Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/CzAvUYB_ak-FB_nKXz__ZEae0Z4.roa
File: CzAvUYB_ak-FB_nKXz__ZEae0Z4.roa (raw, json)
Hash identifier: 32vGkjuDgqOjU3LzOjqpNlKqE0OctHGtMXG/3gfJnq8=
Subject key identifier: 0B:30:2F:51:80:7F:6A:4F:85:07:F9:CA:5F:3F:FF:64:46:9E:D1:9E
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0EB4
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/CzAvUYB_ak-FB_nKXz__ZEae0Z4.roa
Signing time: Mon 10 Feb 2025 13:59:47 +0000
ROA not before: Mon 10 Feb 2025 13:59:47 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38843
IP address blocks: 223.27.32.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3764 (0xeb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 10 13:59:47 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=0B302F51807F6A4F8507F9CA5F3FFF64469ED19E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:33:b5:60:6b:28:65:7f:da:b4:7b:4a:cd:f0:
b5:c7:fb:52:41:c2:1e:86:e4:dc:75:85:94:60:10:
99:14:fd:f1:16:d9:4d:c5:79:c5:be:e8:de:07:9f:
25:a5:42:a4:54:67:58:a1:a6:6e:60:87:23:d8:a7:
58:14:1b:5a:e5:06:d0:49:8f:95:df:6c:2c:cb:6e:
04:fd:fa:50:fb:9b:49:dd:a5:59:35:12:c7:df:dd:
42:ac:ca:12:25:c4:0b:98:d2:e1:55:d8:c4:b1:e9:
0b:8a:13:b2:8e:b6:f8:1b:2e:76:0d:86:e5:45:5e:
b0:bd:5d:71:d7:e8:cc:36:b5:07:37:29:ac:61:ed:
df:ad:f1:2e:49:fc:81:f9:e8:50:61:12:fe:73:0b:
7b:ca:33:85:db:8b:09:0d:e3:17:da:fc:09:fd:b0:
00:d0:98:af:4d:29:40:9a:7b:0e:c9:bf:65:7a:4d:
79:90:11:e9:0b:87:8a:6f:26:a6:de:62:8d:d9:45:
8b:d2:41:9e:d8:79:5a:43:89:76:51:1f:fa:9e:2b:
ac:d5:11:75:66:90:60:be:0c:a6:22:54:4d:63:b5:
37:7a:c0:ba:65:a7:7d:94:20:69:6e:09:80:46:cc:
e9:d8:61:22:7c:83:6c:23:a3:0c:9c:e8:ea:b5:43:
c5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:30:2F:51:80:7F:6A:4F:85:07:F9:CA:5F:3F:FF:64:46:9E:D1:9E
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/CzAvUYB_ak-FB_nKXz__ZEae0Z4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.32.0/20
Signature Algorithm: sha256WithRSAEncryption
bd:76:3e:8f:cc:fc:ff:55:5e:17:48:da:4b:d3:a7:a4:cd:18:
a4:d9:a5:e6:ce:85:26:36:1a:6f:27:a9:a0:62:30:3a:94:a1:
bb:23:11:ef:e3:77:98:49:b7:b2:4a:0d:6c:58:01:4e:ef:2c:
db:cb:b8:e8:da:7e:25:6e:53:30:01:55:05:3f:db:ac:9c:0c:
86:03:3f:4f:1f:bf:72:db:19:a6:02:58:9b:20:1b:9f:5c:bc:
3f:0e:e2:85:f5:2c:67:ab:9e:39:d0:53:c4:b1:18:ea:c5:a6:
40:f5:ca:34:11:19:5a:84:1d:3b:d2:5e:9e:70:21:0e:37:d0:
7b:94:f1:d9:cd:42:12:9b:fe:32:7e:60:86:b4:c8:6a:3d:0e:
3f:ae:62:60:ff:1f:58:8c:53:6e:3e:ce:85:36:33:3e:f2:b6:
f8:6f:fc:5f:35:c5:56:fb:8a:76:8a:07:66:00:a2:12:ee:dd:
a8:1b:cb:c2:d3:b6:e9:d5:0a:d1:25:08:33:b3:94:a5:31:19:
0e:6e:44:e4:12:f6:69:84:f3:dc:43:e8:eb:39:5a:ab:6b:2e:
5c:12:ab:fe:fd:e8:ae:eb:bc:27:09:de:3f:d0:f6:a3:49:8e:
1b:2a:a7:ba:52:78:74:3c:af:b0:9e:fc:11:5e:d6:ba:ce:3c:
f7:2f:f8:48
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDrQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTAyMTAx
MzU5NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBCMzAyRjUxODA3RjZB
NEY4NTA3RjlDQTVGM0ZGRjY0NDY5RUQxOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyM7Vgayhlf9q0e0rN8LXH+1JBwh6G5Nx1hZRgEJkU/fEW2U3F
ecW+6N4HnyWlQqRUZ1ihpm5ghyPYp1gUG1rlBtBJj5XfbCzLbgT9+lD7m0ndpVk1
Esff3UKsyhIlxAuY0uFV2MSx6QuKE7KOtvgbLnYNhuVFXrC9XXHX6Mw2tQc3Kaxh
7d+t8S5J/IH56FBhEv5zC3vKM4XbiwkN4xfa/An9sADQmK9NKUCaew7Jv2V6TXmQ
EekLh4pvJqbeYo3ZRYvSQZ7YeVpDiXZRH/qeK6zVEXVmkGC+DKYiVE1jtTd6wLpl
p32UIGluCYBGzOnYYSJ8g2wjowyc6Oq1Q8XdAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUCzAvUYB/ak+FB/nKXz//ZEae0Z4wHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vQ3pBdlVZQl9hay1GQl9uS1h6X19a
RWFlMFo0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBN8bIDAN
BgkqhkiG9w0BAQsFAAOCAQEAvXY+j8z8/1VeF0jaS9OnpM0YpNml5s6FJjYabyep
oGIwOpShuyMR7+N3mEm3skoNbFgBTu8s28u46Np+JW5TMAFVBT/brJwMhgM/Tx+/
ctsZpgJYmyAbn1y8Pw7ihfUsZ6ueOdBTxLEY6sWmQPXKNBEZWoQdO9JennAhDjfQ
e5Tx2c1CEpv+Mn5ghrTIaj0OP65iYP8fWIxTbj7OhTYzPvK2+G/8XzXFVvuKdooH
ZgCiEu7dqBvLwtO26dUK0SUIM7OUpTEZDm5E5BL2aYTz3EPo6zlaq2suXBKr/v3o
ruu8JwneP9D2o0mOGyqnulJ4dDyvsJ78EV7Wus489y/4SA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:05:40 2025 by rpki-client