Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/kcr8vu8qHvenMIZ8-FpJ3LkDTLQ.roa
File: kcr8vu8qHvenMIZ8-FpJ3LkDTLQ.roa (raw, json)
Hash identifier: +K5wQsYry/GYyeKcPeDrBELIVLmpf3P7fdIU39YkVDU=
Subject key identifier: 91:CA:FC:BE:EF:2A:1E:F7:A7:30:86:7C:F8:5A:49:DC:B9:03:4C:B4
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0EB5
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/kcr8vu8qHvenMIZ8-FpJ3LkDTLQ.roa
Signing time: Mon 10 Feb 2025 13:59:48 +0000
ROA not before: Mon 10 Feb 2025 13:59:48 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38843
IP address blocks: 223.27.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3765 (0xeb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 10 13:59:48 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=91CAFCBEEF2A1EF7A730867CF85A49DCB9034CB4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:00:39:5e:f7:5f:ea:ad:7b:42:17:9a:94:ca:
16:06:11:4e:02:63:87:47:51:e1:6c:eb:bc:8d:45:
63:34:a1:da:29:52:7d:52:df:e5:23:0d:87:31:b3:
3b:2a:4e:5d:9a:8d:e0:fa:55:05:92:0a:a8:31:be:
f8:db:7e:6f:e9:71:19:ca:69:54:b7:dc:dc:30:0e:
dd:8b:7e:40:c9:d1:87:fb:49:be:08:06:dd:31:b1:
87:33:72:2e:0a:d7:99:f6:3f:d6:cf:02:0b:38:47:
a1:f0:aa:9d:7d:f5:0d:dc:f2:84:12:7c:08:af:14:
80:9b:da:d2:eb:cd:e4:d9:83:0b:7f:fb:56:a7:bf:
5d:14:ef:f3:75:41:c7:df:e2:ff:55:b6:d1:16:57:
dc:d0:43:cc:be:ee:a9:ad:88:88:d1:60:50:70:10:
19:db:36:60:80:78:b1:d0:b0:d4:2a:cd:4b:6a:5e:
a6:4f:d0:81:44:ab:a4:dd:57:06:61:a3:3d:98:03:
d7:ff:65:83:e9:68:62:60:62:2d:df:07:c1:d1:a2:
69:52:e0:56:f9:08:94:de:9d:58:d7:d4:85:01:6a:
96:10:af:bd:7d:7a:8d:17:b8:b7:e2:97:46:41:59:
fa:9e:d4:fe:25:96:e6:b9:d4:a4:25:30:81:49:6f:
d2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:CA:FC:BE:EF:2A:1E:F7:A7:30:86:7C:F8:5A:49:DC:B9:03:4C:B4
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/kcr8vu8qHvenMIZ8-FpJ3LkDTLQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.39.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:69:3a:6f:58:ca:69:6a:1c:ca:ae:40:27:95:c2:a5:18:2e:
2a:b0:bc:b4:94:7e:cf:b2:a2:b2:a6:3c:b9:e0:fa:1c:e3:43:
cc:b5:81:59:06:eb:21:05:24:ed:08:0f:38:d2:46:aa:6e:f9:
03:2b:23:ca:a0:4b:36:e7:10:2b:0f:af:aa:57:53:84:1b:21:
29:b0:5a:f7:93:65:17:1e:63:94:5b:18:6f:91:10:71:fe:a0:
a0:a3:43:94:61:cc:2d:30:58:10:98:2b:e7:6b:96:5f:f6:7a:
a6:a0:94:e1:08:37:50:62:69:d0:d4:06:04:63:e8:cc:10:fa:
43:b8:7f:6c:ee:c3:b3:66:56:e9:31:1c:66:e2:e1:bd:3d:38:
0d:dc:db:59:33:c8:b8:8c:aa:34:90:47:47:4d:64:6e:55:02:
ab:7e:70:b2:c2:a4:be:1c:43:63:67:28:93:21:1f:8b:9e:eb:
69:d2:17:22:c4:8d:6e:3e:06:fd:f3:5a:e8:f2:70:47:c9:eb:
69:44:27:03:49:2f:32:ec:ee:62:03:d9:89:9f:54:4f:43:4f:
7b:0b:81:f4:37:7b:5d:25:90:4c:6b:01:88:87:39:12:aa:a3:
b4:0c:8e:da:ff:ad:37:10:f1:9a:cc:c9:88:66:79:73:f0:d2:
bd:67:f2:73
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDrUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTAyMTAx
MzU5NDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDkxQ0FGQ0JFRUYyQTFF
RjdBNzMwODY3Q0Y4NUE0OURDQjkwMzRDQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsADle91/qrXtCF5qUyhYGEU4CY4dHUeFs67yNRWM0odopUn1S
3+UjDYcxszsqTl2ajeD6VQWSCqgxvvjbfm/pcRnKaVS33NwwDt2LfkDJ0Yf7Sb4I
Bt0xsYczci4K15n2P9bPAgs4R6Hwqp199Q3c8oQSfAivFICb2tLrzeTZgwt/+1an
v10U7/N1Qcff4v9VttEWV9zQQ8y+7qmtiIjRYFBwEBnbNmCAeLHQsNQqzUtqXqZP
0IFEq6TdVwZhoz2YA9f/ZYPpaGJgYi3fB8HRomlS4Fb5CJTenVjX1IUBapYQr719
eo0XuLfil0ZBWfqe1P4llua51KQlMIFJb9KNAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUkcr8vu8qHvenMIZ8+FpJ3LkDTLQwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8va2NyOHZ1OHFIdmVuTUlaOC1GcEoz
TGtEVExRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bJzAN
BgkqhkiG9w0BAQsFAAOCAQEArGk6b1jKaWocyq5AJ5XCpRguKrC8tJR+z7KisqY8
ueD6HONDzLWBWQbrIQUk7QgPONJGqm75AysjyqBLNucQKw+vqldThBshKbBa95Nl
Fx5jlFsYb5EQcf6goKNDlGHMLTBYEJgr52uWX/Z6pqCU4Qg3UGJp0NQGBGPozBD6
Q7h/bO7Ds2ZW6TEcZuLhvT04DdzbWTPIuIyqNJBHR01kblUCq35wssKkvhxDY2co
kyEfi57radIXIsSNbj4G/fNa6PJwR8nraUQnA0kvMuzuYgPZiZ9UT0NPewuB9Dd7
XSWQTGsBiIc5EqqjtAyO2v+tNxDxmszJiGZ5c/DSvWfycw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:08:27 2025 by rpki-client