Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/9_FYxsDM01cxt7TmiCJEZ9anpqw.roa
File: 9_FYxsDM01cxt7TmiCJEZ9anpqw.roa (raw, json)
Hash identifier: AGuDMY9JOybnoMkju4ndEMsLYSnnsNAN8Dwzo0B9Z4I=
Subject key identifier: F7:F1:58:C6:C0:CC:D3:57:31:B7:B4:E6:88:22:44:67:D6:A7:A6:AC
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0EBF
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/9_FYxsDM01cxt7TmiCJEZ9anpqw.roa
Signing time: Mon 10 Feb 2025 13:59:50 +0000
ROA not before: Mon 10 Feb 2025 13:59:50 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38843
IP address blocks: 223.27.36.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3775 (0xebf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 10 13:59:50 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=F7F158C6C0CCD35731B7B4E688224467D6A7A6AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:e3:b7:d8:e9:e4:b6:0e:39:67:3e:88:58:b1:
49:62:29:20:9d:71:f8:da:eb:d4:0e:a8:e7:24:3c:
0d:e4:31:91:27:c9:29:e9:65:66:f6:51:c2:00:12:
d7:ae:a6:6a:4e:4f:e3:a6:93:5b:0d:fd:4f:25:d6:
9a:10:d2:20:97:2d:54:67:5a:a4:13:0c:da:9b:65:
71:11:8d:8b:02:bd:51:7b:99:7b:99:8d:32:c9:67:
b2:3c:03:20:93:4f:bd:f4:c2:6d:3f:bb:e9:07:a9:
5f:f1:7f:45:7d:5e:27:a5:e0:9e:b1:fa:02:3b:96:
8e:94:d4:66:ad:26:e0:c1:a3:2e:75:0a:1a:3c:cb:
fd:13:fa:38:5f:de:b2:5b:ee:cf:ff:04:8a:9a:fa:
cd:45:ff:2e:c6:5a:fe:04:b9:e5:91:9a:be:b1:19:
0c:4e:a2:18:89:b2:0f:29:e4:b6:46:a5:66:ab:ed:
86:e4:3a:d5:98:89:4e:01:c6:9d:26:fe:f4:f0:60:
ea:e3:98:fb:00:55:bb:09:79:3e:84:8b:d6:23:98:
88:3f:4b:3b:a3:85:a3:d9:b9:b8:e7:49:2b:40:30:
f0:31:2c:5e:5d:ac:40:09:3d:fa:b3:3e:82:b1:35:
00:38:dd:b0:a4:30:f0:a7:d3:19:0b:eb:4d:31:cb:
3a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:F1:58:C6:C0:CC:D3:57:31:B7:B4:E6:88:22:44:67:D6:A7:A6:AC
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/9_FYxsDM01cxt7TmiCJEZ9anpqw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.36.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:ef:8c:23:50:b7:65:75:06:c5:34:bf:f4:92:bd:40:84:f8:
cf:42:1c:80:6d:e3:d6:4c:99:b0:9d:08:cf:5d:59:f8:4f:c6:
e4:bf:d9:cc:27:15:fc:38:5f:b7:5e:06:8d:f1:76:b7:1c:b9:
77:3c:04:b6:50:8b:a2:5e:c3:62:63:5e:ab:8f:d2:e9:7b:8a:
a8:08:63:fa:5f:e0:5a:0b:39:07:16:d1:1d:16:f3:ae:21:83:
01:08:8a:06:b6:e7:c6:23:72:1e:29:69:63:77:81:4b:e6:3e:
50:de:e5:59:44:bd:4c:67:f2:b5:de:e6:19:34:cb:a7:7f:13:
e2:63:fc:47:cb:6e:9c:92:70:ae:bf:aa:ce:6f:58:b4:1b:6d:
9c:bd:41:bd:be:00:af:e3:8b:55:93:0b:09:21:91:72:78:4a:
f8:05:dc:a1:e1:57:e9:ad:1b:4f:0d:5f:a2:fd:0e:a4:27:1e:
22:b5:9a:f7:c1:87:92:3b:5d:a8:09:a2:f5:27:76:aa:e1:3d:
6c:fe:ad:f3:70:ba:bd:bb:b1:74:1b:85:34:f9:16:44:04:88:
68:78:16:c4:3b:d7:36:f1:bf:36:f1:66:c6:ac:66:6a:ec:98:
9c:56:c2:31:6b:0e:88:8e:e0:8b:51:ef:7c:33:12:c8:20:3a:
e6:b7:fc:16
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDr8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTAyMTAx
MzU5NTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEY3RjE1OEM2QzBDQ0Qz
NTczMUI3QjRFNjg4MjI0NDY3RDZBN0E2QUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDy47fY6eS2DjlnPohYsUliKSCdcfja69QOqOckPA3kMZEnySnp
ZWb2UcIAEteupmpOT+Omk1sN/U8l1poQ0iCXLVRnWqQTDNqbZXERjYsCvVF7mXuZ
jTLJZ7I8AyCTT730wm0/u+kHqV/xf0V9Xiel4J6x+gI7lo6U1GatJuDBoy51Cho8
y/0T+jhf3rJb7s//BIqa+s1F/y7GWv4EueWRmr6xGQxOohiJsg8p5LZGpWar7Ybk
OtWYiU4Bxp0m/vTwYOrjmPsAVbsJeT6Ei9YjmIg/SzujhaPZubjnSStAMPAxLF5d
rEAJPfqzPoKxNQA43bCkMPCn0xkL600xyzqfAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU9/FYxsDM01cxt7TmiCJEZ9anpqwwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vOV9GWXhzRE0wMWN4dDdUbWlDSkVa
OWFucHF3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAt8bJDAN
BgkqhkiG9w0BAQsFAAOCAQEAnu+MI1C3ZXUGxTS/9JK9QIT4z0IcgG3j1kyZsJ0I
z11Z+E/G5L/ZzCcV/Dhft14GjfF2txy5dzwEtlCLol7DYmNeq4/S6XuKqAhj+l/g
Wgs5BxbRHRbzriGDAQiKBrbnxiNyHilpY3eBS+Y+UN7lWUS9TGfytd7mGTTLp38T
4mP8R8tunJJwrr+qzm9YtBttnL1Bvb4Ar+OLVZMLCSGRcnhK+AXcoeFX6a0bTw1f
ov0OpCceIrWa98GHkjtdqAmi9Sd2quE9bP6t83C6vbuxdBuFNPkWRASIaHgWxDvX
NvG/NvFmxqxmauyYnFbCMWsOiI7gi1HvfDMSyCA65rf8Fg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:07:23 2025 by rpki-client