Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/aI-A5vseDbDC2YRjbbHnETjv-UA.roa
File: aI-A5vseDbDC2YRjbbHnETjv-UA.roa (raw, json)
Hash identifier: /+L/kHFd9vInxG1XYzPxahighL+2HTbGGjSmk0A+pI0=
Subject key identifier: 68:8F:80:E6:FB:1E:0D:B0:C2:D9:84:63:6D:B1:E7:11:38:EF:F9:40
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 133A
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/aI-A5vseDbDC2YRjbbHnETjv-UA.roa
Signing time: Mon 10 Feb 2025 14:09:15 +0000
ROA not before: Mon 10 Feb 2025 14:09:15 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131634
IP address blocks: 124.108.160.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4922 (0x133a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Feb 10 14:09:15 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=688F80E6FB1E0DB0C2D984636DB1E71138EFF940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a8:eb:c3:c8:6e:cc:45:f3:59:59:ef:43:b0:
c6:58:86:a7:c7:e9:7c:d5:42:97:0d:e2:b3:20:74:
71:00:51:24:11:a5:15:50:1d:4e:dd:0f:51:cf:e9:
8d:a4:69:68:24:de:42:90:95:af:34:6b:4a:17:61:
46:47:25:26:ba:e9:33:b5:4c:95:32:48:09:91:b1:
00:1f:bd:a1:ea:77:b1:2e:0f:ee:b5:a1:02:40:91:
ed:55:ff:0b:bd:ba:02:55:a4:1b:ec:1c:4e:15:21:
98:13:69:9f:51:11:2b:bc:61:26:a0:df:6d:74:b3:
70:22:0f:ea:3f:21:3f:aa:5b:8c:d2:36:80:d5:48:
04:de:cf:6f:ba:50:4c:d6:e7:77:7f:1d:df:0a:ae:
1b:03:e0:d3:dc:09:d8:a6:42:47:5b:b6:68:9c:8f:
67:04:0a:62:b3:02:42:e9:41:5d:c3:13:b8:e4:95:
a9:92:97:92:88:7f:ae:f4:ec:46:ec:5e:70:ff:f9:
49:09:69:36:82:c8:f6:9c:1c:3d:24:0d:f5:9c:e3:
35:f4:2a:4e:b4:e6:6c:51:77:a9:15:3e:84:69:1d:
e3:71:c8:e5:19:4a:78:77:74:68:d8:f5:2c:ac:a0:
2e:dd:7d:90:7f:d9:01:60:01:93:2a:a8:19:b1:c4:
54:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:8F:80:E6:FB:1E:0D:B0:C2:D9:84:63:6D:B1:E7:11:38:EF:F9:40
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/aI-A5vseDbDC2YRjbbHnETjv-UA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.108.160.0/21
Signature Algorithm: sha256WithRSAEncryption
7c:4e:b2:7f:f0:9b:98:61:96:d0:df:ea:72:8a:e9:9a:7c:55:
03:88:a9:9a:32:53:bb:f3:2e:4c:22:27:70:f4:9a:fb:44:a2:
03:ee:8a:d8:d9:01:89:31:0b:0e:7c:f8:be:e0:ba:c1:35:ed:
9d:ca:95:db:29:be:99:ec:2d:db:8c:8d:92:4a:c5:6d:36:87:
ec:74:d7:e1:ca:3c:2b:4a:b9:37:38:40:46:be:fe:e8:4c:e5:
c8:99:ea:d4:8a:b5:1d:91:cc:ee:b3:d9:39:3f:61:6c:39:cf:
4d:96:85:b6:81:22:7b:8b:6b:e3:90:59:81:6a:82:e0:fa:ac:
f1:e6:49:4d:1d:35:a9:f1:e3:29:f6:b1:d1:a5:c4:2d:d9:9a:
51:58:52:4a:7b:03:b5:f3:97:9a:63:7c:d6:62:cc:4c:4d:01:
a7:9d:2e:24:c8:37:c3:9f:83:97:64:bd:94:66:d0:b5:d4:dc:
19:c0:b7:b1:4a:62:5e:08:8e:f1:4e:7e:59:07:ed:b2:3b:6d:
bb:40:21:43:88:68:c1:ed:24:5a:d9:90:42:eb:a3:4a:34:01:
dd:ed:0c:8f:23:28:66:4d:72:95:3b:bb:04:b3:1f:a3:23:0b:
5a:30:61:79:e3:36:2a:56:62:cf:20:47:77:7b:15:da:96:ec:
94:dc:43:7b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEzowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTAyMTAx
NDA5MTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY4OEY4MEU2RkIxRTBE
QjBDMkQ5ODQ2MzZEQjFFNzExMzhFRkY5NDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLqOvDyG7MRfNZWe9DsMZYhqfH6XzVQpcN4rMgdHEAUSQRpRVQ
HU7dD1HP6Y2kaWgk3kKQla80a0oXYUZHJSa66TO1TJUySAmRsQAfvaHqd7EuD+61
oQJAke1V/wu9ugJVpBvsHE4VIZgTaZ9RESu8YSag3210s3AiD+o/IT+qW4zSNoDV
SATez2+6UEzW53d/Hd8KrhsD4NPcCdimQkdbtmicj2cECmKzAkLpQV3DE7jklamS
l5KIf6707EbsXnD/+UkJaTaCyPacHD0kDfWc4zX0Kk605mxRd6kVPoRpHeNxyOUZ
Snh3dGjY9SysoC7dfZB/2QFgAZMqqBmxxFQNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUaI+A5vseDbDC2YRjbbHnETjv+UAwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvYUktQTV2c2VEYkRDMllS
amJiSG5FVGp2LVVBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
A3xsoDANBgkqhkiG9w0BAQsFAAOCAQEAfE6yf/CbmGGW0N/qcorpmnxVA4ipmjJT
u/MuTCIncPSa+0SiA+6K2NkBiTELDnz4vuC6wTXtncqV2ym+mewt24yNkkrFbTaH
7HTX4co8K0q5NzhARr7+6EzlyJnq1Iq1HZHM7rPZOT9hbDnPTZaFtoEie4tr45BZ
gWqC4Pqs8eZJTR01qfHjKfax0aXELdmaUVhSSnsDtfOXmmN81mLMTE0Bp50uJMg3
w5+Dl2S9lGbQtdTcGcC3sUpiXgiO8U5+WQftsjttu0AhQ4howe0kWtmQQuujSjQB
3e0MjyMoZk1ylTu7BLMfoyMLWjBheeM2KlZizyBHd3sV2pbslNxDew==
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:01:53 2025 by rpki-client