Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/2HCQfSyt5oglgWzS3sKJcbMjc0A.roa
File: 2HCQfSyt5oglgWzS3sKJcbMjc0A.roa (raw, json)
Hash identifier: p8xOHuDDLdDd9wodLnNR/UKRYqlbw1fYxYbtKqj4BLY=
Subject key identifier: D8:70:90:7D:2C:AD:E6:88:25:81:6C:D2:DE:C2:89:71:B3:23:73:40
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0EA1
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/2HCQfSyt5oglgWzS3sKJcbMjc0A.roa
Signing time: Mon 10 Feb 2025 13:59:44 +0000
ROA not before: Mon 10 Feb 2025 13:59:44 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38843
IP address blocks: 223.27.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3745 (0xea1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 10 13:59:44 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D870907D2CADE68825816CD2DEC28971B3237340
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ec:8f:60:58:bb:93:97:52:0f:b7:39:98:e2:
23:5b:d6:c1:44:93:24:76:14:50:a9:d3:d9:83:b9:
5d:7f:0c:5c:8d:ee:38:e8:d0:3b:76:f1:ab:d9:b0:
04:2a:2b:c1:37:e0:9d:7e:d0:8d:b4:1e:fd:9e:05:
0f:c4:ab:64:27:6e:2d:22:0b:60:0a:09:97:c6:4e:
dc:f5:0f:f9:6a:81:1c:dd:8f:5b:93:1c:54:62:76:
89:cb:05:5f:22:2c:a6:7f:c1:bb:e0:e2:8f:47:2c:
30:e9:c8:07:52:96:65:f8:65:72:3c:52:d9:bf:0f:
24:30:9d:0b:08:2e:16:16:c2:c8:c1:0d:e6:41:b6:
8f:d9:2b:34:3a:50:a1:16:63:2b:2d:c8:58:77:b4:
28:1c:04:cb:10:06:c5:11:fd:a2:d4:66:27:b5:1c:
3d:40:78:a1:84:f1:0c:84:2f:45:31:e6:29:a4:4d:
cc:f5:98:8e:e8:39:86:b2:fc:f7:c7:81:04:9d:2a:
a8:fc:73:e8:aa:06:f6:37:58:85:67:7b:b7:3e:67:
13:61:2c:5f:75:10:f0:34:86:6e:f2:06:1d:40:31:
81:14:50:ab:7d:8c:e1:c5:9d:a3:49:f9:c6:a5:0d:
4b:60:4d:03:bc:d2:df:2c:a7:8b:73:4b:8b:e3:e2:
4d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:70:90:7D:2C:AD:E6:88:25:81:6C:D2:DE:C2:89:71:B3:23:73:40
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/2HCQfSyt5oglgWzS3sKJcbMjc0A.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.50.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:d7:ac:bf:7a:2c:b5:58:50:1b:7d:0a:54:71:f5:4f:b6:ab:
27:b7:85:a5:b2:c2:75:a5:25:b4:fc:37:31:e4:61:d1:08:47:
35:50:76:47:6a:a2:e9:99:45:0d:40:ca:59:12:d8:a9:49:9d:
0c:6a:f1:8d:15:ed:68:17:eb:e4:bc:b9:40:78:b0:e4:bf:32:
50:bf:6b:5f:d8:3c:95:4e:f8:90:50:76:48:85:14:a1:f8:fc:
5b:fc:1f:fb:ad:55:76:64:7e:62:b3:57:30:ea:62:29:e1:4e:
55:b7:62:67:81:27:37:d7:30:f1:81:78:7b:75:2b:ce:06:bf:
81:0c:55:ea:cd:74:8a:23:2b:a2:64:73:96:97:02:af:e6:a9:
61:3a:aa:f8:53:92:23:6f:66:12:f5:58:2a:e4:05:6f:f4:0c:
3e:a9:e9:13:75:9b:0f:6b:d5:70:64:79:9f:28:b1:e6:e6:f9:
09:cb:48:c8:33:0b:bb:c5:0e:16:59:a3:14:7b:ce:8a:d4:e9:
bc:25:55:c2:8b:2d:68:57:f9:3c:ad:b3:23:2f:d6:41:71:a6:
1d:78:80:a6:1f:77:80:f3:24:a9:08:2b:4d:27:f4:8b:de:10:
bd:8f:c6:f9:fb:17:02:8e:38:0a:d2:d3:af:1f:c1:2d:f7:f4:
f6:86:1d:dc
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDqEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTAyMTAx
MzU5NDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ4NzA5MDdEMkNBREU2
ODgyNTgxNkNEMkRFQzI4OTcxQjMyMzczNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE7I9gWLuTl1IPtzmY4iNb1sFEkyR2FFCp09mDuV1/DFyN7jjo
0Dt28avZsAQqK8E34J1+0I20Hv2eBQ/Eq2Qnbi0iC2AKCZfGTtz1D/lqgRzdj1uT
HFRidonLBV8iLKZ/wbvg4o9HLDDpyAdSlmX4ZXI8Utm/DyQwnQsILhYWwsjBDeZB
to/ZKzQ6UKEWYystyFh3tCgcBMsQBsUR/aLUZie1HD1AeKGE8QyEL0Ux5imkTcz1
mI7oOYay/PfHgQSdKqj8c+iqBvY3WIVne7c+ZxNhLF91EPA0hm7yBh1AMYEUUKt9
jOHFnaNJ+calDUtgTQO80t8sp4tzS4vj4k1rAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU2HCQfSyt5oglgWzS3sKJcbMjc0AwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vMkhDUWZTeXQ1b2dsZ1d6UzNzS0pj
Yk1qYzBBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bMjAN
BgkqhkiG9w0BAQsFAAOCAQEAW9esv3ostVhQG30KVHH1T7arJ7eFpbLCdaUltPw3
MeRh0QhHNVB2R2qi6ZlFDUDKWRLYqUmdDGrxjRXtaBfr5Ly5QHiw5L8yUL9rX9g8
lU74kFB2SIUUofj8W/wf+61VdmR+YrNXMOpiKeFOVbdiZ4EnN9cw8YF4e3Urzga/
gQxV6s10iiMromRzlpcCr+apYTqq+FOSI29mEvVYKuQFb/QMPqnpE3WbD2vVcGR5
nyix5ub5CctIyDMLu8UOFlmjFHvOitTpvCVVwostaFf5PK2zIy/WQXGmHXiAph93
gPMkqQgrTSf0i94QvY/G+fsXAo44CtLTrx/BLff09oYd3A==
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:07:23 2025 by rpki-client