Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/G3aIExqlMkH3lrJvMfsxv03ZvTY.roa
File: G3aIExqlMkH3lrJvMfsxv03ZvTY.roa (raw, json)
Hash identifier: hAn6ERJTs667iMtCWrTHCvnz6fXWhhrhP0sc04wsDjA=
Subject key identifier: 1B:76:88:13:1A:A5:32:41:F7:96:B2:6F:31:FB:31:BF:4D:D9:BD:36
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 133F
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/G3aIExqlMkH3lrJvMfsxv03ZvTY.roa
Signing time: Mon 10 Feb 2025 14:09:16 +0000
ROA not before: Mon 10 Feb 2025 14:09:16 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4662
IP address blocks: 210.62.192.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4927 (0x133f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Feb 10 14:09:16 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=1B7688131AA53241F796B26F31FB31BF4DD9BD36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4a:b9:07:9a:4e:e8:f8:81:a5:2a:a7:12:40:
a0:3d:99:22:9b:cf:1a:8f:4d:08:2b:53:08:7d:ad:
5b:43:79:b8:f9:8e:3e:59:e5:6b:1e:fb:ae:3e:a9:
da:6c:dc:60:ff:9c:f0:e6:5e:ff:58:ce:f7:4c:2c:
6b:45:98:63:93:f3:03:17:07:71:6a:09:bc:ae:93:
80:d8:59:73:8b:50:d9:2b:c4:96:03:e5:8e:5e:9b:
da:3e:7a:cb:cb:2d:33:ab:f5:7f:6b:02:26:a2:56:
3d:81:3b:5d:92:55:d7:32:5a:6c:79:c9:c6:d9:76:
64:f2:70:fc:2f:d0:a0:0e:10:e2:47:f1:67:56:d1:
fe:5b:c8:a3:1e:32:37:5a:53:f2:ef:f1:4c:93:63:
ce:9d:c7:35:e0:0d:0f:d2:a2:34:23:0c:cc:5f:6f:
2a:7a:26:0e:e4:a1:1d:33:4b:c3:89:3d:6b:79:62:
da:66:1a:75:5d:ad:65:31:52:d3:15:ad:af:9a:eb:
ac:09:f1:fa:3b:8a:a4:d6:9c:8f:c7:44:4c:57:92:
67:3c:bf:ca:a2:64:11:c1:d8:be:47:88:fb:2e:0f:
1b:79:6a:bc:65:c4:a6:1f:5d:0a:26:5c:42:fc:4e:
a1:57:f3:05:89:34:b1:a2:56:15:38:a6:c7:c5:4e:
22:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:76:88:13:1A:A5:32:41:F7:96:B2:6F:31:FB:31:BF:4D:D9:BD:36
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/G3aIExqlMkH3lrJvMfsxv03ZvTY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.62.192.0/19
Signature Algorithm: sha256WithRSAEncryption
93:c1:48:27:3f:12:31:c5:19:62:12:28:0b:c3:28:a0:2f:34:
e7:c4:aa:4f:10:9d:ec:eb:4e:d5:2f:f4:c3:a7:bd:79:db:3a:
db:d1:6d:9d:42:2b:9b:dd:17:02:be:bc:de:73:43:2f:50:52:
b5:eb:06:ad:f5:df:dd:30:2f:c9:a8:36:c0:51:b0:ab:c7:04:
ed:44:2f:8d:2a:10:b3:58:f5:77:70:da:50:21:b4:4c:70:f7:
3c:b4:45:d4:cd:b7:6d:3b:64:87:1f:38:5b:58:85:2c:b2:7c:
e7:59:a8:9b:35:c8:0d:df:35:c1:ef:81:aa:41:6e:4a:cb:ff:
af:6f:fd:49:4e:0f:42:3a:49:73:a1:26:6d:7a:bd:d5:42:17:
2d:67:bf:20:11:76:ba:03:15:81:4c:d9:d1:d2:93:80:5e:b8:
04:11:e1:3b:ba:a9:79:61:fe:c4:db:d2:9a:8f:65:9f:ed:00:
22:8a:fe:22:c8:19:be:29:99:2d:d6:5c:db:99:0b:e9:f8:da:
00:d9:e1:ab:54:a4:c9:9d:05:e2:07:9b:93:a0:66:97:96:73:
8c:b6:e5:ce:48:0f:95:77:31:5f:91:26:51:1e:bc:33:24:a8:
b1:52:96:6f:54:12:c9:fb:3d:c9:26:f8:1f:38:cd:ca:08:fb:
6f:f4:56:43
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEz8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTAyMTAx
NDA5MTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFCNzY4ODEzMUFBNTMy
NDFGNzk2QjI2RjMxRkIzMUJGNEREOUJEMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCySrkHmk7o+IGlKqcSQKA9mSKbzxqPTQgrUwh9rVtDebj5jj5Z
5Wse+64+qdps3GD/nPDmXv9YzvdMLGtFmGOT8wMXB3FqCbyuk4DYWXOLUNkrxJYD
5Y5em9o+esvLLTOr9X9rAiaiVj2BO12SVdcyWmx5ycbZdmTycPwv0KAOEOJH8WdW
0f5byKMeMjdaU/Lv8UyTY86dxzXgDQ/SojQjDMxfbyp6Jg7koR0zS8OJPWt5Ytpm
GnVdrWUxUtMVra+a66wJ8fo7iqTWnI/HRExXkmc8v8qiZBHB2L5HiPsuDxt5arxl
xKYfXQomXEL8TqFX8wWJNLGiVhU4psfFTiINAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUG3aIExqlMkH3lrJvMfsxv03ZvTYwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvRzNhSUV4cWxNa0gzbHJK
dk1mc3h2MDNadlRZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BdI+wDANBgkqhkiG9w0BAQsFAAOCAQEAk8FIJz8SMcUZYhIoC8MooC8058SqTxCd
7OtO1S/0w6e9eds629FtnUIrm90XAr683nNDL1BStesGrfXf3TAvyag2wFGwq8cE
7UQvjSoQs1j1d3DaUCG0THD3PLRF1M23bTtkhx84W1iFLLJ851momzXIDd81we+B
qkFuSsv/r2/9SU4PQjpJc6EmbXq91UIXLWe/IBF2ugMVgUzZ0dKTgF64BBHhO7qp
eWH+xNvSmo9ln+0AIor+IsgZvimZLdZc25kL6fjaANnhq1SkyZ0F4gebk6Bml5Zz
jLblzkgPlXcxX5EmUR68MySosVKWb1QSyfs9ySb4HzjNygj7b/RWQw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 16:49:00 2025 by rpki-client