651khvVQ0JUrSR
c+WixATqIgU0CHPNimCEor6EPWesydFliCbzXhZtQxuKrBCHan50VXC4qObH0JF/
sXazY493ru8N8l6PINgmj21a2vUZQzSBTTUKTR6gxjoZOvxdgDjC2LazRYfZ3+TR
XatK/W6D7ZHw5YiR9M4Kd5qSnAC829ymAiLARTElQHXMzx+YXOlNmFnnjUehP0Dd
w1cNEw8WF7LyqWLIzTtbyICY6xJLuxhzfNB30foiIVl4Tw==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:37:47 2025 by rpki-client