Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/Q-MH6gHjnVJaCAdl6MbZxWPJqNM.roa
File: Q-MH6gHjnVJaCAdl6MbZxWPJqNM.roa (raw, json)
Hash identifier: IzZo/83dfTD3WEujdJWiYOxCLo8wus1J3ivyZM7w/4c=
Subject key identifier: 43:E3:07:EA:01:E3:9D:52:5A:08:07:65:E8:C6:D9:C5:63:C9:A8:D3
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0CD8
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Q-MH6gHjnVJaCAdl6MbZxWPJqNM.roa
Signing time: Wed 01 Feb 2023 10:28:44 +0000
ROA not before: Wed 01 Feb 2023 10:28:44 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 192.72.192.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3288 (0xcd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 1 10:28:44 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=43E307EA01E39D525A080765E8C6D9C563C9A8D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9e:c2:72:f3:d6:d0:7f:5d:40:ea:4e:76:35:
6a:f5:24:3c:d0:5f:0f:7a:8e:5a:36:c2:4c:85:15:
7e:79:e3:36:1a:e9:a7:01:ac:a9:83:7a:7e:65:2c:
a9:a8:4e:7e:93:84:f8:7d:4d:e3:f9:f2:aa:1a:74:
63:0a:88:e0:df:5d:88:f1:ad:47:6d:ae:53:56:55:
f0:81:7f:e0:c2:54:0e:c0:d2:83:94:94:24:95:a7:
cd:6b:0d:2e:a3:61:54:54:f7:cb:26:8e:1b:59:72:
89:9c:bc:3a:0f:c4:f3:4c:17:98:a2:64:84:58:8d:
38:c1:18:4f:79:35:97:44:2d:1a:b7:55:c7:94:11:
f2:69:49:6e:09:f0:f5:30:81:31:ac:ba:2a:ad:c5:
a5:fb:76:5b:e3:99:fa:a6:11:ad:f4:d0:78:2a:59:
68:e4:ac:1e:9e:bc:6c:9e:f2:5b:0b:25:4d:aa:f7:
e6:96:2c:4e:74:a3:f7:81:7c:7a:e6:cc:5e:23:bc:
07:65:09:1f:23:2e:83:f6:4b:62:e5:2c:66:9b:4e:
44:6d:ef:f2:af:8b:99:08:fe:7d:a7:bb:68:33:ad:
3c:16:ec:6b:87:3d:b7:63:1f:fb:fa:ac:10:c3:61:
fa:79:29:25:ee:54:f3:b0:c2:8c:a3:79:7f:90:c9:
5f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E3:07:EA:01:E3:9D:52:5A:08:07:65:E8:C6:D9:C5:63:C9:A8:D3
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Q-MH6gHjnVJaCAdl6MbZxWPJqNM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.192.0/19
Signature Algorithm: sha256WithRSAEncryption
39:7b:6c:fc:08:16:77:b5:47:63:d2:72:80:6d:71:b4:7f:96:
f4:0a:b1:4f:22:b4:29:19:e0:bb:8e:84:d8:8a:da:e0:df:aa:
80:d0:db:23:28:c1:db:b8:fe:12:9d:08:27:ee:77:7c:f4:38:
72:a4:ad:8e:51:f4:60:7e:ab:76:89:1a:0a:bc:70:e3:1a:39:
e2:b4:af:c3:d0:6e:57:47:24:d2:96:bc:a3:78:23:50:22:90:
e7:92:e1:39:39:99:e8:2d:6f:2a:37:10:6c:d9:37:43:d8:0c:
99:af:0d:97:d6:75:ae:56:1f:12:e5:0e:22:7e:b0:f6:1c:aa:
0c:8a:de:05:8a:56:d5:28:4f:10:12:a3:c1:66:40:89:5a:12:
fe:2d:02:c3:6d:ea:11:eb:74:a2:a5:de:08:68:81:ad:8b:09:
24:03:be:45:b3:5d:ec:32:cb:60:b7:e3:75:30:71:da:a1:1a:
77:0b:d8:2c:4e:09:bc:37:e3:d5:7e:71:ad:fe:06:c0:6c:0a:
80:c5:13:67:8a:4d:d8:ca:0e:04:48:51:9f:b6:d8:87:87:88:
01:46:ba:e6:84:7b:81:4e:de:fc:6a:7c:14:38:4b:11:33:8b:
16:81:d4:77:55:82:44:c1:37:1f:47:8f:23:f9:7a:81:af:10:
aa:48:8c:c1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDNgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMzAyMDEx
MDI4NDRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDQzRTMwN0VBMDFFMzlE
NTI1QTA4MDc2NUU4QzZEOUM1NjNDOUE4RDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDansJy89bQf11A6k52NWr1JDzQXw96jlo2wkyFFX554zYa6acB
rKmDen5lLKmoTn6ThPh9TeP58qoadGMKiODfXYjxrUdtrlNWVfCBf+DCVA7A0oOU
lCSVp81rDS6jYVRU98smjhtZcomcvDoPxPNMF5iiZIRYjTjBGE95NZdELRq3VceU
EfJpSW4J8PUwgTGsuiqtxaX7dlvjmfqmEa300HgqWWjkrB6evGye8lsLJU2q9+aW
LE50o/eBfHrmzF4jvAdlCR8jLoP2S2LlLGabTkRt7/Kvi5kI/n2nu2gzrTwW7GuH
PbdjH/v6rBDDYfp5KSXuVPOwwoyjeX+QyV9HAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUQ+MH6gHjnVJaCAdl6MbZxWPJqNMwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvUS1NSDZnSGpuVkphQ0FkbDZNYlp4
V1BKcU5NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcBIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAOXts/AgWd7VHY9JygG1xtH+W9AqxTyK0KRngu46E
2Ira4N+qgNDbIyjB27j+Ep0IJ+53fPQ4cqStjlH0YH6rdokaCrxw4xo54rSvw9Bu
V0ck0pa8o3gjUCKQ55LhOTmZ6C1vKjcQbNk3Q9gMma8Nl9Z1rlYfEuUOIn6w9hyq
DIreBYpW1ShPEBKjwWZAiVoS/i0Cw23qEet0oqXeCGiBrYsJJAO+RbNd7DLLYLfj
dTBx2qEadwvYLE4JvDfj1X5xrf4GwGwKgMUTZ4pN2MoOBEhRn7bYh4eIAUa65oR7
gU7e/Gp8FDhLETOLFoHUd1WCRME3H0ePI/l6ga8QqkiMwQ==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:36:17 2025 by rpki-client