Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/tkCQIRoDyNNS-gjYkP45ALqheos.roa
File: tkCQIRoDyNNS-gjYkP45ALqheos.roa (raw, json)
Hash identifier: SgZOMPDH+O1z/6X/A86zug2b7dBZHL8/E3bV5zAsXL4=
Subject key identifier: B6:40:90:21:1A:03:C8:D3:52:FA:08:D8:90:FE:39:00:BA:A1:7A:8B
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1655
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tkCQIRoDyNNS-gjYkP45ALqheos.roa
Signing time: Mon 26 Aug 2024 05:22:03 +0000
ROA not before: Mon 26 Aug 2024 05:22:03 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 221.169.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5717 (0x1655)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Aug 26 05:22:03 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B64090211A03C8D352FA08D890FE3900BAA17A8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cd:b5:70:42:90:6e:e2:4d:7d:9c:2f:34:67:
ba:27:e4:81:4d:64:dc:3a:05:c4:05:68:3f:63:9c:
65:09:78:b2:b5:77:99:f4:6e:c5:b6:87:bb:65:c8:
06:35:bf:f3:c1:83:95:21:1d:cd:a1:c9:bf:91:28:
cd:ce:86:37:c3:c8:d2:45:1b:9a:03:32:45:9f:4c:
94:46:88:24:ac:c7:fe:20:7a:77:e9:76:cc:69:88:
12:c3:7e:e3:24:75:7c:68:b3:b8:36:ed:2e:89:8c:
14:9b:e1:35:0d:cc:bb:07:a9:11:2b:6e:03:7a:51:
91:60:91:7e:e1:29:c8:66:0a:cf:e6:b1:e9:b6:cf:
5a:bc:a0:dc:b5:16:47:ba:b2:53:83:c9:bc:be:93:
9c:2b:e6:e5:47:3a:ca:14:e7:23:c1:bf:a4:8d:45:
7d:a6:3b:8c:31:c3:55:65:b2:d6:d4:ff:9a:0d:74:
64:a3:f5:ab:7e:ca:71:42:2b:3d:e1:88:49:76:e2:
0b:76:1f:e8:5d:d0:4b:e8:ef:f0:be:32:c2:e1:c5:
e2:98:a4:c7:0c:f9:7f:d6:77:db:3c:a7:ef:97:66:
ce:27:b0:ed:ee:12:57:93:0b:da:76:ef:92:b9:2c:
1b:bd:0c:bf:ed:db:fc:7a:74:64:e9:ab:f3:2d:ed:
3a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:40:90:21:1A:03:C8:D3:52:FA:08:D8:90:FE:39:00:BA:A1:7A:8B
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tkCQIRoDyNNS-gjYkP45ALqheos.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
221.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a2:c6:b6:fd:ae:d4:a7:46:c8:74:cb:62:01:2e:9b:47:6b:83:
60:4e:39:f9:8b:9d:cb:86:d2:80:64:9b:78:cf:2d:27:96:01:
ea:58:b0:b3:62:5c:35:57:0f:77:9c:bb:e7:29:dd:27:a0:f5:
1b:1c:b5:85:4d:5e:24:e6:1f:5d:07:bc:20:d8:92:18:ac:1f:
60:1a:1a:35:46:94:d4:76:88:e8:dd:32:5a:34:89:0e:46:8d:
2c:0c:e9:31:a0:31:2b:59:6c:46:82:c1:34:e1:55:2d:7b:e7:
04:b2:01:d7:b2:99:04:d7:3a:30:d4:ee:77:2d:40:d3:da:1c:
07:49:de:1e:a5:87:a4:86:91:01:40:08:62:fb:c3:b8:2b:ff:
cf:7a:e2:ca:18:f6:9c:64:d3:7d:07:b8:39:16:33:43:fe:89:
a8:5e:01:19:3e:35:47:6a:37:43:5b:b6:62:5b:1b:8c:cf:d7:
05:ae:d8:68:34:e9:06:95:c3:a6:f3:a1:b0:17:26:1f:1b:cf:
69:79:52:b2:dd:46:6e:51:b1:75:c1:8c:d5:45:65:a3:46:a7:
58:aa:e8:94:69:5c:a7:16:ec:36:a7:66:4d:5d:de:7e:e8:d9:
ff:f0:b1:94:a5:61:e5:6f:56:00:4f:f4:a1:b6:f6:d2:5c:e7:
90:fb:31:d6
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICFlUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNDA4MjYw
NTIyMDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEI2NDA5MDIxMUEwM0M4
RDM1MkZBMDhEODkwRkUzOTAwQkFBMTdBOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdzbVwQpBu4k19nC80Z7on5IFNZNw6BcQFaD9jnGUJeLK1d5n0
bsW2h7tlyAY1v/PBg5UhHc2hyb+RKM3OhjfDyNJFG5oDMkWfTJRGiCSsx/4genfp
dsxpiBLDfuMkdXxos7g27S6JjBSb4TUNzLsHqRErbgN6UZFgkX7hKchmCs/msem2
z1q8oNy1Fke6slODyby+k5wr5uVHOsoU5yPBv6SNRX2mO4wxw1VlstbU/5oNdGSj
9at+ynFCKz3hiEl24gt2H+hd0Evo7/C+MsLhxeKYpMcM+X/Wd9s8p++XZs4nsO3u
EleTC9p275K5LBu9DL/t2/x6dGTpq/Mt7TohAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUtkCQIRoDyNNS+gjYkP45ALqheoswHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvdGtDUUlSb0R5Tk5TLWdqWWtQNDVB
THFoZW9zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAN2pMA0G
CSqGSIb3DQEBCwUAA4IBAQCixrb9rtSnRsh0y2IBLptHa4NgTjn5i53LhtKAZJt4
zy0nlgHqWLCzYlw1Vw93nLvnKd0noPUbHLWFTV4k5h9dB7wg2JIYrB9gGho1RpTU
dojo3TJaNIkORo0sDOkxoDErWWxGgsE04VUte+cEsgHXspkE1zow1O53LUDT2hwH
Sd4epYekhpEBQAhi+8O4K//PeuLKGPacZNN9B7g5FjND/omoXgEZPjVHajdDW7Zi
WxuMz9cFrthoNOkGlcOm86GwFyYfG89peVKy3UZuUbF1wYzVRWWjRqdYquiUaVyn
Fuw2p2ZNXd5+6Nn/8LGUpWHlb1YAT/ShtvbSXOeQ+zHW
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:25:25 2025 by rpki-client