Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/cdiS1fhJV2PklMHwpu3y8flkCc0.roa
File: cdiS1fhJV2PklMHwpu3y8flkCc0.roa (raw, json)
Hash identifier: s6BwE8YiMBFKeZmIr14jy6ytv82JdDL6aeJXxx4eV0k=
Subject key identifier: 71:D8:92:D5:F8:49:57:63:E4:94:C1:F0:A6:ED:F2:F1:F9:64:09:CD
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1164
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/cdiS1fhJV2PklMHwpu3y8flkCc0.roa
Signing time: Fri 07 Apr 2023 00:50:07 +0000
ROA not before: Fri 07 Apr 2023 00:50:07 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131602
IP address blocks: 220.229.68.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4452 (0x1164)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Apr 7 00:50:07 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=71D892D5F8495763E494C1F0A6EDF2F1F96409CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9e:07:81:51:e5:be:bd:42:68:2e:44:9a:4b:
47:23:3a:6e:fb:82:ab:1d:5a:7e:9e:f4:ef:69:d6:
18:dd:9f:d3:1c:4d:d5:58:87:c6:2f:0d:1e:8a:4d:
ca:d6:0a:f5:3a:9f:48:ea:43:16:4b:83:1e:fb:15:
69:24:a0:39:bd:a3:f8:e6:0f:a1:89:5b:2c:08:05:
ad:c5:b2:4f:ed:60:22:f3:00:75:d7:4d:aa:4d:53:
ec:0b:53:fd:12:37:db:28:0e:3d:7f:8d:14:ea:f3:
fd:4e:fd:2e:3d:f0:f8:f2:7b:33:57:af:94:61:94:
8d:ea:90:0c:8e:d4:35:8a:74:c7:2f:2e:61:a3:92:
29:2d:bb:d4:ce:03:f5:6a:57:71:6d:8c:9f:51:f0:
32:47:2b:a3:b8:7b:d4:bd:2b:31:fc:cb:fa:76:3c:
5e:74:21:ea:b1:8f:c0:d3:16:76:b8:f1:f9:bf:cf:
1a:47:ce:37:b7:6a:9d:64:ef:47:2e:07:de:18:d7:
a8:38:d3:8d:28:23:29:8c:e6:c3:ad:41:01:80:58:
55:2b:17:61:ea:2f:bf:34:65:f9:bf:b9:61:cc:da:
5e:9b:f2:34:6b:08:0f:cc:6a:cd:ad:1b:74:9a:6a:
75:a1:97:5c:dd:81:b4:eb:28:89:c6:83:45:22:42:
98:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D8:92:D5:F8:49:57:63:E4:94:C1:F0:A6:ED:F2:F1:F9:64:09:CD
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/cdiS1fhJV2PklMHwpu3y8flkCc0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.68.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:cb:65:42:11:6f:38:bd:8f:8e:50:f6:4f:80:59:79:7b:d2:
48:1d:f2:ff:45:e2:33:4e:22:86:ce:e6:eb:07:18:55:4f:c1:
a6:fc:fc:6d:15:14:d0:a9:cb:72:d1:ae:f0:55:5c:25:71:51:
07:93:de:08:a6:6d:86:85:9c:73:ba:b1:6e:fd:b5:07:41:c4:
3c:c8:8f:90:fa:26:25:0a:48:13:be:68:9b:8f:00:eb:86:92:
53:54:31:9f:79:71:eb:ee:9e:d1:58:98:6b:2b:60:7d:63:33:
12:21:e0:38:c8:f6:3c:aa:cd:b0:36:98:b1:09:39:69:68:fa:
df:c2:af:ea:f9:07:b6:68:fc:c1:84:5f:80:ed:f4:b7:07:4d:
7d:2b:18:d3:59:f9:4a:0c:d1:94:39:42:2e:a7:0e:02:45:d6:
46:75:76:0b:0e:36:ca:0b:12:04:37:fd:0d:15:3f:89:45:8b:
86:7c:ff:41:1c:94:98:5b:d3:fe:df:62:1c:a3:2d:6e:65:22:
08:fa:a8:2d:ee:c9:52:91:1d:30:98:51:d4:03:ce:ac:6b:56:
d2:87:7c:3a:fa:d0:2b:32:b7:51:88:15:ab:eb:0b:03:26:b5:
29:89:8b:5b:38:89:e7:a1:6b:10:70:51:83:ce:73:37:c9:6a:
b8:6c:13:9a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEWQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzA0MDcw
MDUwMDdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDcxRDg5MkQ1Rjg0OTU3
NjNFNDk0QzFGMEE2RURGMkYxRjk2NDA5Q0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCngeBUeW+vUJoLkSaS0cjOm77gqsdWn6e9O9p1hjdn9McTdVY
h8YvDR6KTcrWCvU6n0jqQxZLgx77FWkkoDm9o/jmD6GJWywIBa3Fsk/tYCLzAHXX
TapNU+wLU/0SN9soDj1/jRTq8/1O/S498PjyezNXr5RhlI3qkAyO1DWKdMcvLmGj
kiktu9TOA/VqV3FtjJ9R8DJHK6O4e9S9KzH8y/p2PF50Ieqxj8DTFna48fm/zxpH
zje3ap1k70cuB94Y16g4040oIymM5sOtQQGAWFUrF2HqL780Zfm/uWHM2l6b8jRr
CA/Mas2tG3SaanWhl1zdgbTrKInGg0UiQpijAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUcdiS1fhJV2PklMHwpu3y8flkCc0wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvY2RpUzFmaEpWMlBrbE1Id3B1M3k4
ZmxrQ2MwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtzlRDAN
BgkqhkiG9w0BAQsFAAOCAQEAO8tlQhFvOL2PjlD2T4BZeXvSSB3y/0XiM04ihs7m
6wcYVU/Bpvz8bRUU0KnLctGu8FVcJXFRB5PeCKZthoWcc7qxbv21B0HEPMiPkPom
JQpIE75om48A64aSU1Qxn3lx6+6e0ViYaytgfWMzEiHgOMj2PKrNsDaYsQk5aWj6
38Kv6vkHtmj8wYRfgO30twdNfSsY01n5SgzRlDlCLqcOAkXWRnV2Cw42ygsSBDf9
DRU/iUWLhnz/QRyUmFvT/t9iHKMtbmUiCPqoLe7JUpEdMJhR1APOrGtW0od8OvrQ
KzK3UYgVq+sLAya1KYmLWziJ56FrEHBRg85zN8lquGwTmg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:20:04 2025 by rpki-client