Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/R113cf6tPL7LcEqHjdOy3gLP1Cg.roa
File: R113cf6tPL7LcEqHjdOy3gLP1Cg.roa (raw, json)
Hash identifier: wfxmEVturK8lwOE0Tb8lXI8PsU0IUl6sg+MOky7bBy8=
Subject key identifier: 47:5D:77:71:FE:AD:3C:BE:CB:70:4A:87:8D:D3:B2:DE:02:CF:D4:28
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0F61
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/R113cf6tPL7LcEqHjdOy3gLP1Cg.roa
Signing time: Mon 10 Feb 2025 14:08:01 +0000
ROA not before: Mon 10 Feb 2025 14:08:01 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9919
IP address blocks: 192.72.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3937 (0xf61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 10 14:08:01 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=475D7771FEAD3CBECB704A878DD3B2DE02CFD428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:35:ce:4b:1c:c4:c9:8b:8e:de:af:23:47:6a:
4c:03:ed:b5:6d:a5:78:87:d9:29:31:a7:d3:8e:c2:
32:5b:ab:15:9d:0f:6e:94:1e:58:80:03:18:be:28:
d2:f3:4e:82:f7:aa:9d:e4:06:7f:dd:50:21:aa:17:
a1:7b:d5:83:de:f8:07:32:ee:cc:5b:40:ef:a5:c4:
f3:8e:c3:ab:0f:bf:8c:b1:b0:9e:42:08:a5:24:66:
59:75:28:80:b6:ce:49:00:ef:e2:06:5b:81:8c:4e:
b1:97:c5:d3:d8:6e:c0:ca:b8:96:93:dc:b0:13:48:
ea:61:5d:26:42:8b:c2:ef:e1:82:a1:51:d8:03:81:
cf:1b:34:e8:f8:70:1f:26:1d:52:d6:33:a2:85:e3:
39:e0:10:cf:7d:98:de:97:90:a1:93:45:5a:b1:d8:
52:ed:aa:3f:ac:f1:d2:fc:4f:d1:b0:10:ae:30:7f:
fd:16:a1:2e:51:e4:52:56:d1:fa:fa:0f:0c:30:7e:
b7:c9:28:1b:88:8e:48:d8:3a:46:1f:3a:1b:07:8e:
8f:55:6e:59:1b:ae:26:30:1d:31:fa:95:82:e5:37:
3c:ab:0b:f2:92:1f:0c:59:59:02:e2:56:d9:d7:05:
ea:e1:ee:36:a5:36:94:b8:60:e6:dd:aa:4b:ee:ac:
36:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:5D:77:71:FE:AD:3C:BE:CB:70:4A:87:8D:D3:B2:DE:02:CF:D4:28
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/R113cf6tPL7LcEqHjdOy3gLP1Cg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.3.0/24
Signature Algorithm: sha256WithRSAEncryption
36:0e:ce:2f:ef:0e:57:8a:cd:59:2b:3f:8b:4c:21:fe:5c:6d:
30:92:d9:0c:20:79:c2:53:64:05:51:fd:cb:5e:8b:89:f9:37:
45:c4:d2:99:0a:c2:8b:1b:10:63:0b:7c:3b:ea:d1:b7:a1:c0:
42:d7:78:b4:ce:ba:55:41:8a:74:0f:7c:ee:f7:63:22:80:79:
7d:25:26:c9:71:58:93:b8:84:3c:8a:aa:97:3a:54:a5:c9:b5:
ef:a8:c1:c5:b3:e3:3c:69:13:b8:6f:ec:49:56:cb:78:7f:5d:
87:06:30:03:47:1c:fe:9a:5e:b6:ce:86:1e:96:52:ff:94:0a:
49:57:1a:32:2e:14:cc:ad:ab:c4:31:86:2b:8c:05:0c:8d:d2:
62:d6:83:a6:cf:f7:cc:fb:1f:ab:28:20:a9:bb:61:19:83:98:
29:73:43:f6:42:08:13:11:f6:b2:9c:cb:b8:5e:b8:2c:dc:f0:
6e:d0:76:75:6d:00:d9:5d:2e:82:3d:91:9c:df:c3:a6:42:1e:
78:52:49:b9:01:66:ae:a6:e4:fd:cf:1f:59:1a:20:6c:5b:11:
74:39:17:b8:b7:ab:06:ef:e5:41:89:63:96:ec:27:06:19:93:
de:15:39:14:be:fd:f8:ad:d7:39:83:d4:09:49:10:2b:d2:6e:
d2:28:99:32
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTAyMTAx
NDA4MDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ3NUQ3NzcxRkVBRDND
QkVDQjcwNEE4NzhERDNCMkRFMDJDRkQ0MjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD+Nc5LHMTJi47eryNHakwD7bVtpXiH2Skxp9OOwjJbqxWdD26U
HliAAxi+KNLzToL3qp3kBn/dUCGqF6F71YPe+Acy7sxbQO+lxPOOw6sPv4yxsJ5C
CKUkZll1KIC2zkkA7+IGW4GMTrGXxdPYbsDKuJaT3LATSOphXSZCi8Lv4YKhUdgD
gc8bNOj4cB8mHVLWM6KF4zngEM99mN6XkKGTRVqx2FLtqj+s8dL8T9GwEK4wf/0W
oS5R5FJW0fr6DwwwfrfJKBuIjkjYOkYfOhsHjo9VblkbriYwHTH6lYLlNzyrC/KS
HwxZWQLiVtnXBerh7jalNpS4YObdqkvurDapAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUR113cf6tPL7LcEqHjdOy3gLP1CgwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvUjExM2NmNnRQTDdMY0VxSGpkT3kz
Z0xQMUNnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBIAzAN
BgkqhkiG9w0BAQsFAAOCAQEANg7OL+8OV4rNWSs/i0wh/lxtMJLZDCB5wlNkBVH9
y16Lifk3RcTSmQrCixsQYwt8O+rRt6HAQtd4tM66VUGKdA987vdjIoB5fSUmyXFY
k7iEPIqqlzpUpcm176jBxbPjPGkTuG/sSVbLeH9dhwYwA0cc/ppets6GHpZS/5QK
SVcaMi4UzK2rxDGGK4wFDI3SYtaDps/3zPsfqyggqbthGYOYKXND9kIIExH2spzL
uF64LNzwbtB2dW0A2V0ugj2RnN/DpkIeeFJJuQFmrqbk/c8fWRogbFsRdDkXuLer
Bu/lQYljluwnBhmT3hU5FL79+K3XOYPUCUkQK9Ju0iiZMg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:14:28 2025 by rpki-client