Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/jlAFffAAdq5_g1Cg6UdYNTUEbnw.roa
File: jlAFffAAdq5_g1Cg6UdYNTUEbnw.roa (raw, json)
Hash identifier: U1xcRWKqQHAdPasuw6C0WoBf6X9FH1uOqNS09E9fh3o=
Subject key identifier: 8E:50:05:7D:F0:00:76:AE:7F:83:50:A0:E9:47:58:35:35:04:6E:7C
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0EC4
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/jlAFffAAdq5_g1Cg6UdYNTUEbnw.roa
Signing time: Mon 10 Feb 2025 13:59:52 +0000
ROA not before: Mon 10 Feb 2025 13:59:52 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38843
IP address blocks: 223.27.37.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3780 (0xec4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 10 13:59:52 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8E50057DF00076AE7F8350A0E947583535046E7C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:98:c9:a7:94:19:f8:29:66:c4:32:3b:8e:6a:
65:8b:ec:e1:33:3e:96:d3:a0:07:b6:3d:7f:c6:15:
70:22:44:84:92:68:ab:f0:4e:ce:e3:4f:a9:59:09:
5a:2e:bf:2b:12:9c:cb:f3:71:1d:f4:be:fc:3f:19:
a7:ab:4e:a8:fd:ab:c2:72:41:69:6a:7b:ae:7c:c9:
16:57:6e:42:3c:0f:f8:b5:29:7d:02:fc:32:88:bb:
5e:02:9c:54:7c:eb:20:80:54:b8:78:a9:6e:be:7b:
67:dd:a0:8a:b9:45:45:bf:52:97:09:34:5a:45:a4:
38:e0:01:78:f3:2b:20:74:e1:4c:37:45:ad:6f:67:
cf:df:67:6e:7a:f0:25:ec:d6:7d:2d:23:8d:f6:dd:
8a:eb:a7:37:5e:72:01:38:4e:6c:dd:d5:9e:a4:6f:
95:d8:94:4c:04:78:01:08:3f:9d:c5:98:48:81:03:
ae:15:f1:4f:95:54:ac:61:b2:2b:6d:f0:c9:fc:d8:
d1:40:88:8b:ef:d8:c0:6d:e1:e7:4b:61:0c:66:c3:
b1:d6:47:c3:f5:e3:75:61:4f:2e:ae:44:54:0e:4e:
c4:e7:d2:51:0e:aa:65:b6:a1:be:b6:47:08:77:1a:
68:af:86:2f:65:78:89:c5:ce:04:d1:21:d8:2b:72:
7a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:50:05:7D:F0:00:76:AE:7F:83:50:A0:E9:47:58:35:35:04:6E:7C
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/jlAFffAAdq5_g1Cg6UdYNTUEbnw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.37.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:1d:a4:61:6a:a7:11:ad:65:a6:8b:a3:ef:c0:56:c6:af:6e:
22:a6:b7:c8:62:bb:cb:21:4d:6a:0c:22:43:81:10:89:1d:9d:
07:46:8d:01:36:19:67:7b:64:b9:d7:e1:2d:31:74:0f:c2:2c:
5b:e6:a4:04:55:9b:f5:2e:85:94:a3:9a:d5:f1:71:38:b6:2d:
57:19:2a:97:aa:bb:5b:41:b0:a1:b3:ec:bf:63:ae:a1:ac:4a:
c6:a4:75:8e:25:7f:1f:a0:0a:a2:98:4e:6d:a8:20:5a:8b:28:
a7:51:5e:e0:a8:45:00:3e:be:01:f1:4b:1f:54:81:fb:e3:36:
43:37:ad:cf:27:92:cd:95:d1:15:59:b9:d0:63:e2:6f:94:7b:
19:60:ca:97:fe:1a:82:f7:78:de:84:bf:0c:4f:27:c8:95:9a:
57:32:ff:e1:1e:ae:ca:1a:ca:03:b7:56:3a:68:83:0d:0c:61:
20:a2:95:08:a5:25:b2:18:14:94:22:ad:ca:9a:55:f0:30:2e:
73:67:66:ed:0b:53:cf:d4:22:d2:bf:be:ce:11:b6:8d:d4:29:
ed:2a:63:80:b7:93:72:71:03:fe:f1:6a:1b:90:ac:46:4a:7c:
e4:1d:7c:da:7a:98:03:f0:30:af:25:23:0e:94:c7:5f:38:7d:
84:21:a1:18
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDsQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTAyMTAx
MzU5NTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhFNTAwNTdERjAwMDc2
QUU3RjgzNTBBMEU5NDc1ODM1MzUwNDZFN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCemMmnlBn4KWbEMjuOamWL7OEzPpbToAe2PX/GFXAiRISSaKvw
Ts7jT6lZCVouvysSnMvzcR30vvw/GaerTqj9q8JyQWlqe658yRZXbkI8D/i1KX0C
/DKIu14CnFR86yCAVLh4qW6+e2fdoIq5RUW/UpcJNFpFpDjgAXjzKyB04Uw3Ra1v
Z8/fZ2568CXs1n0tI4323YrrpzdecgE4Tmzd1Z6kb5XYlEwEeAEIP53FmEiBA64V
8U+VVKxhsitt8Mn82NFAiIvv2MBt4edLYQxmw7HWR8P143VhTy6uRFQOTsTn0lEO
qmW2ob62Rwh3Gmivhi9leInFzgTRIdgrcno5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUjlAFffAAdq5/g1Cg6UdYNTUEbnwwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vamxBRmZmQUFkcTVfZzFDZzZVZFlO
VFVFYm53LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bJTAN
BgkqhkiG9w0BAQsFAAOCAQEASh2kYWqnEa1lpouj78BWxq9uIqa3yGK7yyFNagwi
Q4EQiR2dB0aNATYZZ3tkudfhLTF0D8IsW+akBFWb9S6FlKOa1fFxOLYtVxkql6q7
W0GwobPsv2OuoaxKxqR1jiV/H6AKophObaggWosop1Fe4KhFAD6+AfFLH1SB++M2
QzetzyeSzZXRFVm50GPib5R7GWDKl/4agvd43oS/DE8nyJWaVzL/4R6uyhrKA7dW
OmiDDQxhIKKVCKUlshgUlCKtyppV8DAuc2dm7QtTz9Qi0r++zhG2jdQp7SpjgLeT
cnED/vFqG5CsRkp85B182nqYA/AwryUjDpTHXzh9hCGhGA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:08:27 2025 by rpki-client