Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/HKdgzWyIDPDYvTHCRrsrrBs6XJs.roa
File: HKdgzWyIDPDYvTHCRrsrrBs6XJs.roa (raw, json)
Hash identifier: L9UoEqjWbvQbZhxjHqJLrmwN31n8qInNQ0itO1TncRw=
Subject key identifier: 1C:A7:60:CD:6C:88:0C:F0:D8:BD:31:C2:46:BB:2B:AC:1B:3A:5C:9B
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0DAA
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HKdgzWyIDPDYvTHCRrsrrBs6XJs.roa
Signing time: Fri 01 Sep 2023 09:24:30 +0000
ROA not before: Fri 01 Sep 2023 09:24:30 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9919
IP address blocks: 192.72.64.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3498 (0xdaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Sep 1 09:24:30 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=1CA760CD6C880CF0D8BD31C246BB2BAC1B3A5C9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8e:d3:2a:bd:51:c0:92:50:3c:ea:0e:6f:f2:
f7:52:ec:14:c4:ab:01:72:a2:93:0f:7d:c0:36:d0:
a5:eb:06:10:6f:e2:3f:8b:10:70:80:2c:4d:b5:d3:
44:71:2d:90:5a:84:df:8e:55:93:7f:ad:d0:45:c9:
c1:42:58:8e:1c:58:66:72:3e:e8:36:19:98:55:4a:
48:63:ba:f7:3f:ac:e7:e1:85:5c:6a:c3:17:e7:90:
de:7d:27:d8:8f:6d:97:dc:67:4a:33:2a:25:45:26:
72:41:07:48:af:49:c1:02:23:91:ae:96:2b:3f:b9:
6f:34:c7:30:2d:35:2f:8e:df:92:d5:52:fd:79:14:
cd:86:47:0c:d3:1c:fc:d8:e4:0c:05:5d:bf:0e:45:
88:56:f6:11:52:86:89:c5:c4:b5:1a:3f:9f:9b:07:
9e:c1:fd:98:3b:eb:14:05:28:39:68:54:8d:eb:a7:
42:5c:98:c6:f4:ab:23:af:df:2f:a0:57:e4:35:72:
1c:71:26:80:31:c4:ec:b2:a4:ff:6c:e4:83:db:52:
ba:1e:ac:9c:09:eb:5c:1d:59:2f:0d:59:99:f6:0c:
2b:13:bd:cd:74:03:6e:7e:60:32:5c:4f:53:d9:4c:
97:1a:61:74:c3:38:f1:45:df:c1:e7:52:2c:b5:b3:
07:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A7:60:CD:6C:88:0C:F0:D8:BD:31:C2:46:BB:2B:AC:1B:3A:5C:9B
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/HKdgzWyIDPDYvTHCRrsrrBs6XJs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.64.0/18
Signature Algorithm: sha256WithRSAEncryption
7f:12:8f:d4:66:04:8c:51:5d:19:03:ed:e1:2c:2b:19:d9:ab:
e8:aa:f7:d2:42:5f:1c:50:ac:17:b2:93:00:80:b2:1d:49:7d:
d0:49:6b:dc:b5:be:7a:75:e7:d2:86:fe:15:e9:43:c3:4b:00:
44:44:96:83:f5:45:33:a5:ae:34:02:e1:9d:38:e4:03:84:14:
d8:41:19:1f:b8:53:a0:28:24:ca:66:7b:16:1e:7c:56:8d:20:
91:25:14:0e:ec:54:1c:04:23:9d:50:08:18:df:0e:12:e9:95:
a9:79:58:2f:23:9c:24:09:b6:a3:07:ad:6d:4a:12:a5:b7:fb:
05:3e:ac:9f:3e:90:16:e2:66:44:63:54:4e:bf:3e:8b:61:d3:
16:66:fb:78:95:cd:0a:dd:dd:8c:0f:a9:32:9f:45:0d:cf:73:
34:ba:70:97:df:03:5b:3e:52:2a:79:2e:6d:05:b6:8b:42:07:
a0:ec:0f:30:4c:c8:1e:46:7f:58:0a:8b:8c:79:11:ab:8c:e3:
fe:c1:a7:01:aa:5f:5b:c9:e3:19:73:1c:96:0a:58:ba:cf:ec:
f3:59:c8:07:08:f7:54:44:f5:23:df:95:ad:a9:23:07:a8:9d:
e6:4a:f9:06:22:b6:51:01:90:8a:4b:a7:6e:97:ff:ec:5a:cc:
9c:67:13:fe
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDaowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMzA5MDEw
OTI0MzBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDFDQTc2MENENkM4ODBD
RjBEOEJEMzFDMjQ2QkIyQkFDMUIzQTVDOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtjtMqvVHAklA86g5v8vdS7BTEqwFyopMPfcA20KXrBhBv4j+L
EHCALE2100RxLZBahN+OVZN/rdBFycFCWI4cWGZyPug2GZhVSkhjuvc/rOfhhVxq
wxfnkN59J9iPbZfcZ0ozKiVFJnJBB0ivScECI5Gulis/uW80xzAtNS+O35LVUv15
FM2GRwzTHPzY5AwFXb8ORYhW9hFShonFxLUaP5+bB57B/Zg76xQFKDloVI3rp0Jc
mMb0qyOv3y+gV+Q1chxxJoAxxOyypP9s5IPbUroerJwJ61wdWS8NWZn2DCsTvc10
A25+YDJcT1PZTJcaYXTDOPFF38HnUiy1swfbAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHKdgzWyIDPDYvTHCRrsrrBs6XJswHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvSEtkZ3pXeUlEUERZdlRIQ1Jyc3Jy
QnM2WEpzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBsBIQDAN
BgkqhkiG9w0BAQsFAAOCAQEAfxKP1GYEjFFdGQPt4SwrGdmr6Kr30kJfHFCsF7KT
AICyHUl90Elr3LW+enXn0ob+FelDw0sARESWg/VFM6WuNALhnTjkA4QU2EEZH7hT
oCgkymZ7Fh58Vo0gkSUUDuxUHAQjnVAIGN8OEumVqXlYLyOcJAm2owetbUoSpbf7
BT6snz6QFuJmRGNUTr8+i2HTFmb7eJXNCt3djA+pMp9FDc9zNLpwl98DWz5SKnku
bQW2i0IHoOwPMEzIHkZ/WAqLjHkRq4zj/sGnAapfW8njGXMclgpYus/s81nIBwj3
VET1I9+VrakjB6id5kr5BiK2UQGQikunbpf/7FrMnGcT/g==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:33:27 2025 by rpki-client