Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/O4PPYQXTV_gZW-tRPzUit6XeBmU.roa
File: O4PPYQXTV_gZW-tRPzUit6XeBmU.roa (raw, json)
Hash identifier: c4i9jQWdm8YbYJ043QlCa+LQ3ZrM16wnzGHzgQ79gAs=
Subject key identifier: 3B:83:CF:61:05:D3:57:F8:19:5B:EB:51:3F:35:22:B7:A5:DE:06:65
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1824
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/O4PPYQXTV_gZW-tRPzUit6XeBmU.roa
Signing time: Mon 10 Feb 2025 14:07:36 +0000
ROA not before: Mon 10 Feb 2025 14:07:36 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9919
IP address blocks: 220.229.96.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6180 (0x1824)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 10 14:07:36 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3B83CF6105D357F8195BEB513F3522B7A5DE0665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c7:f0:aa:78:b9:70:8d:00:77:e9:14:60:b6:
e4:6d:68:93:a6:88:df:d5:18:80:b1:9f:0d:e2:4e:
27:23:8d:65:54:d4:03:28:0e:98:ee:67:08:60:3f:
03:ab:8c:c1:6f:c1:66:57:ca:ce:84:d4:cf:4d:85:
f1:1c:ea:8c:a0:45:71:47:86:a0:ea:49:4b:0d:cd:
34:9d:5c:79:75:ba:5f:bf:f2:75:83:b5:27:df:0d:
d0:3a:38:87:93:30:a0:8e:ad:03:cc:d5:88:2b:4f:
d5:84:44:f4:fb:5b:3d:e4:52:9a:53:d4:f1:18:37:
43:74:85:f6:f3:5d:aa:a2:66:ed:52:9e:51:7c:63:
b6:67:24:45:b3:c1:68:a0:bf:f9:b2:60:b4:4e:02:
31:b8:78:88:75:6f:51:c1:2e:4d:54:0f:68:4a:da:
44:4a:63:94:f5:92:eb:54:f6:37:7d:9e:cf:17:51:
1a:b2:a9:92:4f:76:a9:81:f9:f2:16:fd:b9:f2:78:
84:5c:27:a0:3e:39:02:fc:01:16:d7:38:25:70:f1:
18:f5:4c:14:95:7e:31:31:08:7d:a4:ee:fb:70:3e:
55:f7:d6:1a:a7:4f:0c:73:a3:56:29:7c:b2:53:ff:
f6:d6:a6:3a:36:6c:b2:7c:39:ba:90:fc:09:06:e0:
c4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:83:CF:61:05:D3:57:F8:19:5B:EB:51:3F:35:22:B7:A5:DE:06:65
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/O4PPYQXTV_gZW-tRPzUit6XeBmU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.96.0/19
Signature Algorithm: sha256WithRSAEncryption
16:8f:a8:64:50:eb:05:96:50:52:3b:45:ec:3c:04:58:82:e1:
c2:cd:e6:ee:98:45:6d:19:14:9d:a3:79:35:b2:ed:9b:2b:45:
84:ae:7c:f9:06:ee:2a:8b:7e:c6:10:80:c0:b4:a8:67:f8:4e:
f1:12:07:be:81:aa:30:22:34:71:15:0a:5d:db:92:0a:9d:e0:
3b:dd:20:58:de:b5:78:18:f8:d5:67:48:24:d1:04:4f:3c:6b:
26:80:a1:53:65:d3:e2:b2:67:bb:87:f3:5f:38:e3:9c:eb:20:
dd:73:15:92:cd:4c:68:e5:ec:5e:a2:d3:5d:3a:91:05:6b:fb:
15:ee:79:2e:55:46:e1:84:f7:0d:8f:f6:30:d4:fb:f3:ef:03:
6c:99:0d:2d:d9:e7:5a:32:4f:50:20:e5:c4:88:58:b9:3e:fa:
a9:e0:5b:41:e7:90:b0:e4:3a:cc:56:4f:29:72:a5:33:ff:63:
93:e0:6d:76:99:f3:76:97:23:ac:57:e2:26:3c:53:1b:57:ba:
16:74:11:d0:c7:0e:57:8c:a3:fa:03:82:74:4b:21:0b:03:ff:
f5:3b:89:01:4d:49:06:be:9f:74:67:ae:22:35:7c:56:a9:08:
9e:62:22:da:24:70:ef:44:22:3b:8d:7b:3b:a3:52:aa:e0:02:
06:ac:0e:a4
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICGCQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx
NDA3MzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNCODNDRjYxMDVEMzU3
RjgxOTVCRUI1MTNGMzUyMkI3QTVERTA2NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAx/CqeLlwjQB36RRgtuRtaJOmiN/VGICxnw3iTicjjWVU1AMo
DpjuZwhgPwOrjMFvwWZXys6E1M9NhfEc6oygRXFHhqDqSUsNzTSdXHl1ul+/8nWD
tSffDdA6OIeTMKCOrQPM1YgrT9WERPT7Wz3kUppT1PEYN0N0hfbzXaqiZu1SnlF8
Y7ZnJEWzwWigv/myYLROAjG4eIh1b1HBLk1UD2hK2kRKY5T1kutU9jd9ns8XURqy
qZJPdqmB+fIW/bnyeIRcJ6A+OQL8ARbXOCVw8Rj1TBSVfjExCH2k7vtwPlX31hqn
Twxzo1YpfLJT//bWpjo2bLJ8ObqQ/AkG4MTdAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUO4PPYQXTV/gZW+tRPzUit6XeBmUwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvTzRQUFlRWFRWX2daVy10UlB6VWl0
NlhlQm1VLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdzlYDAN
BgkqhkiG9w0BAQsFAAOCAQEAFo+oZFDrBZZQUjtF7DwEWILhws3m7phFbRkUnaN5
NbLtmytFhK58+QbuKot+xhCAwLSoZ/hO8RIHvoGqMCI0cRUKXduSCp3gO90gWN61
eBj41WdIJNEETzxrJoChU2XT4rJnu4fzXzjjnOsg3XMVks1MaOXsXqLTXTqRBWv7
Fe55LlVG4YT3DY/2MNT78+8DbJkNLdnnWjJPUCDlxIhYuT76qeBbQeeQsOQ6zFZP
KXKlM/9jk+BtdpnzdpcjrFfiJjxTG1e6FnQR0McOV4yj+gOCdEshCwP/9TuJAU1J
Br6fdGeuIjV8VqkInmIi2iRw70QiO417O6NSquACBqwOpA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:14:24 2025 by rpki-client