Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/YzuPerJ85zOhfa63sVNTw9PQXnU.roa
File: YzuPerJ85zOhfa63sVNTw9PQXnU.roa (raw, json)
Hash identifier: ZYVsK019XPfPOeatjw3Z6pUvt6RrHHrRCDfYuKp9xbE=
Subject key identifier: 63:3B:8F:7A:B2:7C:E7:33:A1:7D:AE:B7:B1:53:53:C3:D3:D0:5E:75
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0F70
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/YzuPerJ85zOhfa63sVNTw9PQXnU.roa
Signing time: Mon 10 Feb 2025 14:08:04 +0000
ROA not before: Mon 10 Feb 2025 14:08:04 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9919
IP address blocks: 192.72.248.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3952 (0xf70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 10 14:08:04 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=633B8F7AB27CE733A17DAEB7B15353C3D3D05E75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:25:34:a9:6b:7d:dd:bd:e5:68:ea:e3:a7:85:
c0:1e:1a:04:af:f0:12:00:bd:78:38:9e:78:67:7c:
87:ad:92:e8:f2:b4:40:2d:d8:d2:28:05:49:f6:1c:
db:63:bd:46:4e:77:9c:44:a4:9a:c5:29:62:45:78:
b7:6c:8c:67:b6:50:02:db:f4:c1:dd:9a:d6:81:a9:
e0:c5:ec:b4:ec:60:db:8f:b3:14:81:da:15:76:3c:
b0:89:50:3b:83:c7:4b:66:76:95:44:da:87:c8:1f:
21:12:6c:32:18:ce:09:7c:31:eb:0d:97:51:40:09:
e5:31:6c:23:9d:3a:af:69:62:cc:ec:1b:0f:14:e3:
23:35:d3:e7:c8:8d:1e:ee:92:18:86:10:c7:7d:49:
2a:6b:21:09:35:16:1c:aa:9e:31:cb:62:d1:4f:32:
fb:c5:a9:e2:83:54:b1:ce:4d:5d:25:1c:80:40:cd:
85:b0:c6:7c:a1:55:26:3d:98:03:82:1c:1f:aa:cd:
7c:54:54:16:d6:96:2e:5a:56:ef:1c:6a:63:da:f2:
92:06:71:20:f4:51:30:79:9c:9c:f1:d2:5b:3a:c9:
87:75:03:fd:02:c6:90:11:1c:6c:70:56:6b:20:7a:
d8:8a:bc:40:8e:c8:77:76:ca:aa:e6:55:51:ce:dd:
13:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:3B:8F:7A:B2:7C:E7:33:A1:7D:AE:B7:B1:53:53:C3:D3:D0:5E:75
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/YzuPerJ85zOhfa63sVNTw9PQXnU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.248.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:64:4b:61:5f:4e:0d:7a:23:9a:b7:25:9e:c5:6e:ad:72:6c:
fa:d9:85:02:d7:0e:9b:aa:d3:e5:0b:5e:60:20:c4:7c:56:5e:
7d:a1:2f:8c:1e:7e:26:76:01:63:45:41:cb:00:fc:e3:82:f0:
aa:0b:bd:b0:63:58:76:7b:2b:bb:01:d1:6a:ea:a4:c5:3f:0d:
35:a3:fa:bb:b6:a5:09:7d:07:24:42:fe:a0:f8:ef:20:34:66:
87:b8:37:11:a4:97:5a:ac:92:da:79:bb:b0:9d:9b:45:13:86:
dc:24:f5:55:ed:02:ee:63:17:fb:34:ea:03:45:2e:2f:55:62:
29:99:2d:a2:67:dd:d6:70:6f:57:bd:dd:13:6a:48:17:e6:38:
a9:a7:2e:f5:a6:97:24:b0:49:91:20:80:67:1e:59:09:47:98:
99:23:0f:83:2d:a0:7a:1e:19:d3:17:87:2a:8f:45:be:7e:8a:
94:26:68:9b:d5:e8:2c:cc:94:ca:e8:a8:0e:b6:a5:be:a7:ff:
4e:fe:89:e8:c3:d1:d6:09:46:1b:56:34:d6:67:58:e9:48:4f:
2f:73:77:b7:db:48:47:a1:d5:a5:93:0a:a2:40:38:73:8e:18:
97:7d:7f:40:16:25:0b:d3:31:e8:97:81:51:03:89:a0:c8:9f:
a3:99:77:22
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD3AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTAyMTAx
NDA4MDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYzM0I4RjdBQjI3Q0U3
MzNBMTdEQUVCN0IxNTM1M0MzRDNEMDVFNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJJTSpa33dveVo6uOnhcAeGgSv8BIAvXg4nnhnfIetkujytEAt
2NIoBUn2HNtjvUZOd5xEpJrFKWJFeLdsjGe2UALb9MHdmtaBqeDF7LTsYNuPsxSB
2hV2PLCJUDuDx0tmdpVE2ofIHyESbDIYzgl8MesNl1FACeUxbCOdOq9pYszsGw8U
4yM10+fIjR7ukhiGEMd9SSprIQk1FhyqnjHLYtFPMvvFqeKDVLHOTV0lHIBAzYWw
xnyhVSY9mAOCHB+qzXxUVBbWli5aVu8camPa8pIGcSD0UTB5nJzx0ls6yYd1A/0C
xpARHGxwVmsgetiKvECOyHd2yqrmVVHO3RObAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUYzuPerJ85zOhfa63sVNTw9PQXnUwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvWXp1UGVySjg1ek9oZmE2M3NWTlR3
OVBRWG5VLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsBI+DAN
BgkqhkiG9w0BAQsFAAOCAQEAamRLYV9ODXojmrclnsVurXJs+tmFAtcOm6rT5Qte
YCDEfFZefaEvjB5+JnYBY0VBywD844Lwqgu9sGNYdnsruwHRauqkxT8NNaP6u7al
CX0HJEL+oPjvIDRmh7g3EaSXWqyS2nm7sJ2bRROG3CT1Ve0C7mMX+zTqA0UuL1Vi
KZktomfd1nBvV73dE2pIF+Y4qacu9aaXJLBJkSCAZx5ZCUeYmSMPgy2geh4Z0xeH
Ko9Fvn6KlCZom9XoLMyUyuioDralvqf/Tv6J6MPR1glGG1Y01mdY6UhPL3N3t9tI
R6HVpZMKokA4c44Yl31/QBYlC9Mx6JeBUQOJoMifo5l3Ig==
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:14:26 2025 by rpki-client