Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/vTkOlCBPPM4FB-YLTFRYgjG1hw4.roa
File: vTkOlCBPPM4FB-YLTFRYgjG1hw4.roa (raw, json)
Hash identifier: 0jpc3TpnM+ws+VQXQQ1A8QYPZyMWsM9/2HHvfoYTUSw=
Subject key identifier: BD:39:0E:94:20:4F:3C:CE:05:07:E6:0B:4C:54:58:82:31:B5:87:0E
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1813
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/vTkOlCBPPM4FB-YLTFRYgjG1hw4.roa
Signing time: Mon 10 Feb 2025 14:07:33 +0000
ROA not before: Mon 10 Feb 2025 14:07:33 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131602
IP address blocks: 220.229.66.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6163 (0x1813)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 10 14:07:33 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=BD390E94204F3CCE0507E60B4C54588231B5870E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9e:f2:26:40:7d:bd:4d:29:76:e2:e5:ba:fd:
ab:e2:c5:c1:ca:69:26:2d:9e:7e:97:8d:a6:9b:8a:
96:08:bd:96:9e:38:c8:f8:6c:ee:06:ab:0a:53:7c:
7c:f4:1e:ac:17:8d:45:bc:31:2b:9c:0e:ba:23:09:
63:97:ad:59:de:67:e1:09:10:d7:3f:53:9d:2d:a0:
9d:b7:37:01:06:fb:3c:67:f7:bc:68:31:42:e4:b4:
14:ce:59:1b:40:be:5d:56:c2:73:aa:88:e0:26:bf:
7f:46:b9:f4:7e:ee:3e:0f:d5:69:65:cd:36:3a:45:
40:ec:52:c7:bf:dc:5e:ed:d5:78:4b:9f:d3:97:a5:
3e:92:23:6f:f0:b3:a0:27:21:b1:ed:3b:ff:70:73:
d3:76:fe:d2:d4:b8:89:7a:18:40:d8:00:bb:ed:00:
ae:5d:8d:d4:fb:ac:ea:8b:46:6f:ac:ca:bf:6e:fa:
fb:fc:5d:fc:7c:08:40:46:5f:ba:d9:f1:1d:61:1a:
ef:d7:86:e2:4d:60:67:f4:08:bd:7f:fb:08:c7:78:
b3:dc:2e:e4:3a:96:28:9f:90:d2:0f:d8:e4:e3:d5:
61:47:c5:fb:2e:1a:de:8e:35:ab:e4:1d:8f:04:d9:
19:8f:04:c0:14:d3:ab:e4:fa:a6:38:0f:76:ab:3a:
b4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:39:0E:94:20:4F:3C:CE:05:07:E6:0B:4C:54:58:82:31:B5:87:0E
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/vTkOlCBPPM4FB-YLTFRYgjG1hw4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.66.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:e3:65:ec:94:7e:ac:85:fb:8d:81:04:ef:04:26:dc:6b:91:
4b:67:9b:c8:52:74:e7:e9:5c:8f:5f:a1:de:4f:bd:9a:fe:0e:
e6:3c:c8:9c:2c:4d:88:a2:ea:b3:4f:8e:fe:ac:e2:3e:b7:3f:
d2:ce:9b:0e:fb:02:b2:1f:74:ed:0f:c5:d3:ce:23:d2:6c:9d:
1d:84:6d:49:06:e8:fe:44:8d:03:d6:a8:9a:8f:ff:68:b9:03:
90:c7:a7:20:79:ad:d4:d4:91:08:fd:69:6f:c5:92:ed:20:9e:
db:f3:bb:24:0e:e6:28:75:b7:6e:b3:0d:99:da:9b:5d:62:b8:
ee:e5:5b:9f:a8:af:7b:4b:28:5f:29:8e:97:56:8a:d0:d9:43:
a7:05:20:9f:b4:75:a8:73:26:57:25:97:97:07:10:f7:ce:f0:
99:83:21:59:20:a2:ad:95:a5:d3:6d:fc:05:3e:bd:03:d8:93:
17:59:6b:03:c3:c7:d5:59:46:89:ab:99:2f:66:f4:03:89:9a:
4c:4d:cc:2f:a5:44:e1:da:2f:24:bd:e6:27:19:51:36:8f:92:
42:13:d2:47:25:1b:dd:c6:95:7e:7e:5e:89:ef:e7:56:64:7d:
89:7e:44:b9:b2:89:ba:59:a9:8c:97:bf:7d:59:26:31:41:d1:
78:df:6c:dd
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICGBMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx
NDA3MzNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJEMzkwRTk0MjA0RjND
Q0UwNTA3RTYwQjRDNTQ1ODgyMzFCNTg3MEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+nvImQH29TSl24uW6/avixcHKaSYtnn6XjaabipYIvZaeOMj4
bO4GqwpTfHz0HqwXjUW8MSucDrojCWOXrVneZ+EJENc/U50toJ23NwEG+zxn97xo
MULktBTOWRtAvl1WwnOqiOAmv39GufR+7j4P1WllzTY6RUDsUse/3F7t1XhLn9OX
pT6SI2/ws6AnIbHtO/9wc9N2/tLUuIl6GEDYALvtAK5djdT7rOqLRm+syr9u+vv8
Xfx8CEBGX7rZ8R1hGu/XhuJNYGf0CL1/+wjHeLPcLuQ6liifkNIP2OTj1WFHxfsu
Gt6ONavkHY8E2RmPBMAU06vk+qY4D3arOrTPAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUvTkOlCBPPM4FB+YLTFRYgjG1hw4wHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvdlRrT2xDQlBQTTRGQi1ZTFRGUlln
akcxaHc0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdzlQjAN
BgkqhkiG9w0BAQsFAAOCAQEALeNl7JR+rIX7jYEE7wQm3GuRS2ebyFJ05+lcj1+h
3k+9mv4O5jzInCxNiKLqs0+O/qziPrc/0s6bDvsCsh907Q/F084j0mydHYRtSQbo
/kSNA9aomo//aLkDkMenIHmt1NSRCP1pb8WS7SCe2/O7JA7mKHW3brMNmdqbXWK4
7uVbn6ive0soXymOl1aK0NlDpwUgn7R1qHMmVyWXlwcQ987wmYMhWSCirZWl0238
BT69A9iTF1lrA8PH1VlGiauZL2b0A4maTE3ML6VE4dovJL3mJxlRNo+SQhPSRyUb
3caVfn5eie/nVmR9iX5EubKJulmpjJe/fVkmMUHReN9s3Q==
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:04:51 2025 by rpki-client