Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NKBNET/CMtNfEqoaxzZVXUoX0vFCzMDUQ8.roa
File: CMtNfEqoaxzZVXUoX0vFCzMDUQ8.roa (raw, json)
Hash identifier: KBIMFHXmtb2KTM9mOywLs3zir9rfuxD8zwmyjrw79WQ=
Subject key identifier: 08:CB:4D:7C:4A:A8:6B:1C:D9:55:75:28:5F:4B:C5:0B:33:03:51:0F
Certificate issuer: /CN=8051F2ECEFC242E9AF9F1E454A4FB796591B8DAB
Certificate serial: 136F
Authority key identifier: 80:51:F2:EC:EF:C2:42:E9:AF:9F:1E:45:4A:4F:B7:96:59:1B:8D:AB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gFHy7O_CQumvnx5FSk-3llkbjas.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NKBNET/CMtNfEqoaxzZVXUoX0vFCzMDUQ8.roa
Signing time: Mon 10 Feb 2025 14:01:12 +0000
ROA not before: Mon 10 Feb 2025 14:01:12 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 7482
IP address blocks: 2403:b340::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4975 (0x136f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8051F2ECEFC242E9AF9F1E454A4FB796591B8DAB
Validity
Not Before: Feb 10 14:01:12 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=08CB4D7C4AA86B1CD95575285F4BC50B3303510F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2f:ed:ab:0f:e8:7d:44:ec:5e:33:c2:15:0a:
cb:65:4e:bd:a5:f1:ff:10:d4:bb:d8:d2:0e:09:52:
f8:ee:f0:b1:3d:4a:b4:49:d0:9d:2d:30:6e:04:26:
52:66:41:fa:8a:d9:a4:80:c2:fb:88:35:20:05:96:
03:f2:fd:f6:84:48:9a:83:af:6f:5f:28:d6:dc:91:
d0:74:70:21:ac:95:dd:c4:42:c5:42:5a:1e:cf:58:
bd:7b:48:42:53:d2:62:9a:c3:f8:b5:1b:ed:64:25:
ea:15:11:f6:21:ab:d0:7b:7b:1a:0c:5c:5a:5b:10:
00:74:62:bf:0e:86:1e:91:37:97:70:37:ae:2f:30:
48:d2:c3:27:40:a2:b9:67:7e:09:2b:d7:15:9d:f8:
5a:8d:9b:17:34:1a:cf:cc:76:72:51:30:1d:1f:8b:
88:a5:84:ff:47:48:89:d7:c7:1f:3c:56:59:9b:05:
34:28:4e:fc:87:bc:c1:55:7e:e7:12:77:48:46:58:
a2:3b:da:9b:c0:2f:d4:61:6b:de:d7:31:31:56:e1:
38:06:f2:3a:59:1d:af:3a:aa:f0:ab:5d:30:2f:3a:
ba:5e:0c:88:f8:72:c2:bb:3c:c1:d5:15:10:db:b5:
b8:ec:52:1b:0c:2a:cc:df:bc:a6:ca:73:fe:0d:14:
1e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:CB:4D:7C:4A:A8:6B:1C:D9:55:75:28:5F:4B:C5:0B:33:03:51:0F
X509v3 Authority Key Identifier:
keyid:80:51:F2:EC:EF:C2:42:E9:AF:9F:1E:45:4A:4F:B7:96:59:1B:8D:AB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NKBNET/gFHy7O_CQumvnx5FSk-3llkbjas.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gFHy7O_CQumvnx5FSk-3llkbjas.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NKBNET/CMtNfEqoaxzZVXUoX0vFCzMDUQ8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:b340::/32
