Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/OH7UwwX9xuoHUMdhD3aJkEp8seI.roa
File: OH7UwwX9xuoHUMdhD3aJkEp8seI.roa (raw, json)
Hash identifier: u19Yxg6/Xg1xGEoLvGrvIAKvc857dbFnIz1rs8f89yE=
Subject key identifier: 38:7E:D4:C3:05:FD:C6:EA:07:50:C7:61:0F:76:89:90:4A:7C:B1:E2
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0EBE
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/OH7UwwX9xuoHUMdhD3aJkEp8seI.roa
Signing time: Mon 10 Feb 2025 13:59:50 +0000
ROA not before: Mon 10 Feb 2025 13:59:50 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38843
IP address blocks: 223.27.52.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3774 (0xebe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 10 13:59:50 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=387ED4C305FDC6EA0750C7610F7689904A7CB1E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:91:66:49:b2:b9:8b:aa:38:42:2b:c6:f5:2c:
1b:f1:38:79:c1:df:eb:a8:9d:83:6f:5e:05:e8:ad:
71:7c:df:85:20:24:94:00:7f:c4:30:b2:a0:15:ba:
22:0f:4b:e9:32:5c:c5:7f:d3:b3:8a:06:84:4e:b9:
6c:40:90:83:dd:a9:b7:5e:ca:03:42:6a:0e:c3:a3:
c8:de:c9:63:d6:34:73:cc:53:5c:9b:be:a9:a1:1a:
1e:47:95:a4:6e:c5:b1:06:b4:10:6a:7b:1e:68:cc:
b7:19:a9:d2:a5:a9:67:b8:a6:f6:76:01:02:a9:6e:
ad:ca:6a:91:87:26:f9:c2:06:30:5e:dc:96:e3:02:
25:d0:d2:28:9f:b7:86:df:f8:e1:cf:d7:94:cb:e3:
09:45:d9:3d:b4:5d:ec:4d:37:d9:24:c8:d3:b2:34:
a2:57:84:55:97:63:cf:1a:05:b7:15:da:f4:b3:58:
ab:73:a9:52:20:bc:21:b1:c0:d8:dd:3b:c2:fa:e4:
e7:de:08:cd:3a:0a:56:47:4d:1c:87:37:f1:63:30:
0b:16:e4:48:be:2e:b1:64:1b:1d:c8:75:f4:8e:4d:
b8:f5:65:ab:a1:aa:89:4b:56:3a:32:18:20:2f:e7:
c5:38:08:db:49:bc:0f:4b:57:ee:09:62:71:c3:eb:
50:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7E:D4:C3:05:FD:C6:EA:07:50:C7:61:0F:76:89:90:4A:7C:B1:E2
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/OH7UwwX9xuoHUMdhD3aJkEp8seI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.52.0/22
Signature Algorithm: sha256WithRSAEncryption
29:3a:88:94:16:e6:6d:54:bd:9c:48:3c:1c:82:40:9a:d3:37:
a9:f7:05:42:6b:7e:50:19:4b:16:d8:4f:04:2e:9d:9a:de:af:
9e:dd:02:ac:ab:e3:60:c1:48:ec:9a:58:13:4e:3a:9d:c2:f5:
9d:2f:79:d9:68:36:c9:fd:6b:16:fd:1c:88:54:a7:b3:5c:6a:
f0:6d:f8:5a:d0:0e:6c:e9:fe:8f:7a:20:5f:b1:c5:78:9c:69:
51:5c:40:64:d1:c7:3c:0a:29:14:c9:b1:0a:cd:21:43:98:78:
02:30:3b:f1:b2:6e:31:52:0e:1d:31:1d:e0:7a:ed:d9:ea:51:
bd:cc:87:5f:b3:ba:3b:8d:f9:55:4e:0d:b6:e6:1d:30:83:c1:
79:c5:af:00:75:2e:6d:88:4e:fa:0d:b4:20:50:85:dc:bb:97:
56:31:71:1f:0f:75:04:5a:7c:94:f7:5b:65:bf:c9:f4:dd:f1:
82:12:09:f0:c9:94:92:9a:72:47:71:38:76:b5:6a:a6:38:c9:
d9:6a:ca:f7:89:3c:04:a1:10:7e:38:6a:81:52:e1:ae:cc:19:
31:02:20:f8:64:cb:0a:3b:8a:69:c9:0a:1b:06:60:65:12:d0:
14:cf:21:33:eb:4a:28:55:b9:7a:3e:ba:e0:82:76:a5:6c:62:
7e:4e:ca:95
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDr4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTAyMTAx
MzU5NTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM4N0VENEMzMDVGREM2
RUEwNzUwQzc2MTBGNzY4OTkwNEE3Q0IxRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCkWZJsrmLqjhCK8b1LBvxOHnB3+uonYNvXgXorXF834UgJJQA
f8QwsqAVuiIPS+kyXMV/07OKBoROuWxAkIPdqbdeygNCag7Do8jeyWPWNHPMU1yb
vqmhGh5HlaRuxbEGtBBqex5ozLcZqdKlqWe4pvZ2AQKpbq3KapGHJvnCBjBe3Jbj
AiXQ0iift4bf+OHP15TL4wlF2T20XexNN9kkyNOyNKJXhFWXY88aBbcV2vSzWKtz
qVIgvCGxwNjdO8L65OfeCM06ClZHTRyHN/FjMAsW5Ei+LrFkGx3IdfSOTbj1Zauh
qolLVjoyGCAv58U4CNtJvA9LV+4JYnHD61AVAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUOH7UwwX9xuoHUMdhD3aJkEp8seIwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vT0g3VXd3WDl4dW9IVU1kaEQzYUpr
RXA4c2VJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAt8bNDAN
BgkqhkiG9w0BAQsFAAOCAQEAKTqIlBbmbVS9nEg8HIJAmtM3qfcFQmt+UBlLFthP
BC6dmt6vnt0CrKvjYMFI7JpYE046ncL1nS952Wg2yf1rFv0ciFSns1xq8G34WtAO
bOn+j3ogX7HFeJxpUVxAZNHHPAopFMmxCs0hQ5h4AjA78bJuMVIOHTEd4Hrt2epR
vcyHX7O6O435VU4NtuYdMIPBecWvAHUubYhO+g20IFCF3LuXVjFxHw91BFp8lPdb
Zb/J9N3xghIJ8MmUkppyR3E4drVqpjjJ2WrK94k8BKEQfjhqgVLhrswZMQIg+GTL
CjuKackKGwZgZRLQFM8hM+tKKFW5ej664IJ2pWxifk7KlQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:08:28 2025 by rpki-client