Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/HmJveha7zwekTQ2YLC_3wZNpEs4.roa
File: HmJveha7zwekTQ2YLC_3wZNpEs4.roa (raw, json)
Hash identifier: kwTHP4kPiSnaZD5Ww1YtJjEveupxUVtBk0xh/ZynvOs=
Subject key identifier: 1E:62:6F:7A:16:BB:CF:07:A4:4D:0D:98:2C:2F:F7:C1:93:69:12:CE
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0EAD
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/HmJveha7zwekTQ2YLC_3wZNpEs4.roa
Signing time: Mon 10 Feb 2025 13:59:46 +0000
ROA not before: Mon 10 Feb 2025 13:59:46 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38843
IP address blocks: 223.27.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3757 (0xead)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 10 13:59:46 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=1E626F7A16BBCF07A44D0D982C2FF7C1936912CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3d:18:09:86:87:a7:a6:1a:72:8d:18:6d:df:
98:ba:22:ae:de:74:9a:53:c2:e3:e0:d0:b1:83:9c:
9e:20:fc:86:41:56:9c:54:fa:5d:a1:5d:50:f0:e5:
6f:23:6a:11:a9:f4:31:91:b0:54:3a:f9:38:a3:87:
de:b6:4b:c4:20:76:51:bd:a6:65:23:95:e8:7b:52:
22:a9:a6:9d:fa:e0:d4:9a:5f:d1:5f:99:7f:ff:66:
ad:a5:e4:23:be:40:7b:e2:ea:46:f6:7e:a0:0e:f7:
ef:c3:1a:36:fb:49:e0:01:06:08:02:7a:55:18:b1:
4a:3f:21:91:10:0b:a2:b6:80:6f:e3:df:ba:db:c2:
1e:f8:b0:df:3e:62:b1:c3:bc:ff:1f:2d:c9:3b:cc:
fb:9f:c4:89:87:38:2d:1e:5c:64:a3:1d:0f:2c:e9:
a2:91:bd:1a:24:b6:d7:62:65:c0:c0:97:c9:07:81:
da:ef:e8:74:23:48:ef:88:13:91:46:fd:79:34:66:
67:2c:8a:b3:a8:2d:7d:14:fb:8f:62:ec:29:60:2a:
e2:49:fa:e5:d3:16:8c:72:08:bc:87:51:87:12:42:
44:ef:0d:f6:50:3e:d8:00:68:54:76:4d:66:65:83:
91:d6:3b:03:79:83:3e:08:6f:09:ee:27:f0:a5:11:
c4:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:62:6F:7A:16:BB:CF:07:A4:4D:0D:98:2C:2F:F7:C1:93:69:12:CE
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/HmJveha7zwekTQ2YLC_3wZNpEs4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.34.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:ce:15:d2:aa:b9:c1:20:db:9f:f4:04:0f:75:32:f0:3f:aa:
53:9c:d1:d0:4f:64:5f:11:bd:92:d2:d9:b1:82:65:08:f1:3e:
9d:39:a2:e0:3e:1f:54:28:bd:02:97:aa:61:51:0d:33:10:8e:
8f:e4:bb:3a:bb:ab:d2:99:31:13:0a:05:d0:21:3c:11:ee:6b:
00:1b:4a:c6:35:47:35:f9:28:7e:b7:a0:34:6f:d6:2e:4a:ec:
1d:48:03:ac:e2:7c:3e:95:70:fb:50:bf:5f:4f:18:dc:70:b6:
20:ba:34:07:ae:c3:d8:42:38:da:5c:36:05:82:56:fc:34:56:
b9:5a:bc:d6:cb:5e:ff:a9:d2:ac:a3:c5:09:fb:62:5e:fb:2e:
16:ec:ab:ed:25:b4:e6:70:44:92:36:13:e6:ed:8c:fc:ec:cf:
fe:ae:a2:27:03:5f:37:36:7d:c9:ca:53:52:0f:95:ce:d6:8e:
3f:94:69:23:93:dd:4a:31:73:ab:da:e2:c2:24:2e:4e:f4:b8:
7a:02:37:34:a6:ef:cc:01:e1:06:9d:8f:77:31:0e:21:2b:8c:
25:75:59:4e:ab:d7:21:75:c9:77:16:41:f1:6a:f7:3c:bc:af:
a9:f0:19:97:9d:95:d8:f1:e4:b5:b9:17:d8:78:21:b2:93:61:
d6:7c:79:0d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDq0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTAyMTAx
MzU5NDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFFNjI2RjdBMTZCQkNG
MDdBNDREMEQ5ODJDMkZGN0MxOTM2OTEyQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmPRgJhoenphpyjRht35i6Iq7edJpTwuPg0LGDnJ4g/IZBVpxU
+l2hXVDw5W8jahGp9DGRsFQ6+Tijh962S8QgdlG9pmUjleh7UiKppp364NSaX9Ff
mX//Zq2l5CO+QHvi6kb2fqAO9+/DGjb7SeABBggCelUYsUo/IZEQC6K2gG/j37rb
wh74sN8+YrHDvP8fLck7zPufxImHOC0eXGSjHQ8s6aKRvRokttdiZcDAl8kHgdrv
6HQjSO+IE5FG/Xk0ZmcsirOoLX0U+49i7ClgKuJJ+uXTFoxyCLyHUYcSQkTvDfZQ
PtgAaFR2TWZlg5HWOwN5gz4IbwnuJ/ClEcQfAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHmJveha7zwekTQ2YLC/3wZNpEs4wHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vSG1KdmVoYTd6d2VrVFEyWUxDXzN3
Wk5wRXM0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bIjAN
BgkqhkiG9w0BAQsFAAOCAQEAjs4V0qq5wSDbn/QED3Uy8D+qU5zR0E9kXxG9ktLZ
sYJlCPE+nTmi4D4fVCi9ApeqYVENMxCOj+S7Orur0pkxEwoF0CE8Ee5rABtKxjVH
NfkofregNG/WLkrsHUgDrOJ8PpVw+1C/X08Y3HC2ILo0B67D2EI42lw2BYJW/DRW
uVq81ste/6nSrKPFCftiXvsuFuyr7SW05nBEkjYT5u2M/OzP/q6iJwNfNzZ9ycpT
Ug+VztaOP5RpI5PdSjFzq9riwiQuTvS4egI3NKbvzAHhBp2PdzEOISuMJXVZTqvX
IXXJdxZB8Wr3PLyvqfAZl52V2PHktbkX2HghspNh1nx5DQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:05:40 2025 by rpki-client