Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/NUTXYQPgUZlh6qgocuCm07cp6k4.roa
File: NUTXYQPgUZlh6qgocuCm07cp6k4.roa (raw, json)
Hash identifier: tYdbcnmFEMOny4hPH22DgFdHkzFGSelzht8Bh0ZNC7Y=
Subject key identifier: 35:44:D7:61:03:E0:51:99:61:EA:A8:28:72:E0:A6:D3:B7:29:EA:4E
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1840
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/NUTXYQPgUZlh6qgocuCm07cp6k4.roa
Signing time: Mon 10 Feb 2025 14:07:44 +0000
ROA not before: Mon 10 Feb 2025 14:07:44 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131602
IP address blocks: 122.147.16.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6208 (0x1840)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 10 14:07:44 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3544D76103E0519961EAA82872E0A6D3B729EA4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ac:0b:e9:7c:18:5c:6e:40:aa:67:0c:70:fd:
14:23:1f:15:01:01:6d:8d:e8:a0:14:ea:f3:3f:25:
16:3b:d0:8a:1d:ca:78:b6:35:0a:f2:d9:1d:9f:e3:
f1:7e:18:8b:9f:b9:a9:a2:0e:4b:df:eb:8f:5f:fa:
21:29:85:97:fe:ea:fd:a4:92:93:c4:4b:e6:ab:ea:
27:39:db:a0:85:1b:ea:d6:85:b2:4d:47:3e:ba:c2:
cc:ae:5b:ac:f3:a6:bd:3a:36:94:f6:44:3a:77:44:
eb:bf:13:58:3f:de:61:e5:9a:ce:af:94:24:0e:5e:
4b:8a:c2:db:e4:08:0f:12:c7:a1:26:cc:49:06:b1:
bf:4d:e9:6c:1d:27:9a:7a:86:95:08:c0:b7:5e:5a:
af:a2:28:c4:31:4f:41:d1:6e:8e:ef:28:53:17:c7:
06:ec:09:25:0f:7f:5e:f4:fa:fb:eb:17:fc:0e:8c:
11:d8:2a:ec:13:83:7c:78:c3:f8:fc:45:fc:06:ae:
bb:9b:03:39:19:f3:1e:8a:0b:d1:40:e3:ea:48:ba:
a9:9b:09:4d:68:16:a4:54:1d:21:0f:ab:44:70:55:
e1:dd:ab:7c:ce:4c:11:ac:5c:1a:bc:d9:15:ec:8e:
54:ec:37:aa:e2:38:30:7f:cd:95:df:53:7b:cb:d8:
9c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:44:D7:61:03:E0:51:99:61:EA:A8:28:72:E0:A6:D3:B7:29:EA:4E
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/NUTXYQPgUZlh6qgocuCm07cp6k4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
122.147.16.0/21
Signature Algorithm: sha256WithRSAEncryption
6a:6e:f7:cd:15:12:c2:01:15:1a:ad:83:b4:2f:72:10:a7:d2:
71:13:ed:cc:54:3f:20:a4:14:c6:8d:3d:eb:e6:42:d2:81:28:
5e:75:79:7f:1a:24:9c:ba:a5:cb:62:51:8c:0f:05:cb:63:d0:
bf:ac:f7:43:c8:e7:87:58:07:bf:f2:69:e4:91:3e:74:fa:fb:
d6:fe:74:09:07:3c:bd:dc:ec:84:6c:1c:a7:aa:b7:91:94:0b:
78:e1:2f:16:65:d6:67:3e:c9:87:3a:7b:b4:1a:7d:56:4a:5e:
80:5d:00:50:5d:b7:0d:35:64:55:30:b2:5d:a2:63:76:bd:53:
5e:c7:c8:4b:2d:28:ba:07:2e:bc:4f:94:6b:bd:1f:81:44:de:
8d:f6:bb:ec:94:63:65:62:f3:b5:34:a4:76:bb:ec:ac:8c:80:
43:56:48:9e:65:de:d5:24:37:6c:d7:69:cf:94:96:a4:ea:14:
22:9c:b6:99:55:af:77:f0:19:c6:04:b0:c1:da:62:b7:45:7d:
1a:d8:e3:41:cb:7a:bb:d3:b6:8b:fd:f4:20:ba:5e:fc:85:95:
45:e0:67:0b:bf:fe:ed:8a:4b:1f:45:40:99:78:7b:12:48:f0:
b4:91:ad:f6:b9:af:d3:e9:79:b4:6c:8b:f4:22:19:d2:b6:cd:
3b:f8:20:3b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICGEAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx
NDA3NDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM1NDRENzYxMDNFMDUx
OTk2MUVBQTgyODcyRTBBNkQzQjcyOUVBNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9rAvpfBhcbkCqZwxw/RQjHxUBAW2N6KAU6vM/JRY70Iodyni2
NQry2R2f4/F+GIufuamiDkvf649f+iEphZf+6v2kkpPES+ar6ic526CFG+rWhbJN
Rz66wsyuW6zzpr06NpT2RDp3ROu/E1g/3mHlms6vlCQOXkuKwtvkCA8Sx6EmzEkG
sb9N6WwdJ5p6hpUIwLdeWq+iKMQxT0HRbo7vKFMXxwbsCSUPf170+vvrF/wOjBHY
KuwTg3x4w/j8RfwGrrubAzkZ8x6KC9FA4+pIuqmbCU1oFqRUHSEPq0RwVeHdq3zO
TBGsXBq82RXsjlTsN6riODB/zZXfU3vL2JyrAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUNUTXYQPgUZlh6qgocuCm07cp6k4wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvTlVUWFlRUGdVWmxoNnFnb2N1Q20w
N2NwNms0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3qTEDAN
BgkqhkiG9w0BAQsFAAOCAQEAam73zRUSwgEVGq2DtC9yEKfScRPtzFQ/IKQUxo09
6+ZC0oEoXnV5fxoknLqly2JRjA8Fy2PQv6z3Q8jnh1gHv/Jp5JE+dPr71v50CQc8
vdzshGwcp6q3kZQLeOEvFmXWZz7Jhzp7tBp9VkpegF0AUF23DTVkVTCyXaJjdr1T
XsfISy0ougcuvE+Ua70fgUTejfa77JRjZWLztTSkdrvsrIyAQ1ZInmXe1SQ3bNdp
z5SWpOoUIpy2mVWvd/AZxgSwwdpit0V9GtjjQct6u9O2i/30ILpe/IWVReBnC7/+
7YpLH0VAmXh7EkjwtJGt9rmv0+l5tGyL9CIZ0rbNO/ggOw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:10:23 2025 by rpki-client