Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/CAFf4T40PqyYdzXF0MK6aXQrtwk.roa
File: CAFf4T40PqyYdzXF0MK6aXQrtwk.roa (raw, json)
Hash identifier: qiWkkWhsr3h5emOWNfmzOxfYyAQktqk4gHqOBjP5fjc=
Subject key identifier: 08:01:5F:E1:3E:34:3E:AC:98:77:35:C5:D0:C2:BA:69:74:2B:B7:09
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1839
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/CAFf4T40PqyYdzXF0MK6aXQrtwk.roa
Signing time: Mon 10 Feb 2025 14:07:42 +0000
ROA not before: Mon 10 Feb 2025 14:07:42 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131586
IP address blocks: 175.183.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6201 (0x1839)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 10 14:07:42 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=08015FE13E343EAC987735C5D0C2BA69742BB709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:55:f2:7e:51:41:c9:4e:5f:63:df:30:9f:75:
ae:20:c3:93:d8:84:49:cd:d9:ab:51:35:60:65:a9:
86:78:2d:fe:71:6d:98:b2:5f:98:5d:e1:1b:87:1b:
80:94:dd:92:de:00:67:7e:09:a2:61:89:43:60:3f:
ae:ce:39:38:9a:b7:7c:4e:85:5f:be:0b:50:9a:ce:
8e:0a:61:6e:53:2b:8a:19:36:08:95:09:d2:0e:d8:
49:ef:64:46:61:20:bd:eb:ff:76:25:22:9a:c4:68:
13:40:7b:2b:e5:d5:92:be:ba:2c:d6:1b:19:51:63:
18:0f:80:75:ed:e9:d3:8d:8a:03:2c:49:dc:78:a0:
d9:9c:96:98:0c:36:d7:e1:ac:69:09:d1:48:d6:cf:
ec:bc:d0:cf:a4:b4:eb:5c:6f:f1:88:ca:02:6e:cb:
0f:b0:7b:43:81:25:ff:7f:f4:b1:43:e1:29:e8:f2:
38:a0:84:b4:21:fb:c2:e2:3a:09:82:fe:ab:04:f2:
cb:87:59:7b:ae:dc:a3:5a:73:ad:27:cb:07:29:21:
c1:2c:e6:04:0c:46:c6:5d:4a:8c:e3:b2:04:f6:9e:
34:83:9d:3a:34:ac:99:e0:52:f2:89:eb:af:08:f6:
6a:c4:7a:80:82:8a:64:b6:64:77:8c:07:b7:59:ca:
85:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:01:5F:E1:3E:34:3E:AC:98:77:35:C5:D0:C2:BA:69:74:2B:B7:09
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/CAFf4T40PqyYdzXF0MK6aXQrtwk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
175.183.136.0/24
Signature Algorithm: sha256WithRSAEncryption
25:00:8f:01:63:0c:0c:35:cd:c7:07:41:f2:08:d6:49:77:c3:
3a:2a:16:3c:2d:6e:d3:4c:a0:e6:f3:8b:f3:f9:79:f3:3b:38:
0d:2e:ac:88:9c:3c:a1:17:0c:b9:59:c6:31:b2:64:13:ac:a3:
a1:d0:95:df:93:cf:02:23:65:07:7c:be:35:61:08:4e:36:b6:
13:8b:ac:20:77:db:d6:6d:c0:fa:e1:52:dc:47:5f:c4:ab:bc:
61:4d:68:d2:66:f9:6b:f1:68:45:4d:80:f9:54:5a:0a:b3:e1:
53:43:aa:99:dc:26:e6:71:72:27:7e:46:3e:24:aa:bb:d9:23:
c7:37:2d:84:f2:61:ec:88:d6:71:17:dd:be:5b:70:db:49:9b:
f4:ad:4b:42:6b:3e:48:99:b6:9f:7e:c8:30:ed:91:61:4f:b4:
c2:9a:59:f0:59:99:40:e8:10:42:cb:93:01:ff:91:f3:92:e3:
19:cc:9f:84:55:f9:46:d4:2f:41:f4:65:08:d6:21:c8:39:1c:
f6:f9:4d:b5:0e:ee:e2:28:3f:8c:9d:8a:1a:c8:6a:b9:d3:58:
d3:33:c5:2f:66:0e:4a:8d:09:3f:09:9a:95:2b:58:49:b0:9f:
0c:3d:8d:56:28:ba:6a:f3:80:44:a1:da:da:74:e2:7a:fd:65:
02:0d:53:e8
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICGDkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx
NDA3NDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA4MDE1RkUxM0UzNDNF
QUM5ODc3MzVDNUQwQzJCQTY5NzQyQkI3MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyVfJ+UUHJTl9j3zCfda4gw5PYhEnN2atRNWBlqYZ4Lf5xbZiy
X5hd4RuHG4CU3ZLeAGd+CaJhiUNgP67OOTiat3xOhV++C1Cazo4KYW5TK4oZNgiV
CdIO2EnvZEZhIL3r/3YlIprEaBNAeyvl1ZK+uizWGxlRYxgPgHXt6dONigMsSdx4
oNmclpgMNtfhrGkJ0UjWz+y80M+ktOtcb/GIygJuyw+we0OBJf9/9LFD4Sno8jig
hLQh+8LiOgmC/qsE8suHWXuu3KNac60nywcpIcEs5gQMRsZdSozjsgT2njSDnTo0
rJngUvKJ668I9mrEeoCCimS2ZHeMB7dZyoXnAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUCAFf4T40PqyYdzXF0MK6aXQrtwkwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvQ0FGZjRUNDBQcXlZZHpYRjBNSzZh
WFFydHdrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAK+3iDAN
BgkqhkiG9w0BAQsFAAOCAQEAJQCPAWMMDDXNxwdB8gjWSXfDOioWPC1u00yg5vOL
8/l58zs4DS6siJw8oRcMuVnGMbJkE6yjodCV35PPAiNlB3y+NWEITja2E4usIHfb
1m3A+uFS3EdfxKu8YU1o0mb5a/FoRU2A+VRaCrPhU0Oqmdwm5nFyJ35GPiSqu9kj
xzcthPJh7IjWcRfdvltw20mb9K1LQms+SJm2n37IMO2RYU+0wppZ8FmZQOgQQsuT
Af+R85LjGcyfhFX5RtQvQfRlCNYhyDkc9vlNtQ7u4ig/jJ2KGshqudNY0zPFL2YO
So0JPwmalStYSbCfDD2NVii6avOARKHa2nTiev1lAg1T6A==
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:11:32 2025 by rpki-client