Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/xB23OfCSz-ZwERhSz5jjo8QDC60.roa
File: xB23OfCSz-ZwERhSz5jjo8QDC60.roa (raw, json)
Hash identifier: 1GdijUKpR3AmXZACOQmfOgk8nDEvWjU59CuH3lXsrxA=
Subject key identifier: C4:1D:B7:39:F0:92:CF:E6:70:11:18:52:CF:98:E3:A3:C4:03:0B:AD
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0EA9
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/xB23OfCSz-ZwERhSz5jjo8QDC60.roa
Signing time: Mon 10 Feb 2025 13:59:45 +0000
ROA not before: Mon 10 Feb 2025 13:59:45 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38843
IP address blocks: 223.27.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3753 (0xea9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 10 13:59:45 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C41DB739F092CFE670111852CF98E3A3C4030BAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:25:ef:f6:1f:98:ab:88:48:7a:cc:57:a1:fe:
91:ea:f0:20:e2:77:f7:79:64:ba:63:a1:f9:c7:cc:
1c:88:e7:c5:17:1d:40:72:7e:48:55:f0:70:e4:12:
39:28:46:d3:1e:08:29:48:ee:4b:7a:72:ac:5c:4e:
96:24:9d:58:c4:f0:6f:53:3e:a3:81:eb:f6:9d:c2:
de:8e:84:c7:f6:61:f3:2b:03:16:34:f0:37:e4:6e:
21:9b:a5:8a:d6:bc:d9:81:3d:e6:e0:45:2e:3a:e7:
66:79:3e:51:c6:a9:ee:29:35:82:44:f3:0a:1c:22:
58:c2:c7:b9:3e:e8:8d:1d:e6:39:7d:fb:85:5f:f4:
07:17:b9:8e:ac:31:b7:02:40:9b:6e:44:49:11:05:
e5:9d:14:15:38:26:18:c2:b0:f4:cf:12:6d:8f:8d:
94:bc:63:73:3b:57:76:1d:8a:9c:5c:ca:99:b3:18:
74:ca:31:95:1e:a1:59:a0:a6:e9:ae:cb:f9:d3:18:
b3:3e:f0:7f:f7:cf:83:60:f5:ca:32:a1:3c:3b:a1:
df:28:65:1e:98:d0:bb:80:30:e6:85:af:93:ab:ed:
4b:7a:b0:a9:10:bb:cb:dd:81:2d:fa:da:b6:d3:56:
c9:2b:e3:3d:b9:71:87:4b:de:7d:34:ab:e6:0b:1f:
52:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:1D:B7:39:F0:92:CF:E6:70:11:18:52:CF:98:E3:A3:C4:03:0B:AD
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/xB23OfCSz-ZwERhSz5jjo8QDC60.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.35.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:4c:07:e8:61:a0:a0:00:e9:09:33:11:5b:5a:ae:a1:f8:5d:
4f:f8:94:76:8a:37:6a:f4:d8:ee:ac:0a:eb:4c:6d:22:ea:a9:
d3:4b:76:7a:ac:2c:ae:86:34:02:69:33:3a:04:43:2e:c3:71:
a5:93:fb:0a:7a:ee:dd:38:ab:e8:47:14:e9:50:ea:2f:e9:fc:
15:02:87:84:08:59:ee:e8:f0:8d:c7:c9:24:5c:c1:7f:13:5c:
0b:6e:ef:56:53:21:c5:80:ac:e3:57:36:2d:70:20:8c:0c:70:
e9:22:38:a5:5b:12:78:72:25:84:c0:93:19:47:19:58:33:2b:
7f:17:3f:f0:6e:95:37:86:ee:fc:ad:91:5a:86:43:61:78:4e:
c2:15:57:50:a2:07:a7:c1:e9:f7:db:b6:bb:fe:34:dc:73:78:
c1:77:df:c3:e2:d4:5d:dc:89:61:9f:31:90:2b:f5:4c:42:fb:
42:5a:ee:9a:a9:06:6b:5f:9b:ad:87:bd:5a:39:aa:83:45:c0:
07:6a:3b:ea:97:5f:da:51:0e:c5:84:66:ef:6d:0c:dd:d8:32:
2f:98:29:61:64:c0:55:fb:7b:66:6b:72:79:9e:79:ec:08:81:
a2:6f:fe:14:25:3d:e3:ab:37:e9:3b:84:79:1c:46:0b:1f:98:
0d:eb:4a:04
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDqkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTAyMTAx
MzU5NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM0MURCNzM5RjA5MkNG
RTY3MDExMTg1MkNGOThFM0EzQzQwMzBCQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzJe/2H5iriEh6zFeh/pHq8CDid/d5ZLpjofnHzByI58UXHUBy
fkhV8HDkEjkoRtMeCClI7kt6cqxcTpYknVjE8G9TPqOB6/adwt6OhMf2YfMrAxY0
8DfkbiGbpYrWvNmBPebgRS4652Z5PlHGqe4pNYJE8wocIljCx7k+6I0d5jl9+4Vf
9AcXuY6sMbcCQJtuREkRBeWdFBU4JhjCsPTPEm2PjZS8Y3M7V3YdipxcypmzGHTK
MZUeoVmgpumuy/nTGLM+8H/3z4Ng9coyoTw7od8oZR6Y0LuAMOaFr5Or7Ut6sKkQ
u8vdgS362rbTVskr4z25cYdL3n00q+YLH1KBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUxB23OfCSz+ZwERhSz5jjo8QDC60wHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8veEIyM09mQ1N6LVp3RVJoU3o1ampv
OFFEQzYwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bIzAN
BgkqhkiG9w0BAQsFAAOCAQEAOkwH6GGgoADpCTMRW1quofhdT/iUdoo3avTY7qwK
60xtIuqp00t2eqwsroY0AmkzOgRDLsNxpZP7Cnru3Tir6EcU6VDqL+n8FQKHhAhZ
7ujwjcfJJFzBfxNcC27vVlMhxYCs41c2LXAgjAxw6SI4pVsSeHIlhMCTGUcZWDMr
fxc/8G6VN4bu/K2RWoZDYXhOwhVXUKIHp8Hp99u2u/403HN4wXffw+LUXdyJYZ8x
kCv1TEL7QlrumqkGa1+brYe9Wjmqg0XAB2o76pdf2lEOxYRm720M3dgyL5gpYWTA
Vft7ZmtyeZ557AiBom/+FCU946s36TuEeRxGCx+YDetKBA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:08:24 2025 by rpki-client