Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/osgjk1Fsgp0xN6bk83nklOHwtSI.roa
File: osgjk1Fsgp0xN6bk83nklOHwtSI.roa (raw, json)
Hash identifier: yA9ZkeckVfYCRcSJbT3qooM+OC2UBt4oAFbXr8voz4U=
Subject key identifier: A2:C8:23:93:51:6C:82:9D:31:37:A6:E4:F3:79:E4:94:E1:F0:B5:22
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0CD3
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/osgjk1Fsgp0xN6bk83nklOHwtSI.roa
Signing time: Wed 01 Feb 2023 10:28:28 +0000
ROA not before: Wed 01 Feb 2023 10:28:28 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 4780
IP address blocks: 192.72.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3283 (0xcd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 1 10:28:28 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=A2C82393516C829D3137A6E4F379E494E1F0B522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:03:94:64:8f:b6:d0:a5:d8:55:2a:82:f9:79:
33:d2:08:8a:f0:f3:f0:73:f5:8d:6c:fb:64:af:d2:
fb:0a:b5:1e:50:11:c9:6d:33:b1:a6:ff:86:4e:50:
38:3b:bf:fc:65:26:f3:b2:33:ad:8d:7d:5f:d6:86:
67:a1:7f:cf:e2:d5:97:e3:66:72:42:62:03:86:8a:
3b:df:f4:f4:85:3a:05:8c:2f:13:fa:f1:f6:e5:2f:
81:21:ae:63:05:c4:96:e2:0c:cb:b7:5f:53:56:c7:
9b:33:de:2e:ca:f4:57:51:04:e8:46:28:30:58:9a:
27:bb:9a:53:93:49:1a:d1:e8:12:10:52:58:07:ff:
75:d2:ab:21:15:fb:74:1e:ae:d8:a5:b6:f9:41:f3:
b7:4c:d1:8a:fb:9b:d6:c0:9a:29:33:f4:cf:bc:f8:
5b:ad:77:ae:fa:c8:49:74:d1:dd:8f:85:f6:77:0c:
ec:9a:17:93:47:39:02:c5:61:28:34:95:e1:a1:a6:
f0:eb:6a:99:92:3b:8a:ad:e1:b3:dc:30:e3:98:bc:
f6:d8:02:7d:81:fe:41:d3:2d:2a:8c:38:8c:41:36:
d2:d6:2d:eb:97:bf:7a:a1:f5:5a:c2:a4:f6:eb:d0:
37:e1:7e:5b:7e:b3:4f:7d:45:92:1e:87:90:3f:9e:
72:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C8:23:93:51:6C:82:9D:31:37:A6:E4:F3:79:E4:94:E1:F0:B5:22
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/osgjk1Fsgp0xN6bk83nklOHwtSI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.252.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:5f:40:fb:23:35:9e:98:10:81:13:12:ed:41:a2:88:df:4c:
df:c3:93:b6:56:fd:00:7c:00:71:a2:66:79:99:92:b6:7c:65:
52:b2:33:a7:a7:5d:06:26:69:33:25:c9:63:12:1a:65:7f:26:
61:bb:67:24:31:bd:25:5c:bc:2c:d7:80:b5:b2:ac:a1:ec:ea:
c5:a6:d1:36:94:fb:3b:45:1d:fe:f3:88:a1:bc:54:d5:5a:b9:
63:dd:0a:bc:26:f7:b8:a5:93:48:fe:8f:bf:2d:87:fd:c5:72:
8d:72:32:3f:ce:aa:3d:d5:7c:2f:0e:68:1b:29:43:17:f4:85:
d9:c6:fa:a9:14:51:ff:2e:bd:ca:f7:c9:26:96:dd:1d:90:d8:
82:7b:ad:98:0e:72:bf:83:91:6f:51:be:c2:b8:65:78:3c:d8:
e4:64:06:a2:40:66:0c:9f:08:34:77:87:89:21:8a:73:e3:29:
49:a8:80:22:4b:c9:9d:07:ac:1c:be:bb:81:3d:d9:f5:4f:2c:
f3:16:34:d7:64:c5:97:cf:9a:60:85:0b:c5:bb:24:f3:4f:c8:
ed:77:d2:f6:d6:ee:73:4d:74:fb:3e:64:9c:ab:53:4c:36:0c:
5c:36:de:b7:02:8f:94:ed:aa:fc:c3:ab:d0:8b:06:6a:a0:28:
57:38:5d:8b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDNMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yMzAyMDEx
MDI4MjhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEEyQzgyMzkzNTE2Qzgy
OUQzMTM3QTZFNEYzNzlFNDk0RTFGMEI1MjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8A5Rkj7bQpdhVKoL5eTPSCIrw8/Bz9Y1s+2Sv0vsKtR5QEclt
M7Gm/4ZOUDg7v/xlJvOyM62NfV/Whmehf8/i1ZfjZnJCYgOGijvf9PSFOgWMLxP6
8fblL4EhrmMFxJbiDMu3X1NWx5sz3i7K9FdRBOhGKDBYmie7mlOTSRrR6BIQUlgH
/3XSqyEV+3QertiltvlB87dM0Yr7m9bAmikz9M+8+Futd676yEl00d2PhfZ3DOya
F5NHOQLFYSg0leGhpvDrapmSO4qt4bPcMOOYvPbYAn2B/kHTLSqMOIxBNtLWLeuX
v3qh9VrCpPbr0Dfhflt+s099RZIeh5A/nnLZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUosgjk1Fsgp0xN6bk83nklOHwtSIwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvb3NnamsxRnNncDB4TjZiazgzbmts
T0h3dFNJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBI/DAN
BgkqhkiG9w0BAQsFAAOCAQEAX19A+yM1npgQgRMS7UGiiN9M38OTtlb9AHwAcaJm
eZmStnxlUrIzp6ddBiZpMyXJYxIaZX8mYbtnJDG9JVy8LNeAtbKsoezqxabRNpT7
O0Ud/vOIobxU1Vq5Y90KvCb3uKWTSP6Pvy2H/cVyjXIyP86qPdV8Lw5oGylDF/SF
2cb6qRRR/y69yvfJJpbdHZDYgnutmA5yv4ORb1G+wrhleDzY5GQGokBmDJ8INHeH
iSGKc+MpSaiAIkvJnQesHL67gT3Z9U8s8xY012TFl8+aYIULxbsk80/I7XfS9tbu
c010+z5knKtTTDYMXDbetwKPlO2q/MOr0IsGaqAoVzhdiw==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:14:25 2025 by rpki-client