Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/QRyZHxPyo2h8Wom5upurslM7rlo.roa
File: QRyZHxPyo2h8Wom5upurslM7rlo.roa (raw, json)
Hash identifier: cSEo1H5ICV4XCQBxebVxZlJp8wiNKDIBRqwq3gO8hfM=
Subject key identifier: 41:1C:99:1F:13:F2:A3:68:7C:5A:89:B9:BA:9B:AB:B2:53:3B:AE:5A
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0EAA
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/QRyZHxPyo2h8Wom5upurslM7rlo.roa
Signing time: Mon 10 Feb 2025 13:59:45 +0000
ROA not before: Mon 10 Feb 2025 13:59:45 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38843
IP address blocks: 223.27.53.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3754 (0xeaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 10 13:59:45 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=411C991F13F2A3687C5A89B9BA9BABB2533BAE5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6e:81:94:37:be:98:8b:9d:8e:b9:d4:31:2a:
dc:62:dd:4d:f1:ae:da:bd:e8:47:d4:d1:44:99:6b:
0a:29:d1:97:9d:1b:b7:b4:a7:bc:65:8a:69:19:65:
d2:3c:70:20:50:74:f3:12:75:c6:d0:97:e4:7f:e4:
40:23:f9:b6:6b:b5:b7:f4:53:e0:ee:19:3c:fd:3c:
63:01:c7:d7:5f:8e:10:50:c0:f5:68:dd:e2:01:4b:
ce:b5:fa:4a:fc:50:b2:99:ac:0c:42:f8:72:d1:06:
b5:76:73:0c:94:ea:08:8c:f1:50:a4:bb:e6:3d:d0:
94:9a:18:87:64:f0:76:a1:bc:22:b4:92:b0:1a:4e:
4f:5c:53:6e:c6:cb:e0:54:e8:97:78:e4:3f:a0:11:
dd:8a:db:f1:2b:d4:61:bd:11:de:bd:71:ce:6a:48:
5b:71:20:37:de:47:a0:b7:15:10:e9:77:d1:1d:2e:
55:d6:b8:36:fd:d9:a1:99:a4:88:83:8a:72:f1:b2:
15:7b:b3:55:9f:dc:97:c8:fe:fc:4a:c8:6e:c6:e1:
c0:db:24:be:c5:75:43:66:14:a7:7e:b6:8c:25:da:
59:bf:6a:b1:b2:ae:a2:1e:23:56:e6:9b:c0:f9:f0:
a2:d3:2d:3e:f7:c0:cd:79:5a:e1:0f:3b:a3:b1:b9:
30:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:1C:99:1F:13:F2:A3:68:7C:5A:89:B9:BA:9B:AB:B2:53:3B:AE:5A
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/QRyZHxPyo2h8Wom5upurslM7rlo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.53.0/24
Signature Algorithm: sha256WithRSAEncryption
80:12:5f:21:28:91:08:c0:ed:9a:7e:a8:f9:a6:96:26:73:cf:
e5:7b:aa:b1:e9:37:ed:b1:16:74:d1:a6:7f:09:16:06:59:36:
ce:93:fe:9f:89:8d:2c:fc:5c:59:d5:74:6d:e8:be:21:bc:c6:
d0:48:fa:be:18:85:c9:ba:96:e0:cd:50:03:49:bc:91:d8:a8:
71:23:ed:72:88:d9:3d:fe:08:9f:42:64:5e:ad:f1:c7:9c:b6:
d2:4c:34:14:97:0e:2f:cd:ee:78:48:d2:5a:b9:ba:a5:3f:bf:
ff:b1:b2:a8:aa:bf:09:f5:c2:44:ba:24:68:88:66:6c:9d:ac:
40:0d:20:fa:eb:88:8a:fd:ae:57:95:71:2e:5e:a8:93:60:4d:
02:62:96:8e:1d:d8:22:4b:56:eb:c1:94:e4:83:e3:ef:48:1a:
19:b3:06:34:59:01:ed:a3:d2:b5:24:6c:9b:c3:e4:56:9c:97:
e9:ad:ab:ec:c4:43:82:f3:c0:e5:c1:35:6c:3d:5c:35:43:40:
99:8f:72:b7:22:1d:3a:9e:af:6d:84:5f:e0:ac:c3:41:f0:c3:
e6:a8:f7:d3:d5:cf:7d:73:a0:e6:14:66:f4:cf:49:5d:a3:a4:
6e:38:86:a7:fc:3c:9c:6c:ca:35:1b:6b:a5:6f:56:d2:af:d6:
cd:6e:3b:eb
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDqowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTAyMTAx
MzU5NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQxMUM5OTFGMTNGMkEz
Njg3QzVBODlCOUJBOUJBQkIyNTMzQkFFNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIboGUN76Yi52OudQxKtxi3U3xrtq96EfU0USZawop0ZedG7e0
p7xlimkZZdI8cCBQdPMSdcbQl+R/5EAj+bZrtbf0U+DuGTz9PGMBx9dfjhBQwPVo
3eIBS861+kr8ULKZrAxC+HLRBrV2cwyU6giM8VCku+Y90JSaGIdk8HahvCK0krAa
Tk9cU27Gy+BU6Jd45D+gEd2K2/Er1GG9Ed69cc5qSFtxIDfeR6C3FRDpd9EdLlXW
uDb92aGZpIiDinLxshV7s1Wf3JfI/vxKyG7G4cDbJL7FdUNmFKd+towl2lm/arGy
rqIeI1bmm8D58KLTLT73wM15WuEPO6OxuTCJAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUQRyZHxPyo2h8Wom5upurslM7rlowHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vUVJ5Wkh4UHlvMmg4V29tNXVwdXJz
bE03cmxvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bNTAN
BgkqhkiG9w0BAQsFAAOCAQEAgBJfISiRCMDtmn6o+aaWJnPP5Xuqsek37bEWdNGm
fwkWBlk2zpP+n4mNLPxcWdV0bei+IbzG0Ej6vhiFybqW4M1QA0m8kdiocSPtcojZ
Pf4In0JkXq3xx5y20kw0FJcOL83ueEjSWrm6pT+//7GyqKq/CfXCRLokaIhmbJ2s
QA0g+uuIiv2uV5VxLl6ok2BNAmKWjh3YIktW68GU5IPj70gaGbMGNFkB7aPStSRs
m8PkVpyX6a2r7MRDgvPA5cE1bD1cNUNAmY9ytyIdOp6vbYRf4KzDQfDD5qj309XP
fXOg5hRm9M9JXaOkbjiGp/w8nGzKNRtrpW9W0q/WzW476w==
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:08:27 2025 by rpki-client