Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/paqpYmKPtNbrs1IpYhfM1G11H54.roa
File: paqpYmKPtNbrs1IpYhfM1G11H54.roa (raw, json)
Hash identifier: OQ8RqPtJD6SUWrIHeDRE5RPgVVjFujEolMn2cUC4i+k=
Subject key identifier: A5:AA:A9:62:62:8F:B4:D6:EB:B3:52:29:62:17:CC:D4:6D:75:1F:9E
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 17BA
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/paqpYmKPtNbrs1IpYhfM1G11H54.roa
Signing time: Mon 10 Feb 2025 14:07:12 +0000
ROA not before: Mon 10 Feb 2025 14:07:12 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18049
IP address blocks: 106.104.224.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6074 (0x17ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 10 14:07:12 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A5AAA962628FB4D6EBB352296217CCD46D751F9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:da:d9:09:1b:5e:aa:0f:f3:ea:7f:34:67:a6:
c8:44:d9:63:5b:f9:88:15:ca:86:7a:34:04:46:ec:
e2:92:bc:0a:50:d2:ea:13:22:09:2a:0e:91:12:e5:
3a:76:ab:e4:de:26:2f:5e:dd:2a:9f:18:df:09:59:
90:52:2a:c7:ce:b7:d2:f8:48:d1:9f:a0:0f:c0:1b:
7a:a9:9c:56:50:0c:0e:b6:8a:35:a6:4c:b7:b5:c2:
da:1f:58:ae:31:74:0c:f5:da:08:2d:83:5f:8f:83:
a7:76:3a:4c:b4:f4:9b:90:89:37:ba:00:71:9e:3c:
50:ed:82:a2:12:b7:25:3e:47:f1:f2:13:64:f8:33:
55:02:aa:40:0e:c4:c4:cc:96:2d:fd:12:d4:6a:ce:
8d:df:51:0e:56:4e:18:49:10:5d:cb:af:ad:0f:fb:
b4:00:1e:7f:97:5b:64:a8:85:ee:82:8d:67:b2:76:
af:6e:73:73:e4:5f:99:57:8d:0e:b9:d8:d7:aa:4f:
3f:b5:99:0a:80:ff:42:07:f3:3b:22:f5:ff:38:5f:
e7:12:41:88:97:65:a7:25:99:28:43:4a:61:6c:52:
a0:bb:99:9a:8d:f8:b4:4d:e2:5d:87:74:18:f7:a7:
c5:94:48:eb:1f:58:f9:c5:97:1e:57:eb:20:b8:ec:
dc:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:AA:A9:62:62:8F:B4:D6:EB:B3:52:29:62:17:CC:D4:6D:75:1F:9E
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/paqpYmKPtNbrs1IpYhfM1G11H54.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.104.224.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:66:6b:b6:f1:ce:fc:64:a3:ab:ad:76:93:8a:be:b6:31:26:
2c:2c:5b:a1:6c:aa:8c:b7:dd:ac:c2:4c:55:69:4c:17:9c:62:
0f:de:43:72:d9:67:32:af:08:03:5f:8e:fe:22:e2:41:ec:15:
d2:68:48:27:14:30:d0:45:e5:0b:be:6b:fb:68:ab:1d:be:14:
91:cc:d0:94:31:2f:9a:90:0a:20:fa:b9:9e:b3:1a:eb:82:b7:
7d:93:b4:2f:9a:12:ad:d4:8a:0e:fb:4d:50:12:30:18:f4:8e:
e3:1a:58:20:b0:1a:ea:be:ec:1a:2b:a5:ea:d3:70:f5:fe:73:
2e:27:08:a4:3d:d0:28:9d:d7:c5:2e:55:1e:42:41:44:8d:26:
fe:9f:bf:4c:d0:1f:70:e9:d4:d3:7f:39:03:3d:55:5a:2f:ab:
e6:f9:14:4c:3c:77:4a:7e:87:e7:d4:ba:99:c3:32:2f:0d:9f:
d6:10:6a:9a:9d:d7:de:70:41:1f:e1:5c:37:1c:c2:f4:40:7b:
10:37:f7:34:ae:a7:fd:a4:27:26:97:31:a8:f2:69:c3:a4:c8:
5b:42:a5:fd:07:86:c3:04:9d:4b:e9:52:6b:7b:e4:9d:9a:c4:
68:f6:c1:86:8c:61:a7:81:d3:18:b6:73:32:1d:e4:85:ca:4e:
4c:58:63:a3
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICF7owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx
NDA3MTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE1QUFBOTYyNjI4RkI0
RDZFQkIzNTIyOTYyMTdDQ0Q0NkQ3NTFGOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCk2tkJG16qD/PqfzRnpshE2WNb+YgVyoZ6NARG7OKSvApQ0uoT
IgkqDpES5Tp2q+TeJi9e3SqfGN8JWZBSKsfOt9L4SNGfoA/AG3qpnFZQDA62ijWm
TLe1wtofWK4xdAz12ggtg1+Pg6d2Oky09JuQiTe6AHGePFDtgqIStyU+R/HyE2T4
M1UCqkAOxMTMli39EtRqzo3fUQ5WThhJEF3Lr60P+7QAHn+XW2Sohe6CjWeydq9u
c3PkX5lXjQ652NeqTz+1mQqA/0IH8zsi9f84X+cSQYiXZaclmShDSmFsUqC7mZqN
+LRN4l2HdBj3p8WUSOsfWPnFlx5X6yC47NyfAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUpaqpYmKPtNbrs1IpYhfM1G11H54wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvcGFxcFltS1B0TmJyczFJcFloZk0x
RzExSDU0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmpo4DAN
BgkqhkiG9w0BAQsFAAOCAQEASmZrtvHO/GSjq612k4q+tjEmLCxboWyqjLfdrMJM
VWlMF5xiD95DctlnMq8IA1+O/iLiQewV0mhIJxQw0EXlC75r+2irHb4UkczQlDEv
mpAKIPq5nrMa64K3fZO0L5oSrdSKDvtNUBIwGPSO4xpYILAa6r7sGiul6tNw9f5z
LicIpD3QKJ3XxS5VHkJBRI0m/p+/TNAfcOnU0385Az1VWi+r5vkUTDx3Sn6H59S6
mcMyLw2f1hBqmp3X3nBBH+FcNxzC9EB7EDf3NK6n/aQnJpcxqPJpw6TIW0Kl/QeG
wwSdS+lSa3vknZrEaPbBhoxhp4HTGLZzMh3khcpOTFhjow==
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:07:59 2025 by rpki-client