Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/bM7YdWX54Eb34ZdVTvGCYcWNCjc.roa
File: bM7YdWX54Eb34ZdVTvGCYcWNCjc.roa (raw, json)
Hash identifier: EsCCzqzrxNxMUrOMm4ubi19eNDSztjLvQF3/7px0ot0=
Subject key identifier: 6C:CE:D8:75:65:F9:E0:46:F7:E1:97:55:4E:F1:82:61:C5:8D:0A:37
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1832
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/bM7YdWX54Eb34ZdVTvGCYcWNCjc.roa
Signing time: Mon 10 Feb 2025 14:07:40 +0000
ROA not before: Mon 10 Feb 2025 14:07:40 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131627
IP address blocks: 220.229.66.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6194 (0x1832)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 10 14:07:40 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=6CCED87565F9E046F7E197554EF18261C58D0A37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7b:23:e6:b2:63:7d:fc:dd:93:50:5e:c5:5b:
17:79:3b:93:ca:32:f8:0d:98:31:1a:63:61:50:ab:
62:ad:f5:29:82:ea:e6:8c:97:88:f5:eb:ef:3d:76:
13:07:90:6a:ac:76:af:5c:51:7f:d4:aa:84:14:11:
a2:76:f8:03:27:5d:16:fc:76:eb:1c:c1:20:87:7f:
08:cf:e5:ed:3e:fe:65:61:2b:cd:24:e8:bd:f5:7b:
6f:5d:f9:5f:5c:9d:44:43:f2:5f:ab:2f:6b:50:08:
5c:8f:1a:86:b3:dd:88:ca:16:fc:02:97:41:ea:e3:
14:ab:ed:e3:66:6b:65:77:79:79:08:05:7f:28:be:
62:ca:b2:7b:37:75:48:f0:3c:a5:dd:d1:02:a5:8f:
7e:b7:fb:ea:64:af:38:f1:bc:56:34:e1:f5:aa:d3:
15:aa:07:9d:4a:84:0a:58:03:b5:a1:1f:1f:6a:1f:
a1:03:c2:4f:db:e4:af:29:f2:58:3a:73:7f:9b:1e:
d0:83:18:2b:9b:ae:81:6b:be:8f:7a:40:82:d8:a4:
a9:4f:21:30:21:d1:07:27:74:30:a9:34:42:61:5e:
5c:78:92:a7:04:03:63:d0:32:8f:62:ff:3e:31:da:
2b:c0:f8:2b:54:ae:4c:13:b8:13:a2:cb:cb:e2:dd:
d5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:CE:D8:75:65:F9:E0:46:F7:E1:97:55:4E:F1:82:61:C5:8D:0A:37
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/bM7YdWX54Eb34ZdVTvGCYcWNCjc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.66.0/23
Signature Algorithm: sha256WithRSAEncryption
c2:53:7d:d8:30:8d:09:f1:08:27:ef:0f:d7:8d:cd:4a:dc:99:
70:47:07:ea:56:75:35:2c:d8:e5:d7:f1:91:31:d6:43:68:08:
af:15:b7:f1:95:08:fb:57:64:43:58:9e:43:c4:b8:31:64:d9:
19:69:5b:0c:f1:36:13:4d:d5:99:e2:b6:03:db:21:70:50:c1:
39:85:13:57:ac:1b:c3:a1:31:ab:65:5e:3c:f2:15:7c:39:fe:
6f:44:93:6f:d5:48:a6:32:87:b5:33:92:23:51:2d:e4:2e:8b:
ab:20:33:86:f4:88:32:91:73:2e:37:e4:09:a1:88:eb:05:ea:
35:f9:e7:54:07:25:30:9c:b2:ef:c8:90:9f:0e:a2:93:4f:8b:
91:36:34:7f:4a:99:9e:1e:9a:3b:0e:fd:0c:a6:59:45:13:9d:
0a:d2:9f:33:e2:d1:86:df:dc:6a:8e:2f:01:fa:ae:92:2a:79:
1b:0b:2b:e6:1a:f2:8b:38:74:cb:5a:62:12:8d:66:be:6e:c4:
79:47:f0:e3:b9:46:27:f9:46:b7:4d:8b:b2:de:9a:73:62:df:
46:c2:1c:7a:c5:55:e9:da:91:48:35:e7:29:f3:cd:a4:37:be:
ee:79:7b:dc:52:be:d6:c7:d0:1f:f7:df:50:4e:82:59:3d:5f:
87:8d:f6:de
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICGDIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx
NDA3NDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDZDQ0VEODc1NjVGOUUw
NDZGN0UxOTc1NTRFRjE4MjYxQzU4RDBBMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGeyPmsmN9/N2TUF7FWxd5O5PKMvgNmDEaY2FQq2Kt9SmC6uaM
l4j16+89dhMHkGqsdq9cUX/UqoQUEaJ2+AMnXRb8duscwSCHfwjP5e0+/mVhK80k
6L31e29d+V9cnURD8l+rL2tQCFyPGoaz3YjKFvwCl0Hq4xSr7eNma2V3eXkIBX8o
vmLKsns3dUjwPKXd0QKlj363++pkrzjxvFY04fWq0xWqB51KhApYA7WhHx9qH6ED
wk/b5K8p8lg6c3+bHtCDGCubroFrvo96QILYpKlPITAh0QcndDCpNEJhXlx4kqcE
A2PQMo9i/z4x2ivA+CtUrkwTuBOiy8vi3dUtAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUbM7YdWX54Eb34ZdVTvGCYcWNCjcwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvYk03WWRXWDU0RWIzNFpkVlR2R0NZ
Y1dOQ2pjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdzlQjAN
BgkqhkiG9w0BAQsFAAOCAQEAwlN92DCNCfEIJ+8P143NStyZcEcH6lZ1NSzY5dfx
kTHWQ2gIrxW38ZUI+1dkQ1ieQ8S4MWTZGWlbDPE2E03VmeK2A9shcFDBOYUTV6wb
w6Exq2VePPIVfDn+b0STb9VIpjKHtTOSI1Et5C6LqyAzhvSIMpFzLjfkCaGI6wXq
NfnnVAclMJyy78iQnw6ik0+LkTY0f0qZnh6aOw79DKZZRROdCtKfM+LRht/cao4v
Afqukip5Gwsr5hryizh0y1piEo1mvm7EeUfw47lGJ/lGt02Lst6ac2LfRsIcesVV
6dqRSDXnKfPNpDe+7nl73FK+1sfQH/ffUE6CWT1fh4323g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:36:23 2025 by rpki-client