Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/jfU3DGqUWQMKvM1XQYzNcdmm0zQ.roa
File: jfU3DGqUWQMKvM1XQYzNcdmm0zQ.roa (raw, json)
Hash identifier: SrXqBuS/1dV9cu3R2Op4Tl3Utgujd3SmaSF8uCzhqzU=
Subject key identifier: 8D:F5:37:0C:6A:94:59:03:0A:BC:CD:57:41:8C:CD:71:D9:A6:D3:34
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 10A1
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/jfU3DGqUWQMKvM1XQYzNcdmm0zQ.roa
Signing time: Wed 01 Feb 2023 10:28:49 +0000
ROA not before: Wed 01 Feb 2023 10:28:49 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9919
IP address blocks: 211.78.128.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4257 (0x10a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 1 10:28:49 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=8DF5370C6A9459030ABCCD57418CCD71D9A6D334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:df:dc:f8:55:66:b6:07:83:85:e4:72:49:94:
bf:e2:66:c7:c8:7f:29:44:65:fd:6f:fe:3a:4d:2d:
a6:ba:9c:d8:d8:e8:ee:98:06:8d:35:d9:62:d6:10:
a2:b3:20:f7:07:53:53:a5:10:68:22:65:97:ce:ec:
af:b2:b8:73:5b:e9:ba:17:d7:5a:26:14:8d:67:33:
e4:b4:0d:f0:db:00:34:4e:35:6e:1c:6e:f7:7a:25:
7a:c6:95:26:13:39:42:1e:c5:9d:98:95:19:74:80:
12:16:ef:ec:35:e1:d3:d4:f9:be:52:ae:46:3e:75:
f3:94:99:38:e2:26:0b:4f:a9:6d:b1:a2:61:cc:57:
36:a9:33:60:b9:c8:39:4b:47:bf:3f:8b:1a:30:86:
7f:17:4f:3a:58:44:e4:a8:9a:32:24:4a:80:d0:66:
c7:a8:38:c1:03:79:d6:a8:6f:04:f1:86:26:9e:9d:
7d:a5:4a:30:e1:b4:b9:f3:6d:c9:e4:64:7a:a0:a3:
ac:36:d9:a9:6d:6e:2d:f8:21:cb:cd:a2:74:7c:12:
bf:6b:74:75:22:c8:85:c8:db:2e:41:5b:2a:3c:80:
af:1a:db:a2:80:77:b5:4d:b7:4b:a5:73:5c:79:29:
c2:c0:59:b3:d3:fd:fb:c5:b5:01:e8:64:4a:4b:33:
f0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F5:37:0C:6A:94:59:03:0A:BC:CD:57:41:8C:CD:71:D9:A6:D3:34
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/jfU3DGqUWQMKvM1XQYzNcdmm0zQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.78.128.0/19
Signature Algorithm: sha256WithRSAEncryption
29:e9:0b:a8:04:48:bd:8d:cd:b1:76:35:6e:c0:ac:c2:79:20:
73:01:7f:51:6a:37:74:7f:49:0e:51:e5:41:3f:aa:75:f6:ae:
6b:b4:59:63:41:33:a9:fb:28:6c:8d:87:91:9a:e0:25:d8:4b:
a2:6e:58:a2:91:42:6d:82:a7:4f:94:f0:a5:88:8c:04:75:ef:
5b:09:cc:85:e8:00:b4:50:18:3e:f5:64:5a:ab:c0:ad:5e:e2:
47:f1:0f:a5:8f:64:86:ba:09:4e:1c:dc:2b:7a:65:42:df:92:
9d:3b:71:73:5c:36:61:ef:42:cb:10:b8:cf:65:e0:58:02:28:
8e:ff:b7:2a:d6:da:46:e6:a8:2c:8b:2e:97:c4:19:cb:fb:b5:
59:e6:1e:81:c0:b7:f1:b7:c2:f0:ef:19:c1:97:3f:5b:36:82:
49:82:1b:a2:0a:6e:4c:3c:b3:f9:09:9d:7b:a1:67:44:41:14:
cf:25:4e:02:1d:cd:f1:71:98:81:c2:d3:53:91:ae:fe:ec:5c:
83:52:8b:31:04:d3:76:75:68:f7:a4:e9:a4:8a:c3:3a:e9:c2:
fb:8d:13:58:86:f4:e6:8e:c0:04:e9:ef:ce:c3:3c:8c:7a:71:
de:44:c5:5c:09:a7:4b:d9:d7:f7:d0:45:97:e1:ef:50:df:96:
af:39:90:4e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEKEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMzAyMDEx
MDI4NDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDhERjUzNzBDNkE5NDU5
MDMwQUJDQ0Q1NzQxOENDRDcxRDlBNkQzMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCf39z4VWa2B4OF5HJJlL/iZsfIfylEZf1v/jpNLaa6nNjY6O6Y
Bo012WLWEKKzIPcHU1OlEGgiZZfO7K+yuHNb6boX11omFI1nM+S0DfDbADRONW4c
bvd6JXrGlSYTOUIexZ2YlRl0gBIW7+w14dPU+b5SrkY+dfOUmTjiJgtPqW2xomHM
VzapM2C5yDlLR78/ixowhn8XTzpYROSomjIkSoDQZseoOMEDedaobwTxhiaenX2l
SjDhtLnzbcnkZHqgo6w22altbi34IcvNonR8Er9rdHUiyIXI2y5BWyo8gK8a26KA
d7VNt0ulc1x5KcLAWbPT/fvFtQHoZEpLM/AvAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUjfU3DGqUWQMKvM1XQYzNcdmm0zQwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvamZVM0RHcVVXUU1Ldk0xWFFZek5j
ZG1tMHpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdNOgDAN
BgkqhkiG9w0BAQsFAAOCAQEAKekLqARIvY3NsXY1bsCswnkgcwF/UWo3dH9JDlHl
QT+qdfaua7RZY0EzqfsobI2HkZrgJdhLom5YopFCbYKnT5TwpYiMBHXvWwnMhegA
tFAYPvVkWqvArV7iR/EPpY9khroJThzcK3plQt+SnTtxc1w2Ye9CyxC4z2XgWAIo
jv+3KtbaRuaoLIsul8QZy/u1WeYegcC38bfC8O8ZwZc/WzaCSYIbogpuTDyz+Qmd
e6FnREEUzyVOAh3N8XGYgcLTU5Gu/uxcg1KLMQTTdnVo96TppIrDOunC+40TWIb0
5o7ABOnvzsM8jHpx3kTFXAmnS9nX99BFl+HvUN+WrzmQTg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:20:05 2025 by rpki-client