Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/id07XM3iH3wHDQFIYrQhBc7fljc.roa
File: id07XM3iH3wHDQFIYrQhBc7fljc.roa (raw, json)
Hash identifier: Bnq0Y8VZZ9dzv+/paadjDxdYwo9HccRIrje4xKGImPs=
Subject key identifier: 89:DD:3B:5C:CD:E2:1F:7C:07:0D:01:48:62:B4:21:05:CE:DF:96:37
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1803
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/id07XM3iH3wHDQFIYrQhBc7fljc.roa
Signing time: Mon 10 Feb 2025 14:07:30 +0000
ROA not before: Mon 10 Feb 2025 14:07:30 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9919
IP address blocks: 45.64.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6147 (0x1803)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 10 14:07:30 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=89DD3B5CCDE21F7C070D014862B42105CEDF9637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:51:99:0f:e3:b7:a2:75:b1:de:74:ab:82:f9:
de:90:a8:14:a9:59:5d:e0:86:74:05:2b:06:d2:20:
14:a1:2f:f6:53:ba:eb:e9:fc:7a:9b:ce:02:f0:f5:
60:ea:a4:6a:87:34:fb:c2:fa:d4:42:72:ef:61:08:
a2:56:a5:d1:f4:21:9d:ec:81:f2:df:d8:73:27:7e:
c0:d5:6d:51:c5:51:03:07:99:cf:da:5b:88:57:d1:
69:52:29:9a:7a:b6:88:76:22:47:ca:c8:2f:87:92:
1d:7d:a9:6a:87:81:96:a9:d7:5b:25:09:ec:cf:3b:
77:65:15:cb:1c:c7:b3:f4:33:7c:16:fe:3b:8e:a7:
57:59:73:be:78:e0:13:71:17:36:1f:fb:d1:23:da:
aa:79:d5:36:d8:6e:d5:2d:4c:ae:1a:20:e0:a8:99:
70:1a:b0:bd:5b:ee:8b:87:99:04:23:76:a7:b3:99:
59:b3:00:8c:37:a6:24:18:de:25:24:ed:be:ee:ff:
6f:7c:82:78:24:4a:d6:6f:2c:ba:0f:d0:67:ab:9b:
1e:21:a7:c7:d3:a5:9c:87:a5:e4:e8:50:d6:b8:0c:
a2:89:bc:56:29:88:77:f0:f0:c7:95:52:de:db:44:
dc:74:be:94:8d:16:4d:15:bc:ef:67:e6:67:b8:ea:
b4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:DD:3B:5C:CD:E2:1F:7C:07:0D:01:48:62:B4:21:05:CE:DF:96:37
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/id07XM3iH3wHDQFIYrQhBc7fljc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.228.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:40:f7:d9:1d:db:b8:6b:32:b2:ef:e3:b7:1c:5e:9d:da:d7:
d8:66:d7:bc:48:86:56:cf:d8:05:69:88:ea:ce:a7:ba:03:a4:
1c:3a:5a:0d:85:eb:dd:c9:3f:83:37:12:62:f9:93:b5:2a:8f:
54:cc:f2:c8:7f:b1:84:3d:75:f8:e3:ef:99:89:b9:9d:5f:d4:
f0:ae:65:11:d1:a6:bb:00:8c:46:4d:22:2b:07:8a:35:74:ad:
a5:ef:3d:e9:0d:d8:71:86:cc:28:44:dc:10:3a:7f:79:35:ef:
ad:02:bf:74:9a:67:3f:43:23:ef:22:28:ff:55:dc:d7:68:0f:
20:0c:eb:0c:08:37:ea:dc:89:16:0d:d4:1c:67:06:ca:0d:d3:
86:73:88:da:7b:53:4e:e2:3c:f7:88:40:30:05:1b:5c:dd:e0:
c3:bf:16:7b:61:4f:1d:53:ba:2a:86:b0:27:a4:1f:ea:c7:4c:
ff:c3:3b:d3:8e:c6:3e:b9:c4:26:be:9d:4b:83:c7:d0:3b:21:
30:eb:d9:00:14:0d:73:57:68:f3:a4:ee:73:2c:6f:0e:61:25:
cc:f6:95:70:1d:4a:94:08:67:79:56:a7:c7:8f:31:3f:75:9b:
dd:7e:bd:9a:1d:83:93:27:34:f4:88:20:6f:61:94:42:60:2e:
52:4b:af:f5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICGAMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx
NDA3MzBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg5REQzQjVDQ0RFMjFG
N0MwNzBEMDE0ODYyQjQyMTA1Q0VERjk2MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcUZkP47eidbHedKuC+d6QqBSpWV3ghnQFKwbSIBShL/ZTuuvp
/HqbzgLw9WDqpGqHNPvC+tRCcu9hCKJWpdH0IZ3sgfLf2HMnfsDVbVHFUQMHmc/a
W4hX0WlSKZp6toh2IkfKyC+Hkh19qWqHgZap11slCezPO3dlFcscx7P0M3wW/juO
p1dZc7544BNxFzYf+9Ej2qp51TbYbtUtTK4aIOComXAasL1b7ouHmQQjdqezmVmz
AIw3piQY3iUk7b7u/298gngkStZvLLoP0Germx4hp8fTpZyHpeToUNa4DKKJvFYp
iHfw8MeVUt7bRNx0vpSNFk0VvO9n5me46rR5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUid07XM3iH3wHDQFIYrQhBc7fljcwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvaWQwN1hNM2lIM3dIRFFGSVlyUWhC
YzdmbGpjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1A5DAN
BgkqhkiG9w0BAQsFAAOCAQEALkD32R3buGsysu/jtxxendrX2GbXvEiGVs/YBWmI
6s6nugOkHDpaDYXr3ck/gzcSYvmTtSqPVMzyyH+xhD11+OPvmYm5nV/U8K5lEdGm
uwCMRk0iKweKNXStpe896Q3YcYbMKETcEDp/eTXvrQK/dJpnP0Mj7yIo/1Xc12gP
IAzrDAg36tyJFg3UHGcGyg3ThnOI2ntTTuI894hAMAUbXN3gw78We2FPHVO6Koaw
J6Qf6sdM/8M7047GPrnEJr6dS4PH0DshMOvZABQNc1do86TucyxvDmElzPaVcB1K
lAhneVanx48xP3Wb3X69mh2Dkyc09Iggb2GUQmAuUkuv9Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:14:24 2025 by rpki-client