Signature Algorithm: sha256WithRSAEncryption
38:f9:56:f1:f6:47:b3:23:97:2e:f9:2c:8c:6b:d6:a0:a1:48:
5d:e1:c5:19:19:e4:62:ae:d2:23:d4:fa:73:ac:2e:c5:c6:bb:
47:cc:91:49:bb:a5:8c:35:13:b3:29:f9:10:6b:1d:be:2a:ad:
31:78:c1:f6:a1:c4:8d:b4:83:ea:85:fe:82:36:03:8e:71:ec:
75:4f:67:33:0d:4e:ed:4e:65:d1:bb:36:37:15:e9:37:3c:c3:
69:e6:3b:dc:b9:2f:ae:40:d4:1f:7b:58:3a:62:0e:7c:5d:d0:
25:aa:5b:ab:15:12:5c:ce:38:41:c5:af:dd:70:9b:16:94:ab:
2b:43:1f:97:34:be:d5:27:09:4e:0e:74:71:50:89:38:d8:50:
33:49:bf:cd:96:3d:b0:4f:74:17:6f:b0:d0:c7:e7:1f:54:71:
e0:a9:98:02:2f:4b:9d:85:68:14:7a:35:19:d2:aa:cc:cb:69:
39:9c:b6:78:61:4f:9c:b6:49:bc:7a:53:bd:7b:7f:35:e8:29:
1c:8d:cd:34:f5:26:39:d0:be:33:60:2f:24:22:03:22:b4:1a:
2b:e8:2d:14:3c:48:53:13:7e:09:14:e9:89:fb:fb:b1:8d:13:
33:67:6a:3f:46:b7:4d:f9:01:88:cc:10:7c:43:91:20:4b:d3:
99:7a:d1:4e
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICE28wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODA1
MUYyRUNFRkMyNDJFOUFGOUYxRTQ1NEE0RkI3OTY1OTFCOERBQjAeFw0yNTAyMTAx
NDAxMTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA4Q0I0RDdDNEFBODZC
MUNEOTU1NzUyODVGNEJDNTBCMzMwMzUxMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBL+2rD+h9ROxeM8IVCstlTr2l8f8Q1LvY0g4JUvju8LE9SrRJ
0J0tMG4EJlJmQfqK2aSAwvuINSAFlgPy/faESJqDr29fKNbckdB0cCGsld3EQsVC
Wh7PWL17SEJT0mKaw/i1G+1kJeoVEfYhq9B7exoMXFpbEAB0Yr8Ohh6RN5dwN64v
MEjSwydAorlnfgkr1xWd+FqNmxc0Gs/MdnJRMB0fi4ilhP9HSInXxx88VlmbBTQo
TvyHvMFVfucSd0hGWKI72pvAL9Rha97XMTFW4TgG8jpZHa86qvCrXTAvOrpeDIj4
csK7PMHVFRDbtbjsUhsMKszfvKbKc/4NFB4fAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUCMtNfEqoaxzZVXUoX0vFCzMDUQ8wHwYDVR0jBBgwFoAUgFHy7O/CQumvnx5F
Sk+3llkbjaswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTktCTkVU
L2dGSHk3T19DUXVtdm54NUZTay0zbGxrYmphcy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvZ0ZIeTdPX0NRdW12bng1RlNrLTNsbGtiamFzLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvTktCTkVUL0NNdE5mRXFvYXh6WlZYVW9Y
MHZGQ3pNRFVROC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk
A7NAMA0GCSqGSIb3DQEBCwUAA4IBAQA4+Vbx9kezI5cu+SyMa9agoUhd4cUZGeRi
rtIj1PpzrC7FxrtHzJFJu6WMNROzKfkQax2+Kq0xeMH2ocSNtIPqhf6CNgOOcex1
T2czDU7tTmXRuzY3Fek3PMNp5jvcuS+uQNQfe1g6Yg58XdAlqlurFRJczjhBxa/d
cJsWlKsrQx+XNL7VJwlODnRxUIk42FAzSb/Nlj2wT3QXb7DQx+cfVHHgqZgCL0ud
hWgUejUZ0qrMy2k5nLZ4YU+ctkm8elO9e3816Ckcjc009SY50L4zYC8kIgMitBor
6C0UPEhTE34JFOmJ+/uxjRMzZ2o/RrdN+QGIzBB8Q5EgS9OZetFO
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:04:34 2025 by rpki-client